|
|
@@ -25,113 +25,62 @@ cpanel_deploy() { |
|
|
_debug _cfullchain "$_cfullchain"
|
|
|
|
|
|
export _ckey _ccert _cdomain
|
|
|
# Perl code taken from https://documentation.cpanel.net/display/SDK/Tutorial+-+Call+UAPI%27s+SSL%3A%3Ainstall_ssl+Function+in+Custom+Code
|
|
|
perl -f <<'END'
|
|
|
# Return errors if Perl experiences problems.
|
|
|
use strict;
|
|
|
use warnings;
|
|
|
# Allow my code to perform web requests.
|
|
|
use LWP::UserAgent;
|
|
|
use LWP::Protocol::https;
|
|
|
# Use the correct encoding to prevent wide character warnings.
|
|
|
use Encode;
|
|
|
use utf8;
|
|
|
# Properly decode JSON.
|
|
|
use JSON;
|
|
|
# Function properly with Base64 authentication headers.
|
|
|
use MIME::Base64;
|
|
|
|
|
|
# Authentication information.
|
|
|
my $username = $ENV{'DEPLOY_CPANEL_USER'};
|
|
|
my $password = $ENV{'DEPLOY_CPANEL_PASSWORD'};
|
|
|
my $hostname = $ENV{'DEPLOY_CPANEL_HOSTNAME'};
|
|
|
|
|
|
# The URL for the SSL::install_ssl UAPI function.
|
|
|
my $request = "https://".$hostname."/execute/SSL/install_ssl";
|
|
|
|
|
|
# Required to allow HTTPS connections to unsigned services.
|
|
|
# Services on localhost are always unsigned.
|
|
|
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
|
|
|
|
|
|
# Create a useragent object.
|
|
|
my $ua = LWP::UserAgent->new();
|
|
|
|
|
|
# Add authentication headers.
|
|
|
$ua->default_header(
|
|
|
'Authorization' => 'Basic ' . MIME::Base64::encode("$username:$password"),
|
|
|
# PHP code taken from https://documentation.cpanel.net/display/DD/Tutorial+-+Call+UAPI's+SSL::install_ssl+Function+in+Custom+Code
|
|
|
php <<'END'
|
|
|
<?php
|
|
|
// Log everything during development.
|
|
|
// If you run this on the CLI, set 'display_errors = On' in php.ini.
|
|
|
error_reporting(E_ALL);
|
|
|
|
|
|
// Authentication information.
|
|
|
$username = getenv('DEPLOY_CPANEL_USER');
|
|
|
$password = getenv('DEPLOY_CPANEL_PASSWORD');
|
|
|
$hostname = getenv('DEPLOY_CPANEL_HOSTNAME');
|
|
|
|
|
|
// The URL for the SSL::install_ssl UAPI function.
|
|
|
$request = "https://".$hostname."/execute/SSL/install_ssl";
|
|
|
|
|
|
// Read in the SSL certificate and key file.
|
|
|
$cert = getenv('_ccert');
|
|
|
$key = getenv('_ckey');
|
|
|
|
|
|
// Set up the payload to send to the server.
|
|
|
$domain = getenv('_cdomain');
|
|
|
$payload = array(
|
|
|
'domain' => "$domain",
|
|
|
'cert' => file_get_contents($cert),
|
|
|
'key' => file_get_contents($key)
|
|
|
);
|
|
|
|
|
|
# Read in the SSL certificate and key file.
|
|
|
my $cert = $ENV{'_ccert'};
|
|
|
my $key = $ENV{'_ckey'};
|
|
|
{
|
|
|
local $/;
|
|
|
open ( my $fh, '<', $cert );
|
|
|
$cert = <$fh>;
|
|
|
close $fh;
|
|
|
|
|
|
open ( $fh, '<', $key );
|
|
|
$key = <$fh>;
|
|
|
close $fh;
|
|
|
// Set up the cURL request object.
|
|
|
$ch = curl_init( $request );
|
|
|
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
|
|
curl_setopt( $ch, CURLOPT_USERPWD, $username . ':' . $password );
|
|
|
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
|
|
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
|
|
|
|
|
|
// Set up a POST request with the payload.
|
|
|
curl_setopt( $ch, CURLOPT_POST, true );
|
|
|
curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
|
|
|
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
|
|
|
|
|
// Make the call, and then terminate the cURL caller object.
|
|
|
$curl_response = curl_exec( $ch );
|
|
|
curl_close( $ch );
|
|
|
|
|
|
// Decode and validate output.
|
|
|
$response = json_decode( $curl_response );
|
|
|
if( empty( $response ) ) {
|
|
|
echo "The cURL call did not return valid JSON:\n";
|
|
|
die( $response );
|
|
|
} elseif ( !$response->status ) {
|
|
|
echo "The cURL call returned valid JSON, but reported errors:\n";
|
|
|
die( $response->errors[0] . "\n" );
|
|
|
}
|
|
|
|
|
|
my $domain = $ENV{'_cdomain'};
|
|
|
|
|
|
# Make the call.
|
|
|
my $response = $ua->post($request,
|
|
|
Content_Type => 'form-data',
|
|
|
Content => [
|
|
|
domain => $domain,
|
|
|
cert => $cert,
|
|
|
key => $key,
|
|
|
],
|
|
|
);
|
|
|
|
|
|
# Create an object to decode the JSON.
|
|
|
# Sorted by keys and pretty-printed.
|
|
|
my $json_printer = JSON->new->pretty->canonical(1);
|
|
|
|
|
|
# UTF-8 encode before decoding to avoid wide character warnings.
|
|
|
my $content = JSON::decode_json(Encode::encode_utf8($response->decoded_content));
|
|
|
|
|
|
# Print output, UTF-8 encoded to avoid wide character warnings.
|
|
|
print Encode::encode_utf8($json_printer->encode($content));
|
|
|
|
|
|
=pod
|
|
|
{
|
|
|
"data" : {
|
|
|
"action" : "none",
|
|
|
"aliases" : [
|
|
|
"mail.example.com"
|
|
|
],
|
|
|
"cert_id" : "example_com_xxx_yyy_zzzzzzzzzzzzzzzzzz",
|
|
|
"domain" : "example.com",
|
|
|
"extra_certificate_domains" : [],
|
|
|
"html" : "<br /><b>This certificate was already installed on this host. The system made no changes.</b><br />\n",
|
|
|
"ip" : "127.0.0.1",
|
|
|
"key_id" : "xxx_yyy_zzzzzzzzzzzzzzzz",
|
|
|
"message" : "This certificate was already installed on this host. The system made no changes.",
|
|
|
"servername" : "example.com",
|
|
|
"status" : 1,
|
|
|
"statusmsg" : "This certificate was already installed on this host. The system made no changes.",
|
|
|
"user" : "username",
|
|
|
"warning_domains" : [
|
|
|
"mail.example.com"
|
|
|
],
|
|
|
"working_domains" : [
|
|
|
"example.com"
|
|
|
]
|
|
|
},
|
|
|
"errors" : null,
|
|
|
"messages" : [
|
|
|
"The certificate was successfully installed on the domain “example.com”."
|
|
|
],
|
|
|
"metadata" : {},
|
|
|
"status" : 1
|
|
|
}
|
|
|
=cut
|
|
|
// Print and exit.
|
|
|
die( print_r( $response ) );
|
|
|
|
|
|
END
|
|
|
|
|
|
}
|
|
|
|
0 comments on commit
656fc2d