Fix and improve

[Skamasle]

Fix bug in restore addon domains / some body broken that
Add function to fix crontab and change cpanel php paths to hestiacp path Fix database restore
Add support to SSL restore need some test but working for me.
And some changes more

[Anuril]

Can you explain this comment better?

[Skamasle]

In cpanel, parked domain is like alias domain, and this domains can manage emails, this script before not restore that domains

So we need add parked domain to hestia and add is as mail domain, if we want restore mail accounts from parked domains

[Anuril]

If i'm not mistaken, this checks if the DB prefix is the number 1 - respectively if the return code of $(cat meta/dbprefix) is 1 - "Permission denied" or another generic error. However, if the file doesn't exist, the return code would be 2, breaking this script.

Maybe it would be better to do it like this:

if [ $(cat meta/dbprefix >> /dev/null ?>&1; echo $?) != 0 ]; then
    echo "Error 255 - Could not get read DB prefix, check permissions or presence of file meta/dbprefix"
    exit 255
fi
dbprefix=$(cat meta/dbprefix)

[Skamasle]

dbprefix file must exist, this define in cpanel backup if WHM server e database prefix is enable or not, the content is just 1 or 0

[Anuril]

This is supposed to split a single file into cert key, ssl certificate and ca certificate if I understand this correctly - However, With NR=1, it can be anything before the first time -----BEGIN CERTIFICATE-----, and it doesn't actually verify it's a certificate key.

Similarly, It doesn't verify if the other content is actually the certificates we wanted.

also, for ssl_domain in apache_tls/* will also run through a domain called ssl after the first loop where it has been created by the mkdir -p apache_tls/ssl/ command.

Something like this could be a start:

for ssl_domain in apache_tls/*
do
        if [ -f $ssl_domain ]; then
                domain=$(echo $ssl_domain | awk -F '/' '{ print $2 }')
                mkdir -p apache_tls/ssl/$domain
                # Extract certificate key
                openssl pkey -in $ssl_domain -out apache_tls/ssl/$domain/$domain.key
                #Extract all certificates from original file
                openssl crl2pkcs7 -nocrl -certfile $ssl_domain | openssl pkcs7 -print_certs -out $(echo $domain)_all.pem
                cat $(echo $domain)_all.pem | awk -v ssl_domain="$domain" '/BEGIN/ { i++; } /BEGIN/, /END/ { print > i "." ssl_domain "_all.crt" }'
                ls *.$(echo $domain)_all.crt | while read cert; do if [ $(openssl x509 -noout -subject -in $cert | sed -n 's/.*CN = \(.*\)/\1/p') == $(echo $domain) ] ; then cat $cert > apache_tls/ssl/$(echo $domain)/$(echo $domain).crt; else cat $cert > apache_tls/ssl/$(echo $domain)/$(echo $domain).ca; fi ; done
                rm *.$(echo $domain)_all.crt
                rm $(echo $domain)_all.pem
        fi
done

[Skamasle]

Feel free to modify this in any better way, I have some problems with this with diferent ssl and not found any good way to handle this when certificate file have more then 1 CA, not research to much, all people use now lets encrypt is easy just to install new certificate.

[Anuril]

Why was this commented out?

[Skamasle]

Not remember now, maybe because hestia not support centos

but I make new changes to this script in https://github.com/Skamasle/sk-import-cpanel-backup-to-vestacp/blob/master/v-import-cpanel-v2