New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix and improve #4252
base: main
Are you sure you want to change the base?
Fix and improve #4252
Conversation
Fix bug in restore addon domains / some body broken that Add function to fix crontab and change cpanel php paths to hestiacp path Fix database restore And some changes more
This prevent duplicate data of addon domains stored in public_html
@@ -297,6 +325,13 @@ for folder in *; do | |||
if [ -d "$folder" ]; then | |||
if [[ "$folder" != "cur" && "$folder" != "new" && "$folder" != "tmp" ]]; then | |||
echo "Domain: $folder" | |||
# This is needed as parked domains have emails but not added |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you explain this comment better?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In cpanel, parked domain is like alias domain, and this domains can manage emails, this script before not restore that domains
So we need add parked domain to hestia and add is as mail domain, if we want restore mail accounts from parked domains
main_dir=$(pwd) | ||
echo "Access tmp directory $main_dir" | ||
dbprefix=$(cat meta/dbprefix) | ||
if [ $dbprefix = 1 ]; then | ||
if [ $dbprefix == 1 ]; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If i'm not mistaken, this checks if the DB prefix is the number 1 - respectively if the return code of $(cat meta/dbprefix) is 1 - "Permission denied" or another generic error. However, if the file doesn't exist, the return code would be 2, breaking this script.
Maybe it would be better to do it like this:
if [ $(cat meta/dbprefix >> /dev/null ?>&1; echo $?) != 0 ]; then
echo "Error 255 - Could not get read DB prefix, check permissions or presence of file meta/dbprefix"
exit 255
fi
dbprefix=$(cat meta/dbprefix)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dbprefix file must exist, this define in cpanel backup if WHM server e database prefix is enable or not, the content is just 1 or 0
do | ||
domain=$(echo $ssl_domain | awk -F '/' '{ print $2 }') | ||
mkdir -p apache_tls/ssl/$domain | ||
awk -v RS="-----BEGIN CERTIFICATE-----" -v ssl_domain="$domain" ' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is supposed to split a single file into cert key, ssl certificate and ca certificate if I understand this correctly - However, With NR=1, it can be anything before the first time -----BEGIN CERTIFICATE-----, and it doesn't actually verify it's a certificate key.
Similarly, It doesn't verify if the other content is actually the certificates we wanted.
also, for ssl_domain in apache_tls/* will also run through a domain called ssl after the first loop where it has been created by the mkdir -p apache_tls/ssl/ command.
Something like this could be a start:
for ssl_domain in apache_tls/*
do
if [ -f $ssl_domain ]; then
domain=$(echo $ssl_domain | awk -F '/' '{ print $2 }')
mkdir -p apache_tls/ssl/$domain
# Extract certificate key
openssl pkey -in $ssl_domain -out apache_tls/ssl/$domain/$domain.key
#Extract all certificates from original file
openssl crl2pkcs7 -nocrl -certfile $ssl_domain | openssl pkcs7 -print_certs -out $(echo $domain)_all.pem
cat $(echo $domain)_all.pem | awk -v ssl_domain="$domain" '/BEGIN/ { i++; } /BEGIN/, /END/ { print > i "." ssl_domain "_all.crt" }'
ls *.$(echo $domain)_all.crt | while read cert; do if [ $(openssl x509 -noout -subject -in $cert | sed -n 's/.*CN = \(.*\)/\1/p') == $(echo $domain) ] ; then cat $cert > apache_tls/ssl/$(echo $domain)/$(echo $domain).crt; else cat $cert > apache_tls/ssl/$(echo $domain)/$(echo $domain).ca; fi ; done
rm *.$(echo $domain)_all.crt
rm $(echo $domain)_all.pem
fi
done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feel free to modify this in any better way, I have some problems with this with diferent ssl and not found any good way to handle this when certificate file have more then 1 CA, not research to much, all people use now lets encrypt is easy just to install new certificate.
else | ||
echo "Run: apt-get install rsync file" | ||
fi | ||
echo "Run: apt-get install rsync file" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why was this commented out?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not remember now, maybe because hestia not support centos
but I make new changes to this script in https://github.com/Skamasle/sk-import-cpanel-backup-to-vestacp/blob/master/v-import-cpanel-v2
Fix bug in restore addon domains / some body broken that
Add function to fix crontab and change cpanel php paths to hestiacp path Fix database restore
Add support to SSL restore need some test but working for me.
And some changes more