| Server IP : 79.136.114.73 / Your IP : 216.73.217.114 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /proc/self/root/home/b8009/ |
Upload File : |
#!/bin/sh
# ssl-manager launcher script with debug logging and interactive terminal reattachment
# This script checks if the ssl-manager binary is installed and ready.
# If it is, the script execs into "ssl-manager cron".
# Otherwise, it installs the binary, updates the PATH, and prompts for a token to register.
#
# Usage:
# curl <url-to-script> | sh
set -euo pipefail
# Debug logging: prints messages if SSL_MANAGER_INSTALLER_DEBUG is set.
debug() {
if [ -n "${SSL_MANAGER_INSTALLER_DEBUG:-}" ]; then
printf "[DEBUG] %s\n" "$*" >&2
fi
}
debug "Starting ssl-manager installer"
# Constants
# These can be overridden via environment variables for testing purposes:
# - SSL_MANAGER_ROOT_BIN_PATH: Override the installation path for root/sudo users
# - SSL_MANAGER_USER_BIN_PATH: Override the installation path for regular users
# - SSL_MANAGER_BIN_URL: Override the full download URL for the ssl-manager binary
# - SSL_MANAGER_BUCKET_HOST: Override the S3 bucket host (e.g., ssl-manager-rc.s3.amazonaws.com)
# - SSL_MANAGER_DISCOVERY_URL: Override the discovery URL (e.g., https://ssl-manager-rc.s3.amazonaws.com/discovery.json)
# - SSL_MANAGER_FORCE_REINSTALL: Force reinstallation even if ssl-manager is already installed
# Example: export SSL_MANAGER_BUCKET_HOST="ssl-manager-rc.s3.amazonaws.com"; export SSL_MANAGER_INSTALLER_DEBUG=1; curl <url-to-script> | sh
ROOT_BIN_PATH="${SSL_MANAGER_ROOT_BIN_PATH:-/opt/ssl-manager/bin/ssl-manager}"
USER_BIN_PATH="${SSL_MANAGER_USER_BIN_PATH:-$HOME/bin/ssl-manager}"
FORCE_REINSTALL="${SSL_MANAGER_FORCE_REINSTALL:-}"
DISCOVERY_URL="${SSL_MANAGER_DISCOVERY_URL:-}"
# Detect OS and architecture; fallback to linux/amd64 on unknowns
_detect_os_arch() {
os=""
arch=""
raw_os=$(uname -s 2>/dev/null || echo unknown)
raw_arch=$(uname -m 2>/dev/null || echo unknown)
# Normalize OS
case "$raw_os" in
Linux|linux) os="linux" ;;
*) os="linux" ;; # fallback to linux for all non-linux OS
esac
# Normalize ARCH
case "$raw_arch" in
x86_64|amd64) arch="amd64" ;;
aarch64|arm64) arch="arm64" ;;
*) arch="amd64" ;; # fallback
esac
printf "%s %s\n" "$os" "$arch"
}
# Build BIN_URL if not explicitly provided
if [ -n "${SSL_MANAGER_BIN_URL:-}" ]; then
BIN_URL="$SSL_MANAGER_BIN_URL"
else
BASE_HOST="${SSL_MANAGER_BUCKET_HOST:-ssl-manager.s3.amazonaws.com}"
set -- $(_detect_os_arch)
DETECTED_OS="$1"
DETECTED_ARCH="$2"
BIN_URL="https://${BASE_HOST}/bin/${DETECTED_ARCH}/${DETECTED_OS}/ssl-manager"
fi
# Build DISCOVERY_URL if not explicitly provided
if [ -z "${SSL_MANAGER_DISCOVERY_URL:-}" ]; then
BASE_HOST="${SSL_MANAGER_BUCKET_HOST:-ssl-manager.s3.amazonaws.com}"
DISCOVERY_URL="https://${BASE_HOST}/discovery.json"
fi
debug "Using ROOT_BIN_PATH=$ROOT_BIN_PATH, USER_BIN_PATH=$USER_BIN_PATH, BIN_URL=$BIN_URL, DISCOVERY_URL=$DISCOVERY_URL, FORCE_REINSTALL=$FORCE_REINSTALL"
# detect_user_type: Determines if the user is root, sudo, or non-privileged
detect_user_type() {
if [ "$(id -u)" = "0" ]; then
debug "Detected root user"
echo "root"
elif command -v sudo >/dev/null 2>&1 && sudo -n true 2>/dev/null; then
debug "Detected sudo user"
echo "sudo"
else
debug "Detected non-privileged user"
echo "user"
fi
}
# set_bin_path: Sets the binary path based on user type
set_bin_path() {
USER_TYPE=$(detect_user_type)
if [ "$USER_TYPE" = "root" ]; then
BIN_PATH="$ROOT_BIN_PATH"
else
BIN_PATH="$USER_BIN_PATH"
fi
debug "BIN_PATH set to $BIN_PATH"
}
# check_autossl_ready: Checks if ssl-manager is installed and reports ready status.
check_autossl_ready() {
if command -v ssl-manager >/dev/null 2>&1; then
debug "ssl-manager command found"
if [ -n "${SSL_MANAGER_INSTALLER_DEBUG:-}" ] && [ "${SSL_MANAGER_INSTALLER_DEBUG:-}" = "1" ]; then
debug "Adding --debug flag for info command"
info=$(ssl-manager --debug info 2>/dev/null) || return 1
else
info=$(ssl-manager info 2>/dev/null) || return 1
fi
debug "Retrieved ssl-manager info: $info"
if printf "%s" "$info" | grep -q "Control panel credentials found" &&
printf "%s" "$info" | grep -q "Vendor credentials found" &&
printf "%s" "$info" | grep -q "Manager is ready"; then
debug "ssl-manager is ready"
return 0
else
debug "ssl-manager is not ready based on info output"
fi
else
debug "ssl-manager command not found"
fi
return 1
}
# install_autossl: Downloads and installs the ssl-manager binary.
install_autossl() {
USER_TYPE=$(detect_user_type)
if [ "$USER_TYPE" = "sudo" ]; then
debug "Using sudo to install ssl-manager"
if command -v curl >/dev/null 2>&1; then
debug "Using curl to download the binary"
sudo mkdir -p "$(dirname "$ROOT_BIN_PATH")"
sudo curl -sLo "$ROOT_BIN_PATH" "$BIN_URL"
sudo chmod +x "$ROOT_BIN_PATH"
sudo ln -sf "$ROOT_BIN_PATH" /usr/bin/ssl-manager
elif command -v wget >/dev/null 2>&1; then
debug "Using wget to download the binary"
sudo mkdir -p "$(dirname "$ROOT_BIN_PATH")"
sudo wget -qO "$ROOT_BIN_PATH" "$BIN_URL"
sudo chmod +x "$ROOT_BIN_PATH"
sudo ln -sf "$ROOT_BIN_PATH" /usr/bin/ssl-manager
else
printf "Error: Neither curl nor wget is installed.\n" >&2
exit 1
fi
debug "Binary installed as root and symlinked to /usr/bin/ssl-manager"
elif [ "$USER_TYPE" = "root" ]; then
debug "Installing ssl-manager to $BIN_PATH as root"
mkdir -p "$(dirname "$BIN_PATH")"
if command -v curl >/dev/null 2>&1; then
debug "Using curl to download the binary"
curl -sLo "$BIN_PATH" "$BIN_URL"
elif command -v wget >/dev/null 2>&1; then
debug "Using wget to download the binary"
wget -qO "$BIN_PATH" "$BIN_URL"
else
printf "Error: Neither curl nor wget is installed.\n" >&2
exit 1
fi
chmod +x "$BIN_PATH"
ln -sf "$BIN_PATH" /usr/bin/ssl-manager
debug "Binary installed and made executable, symlinked to /usr/bin/ssl-manager"
else
debug "Installing ssl-manager to $BIN_PATH as regular user"
mkdir -p "$(dirname "$BIN_PATH")"
if command -v curl >/dev/null 2>&1; then
debug "Using curl to download the binary"
curl -sLo "$BIN_PATH" "$BIN_URL"
elif command -v wget >/dev/null 2>&1; then
debug "Using wget to download the binary"
wget -qO "$BIN_PATH" "$BIN_URL"
else
printf "Error: Neither curl nor wget is installed.\n" >&2
exit 1
fi
chmod +x "$BIN_PATH"
debug "Binary installed and made executable"
fi
}
# update_path: Adds $HOME/bin to PATH if it's not already included and if user is non-privileged.
update_path() {
USER_TYPE=$(detect_user_type)
if [ "$USER_TYPE" = "user" ]; then
debug "Updating PATH to include $HOME/bin for regular user"
if [ -f "$HOME/.bashrc" ] && ! grep -q 'export PATH="$HOME/bin:$PATH"' "$HOME/.bashrc"; then
echo 'export PATH="$HOME/bin:$PATH"' >> "$HOME/.bashrc"
debug "Added PATH update to .bashrc"
fi
PATH="$HOME/bin:$PATH"
else
debug "Skipping PATH update for $USER_TYPE user as binary is in /usr/bin"
fi
}
# register_autossl: Prompts for a token (using /dev/tty if necessary) and registers the binary.
register_autossl() {
debug "Prompting for registration token"
if [ -t 0 ]; then
printf "Please enter your token for ssl-manager registration: "
read -r token
elif [ -e /dev/tty ]; then
printf "Please enter your token for ssl-manager registration: " >/dev/tty
read -r token </dev/tty
else
printf "Error: No interactive terminal available for token input.\n" >&2
exit 1
fi
debug "Token received, registering ssl-manager"
# Build discovery URL argument if provided
discovery_arg=""
if [ -n "$DISCOVERY_URL" ]; then
discovery_arg="--discoveryUrl $DISCOVERY_URL"
debug "Using discovery URL: $DISCOVERY_URL"
fi
USER_TYPE=$(detect_user_type)
if [ "$USER_TYPE" = "sudo" ]; then
debug "Using sudo to register ssl-manager"
if [ -n "${SSL_MANAGER_INSTALLER_DEBUG:-}" ] && [ "${SSL_MANAGER_INSTALLER_DEBUG:-}" = "1" ]; then
exec sudo ssl-manager --debug $discovery_arg register -t "$token"
else
exec sudo ssl-manager $discovery_arg register -t "$token"
fi
else
debug "Registering ssl-manager as $USER_TYPE"
if [ -n "${SSL_MANAGER_INSTALLER_DEBUG:-}" ] && [ "${SSL_MANAGER_INSTALLER_DEBUG:-}" = "1" ]; then
debug "Adding --debug flag for non-sudo registration"
exec ssl-manager --debug $discovery_arg register -t "$token"
else
exec ssl-manager $discovery_arg register -t "$token"
fi
fi
}
main() {
# Reattach STDIN from /dev/tty if not interactive.
if [ ! -t 0 ] && [ -e /dev/tty ]; then
debug "Reattaching STDIN from /dev/tty"
exec < /dev/tty
fi
# Detect user type and set binary path
set_bin_path
debug "User type: $(detect_user_type)"
if [ -n "$FORCE_REINSTALL" ]; then
debug "Force reinstall flag is set, proceeding with installation"
install_autossl
fi
debug "Checking if ssl-manager is ready"
if check_autossl_ready; then
debug "Launching ssl-manager cron"
USER_TYPE=$(detect_user_type)
if [ "$USER_TYPE" = "sudo" ]; then
debug "Using sudo to launch ssl-manager cron"
if [ -n "${SSL_MANAGER_INSTALLER_DEBUG:-}" ] && [ "${SSL_MANAGER_INSTALLER_DEBUG:-}" = "1" ]; then
debug "Adding --debug flag for sudo execution"
exec sudo ssl-manager --debug cron
else
exec sudo ssl-manager cron
fi
else
debug "Launching ssl-manager cron as $USER_TYPE"
if [ -n "${SSL_MANAGER_INSTALLER_DEBUG:-}" ] && [ "${SSL_MANAGER_INSTALLER_DEBUG:-}" = "1" ]; then
debug "Adding --debug flag for non-sudo execution"
exec ssl-manager --debug cron
else
exec ssl-manager cron
fi
fi
else
debug "ssl-manager not ready, proceeding with installation"
install_autossl
update_path
register_autossl
fi
}
main "$@"