omv deploy hook: support both local and remote deployment

deploy/openmediavault.sh

@@ -16,77 +16,133 @@ openmediavault_deploy() {
   _debug _cca "$_cca"
   _debug _cfullchain "$_cfullchain"
 
-  _getdeployconf DEPLOY_OMV_HOST
-
-  if [ -z "$DEPLOY_OMV_HOST" ]; then
-    _debug "Using _cdomain as DEPLOY_OMV_HOST, please set if not correct."
-    DEPLOY_OMV_HOST="$_cdomain"
-  fi
-
   _getdeployconf DEPLOY_OMV_WEBUI_ADMIN
 
   if [ -z "$DEPLOY_OMV_WEBUI_ADMIN" ]; then
     DEPLOY_OMV_WEBUI_ADMIN="admin"
   fi
 
+  _savedeployconf DEPLOY_OMV_WEBUI_ADMIN "$DEPLOY_OMV_WEBUI_ADMIN"
+
+  _getdeployconf DEPLOY_OMV_HOST
   _getdeployconf DEPLOY_OMV_SSH_USER
 
-  if [ -z "$DEPLOY_OMV_SSH_USER" ]; then
-    DEPLOY_OMV_SSH_USER="root"
+  if [ -n "$DEPLOY_OMV_HOST" ] && [ -n "$DEPLOY_OMV_SSH_USER" ]; then
+    _info "[OMV deploy-hook] Deploy certificate remotely through ssh."
+    _savedeployconf DEPLOY_OMV_HOST "$DEPLOY_OMV_HOST"
+    _savedeployconf DEPLOY_OMV_SSH_USER "$DEPLOY_OMV_SSH_USER"
+  else
+    _info "[OMV deploy-hook] Deploy certificate locally."
   fi
 
-  _savedeployconf DEPLOY_OMV_HOST "$DEPLOY_OMV_HOST"
-  _savedeployconf DEPLOY_OMV_WEBUI_ADMIN "$DEPLOY_OMV_WEBUI_ADMIN"
-  _savedeployconf DEPLOY_OMV_SSH_USER "$DEPLOY_OMV_SSH_USER"
+  if [ -n "$DEPLOY_OMV_HOST" ] && [ -n "$DEPLOY_OMV_SSH_USER" ]; then
 
-  _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'getList' '{\"start\": 0, \"limit\": -1}' | jq -r '.data[] | select(.name==\"/CN='$_cdomain'\") | .uuid'"
-  # shellcheck disable=SC2029
-  _uuid=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
-  _debug _command "$_command"
-
-  if [ -z "$_uuid" ]; then
-    _info "[OMV deploy-hook] Domain $_cdomain has no certificate in openmediavault, creating it!"
-    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'create' '{\"cn\": \"test.example.com\", \"size\": 4096, \"days\": 3650, \"c\": \"\", \"st\": \"\", \"l\": \"\", \"o\": \"\", \"ou\": \"\", \"email\": \"\"}' | jq -r '.uuid'"
+    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'getList' '{\"start\": 0, \"limit\": -1}' | jq -r '.data[] | select(.name==\"/CN='$_cdomain'\") | .uuid'"
     # shellcheck disable=SC2029
     _uuid=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
     _debug _command "$_command"
 
     if [ -z "$_uuid" ]; then
-      _err "[OMB deploy-hook] An error occured while creating the certificate"
-      return 1
+      _info "[OMV deploy-hook] Domain $_cdomain has no certificate in openmediavault, creating it!"
+      _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'create' '{\"cn\": \"test.example.com\", \"size\": 4096, \"days\": 3650, \"c\": \"\", \"st\": \"\", \"l\": \"\", \"o\": \"\", \"ou\": \"\", \"email\": \"\"}' | jq -r '.uuid'"
+      # shellcheck disable=SC2029
+      _uuid=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+      _debug _command "$_command"
+
+      if [ -z "$_uuid" ]; then
+        _err "[OMV deploy-hook] An error occured while creating the certificate"
+        return 1
+      fi
     fi
-  fi
 
-  _info "[OMV deploy-hook] Domain $_cdomain has uuid: $_uuid"
-  _fullchain=$(jq <"$_cfullchain" -aRs .)
-  _key=$(jq <"$_ckey" -aRs .)
+    _info "[OMV deploy-hook] Domain $_cdomain has uuid: $_uuid"
+    _fullchain=$(jq <"$_cfullchain" -aRs .)
+    _key=$(jq <"$_ckey" -aRs .)
+
+    _debug _fullchain "$_fullchain"
+    _debug _key "$_key"
+
+    _info "[OMV deploy-hook] Updating key and certificate in openmediavault"
+    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'set' '{\"uuid\":\"$_uuid\", \"certificate\":$_fullchain, \"privatekey\":$_key, \"comment\":\"acme.sh deployed $(date)\"}'"
+    # shellcheck disable=SC2029
+    _result=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+
+    _debug _command "$_command"
+    _debug _result "$_result"
+
+    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'WebGui' 'setSettings' \$(omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'WebGui' 'getSettings' | jq -c '.sslcertificateref=\"$_uuid\"')"
+    # shellcheck disable=SC2029
+    _result=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+
+    _debug _command "$_command"
+    _debug _result "$_result"
+
+    _info "[OMV deploy-hook] Asking openmediavault to apply changes... (this could take some time, hang in there)"
+    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'Config' 'applyChanges' '{\"modules\":[], \"force\": false}'"
+    # shellcheck disable=SC2029
+    _result=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+
+    _debug _command "$_command"
+    _debug _result "$_result"
+
+    _info "[OMV deploy-hook] Asking nginx to reload"
+    _command="nginx -s reload"
+    # shellcheck disable=SC2029
+    _result=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+
+    _debug _command "$_command"
+    _debug _result "$_result"
+
+  else
+
+    # shellcheck disable=SC2086
+    _uuid=$(omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'getList' '{"start": 0, "limit": -1}' | jq -r '.data[] | select(.name=="/CN='$_cdomain'") | .uuid')
+    if [ -z "$_uuid" ]; then
+      _info "[OMV deploy-hook] Domain $_cdomain has no certificate in openmediavault, creating it!"
+      # shellcheck disable=SC2086
+      _uuid=$(omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'create' '{"cn": "test.example.com", "size": 4096, "days": 3650, "c": "", "st": "", "l": "", "o": "", "ou": "", "email": ""}' | jq -r '.uuid')
+
+      if [ -z "$_uuid" ]; then
+        _err "[OMB deploy-hook] An error occured while creating the certificate"
+        return 1
+      fi
+    fi
+
+    _info "[OMV deploy-hook] Domain $_cdomain has uuid: $_uuid"
+    _fullchain=$(jq <"$_cfullchain" -aRs .)
+    _key=$(jq <"$_ckey" -aRs .)
+
+    _debug _fullchain "$_fullchain"
+    _debug _key "$_key"
+
+    _info "[OMV deploy-hook] Updating key and certificate in openmediavault"
+    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'set' '{\"uuid\":\"$_uuid\", \"certificate\":$_fullchain, \"privatekey\":$_key, \"comment\":\"acme.sh deployed $(date)\"}'"
+    _result=$(eval "$_command")
+
+    _debug _command "$_command"
+    _debug _result "$_result"
 
-  _debug _fullchain "$_fullchain"
-  _debug _key "$_key"
+    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'WebGui' 'setSettings' \$(omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'WebGui' 'getSettings' | jq -c '.sslcertificateref=\"$_uuid\"')"
+    _result=$(eval "$_command")
 
-  _info "[OMV deploy-hook] Updating key and certificate in openmediavault"
-  _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'CertificateMgmt' 'set' '{\"uuid\":\"$_uuid\", \"certificate\":$_fullchain, \"privatekey\":$_key, \"comment\":\"acme.sh deployed $(date)\"}'"
-  # shellcheck disable=SC2029
-  _result=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+    _debug _command "$_command"
+    _debug _result "$_result"
 
-  _debug _command "$_command"
-  _debug _result "$_result"
+    _info "[OMV deploy-hook] Asking openmediavault to apply changes... (this could take some time, hang in there)"
+    _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'Config' 'applyChanges' '{\"modules\":[], \"force\": false}'"
+    _result=$(eval "$_command")
 
-  _info "[OMV deploy-hook] Asking openmediavault to apply changes... (this could take some time, hang in there)"
-  _command="omv-rpc -u $DEPLOY_OMV_WEBUI_ADMIN 'Config' 'applyChanges' '{\"modules\":[], \"force\": false}'"
-  # shellcheck disable=SC2029
-  _result=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+    _debug _command "$_command"
+    _debug _result "$_result"
 
-  _debug _command "$_command"
-  _debug _result "$_result"
+    _info "[OMV deploy-hook] Asking nginx to reload"
+    _command="nginx -s reload"
+    _result=$(eval "$_command")
 
-  _info "[OMV deploy-hook] Asking nginx to reload"
-  _command="nginx -s reload"
-  # shellcheck disable=SC2029
-  _result=$(ssh "$DEPLOY_OMV_SSH_USER@$DEPLOY_OMV_HOST" "$_command")
+    _debug _command "$_command"
+    _debug _result "$_result"
 
-  _debug _command "$_command"
-  _debug _result "$_result"
+  fi
 
   return 0
 }