lawipac · April 28, 2019 01:58
diff --git a/push ssl to cpanel and restart nginx.php b/push ssl to cpanel and restart nginx.php
 #!/usr/bin/php
 #put under /etc/letsencrypt/renewal-hooks/deploy
 <?php
 //
 //read environment variables

 //the shell variable $RENEWED_LINEAGE will point to the config live subdirectory
 //(for example, "/etc/letsencrypt/live/example.com") containing the new certs and
 //keys; the shell variable $RENEWED_DOMAINS will contain a space-delimited list
 //of renewed cert domains (for example, "example.com www.example.com").

 $domains = explode(" ", getenv('RENEWED_DOMAINS'));

 //update each domain
 foreach ($domains as $d) {
        echo "update $d \n";

        if ($d=="supercredit.com.au"){
                install_to_cpanel();
        }
 }

 //restart nginx webserver.
 exec('/usr/sbin/service nginx reload');


 function install_to_cpanel()
 {
        //https://documentation.cpanel.net/display/DD/Tutorial+-+Call+UAPI%27s+SSL%3A%3Ainstall_ssl+Function+in+Custom+Code

        // Log everything during development.
        // If you run this on the CLI, set 'display_errors = On' in php.ini.
        error_reporting(E_ALL);

        // Declare your username and password for authentication.
        $username = 'supercreditcom';
        $password = '----real--password---here--';

        // Define the API call.
        $cpanel_host = 'biz96.biukop.com.au';
        $request_uri = "https://$cpanel_host:2083/execute/SSL/install_ssl";

        // Define the SSL certificate and key files.
        $cert_file = realpath("/etc/letsencrypt/live/supercredit.com.au/cert.pem");
        $key_file = realpath("/etc/letsencrypt/live/supercredit.com.au/privkey.pem");
        $chain_file = realpath("/etc/letsencrypt/live/supercredit.com.au/chain.pem");

        // Set up the payload to send to the server.
        $payload = array(
        'domain'  => "supercredit.com.au",
        'cert'    => file_get_contents($cert_file),
        'key'     => file_get_contents($key_file),
        'cabundle'=> file_get_contents($chain_file),
        );

        // Set up the cURL request object.
        $ch = curl_init( $request_uri );
        curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
        curl_setopt( $ch, CURLOPT_USERPWD, $username . ':' . $password );
        curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
        curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );

        // Set up a POST request with the payload.
        curl_setopt( $ch, CURLOPT_POST, true );
        curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );

        // Make the call, and then terminate the cURL caller object.
        $curl_response = curl_exec( $ch );
        curl_close( $ch );

        // Decode and validate output.
        $response = json_decode( $curl_response );
        if( empty( $response ) ) {
        echo "The cURL call did not return valid JSON:\n";
        die( $response );
        } elseif ( !$response->status ) {
        echo "The cURL call returned valid JSON, but reported errors:\n";
        die( $response->errors[0] . "\n" );
        }
        // Print and exit.
        die( print_r( $response ) );
 }
 ?>
	#!/usr/bin/php
	#put under /etc/letsencrypt/renewal-hooks/deploy
	<?php
	//
	//read environment variables

	//the shell variable $RENEWED_LINEAGE will point to the config live subdirectory
	//(for example, "/etc/letsencrypt/live/example.com") containing the new certs and
	//keys; the shell variable $RENEWED_DOMAINS will contain a space-delimited list
	//of renewed cert domains (for example, "example.com www.example.com").

	$domains = explode(" ", getenv('RENEWED_DOMAINS'));

	//update each domain
	foreach ($domains as $d) {
	echo "update $d \n";

	if ($d=="supercredit.com.au"){
	install_to_cpanel();
	}
	}

	//restart nginx webserver.
	exec('/usr/sbin/service nginx reload');


	function install_to_cpanel()
	{
	//https://documentation.cpanel.net/display/DD/Tutorial+-+Call+UAPI%27s+SSL%3A%3Ainstall_ssl+Function+in+Custom+Code

	// Log everything during development.
	// If you run this on the CLI, set 'display_errors = On' in php.ini.
	error_reporting(E_ALL);

	// Declare your username and password for authentication.
	$username = 'supercreditcom';
	$password = '----real--password---here--';

	// Define the API call.
	$cpanel_host = 'biz96.biukop.com.au';
	$request_uri = "https://$cpanel_host:2083/execute/SSL/install_ssl";

	// Define the SSL certificate and key files.
	$cert_file = realpath("/etc/letsencrypt/live/supercredit.com.au/cert.pem");
	$key_file = realpath("/etc/letsencrypt/live/supercredit.com.au/privkey.pem");
	$chain_file = realpath("/etc/letsencrypt/live/supercredit.com.au/chain.pem");

	// Set up the payload to send to the server.
	$payload = array(
	'domain' => "supercredit.com.au",
	'cert' => file_get_contents($cert_file),
	'key' => file_get_contents($key_file),
	'cabundle'=> file_get_contents($chain_file),
	);

	// Set up the cURL request object.
	$ch = curl_init( $request_uri );
	curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
	curl_setopt( $ch, CURLOPT_USERPWD, $username . ':' . $password );
	curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
	curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );

	// Set up a POST request with the payload.
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );

	// Make the call, and then terminate the cURL caller object.
	$curl_response = curl_exec( $ch );
	curl_close( $ch );

	// Decode and validate output.
	$response = json_decode( $curl_response );
	if( empty( $response ) ) {
	echo "The cURL call did not return valid JSON:\n";
	die( $response );
	} elseif ( !$response->status ) {
	echo "The cURL call returned valid JSON, but reported errors:\n";
	die( $response->errors[0] . "\n" );
	}
	// Print and exit.
	die( print_r( $response ) );
	}
	?>