mirror of
https://ghproxy.net/https://github.com/CaptainCore/captaincore.git
synced 2025-10-04 03:00:07 +08:00
94 lines
No EOL
2.3 KiB
Bash
Executable file
94 lines
No EOL
2.3 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
#
|
|
# Preloading SSH Keys (Kinsta Only)
|
|
#
|
|
# `captaincore deploy keys <site>`
|
|
#
|
|
|
|
while read config; do
|
|
if [[ "$config" == "Error:"* ]]; then
|
|
continue
|
|
fi
|
|
declare "$config"
|
|
done <<< "$(php ${CAPTAINCORE_PATH}/lib/local-scripts/configs.php fetch)"
|
|
|
|
if [ ${#@} -ne 1 ]; then
|
|
echo -e "${COLOR_RED}Error:${COLOR_NORMAL} Please specify a site."
|
|
exit
|
|
fi
|
|
|
|
site=$1
|
|
|
|
run_command() {
|
|
|
|
# Extract environment
|
|
if [[ "$website" == *"-staging"* ]]; then
|
|
environment=staging
|
|
else
|
|
environment=production
|
|
fi
|
|
|
|
# Load site vars
|
|
while read site_configs; do declare "$site_configs"; done <<< "$(captaincore site get $site --bash --captain-id=$CAPTAIN_ID)"
|
|
|
|
if [[ "$domain" == "" ]]; then
|
|
exit
|
|
fi
|
|
|
|
# Define Rclone config file
|
|
rclone_config_file="$path/${site}_${site_id}/rclone.conf"
|
|
if [ ! -f "$rclone_config_file" ]; then
|
|
captaincore site key-generate $site --captain-id=$CAPTAIN_ID
|
|
fi
|
|
|
|
if [[ $provider == "kinsta" ]]; then
|
|
|
|
# Check for authorized_keys using rclone's JSON
|
|
check_for_keys=$( rclone lsjson ${environment}:.ssh/authorized_keys --no-modtime --config="$rclone_config_file" )
|
|
|
|
# PHP script to read JSON value
|
|
read -r -d '' php_code << heredoc
|
|
\$raw = <<< EOT
|
|
$check_for_keys
|
|
EOT;
|
|
\$json = json_decode( \$raw );
|
|
echo \$json[0]->Path;
|
|
heredoc
|
|
|
|
# Read the "Path" JSON value
|
|
found_authorized_keys=$( php -r "$php_code" )
|
|
|
|
# Read local key
|
|
local_public_key=$( cat ~/.ssh/id_rsa.pub )
|
|
|
|
# No authorized_keys found, generate new one
|
|
if [[ "$found_authorized_keys" != "authorized_keys" ]]; then
|
|
echo local_public_key | rclone rcat ${environment}:.ssh/authorized_keys --config="$rclone_config_file"
|
|
fi
|
|
|
|
# Examine existing authorized_keys file
|
|
if [[ "$found_authorized_keys" == "authorized_keys" ]]; then
|
|
|
|
# Fetch current authorized_keys
|
|
authorized_keys=$( rclone cat ${environment}:.ssh/authorized_keys --config="$rclone_config_file" )
|
|
|
|
# Check if key is already added
|
|
if [ -z "${authorized_keys##*$local_public_key*}" ]; then
|
|
echo "Key already added."
|
|
else
|
|
echo "Adding key."
|
|
printf "$authorized_keys\n$local_public_key\n" | rclone rcat ${environment}:.ssh/authorized_keys --config="$rclone_config_file"
|
|
fi
|
|
|
|
fi
|
|
|
|
return
|
|
|
|
echo "Not a Kinsta site, skipping ssh keys"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
run_command |
