69 lines
2.3 KiB
Bash
Executable File
69 lines
2.3 KiB
Bash
Executable File
#!/bin/bash
|
|
# Deploy certificate to Proxmox host
|
|
# Usage: ./deploy-proxmox.sh <hostname> <cert-file> <key-file> <short-name>
|
|
|
|
set -e
|
|
|
|
TARGET_HOST="$1"
|
|
CERT_FILE="$2"
|
|
KEY_FILE="$3"
|
|
SHORT_NAME="$4"
|
|
|
|
if [ $# -lt 4 ]; then
|
|
echo "Usage: $0 <hostname> <cert-file> <key-file> <short-name>"
|
|
exit 1
|
|
fi
|
|
|
|
echo "=========================================="
|
|
echo "Proxmox Certificate Deployment"
|
|
echo "=========================================="
|
|
echo "Target: $TARGET_HOST"
|
|
echo "Certificate: $CERT_FILE"
|
|
echo "Key file: $KEY_FILE"
|
|
echo "=========================================="
|
|
echo ""
|
|
|
|
# Backup existing certificates
|
|
echo "[1/5] Backing up existing Proxmox certificates..."
|
|
ssh root@${TARGET_HOST} "cp /etc/pve/local/pveproxy-ssl.pem /etc/pve/local/pveproxy-ssl.pem.bak.$(date +%Y%m%d-%H%M%S) 2>/dev/null || true"
|
|
ssh root@${TARGET_HOST} "cp /etc/pve/local/pveproxy-ssl.key /etc/pve/local/pveproxy-ssl.key.bak.$(date +%Y%m%d-%H%M%S) 2>/dev/null || true"
|
|
|
|
# Copy certificate to target
|
|
echo "[2/5] Copying certificate to Proxmox..."
|
|
scp "$CERT_FILE" root@${TARGET_HOST}:/tmp/${SHORT_NAME}.crt
|
|
|
|
# Copy or retrieve key
|
|
echo "[3/5] Copying private key to Proxmox..."
|
|
if [ -f "$KEY_FILE" ]; then
|
|
scp "$KEY_FILE" root@${TARGET_HOST}:/tmp/${SHORT_NAME}.key
|
|
else
|
|
echo "Note: Key file should already be on target at /tmp/${SHORT_NAME}.key"
|
|
fi
|
|
|
|
# Install certificate
|
|
echo "[4/5] Installing certificate for Proxmox web interface..."
|
|
ssh root@${TARGET_HOST} "cat /tmp/${SHORT_NAME}.crt > /etc/pve/local/pveproxy-ssl.pem && \
|
|
cat /tmp/${SHORT_NAME}.key > /etc/pve/local/pveproxy-ssl.key && \
|
|
chmod 640 /etc/pve/local/pveproxy-ssl.pem && \
|
|
chmod 640 /etc/pve/local/pveproxy-ssl.key"
|
|
|
|
# Restart Proxmox web service
|
|
echo "[5/5] Restarting Proxmox web interface..."
|
|
ssh root@${TARGET_HOST} "systemctl restart pveproxy.service"
|
|
|
|
echo ""
|
|
echo "=========================================="
|
|
echo "✓ Proxmox certificate deployed!"
|
|
echo "=========================================="
|
|
echo ""
|
|
echo "Certificate installed at:"
|
|
echo " /etc/pve/local/pveproxy-ssl.pem"
|
|
echo " /etc/pve/local/pveproxy-ssl.key"
|
|
echo ""
|
|
echo "Backup created at:"
|
|
echo " /etc/pve/local/pveproxy-ssl.pem.bak.*"
|
|
echo " /etc/pve/local/pveproxy-ssl.key.bak.*"
|
|
echo ""
|
|
echo "Access Proxmox at: https://${TARGET_HOST}:8006"
|
|
echo "=========================================="
|