client_management/lib/tasks/change_site_cert.rake

require 'net/ssh'
require 'pathname'
require 'json'
namespace :create_site do
  desc "Change Site Cert"
  task :change_site_cert,[:id] => :environment do |task,args|
    begin
      @site_construct = SiteConstruct.find(args.id)
      @site_cert = @site_construct.site_cert
      site_server = @site_construct.site_server
      @site_construct.update(:infos=>[],:status=>"changing")
      if !site_server.nil? && !@site_cert.nil?
        @password = site_server.password
        Net::SSH.start(site_server.ip , site_server.account , password: site_server.password) do |ssh|
          update_infos("Copying Cert to #{@site_construct.server_type}...")
          cert_file_content = [(@site_cert.cert_file.file.read.strip rescue ""),(@site_cert.ca_bundle.file.read.strip rescue "")].join("\n").strip
          private_key_content = @site_cert.private_key.file.read
          cert_file_store_path = @site_construct.cert_file_remote_store_path
          exec_ssh_command_by_sudo(ssh,"mkdir -p #{File.dirname(cert_file_store_path)}")
          exec_command_by_user(ssh,"x='#{cert_file_content}'; echo '#{@password}' | sudo -S sh -c \"echo '$x' > #{cert_file_store_path}\"")
          private_key_store_path = @site_construct.private_key_remote_store_path
          exec_ssh_command_by_sudo(ssh,"mkdir -p #{File.dirname(private_key_store_path)}")
          exec_command_by_user(ssh,"x='#{private_key_content}'; echo '#{@password}' | sudo -S sh -c \"echo '$x' > #{private_key_store_path}\"")
          update_infos("Finish copy.")
          update_infos("Setting Cert...")
          nginx_file_content = exec_command_by_user(ssh,"cat #{@site_construct.nginx_file}")
          all_ports = (@site_construct.port + ["443"]).uniq
          @site_construct.update(:port=> all_ports )
          nginx_file_content = @site_construct.generate_nginx_text(nginx_file_content)
          cmd = "x='#{nginx_file_content}'; echo '#{@password}' | sudo -S sh -c \"echo '$x' > #{@site_construct.nginx_file}\""
          exec_command_by_user(ssh,cmd)
          puts nginx_file_content
          exec_ssh_command_by_sudo(ssh,"service nginx restart")
          update_infos("Finish!")
          @site_construct.update(:status=>"finish")
        end
      else
        update_infos("Cert not found!")
        @site_construct.update(:status=>"error")
      end
    rescue => e
      puts [e,e.backtrace]
      update_infos(e.to_s)
      @site_construct.update(:status=>"error")
    end
  end
  def exec_command_by_user(session,command)
    output = session.exec!(command)
    return output[0...-1].gsub(/^\n[\n]+/,'')
  end
  def exec_ssh_command_by_sudo(session,command)
    output = session.exec!("echo '#{@password}' | sudo -S #{command}")
    if output.include?("sudo:") && output.include?("command not found")
      output = session.exec!(command)
    end
    return output
  end
end