letsencrypt, restart DA, hostname, reverse dns etc via bash-script?

[flexjoly]

Hi,

I hope this is not a silly question. I did a lot of searching before asking
We have an own plugin with several bash-scripts to automate things. Like yum update, install/restart postgres, init new datebase, making git-repo on new user etc.

But some things I cannot get to work, like:
- directly (not via taskqueue) restart DA with (or is this very wrong to do?):

systemclt restart directadmin

- Install certificate for the hostname

cd /usr/local/directadmin/scripts && ./letsencrypt.sh request_single ${SERVER_NAME} 4096

- manage the ticket-system settings, like setting the email-address (I cannot find this mail-address inside directadmin.conf)

Is it possible to:
- set the reverse ip via bash script?
- set the hostname (after first install) via bash script?

I know it is possible to change the install script with your own settings. But we host our servers with pre-installed centos and directadmin image. This works very smoothly, but it is not possible to use your own settings.

I hope someone can help me on here.
Much thanks in advance,
flexJoly

 

[dmtinc]

Hi,

I have a script to update a installation of DA with new info (for our VM template), some tips:

Update hostname:

hostnamectl set-hostname $newhostname --static
/usr/local/directadmin/scripts/hostname.sh $newhostname $newip

Create a certificate for the new hostname:

cd /usr/local/directadmin/scripts
./letsencrypt.sh request_single $(hostname) 4096

Update the email address:

sed -i '/email=/d' /usr/local/directadmin/data/users/admin/user.conf
echo "email=admin@$hostname" >> /usr/local/directadmin/data/users/admin/user.conf
sed -i '/email=/d' /usr/local/directadmin/data/users/admin/ticket.conf
echo "email=$nuevomail" >>  /usr/local/directadmin/data/users/admin/ticket.conf

For the reverse ip, this will depend of who manage the dns zone of the ip address, in general the dns zone for the ip addresses (ARPA Zone) isnt managed by a directadmin server (its possible),
If you exec a whois for you ip address, what dns servers records have at the rir?

for example:

% whois 200.1.123.3
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
% This query returned 1 object

refer:        whois.lacnic.net

inetnum:      200.0.0.0 - 200.255.255.255
organisation: LACNIC
status:       ALLOCATED

whois:        whois.lacnic.net

changed:      2002-11
source:       IANA

# whois.lacnic.net


% Joint Whois - whois.lacnic.net
%  This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
%  The data below is provided for information purposes
%  and to assist persons in obtaining information about or
%  related to AS and IP numbers registrations
%  By submitting a whois query, you agree to use this data
%  only for lawful purposes.
%  2021-10-15 09:54:44 (-03 -03:00)

inetnum:     200.1.120.0/22
status:      assigned
aut-num:     N/A
owner:       NIC Chile
ownerid:     CL-NICH-LACNIC
responsible: Eduardo Mercader
address:     Miraflores, 222, piso 14
address:     8320198 - Santiago - RM
country:     CL
phone:       +56 22 9407700
owner-c:     EMO2
tech-c:      EMO2
abuse-c:     EMO2
inetrev:     200.1.122.0/23
nserver:     A.NIC.CL
nsstat:      20211012 AA
nslastaa:    20211012
nserver:     B.NIC.CL
nsstat:      20211012 AA
nslastaa:    20211012
nserver:     C.NIC.CL
nsstat:      20211012 AA
nslastaa:    20211012
inetrev:     200.1.121.0/24
nserver:     A.NIC.CL
nsstat:      20211012 AA
nslastaa:    20211012
nserver:     B.NIC.CL
nsstat:      20211012 AA
nslastaa:    20211012
nserver:     C.NIC.CL
nsstat:      20211012 AA
nslastaa:    20211012
inetrev:     200.1.120.0/24
nserver:     A.NIC.CL
nsstat:      20211010 AA
nslastaa:    20211010
nserver:     B.NIC.CL
nsstat:      20211010 AA
nslastaa:    20211010
nserver:     C.NIC.CL
nsstat:      20211010 AA
nslastaa:    20211010
created:     20030825
changed:     20160923

 

[MaXi32]

In addition to @dmtinc post. The question regarding restarting directadmin:

The safest and best way to restart directadmin is to use task.queue:

echo "action=directadmin&value=restart" >>/usr/local/directadmin/data/task.queue

It will wait for other pending tasks to be executed first within 1-minute max before doing a real restart

or you could write this standalone function in automated script like this (just to force restart with /usr/local/directadmin/dataskq d2000) if task.queue has finished executes tasks:

restart_da() {
  local wait_count max_wait task_queue_file
  wait_count=0
  # taskq execution should not be longer than this max_wait else something wrong with the task.queue
  max_wait=70
  task_queue_file="/usr/local/directadmin/data/task.queue"
  while :; do
    ((wait_count = wait_count + 1))
    sleep 1
    if [[ -s "${task_queue_file}" && -f "${task_queue_file}" ]]; then
      ehco "Waiting for pending task(s) to finish executed from task.queue ..."
      if [ "${wait_count}" -gt ${max_wait} ]; then
        # Force restart if waiting time is longer than max_wait. The maximum task.queue execution time is only 1 minute based on directadmin documentation
        # Another condition that can be force to restart is, if the task.queue contains more than 2 lines, it means it is not running. So we can force restart it.
        echo "Warning, task.queue has not finished executing task(s) for more than ${max_wait} seconds. Forcing directadmin to restart ..."
        echo "action=directadmin&value=restart" >>/usr/local/directadmin/data/task.queue
        /usr/local/directadmin/dataskq d2000 >/dev/null
        break
      fi
    else
      echo "Restarting Directadmin using task.queue mode ..."
      # Writing restart query in task.queue to restart directadmin in queue mode
      echo "action=directadmin&value=restart" >>/usr/local/directadmin/data/task.queue
      # Force restart with debugging level d2000
      # this option force reboot if we still have pending tasks. This is optional because at this condition we know there must be no other pending tasks.
      /usr/local/directadmin/dataskq d2000 >/dev/null
      break
    fi
  done

and execute the function anywhere in your automated script like

restart_da

Task queue processor | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

For the reverse IP, if your registrar has an API-enabled to change reverse IP, you could use that in an automated script to change the reverse IP. I'm using linode and I'm able to change the reverse IP via bash script

 

[flexjoly]

Hi @dmtinc, @MaXi32 ,

Thanks a lot for your detailed replies!

Based on your advices I assume that using the task-queue is the safest for us. I do not want to make a special script for it. It just needs to restart as soon as possible after a script is runned ;-)

Hi,

I have a script to update a installation of DA with new info (for our VM template), some tips:

Update hostname:

hostnamectl set-hostname $newhostname --static
/usr/local/directadmin/scripts/hostname.sh $newhostname $newip

I will try this! Thanks!

Create a certificate for the new hostname:

cd /usr/local/directadmin/scripts
./letsencrypt.sh request_single $(hostname) 4096

I tried this in a bash script. But it hangs..... and crashes. ?
When running directly in CLI, the certificate is installed correcly.

Are you sure this should work in a bash script in a da-plugin?

Update the email address:

sed -i '/email=/d' /usr/local/directadmin/data/users/admin/user.conf
echo "email=admin@$hostname" >> /usr/local/directadmin/data/users/admin/user.conf
sed -i '/email=/d' /usr/local/directadmin/data/users/admin/ticket.conf
echo "email=$nuevomail" >>  /usr/local/directadmin/data/users/admin/ticket.conf

Ah thanks!!!
That explains a lot!

For the reverse ip, this will depend of who manage the dns zone of the ip address, in general the dns zone for the ip addresses (ARPA Zone) isnt managed by a directadmin server (its possible),
If you exec a whois for you ip address, what dns servers records have at the rir?

ah, ok. I did not know this. (I am not a real linux-web server guru, it is just my side-task in a small business ?)

I will look into it!