Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

update domain names with the cli (yet another topic)

Scheduled Pinned Locked Moved Solved Support
certificates
15 Posts 3 Posters 614 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    wrote on last edited by
    #1

    Hello, I checked the topics existed earlier, but I really need a way to initiate all domains certificate renew using command line - something like

    sudo docker exec -it `sudo docker ps --filter name=certbot -q` /usr/local/bin/certbot renew
    

    Reason for that: my host is closed by a firewall and I need to automate opening the firewall for some time, renew the certs, close the firewall back.

    I understand I can do it GUI, but that means I can't automate it, which I would like to...

    Any clue would be much appreciated!

    fbartelsF 1 Reply Last reply
    0
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to potemkin_ai on last edited by
    #2

    Hi @potemkin_ai,

    generally I think it would be a better solution to use a dns provider that supports dns validation.

    @potemkin_ai said in update domain names with the cli (yet another topic):

    I understand I can do it GUI

    Is that a typo? If its possible to do this in the gui then you just need to check which requests/commands it sends to the server when doing so. This is how I sniffed the requests I needed to make to trigger a full box backup and poll for its completion.

    The api is also described at https://docs.cloudron.io/api.html

    potemkin_aiP 1 Reply Last reply
    0
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    replied to fbartels on last edited by
    #3

    @fbartels there is no typo - I need to make it in command line (cli).

    I wish I can easily change DNS providers, but since it's not the case, I need a way to automate that from the server.

    fbartelsF 1 Reply Last reply
    0
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to potemkin_ai on last edited by
    #4

    @potemkin_ai said in update domain names with the cli (yet another topic):

    I need to make it in command line (cli).

    Like I said, if its part of the web ui, then you can easily trigger it from the cli with curl. Just checked it myself and this is the request that gets sent (from the network console and then selected "copy as curl"):

    curl 'https://my.cloud.ron/api/v1/cloudron/renew_certs' \
      -H 'authority: my.cloud.ron' \
      -H 'sec-ch-ua: "Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"' \
      -H 'dnt: 1' \
      -H 'sec-ch-ua-mobile: ?0' \
      -H 'authorization: Bearer my-token' \
      -H 'content-type: application/json;charset=UTF-8' \
      -H 'accept: application/json, text/plain, */*' \
      -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36' \
      -H 'sec-ch-ua-platform: "macOS"' \
      -H 'origin: https://my.cloud.ron' \
      -H 'sec-fetch-site: same-origin' \
      -H 'sec-fetch-mode: cors' \
      -H 'sec-fetch-dest: empty' \
      -H 'referer: my.cloud.ron' \
      -H 'accept-language: en,de-DE;q=0.9,de;q=0.8,en-US;q=0.7,nl-NL;q=0.6,nl;q=0.5,zh-TW;q=0.4,zh;q=0.3' \
      --data-raw '{}' \
      --compressed
    

    (in the above example there are parts that can easily be removed)

    potemkin_aiP 1 Reply Last reply
    0
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    replied to fbartels on last edited by
    #5

    @fbartels thank you; is there any other way, opposed to reverse engineer front-end from the back-end, or at least to make it more understandable and repeat-able, for those, who is not a front-end developer, like myself?

    For example, how do I find this particular request, on top of dozens (at least) others? Would it be supported in the future or it's something that can be broken easily? Where do I get token? Can it expire?
    If things can expire, is there any better way to handle things?

    I understand it's not very typical request, I appreciate your help, just trying to make sense of it.

    nebulonN 1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    replied to potemkin_ai on last edited by
    #6

    @potemkin_ai while there is no cli subcommand as such, as @fbartels correctly mentioned, there is a REST api, which the Cloudron dashboard also uses.
    I have documented it now at https://docs.cloudron.io/api.html#tag/Cloudron/paths/~1cloudron~1renew_certs/post

    potemkin_aiP 1 Reply Last reply
    0
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    replied to nebulon on last edited by
    #7

    @nebulon oh, that's wonderful!

    May I ask you for some help in here, please?

    I did the call 'curl -k -X POST -H 'Content-Type: application/json' --data '{"domain": "sub.domain.name"}' https://mydomain.name//api/v1/cloudron/renew_certs

    and it failed with the following error:

    <!DOCTYPE html>
    <html lang="en">
    <head>
    <meta charset="utf-8">
    <title>Error</title>
    </head>
    <body>
    <pre>Cannot POST //api/v1/cloudron/renew_certs</pre>
    </body>
    </html>
    

    What am I missing here?

    nebulonN 1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    replied to potemkin_ai on last edited by
    #8

    @potemkin_ai were you using the dashboard domain. As in my.example.com ?

    potemkin_aiP 1 Reply Last reply
    0
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    replied to nebulon on last edited by
    #9

    @nebulon nop; but I changed it to be my.sub-domain.domain.name, which is exactly a cloudron address, and get the very same error there.

    As I wrote I realized that I used double slash after the domain name - that broke out things, which I didn't expected...

    Got the new error - could you please, assist me - how to get the token?

    {
      "status": "Unauthorized",
      "message": "Token required"
    }
    
    nebulonN 1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    replied to potemkin_ai on last edited by
    #10

    @potemkin_ai you need to provide an access token for verification as mentioned on the top of https://docs.cloudron.io/api.html

    Such api tokens can be created in the profile page in your Cloudron dashboard.

    potemkin_aiP 1 Reply Last reply
    0
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    replied to nebulon on last edited by
    #11

    @nebulon Thank you.
    For the future guys like me - that's in profile page.

    I've added the token, but it still generate an error:

    curl -k -X POST -H 'Content-Type: application/json' -H 'Bearer: $TOKEN' --data '{"domain": "my.sub.domain.com"}' https://my.sub.domain.com/api/v1/cloudron/renew_certs
    

    Generates the same error:

    {
      "status": "Unauthorized",
      "message": "Token required"
    

    Request via ?access_token=<token> works, though.

    Is there something I'm missing with passing token as a header? Tried both "Bearer: $token" and "Bearer $token" - same result.

    fbartelsF 1 Reply Last reply
    0
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to potemkin_ai on last edited by
    #12

    @potemkin_ai said in update domain names with the cli (yet another topic):

    Is there something I'm missing with passing token as a header?

    It needs to be -H "authorization: Bearer $TOKEN".

    potemkin_aiP 1 Reply Last reply
    0
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    replied to fbartels on last edited by
    #13

    @fbartels , @nebulon thanks!

    For the future me, here is a two minutes guide I wish I had when I started:

    1. Go to the profile page on your Cloudron, generate the token there.
    2. Create the script you want to be executed and here is the part of it, in charge of the API calls:
    dns_host_name='my.your_instance.name'
    token='token_you_just_generated'
    
    set +e
    set +x
    
    #do your voodoo here; in my case - it's firewall rules altering
    
    curl -k -X POST -H 'Content-Type: application/json' -H "authorization: Bearer $token" --data '{"domain": "'$dns_host_name'"}' https://$dns_host_name/api/v1/cloudron/renew_certs
    echo "You can check the status of the task at https://$dns_host_name/logs.html?taskId=$task_id_from_above"
    sleep 180
    
    #do your next voodoo here - in my case, altering firewall rules back
    
    1 Reply Last reply
    0
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #14

    So I guess this is solved now?

    potemkin_aiP 1 Reply Last reply
    0
  • potemkin_aiP Offline
    potemkin_aiP Offline
    potemkin_ai
    replied to nebulon on last edited by
    #15

    @nebulon indeed, thank you!

    For the sake of future users, I guess it could make sense to add information about where to take token and full command line for cURL into the documentation, but it's not directly related to the case.

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.