tony
/
mb-admin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Harden PMA certbot fallback when package install fails

main
Anthony 2026-02-26 21:52:22 +08:00
parent 157d3dcde6
commit e59dbc9af0
1 changed files with 48 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
scripts/pma-gateway/create_pma_gateway.sh
View File

@ -152,25 +152,66 @@ if [[ -z "$LE_CERT_DIR" ]]; then
CERTBOT_CMD="" CERTBOT_CMD=""
if command -v certbot >/dev/null 2>&1; then if command -v certbot >/dev/null 2>&1; then
CERTBOT_CMD="certbot" CERTBOT_CMD="certbot"
elif [[ -x "/opt/certbot/certbot-auto" ]]; then else
CERTBOT_CMD="/opt/certbot/certbot-auto" # On some images certbot exists but is not in PATH for non-login shells.
for certbot_path in /usr/bin/certbot /usr/local/bin/certbot /snap/bin/certbot; do
if [[ -x "$certbot_path" ]]; then
CERTBOT_CMD="$certbot_path"
break
fi
done
fi
if [[ -z "$CERTBOT_CMD" ]] && [[ -f "/opt/certbot/certbot-auto" ]]; then
sudo chmod a+x /opt/certbot/certbot-auto >/dev/null 2>&1 || true
if [[ -x "/opt/certbot/certbot-auto" ]]; then
CERTBOT_CMD="/opt/certbot/certbot-auto"
fi
fi fi
if [[ -z "$CERTBOT_CMD" ]]; then if [[ -z "$CERTBOT_CMD" ]]; then
echo "WARNING: certbot is not available. Attempting to install certbot..." >&2 echo "WARNING: certbot is not available. Attempting to bootstrap certbot-auto..." >&2
sudo mkdir -p /opt/certbot >/dev/null 2>&1 || true
if command -v curl >/dev/null 2>&1; then
sudo curl -fsSL https://dl.eff.org/certbot-auto -o /opt/certbot/certbot-auto >/dev/null 2>&1 || true
elif command -v wget >/dev/null 2>&1; then
sudo wget -q -O /opt/certbot/certbot-auto https://dl.eff.org/certbot-auto >/dev/null 2>&1 || true
fi
sudo chmod a+x /opt/certbot/certbot-auto >/dev/null 2>&1 || true
if [[ -x "/opt/certbot/certbot-auto" ]]; then
CERTBOT_CMD="/opt/certbot/certbot-auto"
fi
fi
if [[ -z "$CERTBOT_CMD" ]]; then
echo "WARNING: certbot/certbot-auto is still unavailable. Attempting package manager install..." >&2
if command -v dnf >/dev/null 2>&1; then if command -v dnf >/dev/null 2>&1; then
sudo dnf install -y --setopt=install_weak_deps=False certbot >/dev/null 2>&1 || true if ! sudo dnf install -y --setopt=install_weak_deps=False certbot >/dev/null 2>&1; then
echo "WARNING: dnf failed to install certbot (possibly resource constrained)." >&2
fi
elif command -v yum >/dev/null 2>&1; then elif command -v yum >/dev/null 2>&1; then
sudo yum install -y certbot >/dev/null 2>&1 || true if ! sudo yum install -y certbot >/dev/null 2>&1; then
echo "WARNING: yum failed to install certbot." >&2
fi
elif command -v apt-get >/dev/null 2>&1; then elif command -v apt-get >/dev/null 2>&1; then
sudo apt-get update -qq >/dev/null 2>&1 || true sudo apt-get update -qq >/dev/null 2>&1 || true
sudo apt-get install -y certbot >/dev/null 2>&1 || true if ! sudo apt-get install -y certbot >/dev/null 2>&1; then
echo "WARNING: apt-get failed to install certbot." >&2
fi
fi fi
if command -v certbot >/dev/null 2>&1; then if command -v certbot >/dev/null 2>&1; then
CERTBOT_CMD="certbot" CERTBOT_CMD="certbot"
elif [[ -x "/opt/certbot/certbot-auto" ]]; then elif [[ -x "/opt/certbot/certbot-auto" ]]; then
CERTBOT_CMD="/opt/certbot/certbot-auto" CERTBOT_CMD="/opt/certbot/certbot-auto"
else
for certbot_path in /usr/bin/certbot /usr/local/bin/certbot /snap/bin/certbot; do
if [[ -x "$certbot_path" ]]; then
CERTBOT_CMD="$certbot_path"
break
fi
done
fi fi
fi fi
@ -385,7 +426,7 @@ fi
sudo tee "$GATEWAY_FILE" >/dev/null <<'PHP' sudo tee "$GATEWAY_FILE" >/dev/null <<'PHP'
<?php <?php
// Secure phpMyAdmin gateway auto-generated, do NOT edit manually. // Secure phpMyAdmin gateway - auto-generated, do NOT edit manually.
ini_set('session.cookie_httponly', 1); ini_set('session.cookie_httponly', 1);
$param = 'token'; $param = 'token';