digbox/AdsPreview
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add SSH-Key support for secure deployment authentication

Browse Source 
- upload.sh: Conditional SSH-Key vs. password authentication
- Automatic detection of SSH-Keys via FTP_SSH_KEY variable
- CloudPanel-compatible SSH-Key integration
- .env.upload.example: Added SSH-Key documentation
- Secure SFTP uploads without passwords in code
This commit is contained in:
Johannes
2025-09-07 15:46:11 +02:00
parent 58764765dd
commit a6ae81f5b5
2 changed files with 40 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
deployment/scripts/.env.upload.example
View File

@@ -16,6 +16,10 @@ FTP_PATH="/htdocs"
# SSH/SFTP Port (Standard: 22) # SSH/SFTP Port (Standard: 22)
FTP_PORT="22" FTP_PORT="22"
# SSH-Key Authentifizierung (Optional, für SSH-Key-only Server)
# Falls gesetzt, wird SSH-Key statt Passwort verwendet
# FTP_SSH_KEY="$HOME/.ssh/id_rsa"
# Beispiele für verschiedene Provider: # Beispiele für verschiedene Provider:
# Strato: FTP_HOST="ftp.strato.de" FTP_PATH="/htdocs" # Strato: FTP_HOST="ftp.strato.de" FTP_PATH="/htdocs"
# 1&1: FTP_HOST="ftp.1und1.de" FTP_PATH="/htdocs" # 1&1: FTP_HOST="ftp.1und1.de" FTP_PATH="/htdocs"

27
deployment/scripts/upload.sh
View File

@@ -35,6 +35,15 @@ echo " Host: $FTP_HOST"
echo " User: $FTP_USER" echo " User: $FTP_USER"
echo " Port: $FTP_PORT" echo " Port: $FTP_PORT"
echo " Path: $FTP_PATH" echo " Path: $FTP_PATH"
# SSH-Key Authentifizierung prüfen
if [ -n "$FTP_SSH_KEY" ] && [ -f "$FTP_SSH_KEY" ]; then
echo " Auth: SSH-Key ($FTP_SSH_KEY)"
USE_SSH_KEY=1
else
echo " Auth: Passwort"
USE_SSH_KEY=0
fi
echo "" echo ""
# Prüfe ob wir im deployment/scripts/ Ordner sind und wechsle zur Projekt-Root # Prüfe ob wir im deployment/scripts/ Ordner sind und wechsle zur Projekt-Root
@@ -74,6 +83,23 @@ if [[ ! "$response" =~ ^[Yy]$ ]]; then
fi fi
echo "📤 Uploade via SFTP..." echo "📤 Uploade via SFTP..."
if [ $USE_SSH_KEY -eq 1 ]; then
# SSH-Key Authentifizierung
lftp -c "
set sftp:auto-confirm yes;
set ssl:verify-certificate no;
set sftp:connect-program 'ssh -i $FTP_SSH_KEY -p $FTP_PORT -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null';
open sftp://$FTP_USER@$FTP_HOST;
cd $FTP_PATH;
lcd deployment/build;
mirror --reverse --delete --verbose --exclude-glob=node_modules/ --exclude-glob=.git/ --exclude-glob=.* --exclude area/ ./ ./;
bye
"
else
# Passwort Authentifizierung
lftp -c " lftp -c "
set sftp:auto-confirm yes; set sftp:auto-confirm yes;
set ssl:verify-certificate no; set ssl:verify-certificate no;
@@ -85,6 +111,7 @@ mirror --reverse --delete --verbose --exclude-glob=node_modules/ --exclude-glob=
bye bye
" "
fi
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
echo "✅ Upload erfolgreich!" echo "✅ Upload erfolgreich!"