From ab393e19da6d35e35da5f01fba43bc559d3ae25d Mon Sep 17 00:00:00 2001
From: XuChao <xuchao@guestin.cn>
Date: Wed, 23 Jul 2025 14:53:16 +0800
Subject: [PATCH 1/2] add deploy hook support for ikuai

---
 deploy/ikuai.sh | 118 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 118 insertions(+)
 create mode 100644 deploy/ikuai.sh

diff --git a/deploy/ikuai.sh b/deploy/ikuai.sh
new file mode 100644
index 0000000000..4a4a89e95a
--- /dev/null
+++ b/deploy/ikuai.sh
@@ -0,0 +1,118 @@
+#!/bin/bash
+
+# Here is a script to deploy cert to ikuai using curl
+#
+# it requires following environment variables:
+#
+# IKUAI_SCHEME="http"           - http or https , defaults to "http"
+# IKUAI_HOSTNAME="localhost"    - host , defaults to "192.168.9.1"
+# IKUAI_PORT="80"               - port , defaults to "80"
+# IKUAI_USERNAME="admin"        - username , defaults to "admin"
+# IKUAI_PASSWORD="yourPassword" - password 
+#
+#returns 0 means success, otherwise error.
+#
+########  Public functions #####################
+#
+#domain keyfile certfile cafile fullchain
+ikuai_deploy() {
+  _cdomain="$1"
+  _ckey="$2"
+  _ccert="$3"
+  _cca="$4"
+  _cfullchain="$5"
+
+  _debug _cdomain "$_cdomain"
+  _debug _ckey "$_ckey"
+  _debug _ccert "$_ccert"
+  _debug _cca "$_cca"
+  _debug _cfullchain "$_cfullchain"
+
+  [ -n "$IKUAI_SCHEME" ] || IKUAI_SCHEME=http
+  [ -n "$IKUAI_HOSTNAME" ] || IKUAI_HOSTNAME=192.168.9.1
+  [ -n "$IKUAI_PORT" ] || IKUAI_PORT=80
+  [ -n "$IKUAI_USERNAME" ] || IKUAI_USERNAME=admin
+
+  # Get deploy conf
+  _getdeployconf IKUAI_SCHEME
+  _getdeployconf IKUAI_HOSTNAME
+  _getdeployconf IKUAI_PORT
+  _getdeployconf IKUAI_USERNAME
+  _getdeployconf IKUAI_PASSWORD
+ 
+   if [ -z "$IKUAI_HOSTNAME" ] || [ -z "$IKUAI_USERNAME" ] || [ -z "$IKUAI_PASSWORD" ]; then
+    _err "IKUAI_HOSTNAME ,IKUAI_USERNAME and IKUAI_PASSWORD is required ."
+    return 1
+  fi
+
+  _debug2 IKUAI_SCHEME "$IKUAI_SCHEME"
+  _debug2 IKUAI_HOSTNAME "$IKUAI_HOSTNAME"
+  _debug2 IKUAI_PORT "$IKUAI_PORT"
+  _debug2 IKUAI_USERNAME "$IKUAI_USERNAME"
+  _secure_debug2 IKUAI_PASSWORD "$IKUAI_PASSWORD"
+
+  _debug "Login to ikuai ..."
+  _ikuai_url="$IKUAI_SCHEME://$IKUAI_HOSTNAME:$IKUAI_PORT"
+  _pass_md5="$(printf "%s" "$IKUAI_PASSWORD" | _digest md5 hex | _lower_case)"
+  _pass_salt="$(printf "salt_11%s" "$IKUAI_PASSWORD" | _base64)"
+  _login_req="{\"username\":\"$IKUAI_USERNAME\",\"passwd\":\"$_pass_md5\",\"pass\":\"$_pass_salt\",\"remember_password\":\"\"}"
+  
+  _debug2 _ikuai_url "$_ikuai_url"
+
+  _response=$(_post "$_login_req" "$_ikuai_url/Action/login" "" "POST" "application/json")
+  
+  if ! _contains "$_response" 'ErrMsg'; then
+    _err 'Failed to login to ikuai : $_response'
+    return 1
+  fi
+  _err_msg="$(printf "%s" "$_response" | _normalizeJson | _egrep_o '"ErrMsg":"[^"]*"' | cut -d'"' -f4)"
+  # check ErrMsg 
+  if [ "$_err_msg" != "Success" ];then
+    _err "Failed to login to ikuai: $_err_msg"
+    return 1
+  fi
+  # check cookie
+  _cookie="$(grep -i '^set-cookie:' "$HTTP_HEADER" | _head_n 1 | cut -d " " -f 2)"
+  if [ -z "$_cookie" ]; then
+    _err "Fail to get the cookie."
+    return 1
+  fi
+  _debug "Login to ikuai success ,now save the config ... "
+
+  # Save the config 
+  _savedeployconf IKUAI_SCHEME "$IKUAI_SCHEME"
+  _savedeployconf IKUAI_HOSTNAME "$IKUAI_HOSTNAME"
+  _savedeployconf IKUAI_PORT "$IKUAI_PORT"
+  _savedeployconf IKUAI_USERNAME "$IKUAI_USERNAME"
+  _savedeployconf IKUAI_PASSWORD "$IKUAI_PASSWORD"
+
+  # Set cookie header
+  _H1="Cookie: $_cookie username=$IKUAI_USERNAME; login=1"
+
+  _debug "Deploy the cert to ikuai ... "
+
+  # Should replace \n to @ ," " to #
+  _cert_content_single_line="$(cat "$_ccert" | tr '\n' '@' | tr ' ' '#')"
+  _key_content_single_line="$(cat "$_ckey" | tr '\n' '@' | tr ' ' '#')"
+
+  _debug2 _cert_content_single_line "$_cert_content_single_line"
+  _debug2 _key_content_single_line "$_key_content_single_line"
+
+  _key_manager_req="{\"func_name\":\"key_manager\",\"action\":\"save\",\"param\":{\"ca\":\"$_cert_content_single_line\",\"key\":\"$_key_content_single_line\",\"id\":1,\"enabled\":\"yes\",\"comment\":\"\"}}"
+  _response=$(_post "$_key_manager_req" "$_ikuai_url/Action/call" "" "POST" "application/json")
+  
+  _err_msg="$(printf "%s" "$_response" | _normalizeJson | _egrep_o '"ErrMsg":"[^"]*"' | cut -d'"' -f4)"
+  
+  if ! _contains "$_response" 'ErrMsg'; then
+    _err 'Failed to save cert to ikuai : $_response'
+    return 1
+  fi
+  # check ErrMsg 
+  if [ "$_err_msg" != "Success" ];then
+    _err "Failed to save cert to ikuai: $_err_msg"
+    return 1
+  fi
+   _debug "Deploy the cert to ikuai success ,now enjoy it :>! "
+
+  return 0
+}

From bc190dd8657c75f0cf11e61470bdb81287ce6caa Mon Sep 17 00:00:00 2001
From: XuChao <xuchao@guestin.cn>
Date: Thu, 24 Jul 2025 09:44:20 +0800
Subject: [PATCH 2/2] fix shellcheck warn and shfmt the code

---
 deploy/ikuai.sh | 50 ++++++++++++++++++++++++-------------------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/deploy/ikuai.sh b/deploy/ikuai.sh
index 4a4a89e95a..47f42c961f 100644
--- a/deploy/ikuai.sh
+++ b/deploy/ikuai.sh
@@ -8,7 +8,7 @@
 # IKUAI_HOSTNAME="localhost"    - host , defaults to "192.168.9.1"
 # IKUAI_PORT="80"               - port , defaults to "80"
 # IKUAI_USERNAME="admin"        - username , defaults to "admin"
-# IKUAI_PASSWORD="yourPassword" - password 
+# IKUAI_PASSWORD="yourPassword" - password
 #
 #returns 0 means success, otherwise error.
 #
@@ -28,10 +28,10 @@ ikuai_deploy() {
   _debug _cca "$_cca"
   _debug _cfullchain "$_cfullchain"
 
-  [ -n "$IKUAI_SCHEME" ] || IKUAI_SCHEME=http
-  [ -n "$IKUAI_HOSTNAME" ] || IKUAI_HOSTNAME=192.168.9.1
+  [ -n "$IKUAI_SCHEME" ] || IKUAI_SCHEME="http"
+  [ -n "$IKUAI_HOSTNAME" ] || IKUAI_HOSTNAME="192.168.9.1"
   [ -n "$IKUAI_PORT" ] || IKUAI_PORT=80
-  [ -n "$IKUAI_USERNAME" ] || IKUAI_USERNAME=admin
+  [ -n "$IKUAI_USERNAME" ] || IKUAI_USERNAME="admin"
 
   # Get deploy conf
   _getdeployconf IKUAI_SCHEME
@@ -39,8 +39,8 @@ ikuai_deploy() {
   _getdeployconf IKUAI_PORT
   _getdeployconf IKUAI_USERNAME
   _getdeployconf IKUAI_PASSWORD
- 
-   if [ -z "$IKUAI_HOSTNAME" ] || [ -z "$IKUAI_USERNAME" ] || [ -z "$IKUAI_PASSWORD" ]; then
+
+  if [ -z "$IKUAI_HOSTNAME" ] || [ -z "$IKUAI_USERNAME" ] || [ -z "$IKUAI_PASSWORD" ]; then
     _err "IKUAI_HOSTNAME ,IKUAI_USERNAME and IKUAI_PASSWORD is required ."
     return 1
   fi
@@ -51,23 +51,23 @@ ikuai_deploy() {
   _debug2 IKUAI_USERNAME "$IKUAI_USERNAME"
   _secure_debug2 IKUAI_PASSWORD "$IKUAI_PASSWORD"
 
-  _debug "Login to ikuai ..."
+  _info "Login to ikuai ..."
   _ikuai_url="$IKUAI_SCHEME://$IKUAI_HOSTNAME:$IKUAI_PORT"
   _pass_md5="$(printf "%s" "$IKUAI_PASSWORD" | _digest md5 hex | _lower_case)"
   _pass_salt="$(printf "salt_11%s" "$IKUAI_PASSWORD" | _base64)"
   _login_req="{\"username\":\"$IKUAI_USERNAME\",\"passwd\":\"$_pass_md5\",\"pass\":\"$_pass_salt\",\"remember_password\":\"\"}"
-  
+
   _debug2 _ikuai_url "$_ikuai_url"
 
   _response=$(_post "$_login_req" "$_ikuai_url/Action/login" "" "POST" "application/json")
-  
-  if ! _contains "$_response" 'ErrMsg'; then
-    _err 'Failed to login to ikuai : $_response'
+
+  if ! _contains "$_response" "ErrMsg"; then
+    _err "Failed to login to ikuai : $_response"
     return 1
   fi
   _err_msg="$(printf "%s" "$_response" | _normalizeJson | _egrep_o '"ErrMsg":"[^"]*"' | cut -d'"' -f4)"
-  # check ErrMsg 
-  if [ "$_err_msg" != "Success" ];then
+  # check ErrMsg
+  if [ "$_err_msg" != "Success" ]; then
     _err "Failed to login to ikuai: $_err_msg"
     return 1
   fi
@@ -77,9 +77,9 @@ ikuai_deploy() {
     _err "Fail to get the cookie."
     return 1
   fi
-  _debug "Login to ikuai success ,now save the config ... "
+  _info "Login to ikuai success ,now save the config ... "
 
-  # Save the config 
+  # Save the config
   _savedeployconf IKUAI_SCHEME "$IKUAI_SCHEME"
   _savedeployconf IKUAI_HOSTNAME "$IKUAI_HOSTNAME"
   _savedeployconf IKUAI_PORT "$IKUAI_PORT"
@@ -89,30 +89,30 @@ ikuai_deploy() {
   # Set cookie header
   _H1="Cookie: $_cookie username=$IKUAI_USERNAME; login=1"
 
-  _debug "Deploy the cert to ikuai ... "
+  _info "Deploy the cert to ikuai ... "
 
   # Should replace \n to @ ," " to #
-  _cert_content_single_line="$(cat "$_ccert" | tr '\n' '@' | tr ' ' '#')"
-  _key_content_single_line="$(cat "$_ckey" | tr '\n' '@' | tr ' ' '#')"
+  _cert_content_single_line="$(<"$_ccert" tr '\n' '@' | tr ' ' '#')"
+  _key_content_single_line="$(<"$_ckey" tr '\n' '@' | tr ' ' '#')"
 
   _debug2 _cert_content_single_line "$_cert_content_single_line"
   _debug2 _key_content_single_line "$_key_content_single_line"
 
   _key_manager_req="{\"func_name\":\"key_manager\",\"action\":\"save\",\"param\":{\"ca\":\"$_cert_content_single_line\",\"key\":\"$_key_content_single_line\",\"id\":1,\"enabled\":\"yes\",\"comment\":\"\"}}"
   _response=$(_post "$_key_manager_req" "$_ikuai_url/Action/call" "" "POST" "application/json")
-  
+
   _err_msg="$(printf "%s" "$_response" | _normalizeJson | _egrep_o '"ErrMsg":"[^"]*"' | cut -d'"' -f4)"
-  
-  if ! _contains "$_response" 'ErrMsg'; then
-    _err 'Failed to save cert to ikuai : $_response'
+
+  if ! _contains "$_response" "ErrMsg"; then
+    _err "Failed to save cert to ikuai : $_response"
     return 1
   fi
-  # check ErrMsg 
-  if [ "$_err_msg" != "Success" ];then
+  # check ErrMsg
+  if [ "$_err_msg" != "Success" ]; then
     _err "Failed to save cert to ikuai: $_err_msg"
     return 1
   fi
-   _debug "Deploy the cert to ikuai success ,now enjoy it :>! "
+  _info "Deploy the cert to ikuai success ,now enjoy it :>! "
 
   return 0
 }