#!/usr/bin/env bash set -euo pipefail # ========================= # Wishlist Deploy (SFTP) # - Git-safe Defaults # - .env Support # ========================= RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m' SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # --- Optional: .env im Skriptordner laden (wenn vorhanden) --- if [[ -f "${SCRIPT_DIR}/.env" ]]; then # Nur schlichte KEY=VALUE Zeilen ohne Export/Spaces # shellcheck disable=SC2046 set -a source "${SCRIPT_DIR}/.env" set +a fi # --- Pfade/Quellen --- SOURCE_DIR="${SOURCE_DIR:-"$SCRIPT_DIR/"}" TARGET_DIR="${TARGET_DIR:-"/public_html/CHANGE_ME_path"}" # --- Verbindungsdaten: absichtlich ungültige Defaults (müssen überschrieben werden) --- SFTP_HOST="${SFTP_HOST:-CHANGE_ME_HOST}" SFTP_USER="${SFTP_USER:-CHANGE_ME_USER}" SSH_KEY="${SSH_KEY:-$HOME/.ssh/CHANGE_ME_key}" # Flags DRY_RUN="${DRY_RUN:-0}" DEBUG="${DEBUG:-0}" # Glob-Excludes (nur Globs, lftp-kompatibel) EXCLUDE_ARGS=( --exclude-glob ".git" --exclude-glob ".git/*" --exclude-glob "*/.git" --exclude-glob "*/.git/*" --exclude-glob "**/.git" --exclude-glob "**/.git/*" --exclude-glob ".git*" --exclude-glob "*/.git*" --exclude-glob "**/.git*" --exclude-glob ".gitattributes" --exclude-glob ".gitignore" --exclude-glob ".github*" --exclude-glob ".env*" --exclude-glob "deploy*.sh" --exclude-glob "README*" --exclude-glob "*.md" --exclude-glob "*.sql" --exclude-glob "node_modules" --exclude-glob "node_modules/**" --exclude-glob "vendor/*/.git*" --exclude-glob "config/config.php" --exclude-glob "data" --exclude-glob "data/*" --exclude-glob "data/**" ) need() { command -v "$1" >/dev/null 2>&1 || { echo -e "${RED}Error: '$1' ist nicht installiert.${NC}"; exit 1; }; } build_connect_program() { printf "ssh -i %q -o IdentitiesOnly=yes -o PreferredAuthentications=publickey -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o NumberOfPasswordPrompts=0 -o BatchMode=yes -o ConnectTimeout=15 -o LogLevel=ERROR" "$SSH_KEY" } abort_defaults_present() { local bad=0 if [[ "$SFTP_HOST" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SFTP_HOST=${SFTP_HOST}${NC}"; bad=1; fi if [[ "$SFTP_USER" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SFTP_USER=${SFTP_USER}${NC}"; bad=1; fi if [[ "$SSH_KEY" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: SSH_KEY=${SSH_KEY}${NC}"; bad=1; fi if [[ "$TARGET_DIR" == *CHANGE_ME* ]]; then echo -e "${RED}Unsafe default: TARGET_DIR=${TARGET_DIR}${NC}"; bad=1; fi if (( bad == 1 )); then cat <&2 ${YELLOW}Hinweis:${NC} Setze die Variablen per Umgebung oder .env: SFTP_HOST=example.org SFTP_USER=example SSH_KEY=/home/user/.ssh/id_ed25519 TARGET_DIR=/public_html/wishlist.hiabuto.de Abbruch, weil noch CHANGE_ME-Defaults aktiv sind. EOF exit 42 fi } echo -e "${GREEN}Starting wishlist deployment...${NC}" echo -e "${GREEN}SFTP Upload -> ${SFTP_USER}@${SFTP_HOST}${NC}" echo -e "${GREEN}Target Dir -> ${TARGET_DIR}${NC}" (( DRY_RUN == 1 )) && echo -e "${YELLOW}Mode -> DRY-RUN${NC}" need lftp abort_defaults_present [ -d "$SOURCE_DIR" ] || { echo -e "${RED}Error: SOURCE_DIR existiert nicht: ${SOURCE_DIR}${NC}"; exit 1; } [ -r "$SSH_KEY" ] || { echo -e "${RED}Error: SSH-Key nicht gefunden/lesbar: ${SSH_KEY}${NC}"; exit 1; } case "$TARGET_DIR" in /public_html/*) : ;; *) echo -e "${RED}TARGET_DIR muss unter /public_html/ liegen (aktuell: ${TARGET_DIR})${NC}"; exit 1;; esac echo -e "${YELLOW}>> Prüfe SFTP-Verbindung (key-only)...${NC}" if ! lftp /dev/null 2>&1; then echo -e "${RED}SFTP-Test fehlgeschlagen.${NC}" exit 255 fi echo -e "${YELLOW}>> Upload per SFTP (mirror -R)...${NC}" MIRROR_OPTS=( -R --delete --verbose --parallel=4 ) (( DRY_RUN == 1 )) && MIRROR_OPTS+=( --dry-run ) (( DEBUG == 1 )) && { echo "mirror opts: ${MIRROR_OPTS[*]}" echo "exclude : ${EXCLUDE_ARGS[*]}" } lftp -e " set cmd:interactive false; set cmd:fail-exit yes; set net:max-retries 2; set net:timeout 20; set sftp:auto-confirm yes; set sftp:connect-program '$(build_connect_program)'; open -u ${SFTP_USER}, sftp://${SFTP_HOST}; mirror ${MIRROR_OPTS[*]} ${EXCLUDE_ARGS[*]} '${SOURCE_DIR%/}/' '${TARGET_DIR%/}/'; bye " if (( DRY_RUN == 1 )); then echo -e "${GREEN}DRY-RUN erfolgreich (keine Dateien verändert).${NC}" else echo -e "${GREEN}SFTP-Upload erfolgreich.${NC}" fi echo -e "${GREEN}Deployment completed.${NC}"