Scripts for Transfer and Restoration of Enhance Control Panel server

net

Based on https://enhance.com/docs/advanced/control-panel-migration.html , making your life easier.

These 2 scripts are for transferring and restoring data to the new control panel. The transfer script will also help you create your SSH key and copy it over to the new server. Remember: The Transfer script is for the old server, and the Restore script is for the new server. Don't mix it up 🙂

Transfer Script:

#!/bin/bash

##Enhance transfer script with SSH key setup
##Version 1.1 powered by JoneSolutions.Com

##Function to print section headers
print_header() {
echo -e "\n\033[1;34m=== $1 ===\033[0m"
}

##Function to print status messages
print_status() {
echo -e "\033[1;32m[*]\033[0m $1"
}

##Function to print error messages
print_error() {
echo -e "\033[1;31m[!]\033[0m $1" >&2
}

##Function to generate SSH key if not exists
generate_ssh_key() {
if [ ! -f ~/.ssh/id_rsa.pub ]; then
print_header "Generating SSH Key"
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -N "" -q
if [ $? -eq 0 ]; then
print_status "SSH key pair generated successfully"
else
print_error "Failed to generate SSH key pair"
exit 1
fi
else
print_status "Existing SSH key found (~/.ssh/id_rsa.pub)"
fi
}

##Function to copy SSH key to target server
copy_ssh_key() {
local target_ip=$1
local password=$2
print_header "Configuring SSH Key Authentication"
if sshpass -p "$password" ssh-copy-id -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa.pub root@$target_ip; then
    print_status "SSH key successfully copied to $target_ip"
    return 0
else
    print_error "Failed to copy SSH key to $target_ip"
    return 1
fi
}

##Get target IP address
read -p "Enter target server IP address [9.9.9.9]: " TARGET_IP
TARGET_IP=${TARGET_IP:-9.9.9.9}

##Get root password
read -s -p "Enter root password for target server: " ROOT_PASSWORD
echo ""

##Generate and configure SSH key
generate_ssh_key
copy_ssh_key "$TARGET_IP" "$ROOT_PASSWORD"

##Verify SSH connection with key
print_header "Testing SSH Key Connection"
if ssh -o PasswordAuthentication=no -o StrictHostKeyChecking=no root@$TARGET_IP "echo 'SSH key authentication successful'"; then
print_status "SSH key authentication working"
USE_SSH_KEY=true
else
print_error "SSH key authentication failed, falling back to password"
USE_SSH_KEY=false
fi

##Stop and disable services
print_header "Stopping Local Services"
systemctl stop orchd && print_status "orchd stopped" print_error "Failed to stop orchd"
systemctl stop appcd && print_status "appcd stopped" print_error "Failed to stop appcd"
systemctl disable orchd && print_status "orchd disabled" print_error "Failed to disable orchd"
systemctl disable appcd && print_status "appcd disabled" print_error "Failed to disable appcd"

##Create database dumps
print_header "Creating Database Dumps"
sudo -u orchd pg_dump -O -d orchd > /var/orchd/orchd.sql && print_status "orchd.sql created" print_error "Failed to create orchd.sql"
sudo -u orchd pg_dump -O -d authd > /var/orchd/authd.sql && print_status "authd.sql created" print_error "Failed to create authd.sql"

##Transfer function that uses the most appropriate method
transfer_file() {
local src=$1
local dest=$2
if [ "$USE_SSH_KEY" = true ]; then
    scp -o StrictHostKeyChecking=no -o PasswordAuthentication=no "$src" "$dest"
else
    sshpass -p "$ROOT_PASSWORD" scp -o StrictHostKeyChecking=no "$src" "$dest"
fi
}

##Transfer database files
print_header "Transferring Database Files"
transfer_file /var/orchd/orchd.sql root@$TARGET_IP:/var/orchd/orchd.sql && print_status "orchd.sql transferred" print_error "Failed to transfer orchd.sql"
transfer_file /var/orchd/authd.sql root@$TARGET_IP:/var/orchd/authd.sql && print_status "authd.sql transferred" print_error "Failed to transfer authd.sql"

##Transfer mTLS certificates
print_header "Transferring mTLS Certificates"
if [ "$USE_SSH_KEY" = true ]; then
scp -o StrictHostKeyChecking=no -o PasswordAuthentication=no -r /etc/ssl/certs/enhance root@$TARGET_IP:/etc/ssl/certs/
else
sshpass -p "$ROOT_PASSWORD" scp -o StrictHostKeyChecking=no -r /etc/ssl/certs/enhance root@$TARGET_IP:/etc/ssl/certs/
fi && print_status "Public certs transferred" || print_error "Failed to transfer public certs"

if [ "$USE_SSH_KEY" = true ]; then
scp -o StrictHostKeyChecking=no -o PasswordAuthentication=no -r /etc/ssl/private/enhance root@$TARGET_IP:/etc/ssl/private/
else
sshpass -p "$ROOT_PASSWORD" scp -o StrictHostKeyChecking=no -r /etc/ssl/private/enhance root@$TARGET_IP:/etc/ssl/private/
fi && print_status "Private certs transferred" || print_error "Failed to transfer private certs"

if [ "$USE_SSH_KEY" = true ]; then
scp -o StrictHostKeyChecking=no -o PasswordAuthentication=no -r /var/local/enhance/orchd/private root@$TARGET_IP:/var/local/enhance/orchd/
else
sshpass -p "$ROOT_PASSWORD" scp -o StrictHostKeyChecking=no -r /var/local/enhance/orchd/private root@$TARGET_IP:/var/local/enhance/orchd/
fi && print_status "ORCHD private files transferred" || print_error "Failed to transfer ORCHD private files"

transfer_file /var/local/enhance/rca.pw root@$TARGET_IP:/var/local/enhance/rca.pw && print_status "RCA password transferred" || print_error "Failed to transfer RCA password"

#Transfer control panel assets
print_header "Transferring Control Panel Assets"
if [ "$USE_SSH_KEY" = true ]; then
scp -o StrictHostKeyChecking=no -o PasswordAuthentication=no -r /var/www/control-panel/assets root@$TARGET_IP:/var/www/control-panel/
else
sshpass -p "$ROOT_PASSWORD" scp -o StrictHostKeyChecking=no -r /var/www/control-panel/assets root@$TARGET_IP:/var/www/control-panel/
fi && print_status "Control panel assets transferred" || print_error "Failed to transfer control panel assets"

#Transfer Cloudflare key (if exists)
if [ -f "/var/local/enhance/orchd/cloudflare.key" ]; then
print_header "Transferring Cloudflare Key"
transfer_file /var/local/enhance/orchd/cloudflare.key root@$TARGET_IP:/var/local/enhance/orchd/cloudflare.key && print_status "Cloudflare key transferred" || print_error "Failed to transfer Cloudflare key"
else
print_status "No Cloudflare key found, skipping"
fi

print_header "Transfer Complete"
echo "All data has been successfully transferred to $TARGET_IP"
echo "Database files: /var/orchd/orchd.sql and /var/orchd/authd.sql"
echo "mTLS certificates transferred to:"
echo " - /etc/ssl/certs/enhance/"
echo " - /etc/ssl/private/enhance/"
echo " - /var/local/enhance/orchd/private/"
echo "Control panel assets transferred to: /var/www/control-panel/assets/"
echo ""
echo "SSH key authentication configured: $USE_SSH_KEY"
if [ "$USE_SSH_KEY" = true ]; then
echo "You can now connect without password using: ssh root@$TARGET_IP"
fi

Make sure sshpass is installed.

Usage Instructions:
Save this script as enhance_transfer.sh
Make it executable: chmod +x enhance_transfer.sh
Run the script: ./enhance_transfer.sh

Restoration script:

#!/bin/bash

##Enhance restoration script
##Version 1.1 powered by JoneSolutions.Com

##Set default IP
DEFAULT_IP="9.9.9.9"

##Function to display usage
usage() {
echo "Usage: $0 [--ip <ip_address>]"
echo " --ip <ip_address> Set the primary IP for SSO (default: $DEFAULT_IP)"
exit 1
}

##Parse command line arguments
while [[ $# -gt 0 ]]; do
case "$1" in
--ip)
IP_ADDRESS=$2
shift 2
;;
--help)
usage
;;
*)
echo "Unknown option: $1"
usage
;;
esac
done

##Set IP address
IP_ADDRESS=${IP_ADDRESS:-$DEFAULT_IP}

echo "Starting restoration process..."
echo "Using IP address: $IP_ADDRESS"
echo ""

##Stop services before beginning restoration
echo "0. Stopping services..."
systemctl stop orchd
systemctl stop appcd
echo "Services stopped successfully."
echo ""

##Step 1: Remove existing databases and create new ones
echo "1. Recreating databases..."
sudo -u postgres psql -c "DROP DATABASE IF EXISTS orchd;"
sudo -u postgres psql -c "DROP DATABASE IF EXISTS authd;"
sudo -u postgres psql -c "CREATE DATABASE orchd;"
sudo -u postgres psql -c "CREATE DATABASE authd;"
sudo -u postgres psql -d orchd -c "GRANT USAGE, CREATE ON SCHEMA public TO orchd;"
sudo -u postgres psql -d authd -c "GRANT USAGE, CREATE ON SCHEMA public TO orchd;"
echo "Database recreation completed."
echo ""

##Step 2: Import data
echo "2. Importing data..."
if [ -f "/var/orchd/orchd.sql" ]; then
sudo -u orchd psql -d orchd < /var/orchd/orchd.sql
echo "Imported orchd.sql successfully."
else
echo "Error: /var/orchd/orchd.sql not found!"
exit 1
fi

if [ -f "/var/orchd/authd.sql" ]; then
sudo -u orchd psql -d authd < /var/orchd/authd.sql
echo "Imported authd.sql successfully."
else
echo "Error: /var/orchd/authd.sql not found!"
exit 1
fi
echo "Data import completed."
echo ""

##Step 3: Start services
echo "3. Starting services..."
systemctl start orchd
systemctl start appcd
systemctl start filerd
echo "Services started."
echo ""

##Step 4: Recreate websites
echo "4. Recreating websites..."
WEBSITE_COUNT=$(sudo -u orchd psql -At -c "SELECT count(*) FROM websites WHERE kind = 1;")
echo "Found $WEBSITE_COUNT control panel websites to recreate."

sudo -u orchd psql -At -c "
SELECT 'appcd-cli create-website ' w.id ' ' w.unix_user ' ' d.domain ' php83 control-panel'
FROM websites w
JOIN domain_mappings dm ON w.id = dm.website_id
JOIN domains d ON dm.domain_id = d.id
WHERE w.kind = 1 and dm.kind = 'primary';
" | bash
echo "Website recreation completed."
echo ""

##Step 5: Update primary IP
echo "5. Updating primary IP to $IP_ADDRESS..."
sudo -u orchd psql -c "UPDATE servers SET primary_ip = '$IP_ADDRESS' where id = '00000000-0000-0000-0000-000000000000';"
sudo -u orchd psql -c "UPDATE server_ips SET ip = '$IP_ADDRESS' where server_id = '00000000-0000-0000-0000-000000000000';"
echo "Primary IP updated."
echo ""

##Step 6: Fix permissions
echo "6. Fixing file permissions..."
chown orchd:orchd /var/local/enhance/orchd/private/orchd.key /etc/ssl/certs/enhance/orchd.crt
chown -R orchd:orchd /var/www/control-panel/screenshots /var/www/control-panel/assets

##Check if Cloudflare key exists and fix permissions if it does
if [ -f "/var/local/enhance/orchd/cloudflare.key" ]; then
chown orchd:orchd /var/local/enhance/orchd/cloudflare.key
echo "Cloudflare key permissions fixed."
fi
echo "Permission fixes completed."
echo ""

##Final step: Regenerate proxies
echo "7. Regenerating control panel proxies..."
ecp regenerate-control-panel-proxies
echo "Proxy regeneration completed."
echo ""

##Completion message
echo "Restoration process completed successfully!"
echo ""
echo "================================================"
echo " SUMMARY"
echo "================================================"
echo "- Services stopped and restarted"
echo "- Databases recreated and data imported"
echo "- $WEBSITE_COUNT websites recreated"
echo "- Primary IP set to $IP_ADDRESS"
echo "- File permissions corrected"
echo "- Proxies regenerated"
echo ""
echo "IMPORTANT NEXT STEPS:"
echo "1. Update the DNS for your control panel domain to point to $IP_ADDRESS"
echo "2. Wait for your local DNS cache to update (this may take some time)"
echo "3. Your panel should be working normally once DNS propagates"
echo "================================================"

exit 0

How to Use This Script:
Save the script to a file (e.g., enhance_restore.sh)
Make it executable: chmod +x enhance_restore.sh
Run it with the default IP (9.9.9.9): ./enhance_restore.sh
Or specify a custom IP: ./enhance_restore.sh --ip 1.2.3.4

You can edit it as you wish.

It can also be downloaded from the following links:

https://master.jonesolutions.com/enhance_transfer.sh
https://master.jonesolutions.com/enhance_restore.sh

Nothing to do, so hope you like it.

cPFence

net

Thank you for sharing this! It's great to see such useful contributions in the community.

nqnoc

First, thanks for sharing! If this script based or inspired on the one made by @xyzulu ?

If not, maybe you two could "join forces" and make 1 single script for the community for backup and restore the CP. Also, the script should be hosted on the Github already created by @xyzulu so we can all track the changes.

net

nqnoc

"First, thanks for sharing! If this script based or inspired on the one made by xyzulu?"

NO.

This is based on the Enhance's docs created by me.

I don't intend to maintain it. Anyone can copy and change it.