Skip to Content

Add / update / delete servers through ezeelogin API

How to add/delete/update servers in GUI using API?


Overview: This article guides Ezeelogin gateway users to add, update, or delete servers in the GUI using the API.

An API script is provided for automating server add/edit/delete tasks in gateway server of ezeelogin. With the help of this script, your gateway server can be integrated with any 3rd party application managing your clients/customers. Also, make sure to enable API.

Step 1: Login to gateway user interface and navigate to Settings >  APIProvide the API Secret  and enable API for the API script to work.
 

The API script can be executed as:

root@gateway:~# php /usr/local/ezlogin/ezwapi.php [params...]

For Help 

root@gateway:~# php /usr/local/ezlogin/ezwapi.php -help

Usage:

ezwapi.php -help <action>
action : API action (add_server/update_server/remove_server/reset_fingerprint/add_user_server_acl)

1. Add Server 

root@gateway:~# php /usr/local/ezlogin/ezwapi.php -help add_server

Usage:

ezwapi.php add_server -api_url <API URL> -secret <API secret> -name <hostname> -description <description> -password <password> -ip_address <IP address> -group <group> [-ssh_port <port>] [-ssh_user <username>] [-keep_password <Y/N/S>]

[-enable_ssh <Y/N/H>] [-cp <control panel>]

-api_url : The API URL

-secret : The API secret configured in web panel settings

-name : The server host name

-description : A description for the server 

-password : The server password

-ssh_key : The SSH private key file (optional)

-passphrase : The SSH key pass phrase (optional)

-ip_address : The server IP address

-ssh_port : The server SSH port (optional, use default if unspecified)

-ssh_user : The server SSH user (optional, use default if unspecified)

-switch_user : Switch to this user after login as SSH user (optional)

-switch_pass : Password for switch user (optional)

-switch_sudo : Y or N or E to escalate privilege with 'sudo su' or 'enable' (for Cisco devices) (optional, default: N = disabled)

-prompt1 : Unique string in shell prompt of SSH user (optional)

-prompt2 : Unique string in password prompt for su or sudo (optional, default: Password:)

-prompt3 : Unique string in shell prompt of root user (optional, required for sudo)

-group : The server group name

-keep_password : Y (keep given password), N (automatic) or S (keep server password as such - no verification) (optional, default: Y)

-enable_ssh : Y, N or H to enable/disable/via Host Node (optional, default: N)

-ishn : Y or N to make this a Host Node or not (optional, default: N)

-onhost : The name of Host Node (optional, default: N)

-cp : The control panel name (optional, use default if unspecified)

-dc : The datacenter name (optional, use default if unspecified)

-rc_host : The remote console host (optional)

-rc_user : The remote console user (optional)

-rc_pass : The remote console password (optional)

 Step 1(a). The below example shows how to add a  Server in GUI with the  remote ssh user as 'root'

root@gateway:~# php /usr/local/ezlogin/ezwapi.php add_server -api_url http://10.11.1.137/ezlogin -secret 'zjdfji@#$!' -name test.noc.com -description desctest -ssh_user root -password test123 -ip_address 10.11.1.138 -group test -enable_ssh Y -keep_password S

Special characters password can be saved using API with single quotes.

eg: -password '??r&5Q*gyKc6nGAE()'

Step 1(b) The example below shows how to add a server in GUI when the remote ssh user is non-privileged user 'admin'

root@gateway:~# php /usr/local/ezlogin/ezwapi.php add_server -api_url http://192.168.56.106/ezlogin -secret 123#$4 -ssh_user admin -group linux -ssh_key /root/.ssh/id_rsa -name skunk.ezno.con -ip_address 192.168.56.143 -prompt1 ']$ ' -prompt2 'ssword:' -enable_ssh Y

How will I find the prompts for the ssh_user?

1. To find prompt1 ssh as the user directly into the server. The prompts may vary depending on the remote OS in use. 

  • For Centos 5,6,7

 [admin@skunk ~]$ cd /home

  Here prompt1 is  "]$ "

  • For Ubuntu 14,16 ,18

 admin@ubu-nscd:~$ cd /home

  Here the prompt1 is "~$ "

2. To find prompt2, simply run su - as a non root user.

[admin@skunk home]$ su -

Password:

Here prompt2 will be "ssword: "

3. The prompt 3 would be how the root prompt looks like 

[root@skunk home]#

Above the unique characters that is permanent are  "ot@sk" or "root@" etc.

2. Update Server 

root@gateway:~# php /usr/local/ezlogin/ezwapi.php -help update_server

Usage:

ezwapi.php update_server -api_url <API URL> -secret <API secret> -name <hostname> [-newname <new hostname>] [-password <password>] [-ip_address <IP address>] [-ssh_port <port>] [-ssh_user <username>]
[-group <group>] [-keep_password <Y/N/S>] [-enable_ssh <Y/N>] [-cp <control panel>]

-api_url : The API URL
-secret : The API secret configured in web panel settings
-name : The server host name
-newname : The new host name (optional)
-description : A description for the server
-password : The server password (optional)
-ssh_key : The SSH private key file (optional)
-passphrase : The SSH key pass phrase (optional)
-ip_address : The server IP address (optional)
-ssh_port : The server SSH port (optional)
-ssh_user : The server SSH user (optional)
-switch_user : Switch to this user after login as SSH user (optional)
-switch_pass : Password for switch user (optional)
-switch_sudo : Y or N or E to escalate privilege with 'sudo su' or 'enable' (for Cisco devices) (optional, default: N = disabled)
-prompt1 : Unique string in shell prompt of SSH user (optional)
-prompt2 : Unique string in password prompt for su or sudo (optional)
-prompt3 : Unique string in shell prompt of root user (optional, required for sudo)
-rdp_port : The server RDP port (optional, use default if unspecified)
-group : The server group name
-keep_password : Y (keep given password), N (automatic) or S (keep server password as such - no verification) (optional)
-enable_ssh : Y, N or H to enable/disable/via Host Node (optional)
-ishn : Y or N to make this a Host Node or not (optional)
-onhost : The name of Host Node (optional)
-cp : The control panel name (optional)
-dc : The datacenter name (optional)
-rc_host : The remote console host (optional)
-rc_user : The remote console user (optional)
-rc_pass : The remote console password (optional)

  Step 2(b) Refer below example to update the server

root@gateway:~# php /usr/local/ezlogin/ezwapi.php update_server -api_url http://10.11.1.137/ezlogin -secret 'zjdfji@#$!' -name ez.test.com -description desctest -password test123 -ip_address 10.11.1.138 -group test -ssh_port 22 -rdp_port 3389

3. Delete Server

root@gateway:~# php /usr/local/ezlogin/ezwapi.php -help remove_server

Usage:

ezwapi.php remove_server -api_url <API URL> -secret <API secret> -name <hostname>

-api_url : The API URL

-secret : The API secret configured in web panel settings

-name : The server host name

Step 3(a) Refer below example to delete a server

root@gateway:~# php /usr/local/ezlogin/ezwapi.php remove_server -api_url http://10.11.1.137/ezlogin -secret 'zjdfji@#$!' -name ez.test.com

4. Reset fingerprint for remote devices

root@gateway:~# php /usr/local/ezlogin/ezwapi.php -help reset_fingerprint

Usage:

ezwapi.php reset_fingerprint -api_url <API URL> -secret <API secret> -name <hostname>

-api_url : The API URL
-secret : The API secret configured in web panel settings
-name : The server host name

Step 4(a) Refer below example to reset fingerprint for a remote server

root@gateway:~# php /usr/local/ezlogin/ezwapi.php reset_fingerprint -api_url http://192.168.29.4/ezlogin -secret 123456 -name Cent-database.hu

5. User-server access control

 

root@gateway:~# php /usr/local/ezlogin/ezwapi.php -help add_user_server_acl
Usage:

ezwapi.php add_user_server_acl -api_url <API URL> -secret <API secret> -user <username> -server <hostname> [-defer]

-api_url : The API URL
-secret : The API secret configured in web panel settings
-user : The username
-server : The server host name
-defer : Defer the ACL addition if user doesn't already exist (optional)

Step 5(a) Refer below example for user-server access control

root@gateway:~# php /usr/local/ezlogin/ezwapi.php add_user_server_acl -api_url http://192.168.1.9/ezlogin -secret zxcvbnm -user victor -server centos.server

  • Make sure API is enabled in API settings for the API script to work.
  • If you need to execute the API script from a server other than the Ezeelogin installed server(jump server), copy /usr/local/ezlogin/ezwapi.php and /usr/local/ezlogin/apilib file to the server which you want to execute. PHP should be installed on the server.

Related Articles:

Is it possible to manage Ezeelogin users via API?

Add server with private key stored in database with API