# REST-API-Endpunkte zum Verwalten von GitHub Enterprise Server Verwenden Sie die REST-API, um Ihre GitHub Enterprise Server Instanz zu verwalten. ## Informationen zur Api "Verwalten"GitHub Enterprise Server Sie können Ihre GitHub Enterprise Server-Instance mit der Verwaltungs-API GitHub Enterprise Server verwalten. Sie können z. B. Informationen zur Version der GitHub Enterprise Server Software abrufen, die auf der Instanz ausgeführt wird, oder auf Instanzen mit mehreren Knoten, den Status der Replikation anzeigen. > \[!TIP] Sie können diese API verwenden, um die Funktionalität der **Verwaltungskonsolen-API** zu ersetzen, die in GitHub Enterprise Server Version 3.15 entfernt wurde. Geben Sie die Portnummer an, wenn API-Aufrufe an Endpunkte für die Manage-API GitHub Enterprise Server ausgeführt werden. Wenn deine Instanz die TLS verwendet, lautet die Portnummer 8443. Andernfalls lautet die Portnummer 8080. Wenn du keine Portnummer angeben kannst, musst du deinen Client so konfigurieren, dass eine automatische Umleitung erfolgt. Weitere Informationen finden Sie unter [TLS konfigurieren](/de/enterprise-server@3.21/admin/configuration/configuring-network-settings/configuring-tls). Sie können auch die GitHub Enterprise Server-Erweiterung von GitHub CLI verwenden, um Endpunkte in der GitHub Enterprise Server-Verwaltungs-API aufzurufen. Weitere Informationen findest du unter dem [`github/gh-es`](https://github.com/github/gh-es/blob/main/README.md) Repository. ### Authentifizierung Um Anforderungen an Endpunkte für die Manage-API GitHub Enterprise Server zu authentifizieren, geben Sie das Kennwort für das Stammwebsiteadministratorkonto der Instanz als Authentifizierungstoken an. Verwende zum Senden des Kennworts die HTTP-Standardauthentifizierung. Der `api_key`-Benutzer ermittelt den Stammwebsiteadministrator. Im folgenden Beispiel wird die Authentifizierung für diese API veranschaulicht. Ersetzen Sie ROOT-SITE-ADMINISTRATOR-PASSWORD durch das Kennwort und ADMINISTRATION-PORT durch 8443 oder 8080. ```shell curl -L -u "api_key:ROOT-SITE-ADMINISTRATOR-PASSWORD" 'http(s)://HOSTNAME:ADMINISTRATION-PORT/manage' ``` ### Authentifizierung als Verwaltungskonsole Benutzer Verwaltungskonsole Benutzerkonten können sich auch für den Zugriff auf diese Endpunkte authentifizieren. Weitere Informationen finden Sie unter [Verwalten des Zugriffs auf die Verwaltungskonsole](/de/enterprise-server@3.21/admin/configuration/administering-your-instance-from-the-management-console/managing-access-to-the-management-console#management-console-user). Verwenden Sie die standardmäßige HTTP-Authentifizierung, um sich mit dem Kennwort für ein Verwaltungskonsole Benutzerkonto zu authentifizieren. Ersetze im folgenden Beispiel YOUR\_USER\_NAME und YOUR\_PASSWORD durch den Benutzernamen und das Kennwort des Kontos. ```shell curl -L -u "YOUR_USER_NAME:YOUR_PASSWORD" 'http(s)://HOSTNAME:ADMINISTRATION-PORT/manage' ``` ### Abfrageparameter Standardmäßig enthält die Antwort Informationen zu allen konfigurierten Knoten für die Instanz. Bei einer Instanz mit mehreren Knoten stammen die Details aus `/data/user/common/cluster.conf`. Du kannst die folgenden Abfrageparameter verwenden, um die Antwort nach Informationen zu bestimmten Knoten zu filtern. | Query parameter (Abfrageparameter) | BESCHREIBUNG | | :--------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `uuid` | Dies ist der eindeutige Bezeichner für den Knoten. | | `cluster_role` | Für Knoten in einem Cluster sind dies die Rollen, die auf den Knoten angewendet werden. Weitere Informationen finden Sie unter [Informationen zu Clusterknoten](/de/enterprise-server@3.21/admin/enterprise-management/configuring-clustering/about-cluster-nodes). | Du kannst mehrere Werte für den Abfrageparameter angeben, indem du die Werte durch ein Komma trennst. Die folgende Anforderung verwendet beispielsweise curl, um alle Knoten mit der Rolle `web-server` oder `storage-server` zurückzugeben. ```shell curl -L -u "api_key:ROOT-SITE-ADMINISTRATOR-PASSWORD" 'http(s)://HOSTNAME:ADMINISTRATION-PORT/manage/v1/config/nodes?cluster_role=WebServer,StorageServer' ``` > \[!NOTE] > Most endpoints use `Authorization: Bearer ` and `Accept: application/vnd.github+json` headers, plus `X-GitHub-Api-Version: 2022-11-28`. Curl examples below omit these standard headers for brevity. ## Get the configured SSH keys ``` GET /manage/v1/access/ssh ``` Gets the configured SSH keys on all available nodes. For more information, see "Accessing the administrative shell (SSH)." ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/access/ssh ``` **Response schema (Status: 200):** Array of objects: * `key`: string, format: ssh-key * `fingerprint`: string, format: ssh-key fingerprint ## Set a new SSH key ``` POST /manage/v1/access/ssh ``` Adds a SSH key to the authorized\_keys file for your GitHub Enterprise Server instance. This will grant access via SSH to your instance. For more information, see "Accessing the administrative shell (SSH)." ### Parameters #### Body parameters * **`key`** (string) (required) The public SSH key to add to the authorized\_keys file. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X POST \ http(s)://HOSTNAME/manage/v1/access/ssh \ -d '{ "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADCIABAAAAgQCY/ZiDDOFWcZnYXPwMbvwQDofXPdHxLfxPK+HWGVPd1DLcDncYBUSB0bmCU2g9Sc+oHKLoHhXp0ivau9h+EpmQJ7V8vqsRdD9pc4aL/WAnUyF4o3Y7xL94rlRpVbVo/tNjzcvqxxyzBiYyy3GciCMpYQh/uKt56B94/5PNyIGEEw==" }' ``` **Response schema (Status: 200):** Array of objects: * `hostname`: string, format: hostname * `uuid`: string, format: uuid * `message`: string * `error`: string * `modified`: boolean ## Delete a SSH key ``` DELETE /manage/v1/access/ssh ``` Deletes a SSH key from the authorized\_keys file for your GitHub Enterprise Server instance. This will remove access via SSH to your instance. For more information, see "Accessing the administrative shell (SSH)." ### Parameters #### Body parameters * **`key`** (string) (required) The public SSH key to remove from the authorized\_keys file. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X DELETE \ http(s)://HOSTNAME/manage/v1/access/ssh \ -d '{ "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADCIABAAAAgQCY/ZiDDOFWcZnYXPwMbvwQDofXPdHxLfxPK+HWGVPd1DLcDncYBUSB0bmCU2g9Sc+oHKLoHhXp0ivau9h+EpmQJ7V8vqsRdD9pc4aL/WAnUyF4o3Y7xL94rlRpVbVo/tNjzcvqxxyzBiYyy3GciCMpYQh/uKt56B94/5PNyIGEEw==" }' ``` **Response schema (Status: 200):** Array of objects: * `hostname`: string, format: hostname * `uuid`: string, format: uuid * `message`: string * `error`: string ## Get the system requirement check results for configured cluster nodes ``` GET /manage/v1/checks/system-requirements ``` Checks if the minimum requirements for system hardware resources are met on each configured cluster node. This endpoint may take several seconds to reply. ### HTTP response status codes * **200** - OK * **400** - Bad request * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/checks/system-requirements ``` **Response schema (Status: 200):** * `status`: string, enum: `OK`, `FAILED` * `nodes`: array of objects: * `hostname`: string * `status`: string, enum: `OK`, `FAILED` * `roles_status`: array of objects: * `status`: string, enum: `OK`, `FAILED` * `role`: string ## Get the status of services running on all cluster nodes ``` GET /manage/v1/cluster/status ``` Gets the status of all services running on each cluster node. This endpoint may take several seconds to reply. ### HTTP response status codes * **200** - OK * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/cluster/status ``` **Response schema (Status: 200):** * `status`: string, enum: `UNKNOWN`, `OK`, `WARNING`, `CRITICAL` * `nodes`: array of objects: * `hostname`: string * `status`: string, enum: `UNKNOWN`, `OK`, `WARNING`, `CRITICAL` * `services`: array of objects: * `status`: string, enum: `UNKNOWN`, `OK`, `WARNING`, `CRITICAL` * `name`: string * `details`: string ## Get the status of a ghe-config-apply run ``` GET /manage/v1/config/apply ``` Displays the current status of ghe-config-apply in the environment or the status of a historical run by ID. ### Parameters #### Path and query parameters * **`run_id`** (string) The unique run ID of the ghe-config-apply run. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/config/apply ``` **Response schema (Status: 200):** * `running`: boolean * `successful`: boolean * `nodes`: array of objects: * `run_id`: string * `hostname`: string * `running`: boolean * `successful`: boolean ## Trigger a ghe-config-apply run ``` POST /manage/v1/config/apply ``` Triggers a run of ghe-config-apply from the ghes-manage agent on your Nomad Delegate instance. You can provide a run ID or allow one to be generated randomly. ### Parameters #### Body parameters * **`run_id`** (string) The run ID to execute ghe-config-apply with. If not provided, a run ID will be generated randomly. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized ### Code examples #### Example **Request:** ```curl curl -L \ -X POST \ http(s)://HOSTNAME/manage/v1/config/apply \ -d '{ "run_id": "d34db33f" }' ``` **Response schema (Status: 200):** * `run_id`: string ## List events from ghe-config-apply ``` GET /manage/v1/config/apply/events ``` Lists events from an in-process ghe-config-apply run on your Github Enterprise Server instance. ### Parameters #### Path and query parameters * **`last_request_id`** (string) The unique ID of the last response from a host, used for pagination. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/config/apply/events ``` **Response schema (Status: 200):** * `nodes`: array of objects: * `node`: string * `last_request_id`: string * `events`: array of objects: * `timestamp`: string * `severity_text`: string * `body`: string * `event_name`: string * `topology`: string * `hostname`: string * `config_run_id`: string * `trace_id`: string * `span_id`: string * `span_parent_id`: string * `span_depth`: integer ## Initialize instance configuration with license and password ``` POST /manage/v1/config/init ``` When you boot and set up a GitHub instance for the first time, you can use this endpoint to upload a license and set the initial root site administrator password. Important To start the configuration process and apply the license, you need to POST to /manage/v1/config/apply The root site administrator password provided when calling this endpoint is used to authenticate for all other endpoints in the GHES Manage API and the Management Console UI. Note The request body for this operation must be submitted as multipart/form-data data. You can can reference the license file by prefixing the filename with the @ symbol using curl. For more information, see the curl documentation. ### Parameters #### Body parameters * **`license`** (string) (required) The content of your .ghl license file. * **`password`** (string) (required) The root site administrator password. ### HTTP response status codes * **202** - Accepted * **400** - Bad request * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X POST \ http(s)://HOSTNAME/manage/v1/config/init \ -d '{ "license": "@enterprise.ghl", "password": "provide-password-here!" }' ``` **Response schema (Status: 202):** ## Get the enterprise license information ``` GET /manage/v1/config/license ``` Gets information about the license that is currently set for the enterprise. ### HTTP response status codes * **200** - OK * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/config/license ``` **Response schema (Status: 200):** * `advancedSecurityEnabled`: boolean * `advancedSecuritySeats`: integer * `clusterSupport`: boolean * `company`: string * `croquetSupport`: boolean * `customTerms`: boolean * `evaluation`: boolean * `expireAt`: string, format: date-time * `insightsEnabled`: boolean * `insightsExpireAt`: string, format: date-time * `learningLabEvaluationExpires`: string, format: date-time * `learningLabSeats`: integer * `perpetual`: boolean * `referenceNumber`: string * `seats`: integer * `sshAllowed`: boolean * `supportKey`: string * `unlimitedSeating`: boolean ## Upload an enterprise license ``` PUT /manage/v1/config/license ``` Uploads a new enterprise license. In order to apply it right away, use the apply query parameter. Note The request body for this operation must be submitted as multipart/form-data data. You can can reference the license file by prefixing the filename with the @ symbol using curl. For more information, see the curl documentation. ### Parameters #### Path and query parameters * **`apply`** (boolean) Whether to instantly apply changes from the license. Otherwise the new license can be applied using the /manage/v1/config/apply endpoint. #### Body parameters * **`license`** (string) (required) The content of your .ghl license file. ### HTTP response status codes * **201** - Created * **202** - Accepted * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example 1: Status Code 201 **Request:** ```curl curl -L \ -X PUT \ http(s)://HOSTNAME/manage/v1/config/license \ -d '{ "license": "@enterprise.ghl" }' ``` **Response schema (Status: 201):** #### Example 2: Status Code 202 **Request:** ```curl curl -L \ -X PUT \ http(s)://HOSTNAME/manage/v1/config/license \ -d '{ "license": "@enterprise.ghl" }' ``` **Response schema (Status: 202):** ## Check a license ``` GET /manage/v1/config/license/check ``` Check the status of the license that is currently set for the enterprise. ### HTTP response status codes * **200** - OK * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/config/license/check ``` **Response schema (Status: 200):** * `status`: string, enum: `valid`, `invalid`, `expired`, `cluster mode not supported` ## Get GHES node metadata for all nodes ``` GET /manage/v1/config/nodes ``` Get node metadata for all configured nodes in the current cluster. For more information, see "About clustering." ### Parameters #### Path and query parameters * **`uuid`** (string) The UUID which identifies a node. * **`cluster_roles`** (string) The cluster roles from the cluster configuration file. ### HTTP response status codes * **200** - OK * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/config/nodes ``` **Response schema (Status: 200):** * `topology`: string, enum: `SingleNode`, `Ha`, `Cluster` * `nodes`: array of objects: * `hostname`: string * `uuid`: string * `replica`: boolean * `cluster_roles`: array of string, enum: `Blank`, `ActionsServer`, `ConsulServer`, `ElasticsearchServer`, `GitServer`, `JobServer`, `LaunchServer`, `MemcacheServer`, `MetricsServer`, `MssqlServer`, `MysqlServer`, `PagesServer`, `RedisServer`, `StorageServer`, `WebServer` ## Get the GHES settings ``` GET /manage/v1/config/settings ``` Gets a list of settings for a GitHub Enterprise Server instance. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/config/settings ``` **Response schema (Status: 200):** * `private_mode`: boolean * `public_pages`: boolean * `subdomain_isolation`: boolean * `signup_enabled`: boolean * `github_hostname`: string * `identicons_host`: string * `http_proxy`: string or null * `auth_mode`: string * `expire_sessions`: boolean * `admin_password`: string or null * `configuration_id`: integer * `configuration_run_count`: integer * `avatar`: object: * `enabled`: boolean * `uri`: string * `customer`: object: * `name`: string * `email`: string * `uuid`: string * `secret_key_data`: string * `public_key_data`: string * `license`: object: * `seats`: integer * `evaluation`: boolean * `perpetual`: boolean * `unlimited_seating`: boolean * `support_key`: string * `ssh_allowed`: boolean * `cluster_support`: boolean * `expire_at`: string * `github_ssl`: object: * `enabled`: boolean * `cert`: string or null * `key`: string or null * `ldap`: object: * `host`: string or null * `port`: integer * `base`: array of string * `uid`: string or null * `bind_dn`: string or null * `password`: string or null * `method`: string * `search_strategy`: string * `user_groups`: array of string * `admin_group`: string or null * `virtual_attribute_enabled`: boolean * `recursive_group_search`: boolean * `posix_support`: boolean * `user_sync_emails`: boolean * `user_sync_keys`: boolean * `user_sync_interval`: integer * `team_sync_interval`: integer * `sync_enabled`: boolean * `reconciliation`: object: * `user`: string or null * `org`: string or null * `profile`: object: * `uid`: string * `name`: string or null * `mail`: string or null * `key`: string or null * `cas`: object: * `url`: string or null * `saml`: object: * `sso_url`: string or null * `certificate`: string or null * `certificate_path`: string or null * `issuer`: string or null * `idp_initiated_sso`: boolean * `disable_admin_demote`: boolean * `github_oauth`: object: * `client_id`: string * `client_secret`: string * `organization_name`: string * `organization_team`: string * `smtp`: object: * `enabled`: boolean * `address`: string * `authentication`: string * `port`: string * `domain`: string * `username`: string * `user_name`: string * `enable_starttls_auto`: boolean * `password`: string * `discard-to-noreply-address`: boolean * `support_address`: string * `support_address_type`: string * `noreply_address`: string * `ntp`: object: * `primary_server`: string * `secondary_server`: string * `timezone`: string or null * `snmp`: object: * `enabled`: boolean * `community`: string * `syslog`: object: * `enabled`: boolean * `server`: string or null * `protocol_name`: string * `assets`: string or null * `pages`: object: * `enabled`: boolean * `collectd`: object: * `enabled`: boolean * `server`: string or null * `port`: integer * `encryption`: string or null * `username`: string or null * `password`: string or null * `mapping`: object: * `enabled`: boolean * `tileserver`: string or null * `basemap`: string * `token`: string or null * `load_balancer`: string or null * `prometheus`: object: * `enabled`: boolean * `trusted_ips`: string or null ## Set settings ``` PUT /manage/v1/config/settings ``` Updates the settings on your instance. For a list of the available settings, see the Get settings endpoint. Notes: The request body only requires the settings parameters that should be updated to be specified, all other parameters will be unmodified or populated from the default values. You cannot set the Management Console root site administrator password with this API endpoint. Use the ghe-set-password utility to change the management console password. For more information, see "Command-line utilities." ### HTTP response status codes * **204** - No Content * **400** - Bad request * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X PUT \ http(s)://HOSTNAME/manage/v1/config/settings \ -d '{ "public_pages": true }' ``` **Response schema (Status: 204):** ## Get the status of maintenance mode ``` GET /manage/v1/maintenance ``` Gets the status and details of maintenance mode on all available nodes. For more information, see "Enabling and scheduling maintenance mode." ### Parameters #### Path and query parameters * **`uuid`** (string) The UUID which identifies a node. * **`cluster_roles`** (string) The cluster roles from the cluster configuration file. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/maintenance ``` **Response schema (Status: 200):** Array of objects: * `hostname`: string, format: hostname * `uuid`: string, format: uuid * `status`: string, enum: `on`, `off`, `scheduled` * `scheduled_time`: string, format: date * `connection_services`: array of objects: * `name`: string * `number`: integer * `can_unset_maintenance`: boolean * `ip_exception_list`: array of string, format: ip/cidr * `maintenance_mode_message`: string ## Set the status of maintenance mode ``` POST /manage/v1/maintenance ``` Sets or schedules the maintenance mode. For more information, see "Enabling and scheduling maintenance mode." ### Parameters #### Body parameters * **`enabled`** (boolean) (required) Whether to enable maintenance mode. * **`uuid`** (string) The UUID of the node to target. This parameter is incompatible with maintenance mode scheduling. Only use uuid if the value of when is empty or now. * **`when`** (string) The time to enable maintenance mode. If this parameter is empty or set to now, maintenance mode is enabled immediately. Otherwise, maintenance mode is enabled at the specified time. The format is ISO 8601. * **`ip_exception_list`** (array of strings) The list of IP addresses to exclude from maintenance mode. IPv4, IPv6, and CIDR addresses are supported. * **`maintenance_mode_message`** (string) The message to display to users when maintenance mode is enabled. ### HTTP response status codes * **200** - OK * **400** - Bad request * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X POST \ http(s)://HOSTNAME/manage/v1/maintenance \ -d '{ "enabled": true, "when": "2006-01-02T15:04:05+00:00", "ip_exception_list": [ "192.168.1.0/24", "1.1.1.1" ] }' ``` **Response schema (Status: 200):** Same response schema as [Delete a SSH key](#delete-a-ssh-key). ## Get the status of services running on all replica nodes ``` GET /manage/v1/replication/status ``` Gets the status of all services running on each replica node. This endpoint may take several seconds to reply. ### Parameters #### Path and query parameters * **`uuid`** (string) The UUID which identifies a node. * **`cluster_roles`** (string) The cluster roles from the cluster configuration file. ### HTTP response status codes * **200** - OK * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/replication/status ``` **Response schema (Status: 200):** Same response schema as [Get the status of services running on all cluster nodes](#get-the-status-of-services-running-on-all-cluster-nodes). ## Get all GHES release versions for all nodes ``` GET /manage/v1/version ``` Gets the GitHub Enterprise Server release versions that are currently installed on all available nodes. For more information, see "GitHub Enterprise Server releases." ### Parameters #### Path and query parameters * **`uuid`** (string) The UUID which identifies a node. * **`cluster_roles`** (string) The cluster roles from the cluster configuration file. ### HTTP response status codes * **200** - OK * **401** - Unauthorized * **500** - Internal error ### Code examples #### Example **Request:** ```curl curl -L \ -X GET \ http(s)://HOSTNAME/manage/v1/version ``` **Response schema (Status: 200):** Array of objects: * `hostname`: string, format: hostname * `version`: object: * `version`: string, pattern: `[0-9]\.[0-9]{2}\.[0-9]` * `platform`: string, enum: `ami`, `azure`, `esx`, `gce`, `hyperv`, `kvm` * `build_id`: string, pattern: `[0-9a-f]{8}` * `build_date`: string, format: date