plantroon
/
acme.sh
mirror of https://github.com/plantroon/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

support deploy api

This commit is contained in:
neilpang 2016-10-11 20:56:59 +08:00
parent b15cfc2c5a
commit a61fe418b2
1 changed files with 113 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
acme.sh
View File

@ -11,6 +11,7 @@ PROJECT="https://github.com/Neilpang/$PROJECT_NAME"
DEFAULT_INSTALL_HOME="$HOME/.$PROJECT_NAME" DEFAULT_INSTALL_HOME="$HOME/.$PROJECT_NAME"
_SCRIPT_="$0" _SCRIPT_="$0"
_SUB_FOLDERS="dnsapi deploy"
DEFAULT_CA="https://acme-v01.api.letsencrypt.org" DEFAULT_CA="https://acme-v01.api.letsencrypt.org"
DEFAULT_AGREEMENT="https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf" DEFAULT_AGREEMENT="https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
@ -1987,6 +1988,29 @@ _regAccount() {
} }
# domain folder file
_findHook() {
_hookdomain="$1"
_hookcat="$2"
_hookname="$3"
if [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname" ] ; then
d_api="$LE_WORKING_DIR/$_hookdomain/$_hookname"
elif [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname.sh" ] ; then
d_api="$LE_WORKING_DIR/$_hookdomain/$_hookname.sh"
elif [ -f "$LE_WORKING_DIR/$_hookname" ] ; then
d_api="$LE_WORKING_DIR/$_hookname"
elif [ -f "$LE_WORKING_DIR/$_hookname.sh" ] ; then
d_api="$LE_WORKING_DIR/$_hookname.sh"
elif [ -f "$LE_WORKING_DIR/$_hookcat/$_hookname" ] ; then
d_api="$LE_WORKING_DIR/$_hookcat/$_hookname"
elif [ -f "$LE_WORKING_DIR/$_hookcat/$_hookname.sh" ] ; then
d_api="$LE_WORKING_DIR/$_hookcat/$_hookname.sh"
fi
printf "%s" "$d_api"
}
#webroot, domain domainlist keylength #webroot, domain domainlist keylength
issue() { issue() {
if [ -z "$2" ] ; then if [ -z "$2" ] ; then
@ -2196,22 +2220,9 @@ issue() {
_debug txtdomain "$txtdomain" _debug txtdomain "$txtdomain"
txt="$(printf "%s" "$keyauthorization" | _digest "sha256" | _urlencode)" txt="$(printf "%s" "$keyauthorization" | _digest "sha256" | _urlencode)"
_debug txt "$txt" _debug txt "$txt"
#dns
#1. check use api d_api="$(_findHook $d dnsapi $_currentRoot)"
d_api=""
if [ -f "$LE_WORKING_DIR/$d/$_currentRoot" ] ; then
d_api="$LE_WORKING_DIR/$d/$_currentRoot"
elif [ -f "$LE_WORKING_DIR/$d/$_currentRoot.sh" ] ; then
d_api="$LE_WORKING_DIR/$d/$_currentRoot.sh"
elif [ -f "$LE_WORKING_DIR/$_currentRoot" ] ; then
d_api="$LE_WORKING_DIR/$_currentRoot"
elif [ -f "$LE_WORKING_DIR/$_currentRoot.sh" ] ; then
d_api="$LE_WORKING_DIR/$_currentRoot.sh"
elif [ -f "$LE_WORKING_DIR/dnsapi/$_currentRoot" ] ; then
d_api="$LE_WORKING_DIR/dnsapi/$_currentRoot"
elif [ -f "$LE_WORKING_DIR/dnsapi/$_currentRoot.sh" ] ; then
d_api="$LE_WORKING_DIR/dnsapi/$_currentRoot.sh"
fi
_debug d_api "$d_api" _debug d_api "$d_api"
if [ "$d_api" ] ; then if [ "$d_api" ] ; then
@ -2627,6 +2638,15 @@ renew() {
IS_RENEW="1" IS_RENEW="1"
issue "$Le_Webroot" "$Le_Domain" "$Le_Alt" "$Le_Keylength" "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath" "$Le_PreHook" "$Le_PostHook" "$Le_RenewHook" "$Le_LocalAddress" issue "$Le_Webroot" "$Le_Domain" "$Le_Alt" "$Le_Keylength" "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath" "$Le_PreHook" "$Le_PostHook" "$Le_RenewHook" "$Le_LocalAddress"
res=$? res=$?
if [ "$res" != "0" ] ; then
return $res
fi
if [ "$Le_DeployHook" ] ; then
deploy $Le_Domain "$Le_DeployHook" "$Le_Keylength"
res=$?
fi
IS_RENEW="" IS_RENEW=""
return $res return $res
@ -2788,6 +2808,56 @@ list() {
} }
deploy() {
Le_Domain="$1"
Le_DeployHook="$2"
_isEcc="$3"
if [ -z "$Le_DeployHook" ] ; then
_usage "Usage: $PROJECT_ENTRY --deploy -d domain.com --deploy-hook cpanel [--ecc] "
return 1
fi
_initpath $Le_Domain "$_isEcc"
if [ ! -d "$DOMAIN_PATH" ] ; then
_err "Domain is not valid:'$Le_Domain'"
return 1
fi
_deployApi="$(_findHook $Le_Domain deploy $Le_DeployHook)"
if [ -z "$_deployApi" ] ; then
_err "The deploy hook $Le_DeployHook is not found."
return 1
fi
_debug _deployApi "$_deployApi"
_savedomainconf Le_DeployHook "$Le_DeployHook"
if ! (
if ! . $_deployApi ; then
_err "Load file $_deployApi error. Please check your api file and try again."
return 1
fi
d_command="${Le_DeployHook}_deploy"
if ! _exists $d_command ; then
_err "It seems that your api file is not correct, it must have a function named: $d_command"
return 1
fi
if ! $d_command $Le_Domain "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$CERT_FULLCHAIN_PATH" ; then
_err "Error deploy for domain:$Le_Domain"
_on_issue_err
return 1
fi
) ; then
_err "Deploy error."
return 1
else
_info "$(__green Success)"
fi
}
installcert() { installcert() {
Le_Domain="$1" Le_Domain="$1"
if [ -z "$Le_Domain" ] ; then if [ -z "$Le_Domain" ] ; then
@ -3338,10 +3408,13 @@ install() {
_installalias _installalias
if [ -d "dnsapi" ] ; then for subf in $_SUB_FOLDERS ; do
mkdir -p $LE_WORKING_DIR/dnsapi if [ -d "$subf" ] ; then
cp dnsapi/* $LE_WORKING_DIR/dnsapi/ mkdir -p $LE_WORKING_DIR/$subf
fi cp $subf/* $LE_WORKING_DIR/$subf/
fi
done
if [ ! -f "$ACCOUNT_CONF_PATH" ] ; then if [ ! -f "$ACCOUNT_CONF_PATH" ] ; then
_initconf _initconf
@ -3369,11 +3442,13 @@ install() {
_info "Good, bash is found, so change the shebang to use bash as prefered." _info "Good, bash is found, so change the shebang to use bash as prefered."
_shebang='#!/usr/bin/env bash' _shebang='#!/usr/bin/env bash'
_setShebang "$LE_WORKING_DIR/$PROJECT_ENTRY" "$_shebang" _setShebang "$LE_WORKING_DIR/$PROJECT_ENTRY" "$_shebang"
if [ -d "$LE_WORKING_DIR/dnsapi" ] ; then for subf in $_SUB_FOLDERS ; do
for _apifile in $(ls "$LE_WORKING_DIR/dnsapi/"*.sh) ; do if [ -d "$LE_WORKING_DIR/$subf" ] ; then
_setShebang "$_apifile" "$_shebang" for _apifile in "$LE_WORKING_DIR/$subf/"*.sh ; do
done _setShebang "$_apifile" "$_shebang"
fi done
fi
done
fi fi
fi fi
@ -3453,6 +3528,7 @@ Commands:
--upgrade Upgrade $PROJECT_NAME to the latest code from $PROJECT . --upgrade Upgrade $PROJECT_NAME to the latest code from $PROJECT .
--issue Issue a cert. --issue Issue a cert.
--signcsr Issue a cert from an existing csr. --signcsr Issue a cert from an existing csr.
--deploy Deploy the cert to your server.
--installcert Install the issued cert to apache/nginx or any other server. --installcert Install the issued cert to apache/nginx or any other server.
--renew, -r Renew a cert. --renew, -r Renew a cert.
--renewAll Renew all the certs. --renewAll Renew all the certs.
@ -3517,6 +3593,7 @@ Parameters:
--pre-hook Command to be run before obtaining any certificates. --pre-hook Command to be run before obtaining any certificates.
--post-hook Command to be run after attempting to obtain/renew certificates. No matter the obain/renew is success or failed. --post-hook Command to be run after attempting to obtain/renew certificates. No matter the obain/renew is success or failed.
--renew-hook Command to be run once for each successfully renewed certificate. --renew-hook Command to be run once for each successfully renewed certificate.
--deploy-hook The hook file to deploy cert
--ocsp-must-staple, --ocsp Generate ocsp must Staple extension. --ocsp-must-staple, --ocsp Generate ocsp must Staple extension.
--auto-upgrade [0|1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future. --auto-upgrade [0|1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future.
--listen-v4 Force standalone/tls server to listen at ipv4. --listen-v4 Force standalone/tls server to listen at ipv4.
@ -3623,6 +3700,7 @@ _process() {
_pre_hook="" _pre_hook=""
_post_hook="" _post_hook=""
_renew_hook="" _renew_hook=""
_deploy_hook=""
_logfile="" _logfile=""
_log="" _log=""
_local_address="" _local_address=""
@ -3653,6 +3731,9 @@ _process() {
--issue) --issue)
_CMD="issue" _CMD="issue"
;; ;;
--deploy)
_CMD="deploy"
;;
--signcsr) --signcsr)
_CMD="signcsr" _CMD="signcsr"
;; ;;
@ -3915,6 +3996,10 @@ _process() {
_renew_hook="$2" _renew_hook="$2"
shift shift
;; ;;
--deploy-hook)
_deploy_hook="$2"
shift
;;
--ocsp-must-staple|--ocsp) --ocsp-must-staple|--ocsp)
Le_OCSP_Stable="1" Le_OCSP_Stable="1"
;; ;;
@ -3992,6 +4077,9 @@ _process() {
issue) issue)
issue "$_webroot" "$_domain" "$_altdomains" "$_keylength" "$_certpath" "$_keypath" "$_capath" "$_reloadcmd" "$_fullchainpath" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address" issue "$_webroot" "$_domain" "$_altdomains" "$_keylength" "$_certpath" "$_keypath" "$_capath" "$_reloadcmd" "$_fullchainpath" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address"
;; ;;
deploy)
deploy "$_domain" "$_deploy_hook" "$_ecc"
;;
signcsr) signcsr)
signcsr "$_csr" "$_webroot" signcsr "$_csr" "$_webroot"
;; ;;