Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add aliyun cdn deploy hook

pull/3375/head
acooler15 4 years ago
parent
289f79bbb0
commit
113332684e
1 changed files with 338 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 338
      deploy/alicdn.sh

338
deploy/alicdn.sh
View File

@ -0,0 +1,338 @@
#!/usr/bin/env sh
# Script to create certificate to Aliyun CDN
#
# This deployment required following variables
# export ALI_CDN_KEY="LTqIA87hOKdjevsf5"
# export ALI_CDN_SECRET="0p5EYueFNq501xnCPzKNbx6K51qPH2"
# export Ali_CDN_DOMAIN="cdn.example.com"
# If you have more than one domain, just
# export Ali_CDN_DOMAIN="cdn1.example.com,cdn2.example.com"
#
# If ALI_CDN_KEY and ALI_CDN_SECRET are not set,
# Ali_key and Ali_Secret will be used. (see dns/dns_ali.sh)
#
# AliYun Authentication must have "AliyunCDNFullAccess" permission,
# May also need to "AliyunYundunCertFullAccess" permissions.
#
# Thanks:
# This script references dns/dns_ali.sh and pull request #2772
######## Public functions #####################
Ali_CDN_API="https://cdn.aliyuncs.com/"
alicdn_deploy() {
_cdomain="$1"
_ckey="$2"
_ccert="$3"
_cca="$4"
_cfullchain="$5"
_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
_debug _ccert "$_ccert"
_debug _cca "$_cca"
_debug _cfullchain "$_cfullchain"
_info "$(__green "===Starting alicdn deploy===")"
_getdeployconf ALI_CDN_KEY
_getdeployconf ALI_CDN_SECRET
_getdeployconf Ali_CDN_DOMAIN
if [ -z "${ALI_CDN_KEY}" ] || [ -z "${ALI_CDN_SECRET}" ]; then
_info "Not set variables ALI_CDN_KEY and ALI_CDN_SECRET"
_info "Will use Ali_Key and Ali_Secret"
ALI_CDN_KEY="$(_readaccountconf_mutable Ali_Key)"
ALI_CDN_SECRET="$(_readaccountconf_mutable Ali_Secret)"
if [ -z "${ALI_CDN_KEY}" ] || [ -z "${ALI_CDN_SECRET}" ]; then
_err "You don't specify aliyun api key and secret yet."
return 1
fi
else
#save ALI_CDN_KEY and ALI_CDN_SECRET.
_savedeployconf ALI_CDN_KEY "$ALI_CDN_KEY"
_savedeployconf ALI_CDN_SECRET "$ALI_CDN_SECRET"
fi
if [ -z "${Ali_CDN_DOMAIN}" ]; then
Ali_CDN_DOMAIN=""
_err "You don't specify Ali_CDN_DOMAIN yet."
return 1
fi
#save Ali_CDN_DOMAIN.
_savedeployconf Ali_CDN_DOMAIN "$Ali_CDN_DOMAIN"
_debug ALI_CDN_KEY "${ALI_CDN_KEY}"
_debug ALI_CDN_SECRET "$ALI_CDN_SECRET"
_debug Ali_CDN_DOMAIN "$Ali_CDN_DOMAIN"
## upload certificate
_Ali_SSLPub=$(grep -Ev '^$' "$_cfullchain" | _ali_url_encode)
_Ali_SSLPri=$(_ali_url_encode <"$_ckey")
query=''
query=$query'AccessKeyId='${ALI_CDN_KEY}
query=$query'&Action=BatchSetCdnDomainServerCertificate'
query=$query'&CertName='$(_ali_urlencode "$_cdomain")
query=$query'&CertType=upload'
query=$query'&DomainName='$(_ali_urlencode "$Ali_CDN_DOMAIN")
query=$query'&ForceSet=1'
query=$query'&Format=json'
query=$query'&SSLPri='${_Ali_SSLPri}
query=$query'&SSLProtocol=on'
query=$query'&SSLPub='${_Ali_SSLPub}
query=$query'&SignatureMethod=HMAC-SHA1'
query=$query'&SignatureNonce='$(_ali_nonce)
query=$query'&SignatureVersion=1.0'
query=$query'&Timestamp='$(_timestamp)
query=$query'&Version=2018-05-10'
_debug2 signature_source "$(printf "%s" "GET&%2F&$(_ali_urlencode "$query")")"
signature=$(printf "%s" "GET&%2F&$(_ali_urlencode "$query")" | _hmac "sha1" "$(printf "%s" "$ALI_CDN_SECRET&" | _hex_dump | tr -d " ")" | _base64)
signature=$(_ali_urlencode "$signature")
url="$Ali_CDN_API?$query&Signature=$signature"
if ! response="$(_get "$url")"; then
_err "Error <$1>"
return 1
fi
_debug response "$response"
message="$(echo "$response" | _egrep_o "\"Message\":\"[^\"]*\"" | cut -d : -f 2- | tr -d \")"
if [ "$message" ]; then
_err "$message"
return 1
fi
_info "Domain $_cdomain certificate has been deployed successfully"
_info "$(__green "===End alicdn deploy===")"
return 0
}
#################### Private functions below ##################################
_ali_url_encode() {
_hex_str=$(_hex_dump)
_debug3 "_url_encode"
_debug3 "_hex_str" "$_hex_str"
for _hex_code in $_hex_str; do
#upper case
case "${_hex_code}" in
"41")
printf "%s" "A"
;;
"42")
printf "%s" "B"
;;
"43")
printf "%s" "C"
;;
"44")
printf "%s" "D"
;;
"45")
printf "%s" "E"
;;
"46")
printf "%s" "F"
;;
"47")
printf "%s" "G"
;;
"48")
printf "%s" "H"
;;
"49")
printf "%s" "I"
;;
"4a")
printf "%s" "J"
;;
"4b")
printf "%s" "K"
;;
"4c")
printf "%s" "L"
;;
"4d")
printf "%s" "M"
;;
"4e")
printf "%s" "N"
;;
"4f")
printf "%s" "O"
;;
"50")
printf "%s" "P"
;;
"51")
printf "%s" "Q"
;;
"52")
printf "%s" "R"
;;
"53")
printf "%s" "S"
;;
"54")
printf "%s" "T"
;;
"55")
printf "%s" "U"
;;
"56")
printf "%s" "V"
;;
"57")
printf "%s" "W"
;;
"58")
printf "%s" "X"
;;
"59")
printf "%s" "Y"
;;
"5a")
printf "%s" "Z"
;;
#lower case
"61")
printf "%s" "a"
;;
"62")
printf "%s" "b"
;;
"63")
printf "%s" "c"
;;
"64")
printf "%s" "d"
;;
"65")
printf "%s" "e"
;;
"66")
printf "%s" "f"
;;
"67")
printf "%s" "g"
;;
"68")
printf "%s" "h"
;;
"69")
printf "%s" "i"
;;
"6a")
printf "%s" "j"
;;
"6b")
printf "%s" "k"
;;
"6c")
printf "%s" "l"
;;
"6d")
printf "%s" "m"
;;
"6e")
printf "%s" "n"
;;
"6f")
printf "%s" "o"
;;
"70")
printf "%s" "p"
;;
"71")
printf "%s" "q"
;;
"72")
printf "%s" "r"
;;
"73")
printf "%s" "s"
;;
"74")
printf "%s" "t"
;;
"75")
printf "%s" "u"
;;
"76")
printf "%s" "v"
;;
"77")
printf "%s" "w"
;;
"78")
printf "%s" "x"
;;
"79")
printf "%s" "y"
;;
"7a")
printf "%s" "z"
;;
#numbers
"30")
printf "%s" "0"
;;
"31")
printf "%s" "1"
;;
"32")
printf "%s" "2"
;;
"33")
printf "%s" "3"
;;
"34")
printf "%s" "4"
;;
"35")
printf "%s" "5"
;;
"36")
printf "%s" "6"
;;
"37")
printf "%s" "7"
;;
"38")
printf "%s" "8"
;;
"39")
printf "%s" "9"
;;
"2d")
printf "%s" "-"
;;
"5f")
printf "%s" "_"
;;
"2e")
printf "%s" "."
;;
"7e")
printf "%s" "~"
;;
#other hex
*)
printf '%%%s' "$_hex_code" | tr '[:lower:]' '[:upper:]'
;;
esac
done
}
_ali_urlencode() {
_str=$(printf "%s" "$1" | _ali_url_encode)
printf "%s" "$_str"
}
_ali_nonce() {
date +"%s%N"
}
_timestamp() {
date -u +"%Y-%m-%dT%H%%3A%M%%3A%SZ"
}
Write Preview
Loading…
Cancel
Save