Browse Source

Merge pull request #645 from Neilpang/dev

Dev
pull/647/head
neil 8 years ago
committed by GitHub
parent
commit
95a6c28d98
  1. 296
      acme.sh

296
acme.sh

@ -2707,34 +2707,39 @@ _clearupwebbroot() {
} }
_on_before_issue() { _on_before_issue() {
_chk_web_roots="$1"
_chk_main_domain="$2"
_chk_alt_domains="$3"
_chk_pre_hook="$4"
_chk_local_addr="$5"
_debug _on_before_issue _debug _on_before_issue
#run pre hook #run pre hook
if [ "$Le_PreHook" ]; then
_info "Run pre hook:'$Le_PreHook'"
if [ "$_chk_pre_hook" ]; then
_info "Run pre hook:'$_chk_pre_hook'"
if ! ( if ! (
cd "$DOMAIN_PATH" && eval "$Le_PreHook"
cd "$DOMAIN_PATH" && eval "$_chk_pre_hook"
); then ); then
_err "Error when run pre hook." _err "Error when run pre hook."
return 1 return 1
fi fi
fi fi
if _hasfield "$Le_Webroot" "$NO_VALUE"; then
if _hasfield "$_chk_web_roots" "$NO_VALUE"; then
if ! _exists "nc"; then if ! _exists "nc"; then
_err "Please install netcat(nc) tools first." _err "Please install netcat(nc) tools first."
return 1 return 1
fi fi
fi fi
_debug Le_LocalAddress "$Le_LocalAddress"
_debug Le_LocalAddress "$_chk_local_addr"
alldomains=$(echo "$Le_Domain,$Le_Alt" | tr ',' ' ')
alldomains=$(echo "$_chk_main_domain,$_chk_alt_domains" | tr ',' ' ')
_index=1 _index=1
_currentRoot="" _currentRoot=""
_addrIndex=1 _addrIndex=1
for d in $alldomains; do for d in $alldomains; do
_debug "Check for domain" "$d" _debug "Check for domain" "$d"
_currentRoot="$(_getfield "$Le_Webroot" $_index)"
_currentRoot="$(_getfield "$_chk_web_roots" $_index)"
_debug "_currentRoot" "$_currentRoot" _debug "_currentRoot" "$_currentRoot"
_index=$(_math $_index + 1) _index=$(_math $_index + 1)
_checkport="" _checkport=""
@ -2758,7 +2763,7 @@ _on_before_issue() {
if [ "$_checkport" ]; then if [ "$_checkport" ]; then
_debug _checkport "$_checkport" _debug _checkport "$_checkport"
_checkaddr="$(_getfield "$Le_LocalAddress" $_addrIndex)"
_checkaddr="$(_getfield "$_chk_local_addr" $_addrIndex)"
_debug _checkaddr "$_checkaddr" _debug _checkaddr "$_checkaddr"
_addrIndex="$(_math $_addrIndex + 1)" _addrIndex="$(_math $_addrIndex + 1)"
@ -2777,7 +2782,7 @@ _on_before_issue() {
fi fi
done done
if _hasfield "$Le_Webroot" "apache"; then
if _hasfield "$_chk_web_roots" "apache"; then
if ! _setApache; then if ! _setApache; then
_err "set up apache error. Report error to me." _err "set up apache error. Report error to me."
return 1 return 1
@ -2789,6 +2794,7 @@ _on_before_issue() {
} }
_on_issue_err() { _on_issue_err() {
_chk_post_hook="$1"
_debug _on_issue_err _debug _on_issue_err
if [ "$LOG_FILE" ]; then if [ "$LOG_FILE" ]; then
_err "Please check log file for more details: $LOG_FILE" _err "Please check log file for more details: $LOG_FILE"
@ -2802,10 +2808,10 @@ _on_issue_err() {
fi fi
#run the post hook #run the post hook
if [ "$Le_PostHook" ]; then
_info "Run post hook:'$Le_PostHook'"
if [ "$_chk_post_hook" ]; then
_info "Run post hook:'$_chk_post_hook'"
if ! ( if ! (
cd "$DOMAIN_PATH" && eval "$Le_PostHook"
cd "$DOMAIN_PATH" && eval "$_chk_post_hook"
); then ); then
_err "Error when run post hook." _err "Error when run post hook."
return 1 return 1
@ -2814,12 +2820,14 @@ _on_issue_err() {
} }
_on_issue_success() { _on_issue_success() {
_chk_post_hook="$1"
_chk_renew_hook="$2"
_debug _on_issue_success _debug _on_issue_success
#run the post hook #run the post hook
if [ "$Le_PostHook" ]; then
_info "Run post hook:'$Le_PostHook'"
if [ "$_chk_post_hook" ]; then
_info "Run post hook:'$_chk_post_hook'"
if ! ( if ! (
cd "$DOMAIN_PATH" && eval "$Le_PostHook"
cd "$DOMAIN_PATH" && eval "$_chk_post_hook"
); then ); then
_err "Error when run post hook." _err "Error when run post hook."
return 1 return 1
@ -2827,10 +2835,10 @@ _on_issue_success() {
fi fi
#run renew hook #run renew hook
if [ "$IS_RENEW" ] && [ "$Le_RenewHook" ]; then
_info "Run renew hook:'$Le_RenewHook'"
if [ "$IS_RENEW" ] && [ "$_chk_renew_hook" ]; then
_info "Run renew hook:'$_chk_renew_hook'"
if ! ( if ! (
cd "$DOMAIN_PATH" && eval "$Le_RenewHook"
cd "$DOMAIN_PATH" && eval "$_chk_renew_hook"
); then ); then
_err "Error when run renew hook." _err "Error when run renew hook."
return 1 return 1
@ -3027,38 +3035,38 @@ issue() {
_usage "Usage: $PROJECT_ENTRY --issue -d a.com -w /path/to/webroot/a.com/ " _usage "Usage: $PROJECT_ENTRY --issue -d a.com -w /path/to/webroot/a.com/ "
return 1 return 1
fi fi
Le_Webroot="$1"
Le_Domain="$2"
Le_Alt="$3"
if _contains "$Le_Domain" ","; then
Le_Domain=$(echo "$2,$3" | cut -d , -f 1)
Le_Alt=$(echo "$2,$3" | cut -d , -f 2- | sed "s/,${NO_VALUE}$//")
fi
Le_Keylength="$4"
Le_RealCertPath="$5"
Le_RealKeyPath="$6"
Le_RealCACertPath="$7"
Le_ReloadCmd="$8"
Le_RealFullChainPath="$9"
Le_PreHook="${10}"
Le_PostHook="${11}"
Le_RenewHook="${12}"
Le_LocalAddress="${13}"
_web_roots="$1"
_main_domain="$2"
_alt_domains="$3"
if _contains "$_main_domain" ","; then
_main_domain=$(echo "$2,$3" | cut -d , -f 1)
_alt_domains=$(echo "$2,$3" | cut -d , -f 2- | sed "s/,${NO_VALUE}$//")
fi
_key_length="$4"
_real_cert="$5"
_real_key="$6"
_real_ca="$7"
_reload_cmd="$8"
_real_fullchain="$9"
_pre_hook="${10}"
_post_hook="${11}"
_renew_hook="${12}"
_local_addr="${13}"
#remove these later. #remove these later.
if [ "$Le_Webroot" = "dns-cf" ]; then
Le_Webroot="dns_cf"
if [ "$_web_roots" = "dns-cf" ]; then
_web_roots="dns_cf"
fi fi
if [ "$Le_Webroot" = "dns-dp" ]; then
Le_Webroot="dns_dp"
if [ "$_web_roots" = "dns-dp" ]; then
_web_roots="dns_dp"
fi fi
if [ "$Le_Webroot" = "dns-cx" ]; then
Le_Webroot="dns_cx"
if [ "$_web_roots" = "dns-cx" ]; then
_web_roots="dns_cx"
fi fi
_debug "Using api: $API" _debug "Using api: $API"
if [ ! "$IS_RENEW" ]; then if [ ! "$IS_RENEW" ]; then
_initpath "$Le_Domain" "$Le_Keylength"
_initpath "$_main_domain" "$_key_length"
mkdir -p "$DOMAIN_PATH" mkdir -p "$DOMAIN_PATH"
fi fi
@ -3070,7 +3078,7 @@ issue() {
_debug _saved_domain "$_saved_domain" _debug _saved_domain "$_saved_domain"
_saved_alt=$(_readdomainconf Le_Alt) _saved_alt=$(_readdomainconf Le_Alt)
_debug _saved_alt "$_saved_alt" _debug _saved_alt "$_saved_alt"
if [ "$_saved_domain,$_saved_alt" = "$Le_Domain,$Le_Alt" ]; then
if [ "$_saved_domain,$_saved_alt" = "$_main_domain,$_alt_domains" ]; then
_info "Domains not changed." _info "Domains not changed."
_info "Skip, Next renewal time is: $(__green "$(_readdomainconf Le_NextRenewTimeStr)")" _info "Skip, Next renewal time is: $(__green "$(_readdomainconf Le_NextRenewTimeStr)")"
_info "Add '$(__red '--force')' to force to renew." _info "Add '$(__red '--force')' to force to renew."
@ -3081,16 +3089,16 @@ issue() {
fi fi
fi fi
_savedomainconf "Le_Domain" "$Le_Domain"
_savedomainconf "Le_Alt" "$Le_Alt"
_savedomainconf "Le_Webroot" "$Le_Webroot"
_savedomainconf "Le_Domain" "$_main_domain"
_savedomainconf "Le_Alt" "$_alt_domains"
_savedomainconf "Le_Webroot" "$_web_roots"
_savedomainconf "Le_PreHook" "$Le_PreHook"
_savedomainconf "Le_PostHook" "$Le_PostHook"
_savedomainconf "Le_RenewHook" "$Le_RenewHook"
_savedomainconf "Le_PreHook" "$_pre_hook"
_savedomainconf "Le_PostHook" "$_post_hook"
_savedomainconf "Le_RenewHook" "$_renew_hook"
if [ "$Le_LocalAddress" ]; then
_savedomainconf "Le_LocalAddress" "$Le_LocalAddress"
if [ "$_local_addr" ]; then
_savedomainconf "Le_LocalAddress" "$_local_addr"
else else
_cleardomainconf "Le_LocalAddress" _cleardomainconf "Le_LocalAddress"
fi fi
@ -3098,15 +3106,15 @@ issue() {
Le_API="$API" Le_API="$API"
_savedomainconf "Le_API" "$Le_API" _savedomainconf "Le_API" "$Le_API"
if [ "$Le_Alt" = "$NO_VALUE" ]; then
Le_Alt=""
if [ "$_alt_domains" = "$NO_VALUE" ]; then
_alt_domains=""
fi fi
if [ "$Le_Keylength" = "$NO_VALUE" ]; then
Le_Keylength=""
if [ "$_key_length" = "$NO_VALUE" ]; then
_key_length=""
fi fi
if ! _on_before_issue; then
if ! _on_before_issue "$_web_roots" "$_main_domain" "$_alt_domains" "$_pre_hook" "$_local_addr"; then
_err "_on_before_issue." _err "_on_before_issue."
return 1 return 1
fi fi
@ -3116,7 +3124,7 @@ issue() {
if [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then if [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then
if ! _regAccount "$_accountkeylength"; then if ! _regAccount "$_accountkeylength"; then
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
else else
@ -3128,24 +3136,24 @@ issue() {
else else
_key=$(_readdomainconf Le_Keylength) _key=$(_readdomainconf Le_Keylength)
_debug "Read key length:$_key" _debug "Read key length:$_key"
if [ ! -f "$CERT_KEY_PATH" ] || [ "$Le_Keylength" != "$_key" ]; then
if ! createDomainKey "$Le_Domain" "$Le_Keylength"; then
if [ ! -f "$CERT_KEY_PATH" ] || [ "$_key_length" != "$_key" ]; then
if ! createDomainKey "$_main_domain" "$_key_length"; then
_err "Create domain key error." _err "Create domain key error."
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
fi fi
if ! _createcsr "$Le_Domain" "$Le_Alt" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"; then
if ! _createcsr "$_main_domain" "$_alt_domains" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"; then
_err "Create CSR error." _err "Create CSR error."
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
fi fi
_savedomainconf "Le_Keylength" "$Le_Keylength"
_savedomainconf "Le_Keylength" "$_key_length"
vlist="$Le_Vlist" vlist="$Le_Vlist"
@ -3153,12 +3161,12 @@ issue() {
sep='#' sep='#'
dvsep=',' dvsep=','
if [ -z "$vlist" ]; then if [ -z "$vlist" ]; then
alldomains=$(echo "$Le_Domain,$Le_Alt" | tr ',' ' ')
alldomains=$(echo "$_main_domain,$_alt_domains" | tr ',' ' ')
_index=1 _index=1
_currentRoot="" _currentRoot=""
for d in $alldomains; do for d in $alldomains; do
_info "Getting webroot for domain" "$d" _info "Getting webroot for domain" "$d"
_w="$(echo $Le_Webroot | cut -d , -f $_index)"
_w="$(echo $_web_roots | cut -d , -f $_index)"
_debug _w "$_w" _debug _w "$_w"
if [ "$_w" ]; then if [ "$_w" ]; then
_currentRoot="$_w" _currentRoot="$_w"
@ -3177,7 +3185,7 @@ issue() {
if ! __get_domain_new_authz "$d"; then if ! __get_domain_new_authz "$d"; then
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3190,7 +3198,7 @@ issue() {
if [ -z "$entry" ]; then if [ -z "$entry" ]; then
_err "Error, can not get domain token $d" _err "Error, can not get domain token $d"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
token="$(printf "%s\n" "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')" token="$(printf "%s\n" "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
@ -3271,7 +3279,7 @@ issue() {
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
dnsadded='1' dnsadded='1'
@ -3283,7 +3291,7 @@ issue() {
_debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit." _debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit."
_err "Please add the TXT records to the domains, and retry again." _err "Please add the TXT records to the domains, and retry again."
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3329,12 +3337,12 @@ issue() {
if [ "$vtype" = "$VTYPE_HTTP" ]; then if [ "$vtype" = "$VTYPE_HTTP" ]; then
if [ "$_currentRoot" = "$NO_VALUE" ]; then if [ "$_currentRoot" = "$NO_VALUE" ]; then
_info "Standalone mode server" _info "Standalone mode server"
_ncaddr="$(_getfield "$Le_LocalAddress" "$_ncIndex")"
_ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
_ncIndex="$(_math $_ncIndex + 1)" _ncIndex="$(_math $_ncIndex + 1)"
_startserver "$keyauthorization" "$_ncaddr" & _startserver "$keyauthorization" "$_ncaddr" &
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
serverproc="$!" serverproc="$!"
@ -3350,7 +3358,7 @@ issue() {
BACKUP_NGINX_CONF="" BACKUP_NGINX_CONF=""
if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3385,7 +3393,7 @@ issue() {
_err "$d:Can not write token to file : $wellknown_path/$token" _err "$d:Can not write token to file : $wellknown_path/$token"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3424,13 +3432,13 @@ issue() {
_SAN_B="$_x.$_y.acme.invalid" _SAN_B="$_x.$_y.acme.invalid"
_debug2 _SAN_B "$_SAN_B" _debug2 _SAN_B "$_SAN_B"
_ncaddr="$(_getfield "$Le_LocalAddress" "$_ncIndex")"
_ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
_ncIndex="$(_math "$_ncIndex" + 1)" _ncIndex="$(_math "$_ncIndex" + 1)"
if ! _starttlsserver "$_SAN_B" "$_SAN_A" "$Le_TLSPort" "$keyauthorization" "$_ncaddr"; then if ! _starttlsserver "$_SAN_B" "$_SAN_A" "$Le_TLSPort" "$keyauthorization" "$_ncaddr"; then
_err "Start tls server error." _err "Start tls server error."
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
fi fi
@ -3439,7 +3447,7 @@ issue() {
_err "$d:Can not get challenge: $response" _err "$d:Can not get challenge: $response"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3447,7 +3455,7 @@ issue() {
_err "$d:Challenge error: $response" _err "$d:Challenge error: $response"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3474,7 +3482,7 @@ issue() {
_err "$d:Verify error:$response" _err "$d:Verify error:$response"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
_debug2 original "$response" _debug2 original "$response"
@ -3509,7 +3517,7 @@ issue() {
fi fi
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3519,7 +3527,7 @@ issue() {
_err "$d:Verify error:$response" _err "$d:Verify error:$response"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup _clearup
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3533,7 +3541,7 @@ issue() {
if ! _send_signed_request "$API/acme/new-cert" "{\"resource\": \"new-cert\", \"csr\": \"$der\"}" "needbase64"; then if ! _send_signed_request "$API/acme/new-cert" "{\"resource\": \"new-cert\", \"csr\": \"$der\"}" "needbase64"; then
_err "Sign failed." _err "Sign failed."
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3575,7 +3583,7 @@ issue() {
if [ -z "$Le_LinkCert" ]; then if [ -z "$Le_LinkCert" ]; then
response="$(echo "$response" | _dbase64 "multiline" | _normalizeJson)" response="$(echo "$response" | _dbase64 "multiline" | _normalizeJson)"
_err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')" _err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')"
_on_issue_err
_on_issue_err "$_post_hook"
return 1 return 1
fi fi
@ -3637,10 +3645,15 @@ issue() {
Le_NextRenewTime=$(_math "$Le_NextRenewTime" - 86400) Le_NextRenewTime=$(_math "$Le_NextRenewTime" - 86400)
_savedomainconf "Le_NextRenewTime" "$Le_NextRenewTime" _savedomainconf "Le_NextRenewTime" "$Le_NextRenewTime"
_on_issue_success
_on_issue_success "$_post_hook" "$_renew_hook"
if [ "$Le_RealCertPath$Le_RealKeyPath$Le_RealCACertPath$Le_ReloadCmd$Le_RealFullChainPath" ]; then
_installcert
if [ "$_real_cert$_real_key$_real_ca$_reload_cmd$_real_fullchain" ]; then
_savedomainconf "Le_RealCertPath" "$_real_cert"
_savedomainconf "Le_RealCACertPath" "$_real_ca"
_savedomainconf "Le_RealKeyPath" "$_real_key"
_savedomainconf "Le_ReloadCmd" "$_reload_cmd"
_savedomainconf "Le_RealFullChainPath" "$_real_fullchain"
_installcert "$_main_domain" "$_real_cert" "$_real_key" "$_real_ca" "$_reload_cmd" "$_real_fullchain"
fi fi
} }
@ -3926,104 +3939,107 @@ deploy() {
} }
installcert() { installcert() {
Le_Domain="$1"
if [ -z "$Le_Domain" ]; then
_main_domain="$1"
if [ -z "$_main_domain" ]; then
_usage "Usage: $PROJECT_ENTRY --installcert -d domain.com [--ecc] [--certpath cert-file-path] [--keypath key-file-path] [--capath ca-cert-file-path] [ --reloadCmd reloadCmd] [--fullchainpath fullchain-path]" _usage "Usage: $PROJECT_ENTRY --installcert -d domain.com [--ecc] [--certpath cert-file-path] [--keypath key-file-path] [--capath ca-cert-file-path] [ --reloadCmd reloadCmd] [--fullchainpath fullchain-path]"
return 1 return 1
fi fi
Le_RealCertPath="$2"
Le_RealKeyPath="$3"
Le_RealCACertPath="$4"
Le_ReloadCmd="$5"
Le_RealFullChainPath="$6"
_real_cert="$2"
_real_key="$3"
_real_ca="$4"
_reload_cmd="$5"
_real_fullchain="$6"
_isEcc="$7" _isEcc="$7"
_initpath "$Le_Domain" "$_isEcc"
_initpath "$_main_domain" "$_isEcc"
if [ ! -d "$DOMAIN_PATH" ]; then if [ ! -d "$DOMAIN_PATH" ]; then
_err "Domain is not valid:'$Le_Domain'"
_err "Domain is not valid:'$_main_domain'"
return 1 return 1
fi fi
_installcert
_savedomainconf "Le_RealCertPath" "$_real_cert"
_savedomainconf "Le_RealCACertPath" "$_real_ca"
_savedomainconf "Le_RealKeyPath" "$_real_key"
_savedomainconf "Le_ReloadCmd" "$_reload_cmd"
_savedomainconf "Le_RealFullChainPath" "$_real_fullchain"
_installcert "$_main_domain" "$_real_cert" "$_real_key" "$_real_ca" "$_reload_cmd" "$_real_fullchain"
} }
_installcert() { _installcert() {
_savedomainconf "Le_RealCertPath" "$Le_RealCertPath"
_savedomainconf "Le_RealCACertPath" "$Le_RealCACertPath"
_savedomainconf "Le_RealKeyPath" "$Le_RealKeyPath"
_savedomainconf "Le_ReloadCmd" "$Le_ReloadCmd"
_savedomainconf "Le_RealFullChainPath" "$Le_RealFullChainPath"
_main_domain="$1"
_real_cert="$2"
_real_key="$3"
_real_ca="$4"
_reload_cmd="$5"
_real_fullchain="$6"
if [ "$Le_RealCertPath" = "$NO_VALUE" ]; then
Le_RealCertPath=""
if [ "$_real_cert" = "$NO_VALUE" ]; then
_real_cert=""
fi fi
if [ "$Le_RealKeyPath" = "$NO_VALUE" ]; then
Le_RealKeyPath=""
if [ "$_real_key" = "$NO_VALUE" ]; then
_real_key=""
fi fi
if [ "$Le_RealCACertPath" = "$NO_VALUE" ]; then
Le_RealCACertPath=""
if [ "$_real_ca" = "$NO_VALUE" ]; then
_real_ca=""
fi fi
if [ "$Le_ReloadCmd" = "$NO_VALUE" ]; then
Le_ReloadCmd=""
if [ "$_reload_cmd" = "$NO_VALUE" ]; then
_reload_cmd=""
fi fi
if [ "$Le_RealFullChainPath" = "$NO_VALUE" ]; then
Le_RealFullChainPath=""
if [ "$_real_fullchain" = "$NO_VALUE" ]; then
_real_fullchain=""
fi fi
if [ "$Le_RealCertPath" ]; then
_info "Installing cert to:$Le_RealCertPath"
if [ -f "$Le_RealCertPath" ] && [ ! "$IS_RENEW" ]; then
if [ "$_real_cert" ]; then
_info "Installing cert to:$_real_cert"
if [ -f "$_real_cert" ] && [ ! "$IS_RENEW" ]; then
mkdir -p "$DOMAIN_BACKUP_PATH" mkdir -p "$DOMAIN_BACKUP_PATH"
cp "$Le_RealCertPath" "$DOMAIN_BACKUP_PATH/cert.bak"
cp "$_real_cert" "$DOMAIN_BACKUP_PATH/cert.bak"
fi fi
cat "$CERT_PATH" >"$Le_RealCertPath"
cat "$CERT_PATH" >"$_real_cert"
fi fi
if [ "$Le_RealCACertPath" ]; then
_info "Installing CA to:$Le_RealCACertPath"
if [ "$Le_RealCACertPath" = "$Le_RealCertPath" ]; then
echo "" >>"$Le_RealCACertPath"
cat "$CA_CERT_PATH" >>"$Le_RealCACertPath"
if [ "$_real_ca" ]; then
_info "Installing CA to:$_real_ca"
if [ "$_real_ca" = "$_real_cert" ]; then
echo "" >>"$_real_ca"
cat "$CA_CERT_PATH" >>"$_real_ca"
else else
if [ -f "$Le_RealCACertPath" ] && [ ! "$IS_RENEW" ]; then
if [ -f "$_real_ca" ] && [ ! "$IS_RENEW" ]; then
mkdir -p "$DOMAIN_BACKUP_PATH" mkdir -p "$DOMAIN_BACKUP_PATH"
cp "$Le_RealCACertPath" "$DOMAIN_BACKUP_PATH/ca.bak"
cp "$_real_ca" "$DOMAIN_BACKUP_PATH/ca.bak"
fi fi
cat "$CA_CERT_PATH" >"$Le_RealCACertPath"
cat "$CA_CERT_PATH" >"$_real_ca"
fi fi
fi fi
if [ "$Le_RealKeyPath" ]; then
_info "Installing key to:$Le_RealKeyPath"
if [ -f "$Le_RealKeyPath" ] && [ ! "$IS_RENEW" ]; then
if [ "$_real_key" ]; then
_info "Installing key to:$_real_key"
if [ -f "$_real_key" ] && [ ! "$IS_RENEW" ]; then
mkdir -p "$DOMAIN_BACKUP_PATH" mkdir -p "$DOMAIN_BACKUP_PATH"
cp "$Le_RealKeyPath" "$DOMAIN_BACKUP_PATH/key.bak"
cp "$_real_key" "$DOMAIN_BACKUP_PATH/key.bak"
fi fi
cat "$CERT_KEY_PATH" >"$Le_RealKeyPath"
cat "$CERT_KEY_PATH" >"$_real_key"
fi fi
if [ "$Le_RealFullChainPath" ]; then
_info "Installing full chain to:$Le_RealFullChainPath"
if [ -f "$Le_RealFullChainPath" ] && [ ! "$IS_RENEW" ]; then
if [ "$_real_fullchain" ]; then
_info "Installing full chain to:$_real_fullchain"
if [ -f "$_real_fullchain" ] && [ ! "$IS_RENEW" ]; then
mkdir -p "$DOMAIN_BACKUP_PATH" mkdir -p "$DOMAIN_BACKUP_PATH"
cp "$Le_RealFullChainPath" "$DOMAIN_BACKUP_PATH/fullchain.bak"
cp "$_real_fullchain" "$DOMAIN_BACKUP_PATH/fullchain.bak"
fi fi
cat "$CERT_FULLCHAIN_PATH" >"$Le_RealFullChainPath"
cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain"
fi fi
if [ "$Le_ReloadCmd" ]; then
_info "Run Le_ReloadCmd: $Le_ReloadCmd"
if [ "$_reload_cmd" ]; then
_info "Run reload cmd: $_reload_cmd"
if ( if (
export CERT_PATH export CERT_PATH
export CERT_KEY_PATH export CERT_KEY_PATH
export CA_CERT_PATH export CA_CERT_PATH
export CERT_FULLCHAIN_PATH export CERT_FULLCHAIN_PATH
cd "$DOMAIN_PATH" && eval "$Le_ReloadCmd"
cd "$DOMAIN_PATH" && eval "$_reload_cmd"
); then ); then
_info "$(__green "Reload success")" _info "$(__green "Reload success")"
else else

Loading…
Cancel
Save