Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge remote-tracking branch 'remotes/Neilpang/master'

pull/97/head
kaklakariada 9 years ago
parent
618837522f 54f473d826
commit
f77f8d2320
2 changed files with 57 additions and 21 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      README.md
  2. 75
      le.sh

1
README.md
View File

@ -15,6 +15,7 @@ Do NOT require to be `root/sudoer`.
2. CentOS
3. Windows (cygwin with curl, openssl and crontab included)
4. FreeBSD with bash
5. pfsense with bash and curl
#Supported Mode

75
le.sh
View File

@ -175,7 +175,8 @@ createCSR() {
if [ -z "$domainlist" ] ; then
#single domain
_info "Single domain" $domain
openssl req -new -sha256 -key "$CERT_KEY_PATH" -subj "/CN=$domain" > "$CSR_PATH"
printf "[ req_distinguished_name ]\n[ req ]\ndistinguished_name = req_distinguished_name\n" > "$DOMAIN_SSL_CONF"
openssl req -new -sha256 -key "$CERT_KEY_PATH" -subj "/CN=$domain" -config "$DOMAIN_SSL_CONF" -out "$CSR_PATH"
else
alt="DNS:$(echo $domainlist | sed "s/,/,DNS:/g")"
#multi
@ -204,6 +205,18 @@ _time2str() {
}
_stat() {
#Linux
if stat -c '%U:%G' "$1" 2>/dev/null ; then
return
fi
#BSD
if stat -f '%Su:%Sg' "$1" 2>/dev/null ; then
return
fi
}
_send_signed_request() {
url=$1
payload=$2
@ -285,14 +298,14 @@ _setopt() {
__val="$(echo $__val | sed 's/&/\\&/g')"
fi
text="$(cat $__conf)"
printf "$text" | sed "s|^$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
echo "$text" | sed "s|^$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
elif grep -H -n "^#$__opt$__sep" "$__conf" > /dev/null ; then
if [[ "$__val" == *"&"* ]] ; then
__val="$(echo $__val | sed 's/&/\\&/g')"
fi
text="$(cat $__conf)"
printf "$text" | sed "s|^#$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
echo "$text" | sed "s|^#$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
else
_debug APP
@ -376,7 +389,10 @@ _initpath() {
fi
domain="$1"
mkdir -p "$LE_WORKING_DIR"
if ! mkdir -p "$LE_WORKING_DIR" ; then
_err "Can not craete working dir: $LE_WORKING_DIR"
return 1
fi
if [ -z "$ACCOUNT_KEY_PATH" ] ; then
ACCOUNT_KEY_PATH="$LE_WORKING_DIR/account.key"
@ -389,12 +405,15 @@ _initpath() {
domainhome="$LE_WORKING_DIR/$domain"
mkdir -p "$domainhome"
if [ -z "$DOMAIN_PATH" ] ; then
DOMAIN_PATH="$domainhome"
fi
if [ -z "$DOMAIN_CONF" ] ; then
DOMAIN_CONF="$domainhome/$Le_Domain.conf"
DOMAIN_CONF="$domainhome/$domain.conf"
fi
if [ -z "$DOMAIN_SSL_CONF" ] ; then
DOMAIN_SSL_CONF="$domainhome/$Le_Domain.ssl.conf"
DOMAIN_SSL_CONF="$domainhome/$domain.ssl.conf"
fi
if [ -z "$CSR_PATH" ] ; then
@ -812,7 +831,7 @@ issue() {
mkdir -p "$wellknown_path"
echo -n "$keyauthorization" > "$wellknown_path/$token"
webroot_owner=$(stat -c '%U:%G' $Le_Webroot)
webroot_owner=$(_stat $Le_Webroot)
_debug "Changing owner/group of .well-known to $webroot_owner"
chown -R $webroot_owner "$Le_Webroot/.well-known"
@ -987,6 +1006,7 @@ renewAll() {
Le_ReloadCmd=""
DOMAIN_PATH=""
DOMAIN_CONF=""
DOMAIN_SSL_CONF=""
CSR_PATH=""
@ -1050,7 +1070,7 @@ installcert() {
if [ "$Le_ReloadCmd" ] ; then
_info "Run Le_ReloadCmd: $Le_ReloadCmd"
eval $Le_ReloadCmd
(cd "$DOMAIN_PATH" && eval "$Le_ReloadCmd")
fi
}
@ -1067,7 +1087,12 @@ installcronjob() {
fi
crontab -l | { cat; echo "0 0 * * * LE_WORKING_DIR=\"$LE_WORKING_DIR\" $lesh cron > /dev/null"; } | crontab -
fi
return 0
if [ "$?" != "0" ] ; then
_err "Install cron job failed. You need to manually renew your certs."
_err "Or you can add cronjob by yourself:"
_err "LE_WORKING_DIR=\"$LE_WORKING_DIR\" $lesh cron > /dev/null"
return 1
fi
}
uninstallcronjob() {
@ -1128,6 +1153,7 @@ _initconf() {
echo "#Account configurations:
#Here are the supported macros, uncomment them to make them take effect.
#ACCOUNT_EMAIL=aaa@aaa.com # the account email used to register account.
#ACCOUNT_KEY_PATH=\"/path/to/account.key\"
#STAGE=1 # Use the staging api
#FORCE=1 # Force to issue cert
@ -1137,29 +1163,32 @@ _initconf() {
#######################
#Cloudflare:
#api key
#CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
#CF_Key=\"sdfsdfsdfljlbjkljlkjsdfoiwje\"
#account email
#CF_Email="xxxx@sss.com"
#CF_Email=\"xxxx@sss.com\"
#######################
#Dnspod.cn:
#api key id
#DP_Id="1234"
#DP_Id=\"1234\"
#api key
#DP_Key="sADDsdasdgdsf"
#DP_Key=\"sADDsdasdgdsf\"
#######################
#Cloudxns.com:
#CX_Key="1234"
#CX_Key=\"1234\"
#
#CX_Secret="sADDsdasdgdsf"
#CX_Secret=\"sADDsdasdgdsf\"
" > $ACCOUNT_CONF_PATH
fi
}
install() {
_initpath
if ! _initpath ; then
_err "Install failed."
return 1
fi
#check if there is sudo installed, AND if the current user is a sudoer.
if command -v sudo > /dev/null ; then
@ -1199,9 +1228,14 @@ install() {
_info "Installing to $LE_WORKING_DIR"
cp le.sh "$LE_WORKING_DIR/" && chmod +x "$LE_WORKING_DIR/le.sh"
if [ "$?" != "0" ] ; then
_err "Install failed, can not copy le.sh"
return 1
fi
_info "Installed to $LE_WORKING_DIR/le.sh"
cp le.sh $LE_WORKING_DIR/
chmod +x $LE_WORKING_DIR/le.sh
_profile="$(_detect_profile)"
if [ "$_profile" ] ; then
@ -1211,7 +1245,7 @@ install() {
alias le=\"$LE_WORKING_DIR/le.sh\"
alias le.sh=\"$LE_WORKING_DIR/le.sh\"
" > "$LE_WORKING_DIR/le.env"
echo "" >> "$_profile"
_setopt "$_profile" "source \"$LE_WORKING_DIR/le.env\""
_info "OK, Close and reopen your terminal to start using le"
else
@ -1240,7 +1274,8 @@ uninstall() {
_profile="$(_detect_profile)"
if [ "$_profile" ] ; then
sed -i /le.env/d "$_profile"
text="$(cat $_profile)"
echo "$text" | sed "s|^source.*le.env.*$||" > "$_profile"
fi
rm -f $LE_WORKING_DIR/le.sh

Write Preview
Loading…
Cancel
Save