You can not select more than 25 topics
			Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
		
		
		
		
		
			
		
			
				
					
					
						
							55 lines
						
					
					
						
							1.3 KiB
						
					
					
				
			
		
		
		
			
			
			
		
		
	
	
							55 lines
						
					
					
						
							1.3 KiB
						
					
					
				| #!/usr/bin/env sh | |
|  | |
| #Here is a sample custom api script. | |
| #This file name is "myapi.sh" | |
| #So, here must be a method   myapi_deploy() | |
| #Which will be called by acme.sh to deploy the cert | |
| #returns 0 means success, otherwise error. | |
| 
 | |
| ########  Public functions ##################### | |
| 
 | |
| #domain keyfile certfile cafile fullchain | |
| strongswan_deploy() { | |
|   _cdomain="$1" | |
|   _ckey="$2" | |
|   _ccert="$3" | |
|   _cca="$4" | |
|   _cfullchain="$5" | |
| 
 | |
|   _info "Using strongswan" | |
| 
 | |
|   if [ -x /usr/sbin/ipsec ]; then | |
|     _ipsec=/usr/sbin/ipsec | |
|   elif [ -x /usr/sbin/strongswan ]; then | |
|     _ipsec=/usr/sbin/strongswan | |
|   elif [ -x /usr/local/sbin/ipsec ]; then | |
|     _ipsec=/usr/local/sbin/ipsec | |
|   else | |
|     _err "no strongswan or ipsec command is detected" | |
|     return 1 | |
|   fi | |
| 
 | |
|   _info _ipsec "$_ipsec" | |
| 
 | |
|   _confdir=$($_ipsec --confdir) | |
|   if [ $? -ne 0 ] || [ -z "$_confdir" ]; then | |
|     _err "no strongswan --confdir is detected" | |
|     return 1 | |
|   fi | |
| 
 | |
|   _info _confdir "$_confdir" | |
| 
 | |
|   _debug _cdomain "$_cdomain" | |
|   _debug _ckey "$_ckey" | |
|   _debug _ccert "$_ccert" | |
|   _debug _cca "$_cca" | |
|   _debug _cfullchain "$_cfullchain" | |
| 
 | |
|   cat "$_ckey" >"${_confdir}/ipsec.d/private/$(basename "$_ckey")" | |
|   cat "$_ccert" >"${_confdir}/ipsec.d/certs/$(basename "$_ccert")" | |
|   cat "$_cca" >"${_confdir}/ipsec.d/cacerts/$(basename "$_cca")" | |
|   cat "$_cfullchain" >"${_confdir}/ipsec.d/cacerts/$(basename "$_cfullchain")" | |
| 
 | |
|   $_ipsec reload | |
| 
 | |
| }
 |