Merge remote-tracking branch 'remotes/Neilpang/master'

pull/97/head
kaklakariada 2016-03-09 21:16:52 +01:00
commit f77f8d2320
2 changed files with 57 additions and 21 deletions

View File

@ -15,6 +15,7 @@ Do NOT require to be `root/sudoer`.
2. CentOS
3. Windows (cygwin with curl, openssl and crontab included)
4. FreeBSD with bash
5. pfsense with bash and curl
#Supported Mode

75
le.sh
View File

@ -175,7 +175,8 @@ createCSR() {
if [ -z "$domainlist" ] ; then
#single domain
_info "Single domain" $domain
openssl req -new -sha256 -key "$CERT_KEY_PATH" -subj "/CN=$domain" > "$CSR_PATH"
printf "[ req_distinguished_name ]\n[ req ]\ndistinguished_name = req_distinguished_name\n" > "$DOMAIN_SSL_CONF"
openssl req -new -sha256 -key "$CERT_KEY_PATH" -subj "/CN=$domain" -config "$DOMAIN_SSL_CONF" -out "$CSR_PATH"
else
alt="DNS:$(echo $domainlist | sed "s/,/,DNS:/g")"
#multi
@ -204,6 +205,18 @@ _time2str() {
}
_stat() {
#Linux
if stat -c '%U:%G' "$1" 2>/dev/null ; then
return
fi
#BSD
if stat -f '%Su:%Sg' "$1" 2>/dev/null ; then
return
fi
}
_send_signed_request() {
url=$1
payload=$2
@ -285,14 +298,14 @@ _setopt() {
__val="$(echo $__val | sed 's/&/\\&/g')"
fi
text="$(cat $__conf)"
printf "$text" | sed "s|^$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
echo "$text" | sed "s|^$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
elif grep -H -n "^#$__opt$__sep" "$__conf" > /dev/null ; then
if [[ "$__val" == *"&"* ]] ; then
__val="$(echo $__val | sed 's/&/\\&/g')"
fi
text="$(cat $__conf)"
printf "$text" | sed "s|^#$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
echo "$text" | sed "s|^#$__opt$__sep.*$|$__opt$__sep$__val$__end|" > "$__conf"
else
_debug APP
@ -376,7 +389,10 @@ _initpath() {
fi
domain="$1"
mkdir -p "$LE_WORKING_DIR"
if ! mkdir -p "$LE_WORKING_DIR" ; then
_err "Can not craete working dir: $LE_WORKING_DIR"
return 1
fi
if [ -z "$ACCOUNT_KEY_PATH" ] ; then
ACCOUNT_KEY_PATH="$LE_WORKING_DIR/account.key"
@ -389,12 +405,15 @@ _initpath() {
domainhome="$LE_WORKING_DIR/$domain"
mkdir -p "$domainhome"
if [ -z "$DOMAIN_PATH" ] ; then
DOMAIN_PATH="$domainhome"
fi
if [ -z "$DOMAIN_CONF" ] ; then
DOMAIN_CONF="$domainhome/$Le_Domain.conf"
DOMAIN_CONF="$domainhome/$domain.conf"
fi
if [ -z "$DOMAIN_SSL_CONF" ] ; then
DOMAIN_SSL_CONF="$domainhome/$Le_Domain.ssl.conf"
DOMAIN_SSL_CONF="$domainhome/$domain.ssl.conf"
fi
if [ -z "$CSR_PATH" ] ; then
@ -812,7 +831,7 @@ issue() {
mkdir -p "$wellknown_path"
echo -n "$keyauthorization" > "$wellknown_path/$token"
webroot_owner=$(stat -c '%U:%G' $Le_Webroot)
webroot_owner=$(_stat $Le_Webroot)
_debug "Changing owner/group of .well-known to $webroot_owner"
chown -R $webroot_owner "$Le_Webroot/.well-known"
@ -987,6 +1006,7 @@ renewAll() {
Le_ReloadCmd=""
DOMAIN_PATH=""
DOMAIN_CONF=""
DOMAIN_SSL_CONF=""
CSR_PATH=""
@ -1050,7 +1070,7 @@ installcert() {
if [ "$Le_ReloadCmd" ] ; then
_info "Run Le_ReloadCmd: $Le_ReloadCmd"
eval $Le_ReloadCmd
(cd "$DOMAIN_PATH" && eval "$Le_ReloadCmd")
fi
}
@ -1067,7 +1087,12 @@ installcronjob() {
fi
crontab -l | { cat; echo "0 0 * * * LE_WORKING_DIR=\"$LE_WORKING_DIR\" $lesh cron > /dev/null"; } | crontab -
fi
return 0
if [ "$?" != "0" ] ; then
_err "Install cron job failed. You need to manually renew your certs."
_err "Or you can add cronjob by yourself:"
_err "LE_WORKING_DIR=\"$LE_WORKING_DIR\" $lesh cron > /dev/null"
return 1
fi
}
uninstallcronjob() {
@ -1128,6 +1153,7 @@ _initconf() {
echo "#Account configurations:
#Here are the supported macros, uncomment them to make them take effect.
#ACCOUNT_EMAIL=aaa@aaa.com # the account email used to register account.
#ACCOUNT_KEY_PATH=\"/path/to/account.key\"
#STAGE=1 # Use the staging api
#FORCE=1 # Force to issue cert
@ -1137,29 +1163,32 @@ _initconf() {
#######################
#Cloudflare:
#api key
#CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
#CF_Key=\"sdfsdfsdfljlbjkljlkjsdfoiwje\"
#account email
#CF_Email="xxxx@sss.com"
#CF_Email=\"xxxx@sss.com\"
#######################
#Dnspod.cn:
#api key id
#DP_Id="1234"
#DP_Id=\"1234\"
#api key
#DP_Key="sADDsdasdgdsf"
#DP_Key=\"sADDsdasdgdsf\"
#######################
#Cloudxns.com:
#CX_Key="1234"
#CX_Key=\"1234\"
#
#CX_Secret="sADDsdasdgdsf"
#CX_Secret=\"sADDsdasdgdsf\"
" > $ACCOUNT_CONF_PATH
fi
}
install() {
_initpath
if ! _initpath ; then
_err "Install failed."
return 1
fi
#check if there is sudo installed, AND if the current user is a sudoer.
if command -v sudo > /dev/null ; then
@ -1199,9 +1228,14 @@ install() {
_info "Installing to $LE_WORKING_DIR"
cp le.sh "$LE_WORKING_DIR/" && chmod +x "$LE_WORKING_DIR/le.sh"
if [ "$?" != "0" ] ; then
_err "Install failed, can not copy le.sh"
return 1
fi
_info "Installed to $LE_WORKING_DIR/le.sh"
cp le.sh $LE_WORKING_DIR/
chmod +x $LE_WORKING_DIR/le.sh
_profile="$(_detect_profile)"
if [ "$_profile" ] ; then
@ -1211,7 +1245,7 @@ install() {
alias le=\"$LE_WORKING_DIR/le.sh\"
alias le.sh=\"$LE_WORKING_DIR/le.sh\"
" > "$LE_WORKING_DIR/le.env"
echo "" >> "$_profile"
_setopt "$_profile" "source \"$LE_WORKING_DIR/le.env\""
_info "OK, Close and reopen your terminal to start using le"
else
@ -1240,7 +1274,8 @@ uninstall() {
_profile="$(_detect_profile)"
if [ "$_profile" ] ; then
sed -i /le.env/d "$_profile"
text="$(cat $_profile)"
echo "$text" | sed "s|^source.*le.env.*$||" > "$_profile"
fi
rm -f $LE_WORKING_DIR/le.sh