申请证书可关闭cname跟随

更新可使用海外节点
pull/236/head
zhangchenhao 2025-06-04 10:29:07 +08:00
parent 29a7579743
commit 54118e0095
3 changed files with 50 additions and 13 deletions

View File

@ -31,6 +31,7 @@ import (
"github.com/go-acme/lego/v4/registration"
"net/http"
"net/url"
"os"
"strconv"
"strings"
"time"
@ -387,11 +388,7 @@ func Apply(cfg map[string]any, logger *public.Logger) (map[string]any, error) {
var skipCheck bool
if cfg["skip_check"] == nil {
// 默认跳过预检查
skipCheck = true
// cf 默认不跳过预检查
if providerStr == "cloudflare" {
skipCheck = false
}
skipCheck = false
} else {
switch v := cfg["skip_check"].(type) {
case int:
@ -418,6 +415,36 @@ func Apply(cfg map[string]any, logger *public.Logger) (map[string]any, error) {
return nil, fmt.Errorf("参数错误skip_check")
}
}
var closeCname bool
if cfg["close_cname"] == nil {
// 默认开启CNAME跟随
closeCname = false
} else {
switch v := cfg["close_cname"].(type) {
case int:
if v > 0 {
closeCname = true
} else {
closeCname = false
}
case float64:
if v > 0 {
closeCname = true
} else {
closeCname = false
}
case string:
if v == "true" || v == "1" {
closeCname = true
} else {
closeCname = false
}
case bool:
closeCname = v
default:
return nil, fmt.Errorf("参数错误close_cname")
}
}
domainArr := strings.Split(domains, ",")
for i := range domainArr {
@ -436,6 +463,7 @@ func Apply(cfg map[string]any, logger *public.Logger) (map[string]any, error) {
return certData, nil
}
logger.Debug("正在申请证书,域名: " + domains)
os.Setenv("LEGO_DISABLE_CNAME_SUPPORT", strconv.FormatBool(closeCname))
// 创建 ACME 客户端
client, err := GetAcmeClient(db, email, algorithm, eabId, httpClient, logger)
if err != nil {

View File

@ -58,6 +58,11 @@ func NewSqlite(DbFile string, PreFix string) (*Sqlite, error) {
if err != nil {
return nil, err
}
_, err = s.Conn.Exec("PRAGMA busy_timeout = 5000;")
if err != nil {
s.Close()
return nil, fmt.Errorf("设置PRAGMA busy_timeout失败: %w", err)
}
return &s, nil
}
@ -79,6 +84,7 @@ func (s *Sqlite) Connect() error {
if err == nil {
s.Conn = conn
s.closed = false
}
return err
}

View File

@ -36,7 +36,7 @@ if [ $# -eq 0 ]; then
echo "13: 重启后台自动调度"
echo "14: 关闭https"
echo "15: 获取面板地址"
echo "16: 更新ALLinSSL到最新版本文件覆盖安装"
echo "16: 修复/更新ALLinSSL到最新版本文件覆盖安装"
echo "17: 卸载ALLinSSL"
echo "========================================"
read -p "请输入操作编号 (1-17): " user_input
@ -50,16 +50,21 @@ if [ $# -eq 0 ]; then
fi
function update_allinssl() {
CN_CHECK=$(curl -sS --connect-timeout 10 -m 10 https://api.bt.cn/api/isCN)
if [ "${CN_CHECK}" == "True" ];then
node_host="https://download.allinssl.com"
else
node_host="https://node1.allinssl.com"
fi
ARCH=$(uname -m)
if [[ "$ARCH" == "x86_64" ]]; then
local url="https://download.allinssl.com/bin/allinssl-Linux-x86_64.tar.gz"
local url="${node_host}/bin/allinssl-Linux-x86_64.tar.gz"
elif [[ "$ARCH" == "aarch64" ]]; then
local url="https://download.allinssl.com/bin/allinssl-Linux-aarch64.tar.gz"
local url="${node_host}/bin/allinssl-Linux-aarch64.tar.gz"
else
echo "不支持$ARCH"
exit 1
fi
# local url="https://download.allinssl.com/bin/allinssl.tar.gz"
local target_dir="${WORK_DIR}"
local temp_file=$(mktemp)
local original_filename temp_file
@ -132,7 +137,6 @@ function update_allinssl() {
# 执行安装流程
if create_directory && download_file && extract_file; then
# copy_config
set_cloudc
cleanup
echo -e "${GREEN}${CHECK} Successfully installed to $target_dir${NC}"
@ -202,10 +206,9 @@ if [ "$1" == "16" ]; then
echo "已取消更新操作。"
exit 0
fi
# 可在此插入更新逻辑(如下载新版、替换二进制等)
update_allinssl
echo "✅ 已确认,执行更新操作..."
update_allinssl
echo "ALLinSSL 更新完成!"
exit 0
elif [ "$1" == "17" ]; then
echo "⚠️ 正在准备执行 ALLinSSL 卸载操作..."