plantroon/acme.sh
1
0
Fork 0
mirror of https://github.com/plantroon/acme.sh.git synced 2024-11-09 16:01:46 +00:00
Code Issues Projects Releases Wiki Activity

apache plugin

Browse Source
This commit is contained in:
neil 2016-01-09 23:26:11 +08:00
parent 8172bdee87
commit 9a76ef2f32
1 changed files with 106 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
le.sh
View File

@ -234,7 +234,7 @@ _stopserver() {
_initpath() { _initpath() {
if [ -z "$WORKING_DIR" ]; then if [ -z "$WORKING_DIR" ]; then
WORKING_DIR=~/.le WORKING_DIR=$HOME/.le
fi fi
domain="$1" domain="$1"
@ -256,9 +256,96 @@ _initpath() {
CERT_PATH="$WORKING_DIR/$domain/$domain.cer" CERT_PATH="$WORKING_DIR/$domain/$domain.cer"
CA_CERT_PATH="$WORKING_DIR/$domain/ca.cer" CA_CERT_PATH="$WORKING_DIR/$domain/ca.cer"
if [ -z "$ACME_DIR" ] ; then
ACME_DIR="/home/.acme"
fi
if [ -z "$APACHE_CONF_BACKUP_DIR" ] ; then
APACHE_CONF_BACKUP_DIR="$WORKING_DIR/"
fi
} }
_apachePath() {
httpdroot="$(apachectl -V | grep HTTPD_ROOT= | cut -d = -f 2 | sed s/\"//g)"
httpdconfname="$(apachectl -V | grep SERVER_CONFIG_FILE= | cut -d = -f 2 | sed s/\"//g)"
httpdconf="$httpdroot/$httpdconfname"
if [ ! -f $httpdconf ] ; then
_err "Apache Config file not found" $httpdconf
return 1
fi
return 0
}
_restoreApache() {
if ! _apachePath ; then
return 1
fi
if [ ! -f "$APACHE_CONF_BACKUP_DIR/$httpdconfname" ] ; then
_debug "No config file to restore."
return 0
fi
cp -p "$APACHE_CONF_BACKUP_DIR/$httpdconfname" "$httpdconf"
if ! apachectl -t ; then
_err "Sorry, restore apache config error, please contact me."
_restoreApache
return 1;
fi
rm -f "$APACHE_CONF_BACKUP_DIR/$httpdconfname"
return 0
}
_setApache() {
if ! _apachePath ; then
return 1
fi
#backup the conf
_debug "Backup apache config file" $httpdconf
cp -p $httpdconf $APACHE_CONF_BACKUP_DIR/
_info "JFYI, Config file $httpdconf is backuped to $APACHE_CONF_BACKUP_DIR/$httpdconfname"
_info "In case there is an error that can not be restored automatically, you may try restore it yourself."
_info "The backup file will be deleted on sucess, just forget it."
#add alias
echo "
Alias /.well-known/acme-challenge/ $ACME_DIR
<Directory $ACME_DIR >
Order allow,deny
Allow from all
</Directory>
" >> $httpdconf
if ! apachectl -t ; then
_err "Sorry, apache config error, please contact me."
_restoreApache
return 1;
fi
if [ ! -d "$ACME_DIR" ] ; then
mkdir -p "$ACME_DIR"
chmod 755 "$ACME_DIR"
fi
if ! apachectl graceful ; then
_err "Sorry, apachectl graceful error, please contact me."
_restoreApache
return 1;
fi
return 0
}
_clearup () {
_stopserver $serverproc
_restoreApache
}
issue() { issue() {
if [ -z "$1" ] ; then if [ -z "$1" ] ; then
echo "Usage: le issue webroot|no a.com [www.a.com,b.com,c.com]|no [key-length]|no [cert-file-path]|no [key-file-path]|no [ca-cert-file-path]|no [reloadCmd]|no" echo "Usage: le issue webroot|no a.com [www.a.com,b.com,c.com]|no [key-length]|no [cert-file-path]|no [key-file-path]|no [ca-cert-file-path]|no [reloadCmd]|no"
@ -330,6 +417,14 @@ issue() {
return 1 return 1
fi fi
fi fi
if [ "$Le_Webroot" == "apache" ] ; then
if ! _setApache ; then
_err "set up apache error. Report error to me."
return 1
fi
wellknown_path="$ACME_DIR"
fi
createAccountKey $Le_Domain $Le_Keylength createAccountKey $Le_Domain $Le_Keylength
@ -373,6 +468,7 @@ issue() {
_info "Already registered" _info "Already registered"
else else
_err "Register account Error." _err "Register account Error."
_clearup
return 1 return 1
fi fi
@ -388,6 +484,7 @@ issue() {
if [ ! -z "$code" ] && [ ! "$code" == '201' ] ; then if [ ! -z "$code" ] && [ ! "$code" == '201' ] ; then
_err "new-authz error: $response" _err "new-authz error: $response"
_clearup
return 1 return 1
fi fi
@ -410,7 +507,9 @@ issue() {
sleep 2 sleep 2
_debug serverproc $serverproc _debug serverproc $serverproc
else else
wellknown_path="$Le_Webroot/.well-known/acme-challenge" if [ -z "$wellknown_path" ] ; then
wellknown_path="$Le_Webroot/.well-known/acme-challenge"
fi
_debug wellknown_path "$wellknown_path" _debug wellknown_path "$wellknown_path"
mkdir -p "$wellknown_path" mkdir -p "$wellknown_path"
@ -425,7 +524,7 @@ issue() {
if [ ! -z "$code" ] && [ ! "$code" == '202' ] ; then if [ ! -z "$code" ] && [ ! "$code" == '202' ] ; then
_err "$d:Challenge error: $resource" _err "$d:Challenge error: $resource"
_stopserver $serverproc _clearup
return 1 return 1
fi fi
@ -436,7 +535,7 @@ issue() {
if ! _get $uri ; then if ! _get $uri ; then
_err "$d:Verify error:$resource" _err "$d:Verify error:$resource"
_stopserver $serverproc _clearup
return 1 return 1
fi fi
@ -449,7 +548,7 @@ issue() {
if [ "$status" == "invalid" ] ; then if [ "$status" == "invalid" ] ; then
error=$(echo $response | egrep -o '"error":{[^}]*}' | grep -o '"detail":"[^"]*"' | cut -d '"' -f 4) error=$(echo $response | egrep -o '"error":{[^}]*}' | grep -o '"detail":"[^"]*"' | cut -d '"' -f 4)
_err "$d:Verify error:$error" _err "$d:Verify error:$error"
_stopserver $serverproc _clearup
return 1; return 1;
fi fi
@ -457,7 +556,7 @@ issue() {
_info "Pending" _info "Pending"
else else
_err "$d:Verify error:$response" _err "$d:Verify error:$response"
_stopserver $serverproc _clearup
return 1 return 1
fi fi
@ -488,6 +587,7 @@ issue() {
if [ -z "$Le_LinkCert" ] ; then if [ -z "$Le_LinkCert" ] ; then
response="$(echo $response | base64 -d)" response="$(echo $response | base64 -d)"
_err "Sign failed: $(echo "$response" | grep -o '"detail":"[^"]*"')" _err "Sign failed: $(echo "$response" | grep -o '"detail":"[^"]*"')"
_clearup
return 1 return 1
fi fi