flywithu/acme.sh
1
0
Fork 0
mirror of https://github.com/hiskang/acme.sh synced 2025-10-31 02:17:18 +00:00
Code Issues Releases Wiki Activity

Merge pull request #552 from Neilpang/dev

Browse Source 
Dev
This commit is contained in:
neil 2017-01-21 11:56:04 +08:00 committed by GitHub
commit 8ca99e85b0
1 changed files with 83 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
acme.sh
View File

@ -1,6 +1,6 @@
#!/usr/bin/env sh
VER=2.6.5
VER=2.6.6
PROJECT_NAME="acme.sh"
@ -1634,7 +1634,13 @@ __initHome() {
fi
export LE_WORKING_DIR
_DEFAULT_ACCOUNT_CONF_PATH="$LE_WORKING_DIR/account.conf"
if [ -z "$LE_CONFIG_HOME" ]; then
LE_CONFIG_HOME="$LE_WORKING_DIR"
fi
_debug "Using config home:$LE_CONFIG_HOME"
export LE_CONFIG_HOME
_DEFAULT_ACCOUNT_CONF_PATH="$LE_CONFIG_HOME/account.conf"
if [ -z "$ACCOUNT_CONF_PATH" ]; then
if [ -f "$_DEFAULT_ACCOUNT_CONF_PATH" ]; then
@ -1646,12 +1652,12 @@ __initHome() {
ACCOUNT_CONF_PATH="$_DEFAULT_ACCOUNT_CONF_PATH"
fi
DEFAULT_LOG_FILE="$LE_WORKING_DIR/$PROJECT_NAME.log"
DEFAULT_LOG_FILE="$LE_CONFIG_HOME/$PROJECT_NAME.log"
DEFAULT_CA_HOME="$LE_WORKING_DIR/ca"
DEFAULT_CA_HOME="$LE_CONFIG_HOME/ca"
if [ -z "$LE_TEMP_DIR" ]; then
LE_TEMP_DIR="$LE_WORKING_DIR/tmp"
LE_TEMP_DIR="$LE_CONFIG_HOME/tmp"
fi
}
@ -1703,7 +1709,7 @@ _initpath() {
fi
if [ -z "$APACHE_CONF_BACKUP_DIR" ]; then
APACHE_CONF_BACKUP_DIR="$LE_WORKING_DIR"
APACHE_CONF_BACKUP_DIR="$LE_CONFIG_HOME"
fi
if [ -z "$USER_AGENT" ]; then
@ -1711,7 +1717,7 @@ _initpath() {
fi
if [ -z "$HTTP_HEADER" ]; then
HTTP_HEADER="$LE_WORKING_DIR/http.header"
HTTP_HEADER="$LE_CONFIG_HOME/http.header"
fi
_OLD_ACCOUNT_KEY="$LE_WORKING_DIR/account.key"
@ -1727,7 +1733,7 @@ _initpath() {
ACCOUNT_JSON_PATH="$_DEFAULT_ACCOUNT_JSON_PATH"
fi
_DEFAULT_CERT_HOME="$LE_WORKING_DIR"
_DEFAULT_CERT_HOME="$LE_CONFIG_HOME"
if [ -z "$CERT_HOME" ]; then
CERT_HOME="$_DEFAULT_CERT_HOME"
fi
@ -3354,7 +3360,9 @@ _installcert() {
}
#confighome
installcronjob() {
_c_home="$1"
_initpath
if ! _exists "crontab"; then
_err "crontab doesn't exist, so, we can not install cron jobs."
@ -3372,17 +3380,20 @@ installcronjob() {
return 1
fi
if [ "$_c_home" ]; then
_c_entry="--config-home \"$_c_home\" "
fi
_t=$(_time)
random_minute=$(_math $_t % 60)
if _exists uname && uname -a | grep SunOS >/dev/null; then
crontab -l | {
cat
echo "$random_minute 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" > /dev/null"
echo "$random_minute 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" $_c_entry> /dev/null"
} | crontab --
else
crontab -l | {
cat
echo "$random_minute 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" > /dev/null"
echo "$random_minute 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" $_c_entry> /dev/null"
} | crontab -
fi
fi
@ -3408,6 +3419,10 @@ uninstallcronjob() {
fi
LE_WORKING_DIR="$(echo "$cr" | cut -d ' ' -f 9 | tr -d '"')"
_info LE_WORKING_DIR "$LE_WORKING_DIR"
if _contains "$cr" "--config-home"; then
LE_CONFIG_HOME="$(echo "$cr" | cut -d ' ' -f 11 | tr -d '"')"
_debug LE_CONFIG_HOME "$LE_CONFIG_HOME"
fi
fi
_initpath
@ -3671,7 +3686,9 @@ _setShebang() {
rm -f "$_file.tmp"
}
#confighome
_installalias() {
_c_home="$1"
_initpath
_envfile="$LE_WORKING_DIR/$PROJECT_ENTRY.env"
@ -3681,8 +3698,15 @@ _installalias() {
echo "$(cat "$_envfile")" | sed "s|^alias le.sh.*$||" >"$_envfile"
fi
if [ "$_c_home" ]; then
_c_entry="--config-home '$_c_home'"
fi
_setopt "$_envfile" "export LE_WORKING_DIR" "=" "\"$LE_WORKING_DIR\""
_setopt "$_envfile" "alias $PROJECT_ENTRY" "=" "\"$LE_WORKING_DIR/$PROJECT_ENTRY\""
if [ "$_c_home" ]; then
_setopt "$_envfile" "export LE_CONFIG_HOME" "=" "\"$LE_CONFIG_HOME\""
fi
_setopt "$_envfile" "alias $PROJECT_ENTRY" "=" "\"$LE_WORKING_DIR/$PROJECT_ENTRY $_c_entry\""
_profile="$(_detect_profile)"
if [ "$_profile" ]; then
@ -3700,7 +3724,10 @@ _installalias() {
if [ -f "$_csh_profile" ]; then
_info "Installing alias to '$_csh_profile'"
_setopt "$_cshfile" "setenv LE_WORKING_DIR" " " "\"$LE_WORKING_DIR\""
_setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY\""
if [ "$_c_home" ]; then
_setopt "$_cshfile" "setenv LE_CONFIG_HOME" " " "\"$LE_CONFIG_HOME\""
fi
_setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY $_c_entry\""
_setopt "$_csh_profile" "source \"$_cshfile\""
fi
@ -3709,13 +3736,16 @@ _installalias() {
if [ -f "$_tcsh_profile" ]; then
_info "Installing alias to '$_tcsh_profile'"
_setopt "$_cshfile" "setenv LE_WORKING_DIR" " " "\"$LE_WORKING_DIR\""
_setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY\""
if [ "$_c_home" ]; then
_setopt "$_cshfile" "setenv LE_CONFIG_HOME" " " "\"$LE_CONFIG_HOME\""
fi
_setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY $_c_entry\""
_setopt "$_tcsh_profile" "source \"$_cshfile\""
fi
}
# nocron
# nocron confighome
install() {
if [ -z "$LE_WORKING_DIR" ]; then
@ -3723,6 +3753,7 @@ install() {
fi
_nocron="$1"
_c_home="$2"
if ! _initpath; then
_err "Install failed."
return 1
@ -3761,6 +3792,13 @@ install() {
chmod 700 "$LE_WORKING_DIR"
if ! mkdir -p "$LE_CONFIG_HOME"; then
_err "Can not create config dir: $LE_CONFIG_HOME"
return 1
fi
chmod 700 "$LE_CONFIG_HOME"
cp "$PROJECT_ENTRY" "$LE_WORKING_DIR/" && chmod +x "$LE_WORKING_DIR/$PROJECT_ENTRY"
if [ "$?" != "0" ]; then
@ -3770,7 +3808,7 @@ install() {
_info "Installed to $LE_WORKING_DIR/$PROJECT_ENTRY"
_installalias
_installalias "$_c_home"
for subf in $_SUB_FOLDERS; do
if [ -d "$subf" ]; then
@ -3796,7 +3834,7 @@ install() {
fi
if [ -z "$_nocron" ]; then
installcronjob
installcronjob "$_c_home"
fi
if [ -z "$NO_DETECT_SH" ]; then
@ -3829,7 +3867,7 @@ uninstall() {
_uninstallalias
rm -f "$LE_WORKING_DIR/$PROJECT_ENTRY"
_info "The keys and certs are in $LE_WORKING_DIR, you can remove them by yourself."
_info "The keys and certs are in \"$(__green "$LE_CONFIG_HOME")\", you can remove them by yourself."
}
@ -3902,18 +3940,18 @@ Commands:
--issue Issue a cert.
--signcsr Issue a cert from an existing csr.
--deploy Deploy the cert to your server.
--installcert Install the issued cert to apache/nginx or any other server.
--install-cert Install the issued cert to apache/nginx or any other server.
--renew, -r Renew a cert.
--renewAll Renew all the certs.
--renew-all Renew all the certs.
--revoke Revoke a cert.
--list List all the certs.
--showcsr Show the content of a csr.
--installcronjob Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
--uninstallcronjob Uninstall the cron job. The 'uninstall' command can do this automatically.
--install-cronjob Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
--uninstall-cronjob Uninstall the cron job. The 'uninstall' command can do this automatically.
--cron Run cron job to renew all the certs.
--toPkcs Export the certificate and key to a pfx file.
--updateaccount Update account info.
--registeraccount Register account key.
--update-account Update account info.
--register-account Register account key.
--createAccountKey, -cak Create an account private key, professional use.
--createDomainKey, -cdk Create an domain private key, professional use.
--createCSR, -ccsr Create CSR , professional use.
@ -3948,7 +3986,8 @@ Parameters:
--accountconf Specifies a customized account config file.
--home Specifies the home dir for $PROJECT_NAME .
--certhome Specifies the home dir to save all the certs, only valid for '--install' command.
--cert-home Specifies the home dir to save all the certs, only valid for '--install' command.
--config-home Specifies the home dir to save all the configurations.
--useragent Specifies the user agent string. it will be saved for future use too.
--accountemail Specifies the account email for registering, Only valid for the '--install' command.
--accountkey Specifies the account key path, Only valid for the '--install' command.
@ -3957,11 +3996,11 @@ Parameters:
--tlsport Specifies the standalone tls listening port. Only valid if the server is behind a reverse proxy or load balancer.
--local-address Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
--listraw Only used for '--list' command, list the certs in raw format.
--stopRenewOnError, -se Only valid for '--renewall' command. Stop if one cert has error in renewal.
--stopRenewOnError, -se Only valid for '--renew-all' command. Stop if one cert has error in renewal.
--insecure Do not check the server certificate, in some devices, the api server's certificate may not be trusted.
--ca-bundle Specifices the path to the CA certificate bundle to verify api server's certificate.
--nocron Only valid for '--install' command, which means: do not install the default cron job. In this case, the certs will not be renewed automatically.
--ecc Specifies to use the ECC cert. Valid for '--installcert', '--renew', '--revoke', '--toPkcs' and '--createCSR'
--ecc Specifies to use the ECC cert. Valid for '--install-cert', '--renew', '--revoke', '--toPkcs' and '--createCSR'
--csr Specifies the input csr.
--pre-hook Command to be run before obtaining any certificates.
--post-hook Command to be run after attempting to obtain/renew certificates. No matter the obain/renew is success or failed.
@ -4070,6 +4109,7 @@ _process() {
_accountemail=""
_accountkey=""
_certhome=""
_confighome=""
_httpport=""
_tlsport=""
_dnssleep=""
@ -4124,13 +4164,13 @@ _process() {
--showcsr)
_CMD="showcsr"
;;
--installcert | -i)
--installcert | -i | --install-cert)
_CMD="installcert"
;;
--renew | -r)
_CMD="renew"
;;
--renewAll | --renewall)
--renewAll | --renewall | --renew-all)
_CMD="renewAll"
;;
--revoke)
@ -4139,10 +4179,10 @@ _process() {
--list)
_CMD="list"
;;
--installcronjob)
--installcronjob | --install-cronjob)
_CMD="installcronjob"
;;
--uninstallcronjob)
--uninstallcronjob | --uninstall-cronjob)
_CMD="uninstallcronjob"
;;
--cron)
@ -4163,10 +4203,10 @@ _process() {
--deactivate)
_CMD="deactivate"
;;
--updateaccount)
--updateaccount | --update-account)
_CMD="updateaccount"
;;
--registeraccount)
--registeraccount | --register-account)
_CMD="registeraccount"
;;
--domain | -d)
@ -4308,11 +4348,16 @@ _process() {
LE_WORKING_DIR="$2"
shift
;;
--certhome)
--certhome | --cert-home)
_certhome="$2"
CERT_HOME="$_certhome"
shift
;;
--config-home)
_confighome="$2"
LE_CONFIG_HOME="$_confighome"
shift
;;
--useragent)
_useragent="$2"
USER_AGENT="$_useragent"
@ -4463,7 +4508,7 @@ _process() {
fi
case "${_CMD}" in
install) install "$_nocron" ;;
install) install "$_nocron" "$_confighome" ;;
uninstall) uninstall "$_nocron" ;;
upgrade) upgrade ;;
issue)
@ -4502,7 +4547,7 @@ _process() {
list)
list "$_listraw"
;;
installcronjob) installcronjob ;;
installcronjob) installcronjob "$_confighome" ;;
uninstallcronjob) uninstallcronjob ;;
cron) cron ;;
toPkcs)
@ -4519,7 +4564,9 @@ _process() {
;;
*)
_err "Invalid command: $_CMD"
if [ "$_CMD" ]; then
_err "Invalid command: $_CMD"
fi
showhelp
return 1
;;