annotate host/acme.sh @ 1643:8d751af51b9d

fix not_found_hander
author Franklin Schmidt <fschmidt@gmail.com>
date Sun, 02 Jan 2022 00:42:58 -0700
parents b735ed134662
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1 #!/usr/bin/env sh
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3 VER=2.8.8
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5 PROJECT_NAME="acme.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7 PROJECT_ENTRY="acme.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
9 PROJECT="https://github.com/acmesh-official/$PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
10
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
11 DEFAULT_INSTALL_HOME="$HOME/.$PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
12
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
13 _WINDOWS_SCHEDULER_NAME="$PROJECT_NAME.cron"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
14
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
15 _SCRIPT_="$0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
16
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
17 _SUB_FOLDER_NOTIFY="notify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
18 _SUB_FOLDER_DNSAPI="dnsapi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
19 _SUB_FOLDER_DEPLOY="deploy"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
20
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
21 _SUB_FOLDERS="$_SUB_FOLDER_DNSAPI $_SUB_FOLDER_DEPLOY $_SUB_FOLDER_NOTIFY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
22
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
23 LETSENCRYPT_CA_V1="https://acme-v01.api.letsencrypt.org/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
24 LETSENCRYPT_STAGING_CA_V1="https://acme-staging.api.letsencrypt.org/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
25
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
26 CA_LETSENCRYPT_V2="https://acme-v02.api.letsencrypt.org/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
27 CA_LETSENCRYPT_V2_TEST="https://acme-staging-v02.api.letsencrypt.org/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
28
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
29 CA_BUYPASS="https://api.buypass.com/acme/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
30 CA_BUYPASS_TEST="https://api.test4.buypass.no/acme/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
31
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
32 CA_ZEROSSL="https://acme.zerossl.com/v2/DV90"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
33 _ZERO_EAB_ENDPOINT="http://api.zerossl.com/acme/eab-credentials-email"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
34
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
35 DEFAULT_CA=$CA_LETSENCRYPT_V2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
36 DEFAULT_STAGING_CA=$CA_LETSENCRYPT_V2_TEST
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
37
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
38 CA_NAMES="
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
39 LetsEncrypt.org,letsencrypt
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
40 LetsEncrypt.org_test,letsencrypt_test,letsencrypttest
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
41 BuyPass.com,buypass
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
42 BuyPass.com_test,buypass_test,buypasstest
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
43 ZeroSSL.com,zerossl
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
44 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
45
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
46 CA_SERVERS="$CA_LETSENCRYPT_V2,$CA_LETSENCRYPT_V2_TEST,$CA_BUYPASS,$CA_BUYPASS_TEST,$CA_ZEROSSL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
47
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
48 DEFAULT_USER_AGENT="$PROJECT_NAME/$VER ($PROJECT)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
49
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
50 DEFAULT_ACCOUNT_KEY_LENGTH=2048
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
51 DEFAULT_DOMAIN_KEY_LENGTH=2048
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
52
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
53 DEFAULT_OPENSSL_BIN="openssl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
54
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
55 VTYPE_HTTP="http-01"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
56 VTYPE_DNS="dns-01"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
57 VTYPE_ALPN="tls-alpn-01"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
58
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
59 LOCAL_ANY_ADDRESS="0.0.0.0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
60
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
61 DEFAULT_RENEW=60
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
62
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
63 NO_VALUE="no"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
64
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
65 W_DNS="dns"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
66 W_ALPN="alpn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
67 DNS_ALIAS_PREFIX="="
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
68
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
69 MODE_STATELESS="stateless"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
70
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
71 STATE_VERIFIED="verified_ok"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
72
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
73 NGINX="nginx:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
74 NGINX_START="#ACME_NGINX_START"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
75 NGINX_END="#ACME_NGINX_END"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
76
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
77 BEGIN_CSR="-----BEGIN CERTIFICATE REQUEST-----"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
78 END_CSR="-----END CERTIFICATE REQUEST-----"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
79
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
80 BEGIN_CERT="-----BEGIN CERTIFICATE-----"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
81 END_CERT="-----END CERTIFICATE-----"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
82
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
83 CONTENT_TYPE_JSON="application/jose+json"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
84 RENEW_SKIP=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
85
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
86 B64CONF_START="__ACME_BASE64__START_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
87 B64CONF_END="__ACME_BASE64__END_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
88
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
89 ECC_SEP="_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
90 ECC_SUFFIX="${ECC_SEP}ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
91
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
92 LOG_LEVEL_1=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
93 LOG_LEVEL_2=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
94 LOG_LEVEL_3=3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
95 DEFAULT_LOG_LEVEL="$LOG_LEVEL_1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
96
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
97 DEBUG_LEVEL_1=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
98 DEBUG_LEVEL_2=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
99 DEBUG_LEVEL_3=3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
100 DEBUG_LEVEL_DEFAULT=$DEBUG_LEVEL_1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
101 DEBUG_LEVEL_NONE=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
102
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
103 DOH_CLOUDFLARE=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
104 DOH_GOOGLE=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
105
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
106 HIDDEN_VALUE="[hidden](please add '--output-insecure' to see this value)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
107
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
108 SYSLOG_ERROR="user.error"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
109 SYSLOG_INFO="user.info"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
110 SYSLOG_DEBUG="user.debug"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
111
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
112 #error
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
113 SYSLOG_LEVEL_ERROR=3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
114 #info
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
115 SYSLOG_LEVEL_INFO=6
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
116 #debug
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
117 SYSLOG_LEVEL_DEBUG=7
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
118 #debug2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
119 SYSLOG_LEVEL_DEBUG_2=8
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
120 #debug3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
121 SYSLOG_LEVEL_DEBUG_3=9
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
122
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
123 SYSLOG_LEVEL_DEFAULT=$SYSLOG_LEVEL_ERROR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
124 #none
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
125 SYSLOG_LEVEL_NONE=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
126
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
127 NOTIFY_LEVEL_DISABLE=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
128 NOTIFY_LEVEL_ERROR=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
129 NOTIFY_LEVEL_RENEW=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
130 NOTIFY_LEVEL_SKIP=3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
131
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
132 NOTIFY_LEVEL_DEFAULT=$NOTIFY_LEVEL_RENEW
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
133
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
134 NOTIFY_MODE_BULK=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
135 NOTIFY_MODE_CERT=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
136
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
137 NOTIFY_MODE_DEFAULT=$NOTIFY_MODE_BULK
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
138
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
139 _DEBUG_WIKI="https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
140
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
141 _PREPARE_LINK="https://github.com/acmesh-official/acme.sh/wiki/Install-preparations"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
142
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
143 _STATELESS_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Stateless-Mode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
144
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
145 _DNS_ALIAS_WIKI="https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
146
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
147 _DNS_MANUAL_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dns-manual-mode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
148
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
149 _DNS_API_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dnsapi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
150
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
151 _NOTIFY_WIKI="https://github.com/acmesh-official/acme.sh/wiki/notify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
152
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
153 _SUDO_WIKI="https://github.com/acmesh-official/acme.sh/wiki/sudo"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
154
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
155 _REVOKE_WIKI="https://github.com/acmesh-official/acme.sh/wiki/revokecert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
156
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
157 _ZEROSSL_WIKI="https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
158
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
159 _SERVER_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
160
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
161 _PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
162
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
163 _DNS_MANUAL_ERR="The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
164
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
165 _DNS_MANUAL_WARN="It seems that you are using dns manual mode. please take care: $_DNS_MANUAL_ERR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
166
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
167 _DNS_MANUAL_ERROR="It seems that you are using dns manual mode. Read this link first: $_DNS_MANUAL_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
168
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
169 __INTERACTIVE=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
170 if [ -t 1 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
171 __INTERACTIVE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
172 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
173
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
174 __green() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
175 if [ "${__INTERACTIVE}${ACME_NO_COLOR:-0}" = "10" -o "${ACME_FORCE_COLOR}" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
176 printf '\33[1;32m%b\33[0m' "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
177 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
178 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
179 printf -- "%b" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
180 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
181
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
182 __red() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
183 if [ "${__INTERACTIVE}${ACME_NO_COLOR:-0}" = "10" -o "${ACME_FORCE_COLOR}" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
184 printf '\33[1;31m%b\33[0m' "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
185 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
186 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
187 printf -- "%b" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
188 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
189
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
190 _printargs() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
191 _exitstatus="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
192 if [ -z "$NO_TIMESTAMP" ] || [ "$NO_TIMESTAMP" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
193 printf -- "%s" "[$(date)] "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
194 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
195 if [ -z "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
196 printf -- "%s" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
197 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
198 printf -- "%s" "$1='$2'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
199 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
200 printf "\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
201 # return the saved exit status
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
202 return "$_exitstatus"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
203 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
204
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
205 _dlg_versions() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
206 echo "Diagnosis versions: "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
207 echo "openssl:$ACME_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
208 if _exists "${ACME_OPENSSL_BIN:-openssl}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
209 ${ACME_OPENSSL_BIN:-openssl} version 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
210 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
211 echo "$ACME_OPENSSL_BIN doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
212 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
213
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
214 echo "apache:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
215 if [ "$_APACHECTL" ] && _exists "$_APACHECTL"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
216 $_APACHECTL -V 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
217 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
218 echo "apache doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
219 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
220
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
221 echo "nginx:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
222 if _exists "nginx"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
223 nginx -V 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
224 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
225 echo "nginx doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
226 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
227
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
228 echo "socat:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
229 if _exists "socat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
230 socat -V 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
231 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
232 _debug "socat doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
233 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
234 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
235
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
236 #class
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
237 _syslog() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
238 _exitstatus="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
239 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" = "$SYSLOG_LEVEL_NONE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
240 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
241 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
242 _logclass="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
243 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
244 if [ -z "$__logger_i" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
245 if _contains "$(logger --help 2>&1)" "-i"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
246 __logger_i="logger -i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
247 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
248 __logger_i="logger"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
249 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
250 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
251 $__logger_i -t "$PROJECT_NAME" -p "$_logclass" "$(_printargs "$@")" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
252 return "$_exitstatus"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
253 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
254
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
255 _log() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
256 [ -z "$LOG_FILE" ] && return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
257 _printargs "$@" >>"$LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
258 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
259
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
260 _info() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
261 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
262 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_INFO" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
263 _syslog "$SYSLOG_INFO" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
264 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
265 _printargs "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
266 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
267
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
268 _err() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
269 _syslog "$SYSLOG_ERROR" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
270 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
271 if [ -z "$NO_TIMESTAMP" ] || [ "$NO_TIMESTAMP" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
272 printf -- "%s" "[$(date)] " >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
273 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
274 if [ -z "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
275 __red "$1" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
276 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
277 __red "$1='$2'" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
278 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
279 printf "\n" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
280 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
281 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
282
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
283 _usage() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
284 __red "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
285 printf "\n" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
286 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
287
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
288 __debug_bash_helper() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
289 # At this point only do for --debug 3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
290 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -lt "$DEBUG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
291 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
292 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
293 # Return extra debug info when running with bash, otherwise return empty
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
294 # string.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
295 if [ -z "${BASH_VERSION}" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
296 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
297 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
298 # We are a bash shell at this point, return the filename, function name, and
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
299 # line number as a string
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
300 _dbh_saveIFS=$IFS
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
301 IFS=" "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
302 # Must use eval or syntax error happens under dash. The eval should use
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
303 # single quotes as older versions of busybox had a bug with double quotes and
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
304 # eval.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
305 # Use 'caller 1' as we want one level up the stack as we should be called
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
306 # by one of the _debug* functions
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
307 eval '_dbh_called=($(caller 1))'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
308 IFS=$_dbh_saveIFS
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
309 eval '_dbh_file=${_dbh_called[2]}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
310 if [ -n "${_script_home}" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
311 # Trim off the _script_home directory name
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
312 eval '_dbh_file=${_dbh_file#$_script_home/}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
313 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
314 eval '_dbh_function=${_dbh_called[1]}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
315 eval '_dbh_lineno=${_dbh_called[0]}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
316 printf "%-40s " "$_dbh_file:${_dbh_function}:${_dbh_lineno}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
317 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
318
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
319 _debug() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
320 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
321 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
322 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
323 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
324 _syslog "$SYSLOG_DEBUG" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
325 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
326 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
327 _bash_debug=$(__debug_bash_helper)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
328 _printargs "${_bash_debug}$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
329 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
330 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
331
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
332 #output the sensitive messages
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
333 _secure_debug() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
334 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
335 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
336 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
337 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
338 _log "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
339 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
340 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
341 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
342 _syslog "$SYSLOG_DEBUG" "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
343 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
344 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
345 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
346 _printargs "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
347 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
348 _printargs "$1" "$HIDDEN_VALUE" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
349 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
350 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
351 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
352
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
353 _debug2() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
354 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
355 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
356 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
357 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
358 _syslog "$SYSLOG_DEBUG" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
359 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
360 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
361 _bash_debug=$(__debug_bash_helper)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
362 _printargs "${_bash_debug}$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
363 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
364 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
365
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
366 _secure_debug2() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
367 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
368 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
369 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
370 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
371 _log "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
372 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
373 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
374 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
375 _syslog "$SYSLOG_DEBUG" "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
376 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
377 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
378 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
379 _printargs "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
380 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
381 _printargs "$1" "$HIDDEN_VALUE" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
382 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
383 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
384 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
385
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
386 _debug3() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
387 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
388 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
389 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
390 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
391 _syslog "$SYSLOG_DEBUG" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
392 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
393 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
394 _bash_debug=$(__debug_bash_helper)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
395 _printargs "${_bash_debug}$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
396 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
397 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
398
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
399 _secure_debug3() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
400 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
401 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
402 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
403 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
404 _log "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
405 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
406 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
407 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
408 _syslog "$SYSLOG_DEBUG" "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
409 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
410 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
411 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
412 _printargs "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
413 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
414 _printargs "$1" "$HIDDEN_VALUE" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
415 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
416 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
417 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
418
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
419 _upper_case() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
420 # shellcheck disable=SC2018,SC2019
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
421 tr 'a-z' 'A-Z'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
422 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
423
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
424 _lower_case() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
425 # shellcheck disable=SC2018,SC2019
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
426 tr 'A-Z' 'a-z'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
427 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
428
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
429 _startswith() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
430 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
431 _sub="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
432 echo "$_str" | grep "^$_sub" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
433 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
434
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
435 _endswith() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
436 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
437 _sub="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
438 echo "$_str" | grep -- "$_sub\$" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
439 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
440
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
441 _contains() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
442 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
443 _sub="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
444 echo "$_str" | grep -- "$_sub" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
445 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
446
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
447 _hasfield() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
448 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
449 _field="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
450 _sep="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
451 if [ -z "$_field" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
452 _usage "Usage: str field [sep]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
453 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
454 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
455
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
456 if [ -z "$_sep" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
457 _sep=","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
458 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
459
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
460 for f in $(echo "$_str" | tr "$_sep" ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
461 if [ "$f" = "$_field" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
462 _debug2 "'$_str' contains '$_field'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
463 return 0 #contains ok
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
464 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
465 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
466 _debug2 "'$_str' does not contain '$_field'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
467 return 1 #not contains
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
468 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
469
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
470 # str index [sep]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
471 _getfield() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
472 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
473 _findex="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
474 _sep="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
475
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
476 if [ -z "$_findex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
477 _usage "Usage: str field [sep]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
478 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
479 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
480
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
481 if [ -z "$_sep" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
482 _sep=","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
483 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
484
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
485 _ffi="$_findex"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
486 while [ "$_ffi" -gt "0" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
487 _fv="$(echo "$_str" | cut -d "$_sep" -f "$_ffi")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
488 if [ "$_fv" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
489 printf -- "%s" "$_fv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
490 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
491 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
492 _ffi="$(_math "$_ffi" - 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
493 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
494
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
495 printf -- "%s" "$_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
496
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
497 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
498
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
499 _exists() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
500 cmd="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
501 if [ -z "$cmd" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
502 _usage "Usage: _exists cmd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
503 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
504 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
505
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
506 if eval type type >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
507 eval type "$cmd" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
508 elif command >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
509 command -v "$cmd" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
510 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
511 which "$cmd" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
512 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
513 ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
514 _debug3 "$cmd exists=$ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
515 return $ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
516 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
517
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
518 #a + b
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
519 _math() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
520 _m_opts="$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
521 printf "%s" "$(($_m_opts))"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
522 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
523
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
524 _h_char_2_dec() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
525 _ch=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
526 case "${_ch}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
527 a | A)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
528 printf "10"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
529 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
530 b | B)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
531 printf "11"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
532 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
533 c | C)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
534 printf "12"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
535 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
536 d | D)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
537 printf "13"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
538 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
539 e | E)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
540 printf "14"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
541 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
542 f | F)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
543 printf "15"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
544 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
545 *)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
546 printf "%s" "$_ch"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
547 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
548 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
549
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
550 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
551
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
552 _URGLY_PRINTF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
553 if [ "$(printf '\x41')" != 'A' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
554 _URGLY_PRINTF=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
555 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
556
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
557 _ESCAPE_XARGS=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
558 if _exists xargs && [ "$(printf %s '\\x41' | xargs printf)" = 'A' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
559 _ESCAPE_XARGS=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
560 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
561
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
562 _h2b() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
563 if _exists xxd && xxd -r -p 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
564 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
565 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
566
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
567 hex=$(cat)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
568 ic=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
569 jc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
570 _debug2 _URGLY_PRINTF "$_URGLY_PRINTF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
571 if [ -z "$_URGLY_PRINTF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
572 if [ "$_ESCAPE_XARGS" ] && _exists xargs; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
573 _debug2 "xargs"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
574 echo "$hex" | _upper_case | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/g' | xargs printf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
575 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
576 for h in $(echo "$hex" | _upper_case | sed 's/\([0-9A-F]\{2\}\)/ \1/g'); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
577 if [ -z "$h" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
578 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
579 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
580 printf "\x$h%s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
581 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
582 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
583 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
584 for c in $(echo "$hex" | _upper_case | sed 's/\([0-9A-F]\)/ \1/g'); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
585 if [ -z "$ic" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
586 ic=$c
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
587 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
588 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
589 jc=$c
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
590 ic="$(_h_char_2_dec "$ic")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
591 jc="$(_h_char_2_dec "$jc")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
592 printf '\'"$(printf "%o" "$(_math "$ic" \* 16 + $jc)")""%s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
593 ic=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
594 jc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
595 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
596 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
597
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
598 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
599
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
600 _is_solaris() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
601 _contains "${__OS__:=$(uname -a)}" "solaris" || _contains "${__OS__:=$(uname -a)}" "SunOS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
602 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
603
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
604 #_ascii_hex str
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
605 #this can only process ascii chars, should only be used when od command is missing as a backup way.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
606 _ascii_hex() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
607 _debug2 "Using _ascii_hex"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
608 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
609 _str_len=${#_str}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
610 _h_i=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
611 while [ "$_h_i" -le "$_str_len" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
612 _str_c="$(printf "%s" "$_str" | cut -c "$_h_i")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
613 printf " %02x" "'$_str_c"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
614 _h_i="$(_math "$_h_i" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
615 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
616 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
617
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
618 #stdin output hexstr splited by one space
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
619 #input:"abc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
620 #output: " 61 62 63"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
621 _hex_dump() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
622 if _exists od; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
623 od -A n -v -t x1 | tr -s " " | sed 's/ $//' | tr -d "\r\t\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
624 elif _exists hexdump; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
625 _debug3 "using hexdump"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
626 hexdump -v -e '/1 ""' -e '/1 " %02x" ""'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
627 elif _exists xxd; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
628 _debug3 "using xxd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
629 xxd -ps -c 20 -i | sed "s/ 0x/ /g" | tr -d ",\n" | tr -s " "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
630 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
631 _debug3 "using _ascii_hex"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
632 str=$(cat)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
633 _ascii_hex "$str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
634 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
635 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
636
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
637 #url encode, no-preserved chars
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
638 #A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
639 #41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
640
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
641 #a b c d e f g h i j k l m n o p q r s t u v w x y z
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
642 #61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 78 79 7a
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
643
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
644 #0 1 2 3 4 5 6 7 8 9 - _ . ~
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
645 #30 31 32 33 34 35 36 37 38 39 2d 5f 2e 7e
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
646
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
647 #stdin stdout
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
648 _url_encode() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
649 _hex_str=$(_hex_dump)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
650 _debug3 "_url_encode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
651 _debug3 "_hex_str" "$_hex_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
652 for _hex_code in $_hex_str; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
653 #upper case
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
654 case "${_hex_code}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
655 "41")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
656 printf "%s" "A"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
657 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
658 "42")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
659 printf "%s" "B"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
660 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
661 "43")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
662 printf "%s" "C"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
663 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
664 "44")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
665 printf "%s" "D"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
666 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
667 "45")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
668 printf "%s" "E"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
669 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
670 "46")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
671 printf "%s" "F"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
672 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
673 "47")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
674 printf "%s" "G"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
675 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
676 "48")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
677 printf "%s" "H"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
678 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
679 "49")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
680 printf "%s" "I"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
681 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
682 "4a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
683 printf "%s" "J"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
684 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
685 "4b")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
686 printf "%s" "K"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
687 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
688 "4c")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
689 printf "%s" "L"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
690 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
691 "4d")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
692 printf "%s" "M"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
693 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
694 "4e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
695 printf "%s" "N"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
696 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
697 "4f")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
698 printf "%s" "O"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
699 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
700 "50")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
701 printf "%s" "P"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
702 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
703 "51")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
704 printf "%s" "Q"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
705 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
706 "52")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
707 printf "%s" "R"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
708 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
709 "53")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
710 printf "%s" "S"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
711 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
712 "54")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
713 printf "%s" "T"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
714 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
715 "55")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
716 printf "%s" "U"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
717 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
718 "56")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
719 printf "%s" "V"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
720 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
721 "57")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
722 printf "%s" "W"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
723 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
724 "58")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
725 printf "%s" "X"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
726 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
727 "59")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
728 printf "%s" "Y"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
729 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
730 "5a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
731 printf "%s" "Z"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
732 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
733
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
734 #lower case
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
735 "61")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
736 printf "%s" "a"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
737 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
738 "62")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
739 printf "%s" "b"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
740 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
741 "63")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
742 printf "%s" "c"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
743 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
744 "64")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
745 printf "%s" "d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
746 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
747 "65")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
748 printf "%s" "e"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
749 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
750 "66")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
751 printf "%s" "f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
752 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
753 "67")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
754 printf "%s" "g"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
755 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
756 "68")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
757 printf "%s" "h"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
758 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
759 "69")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
760 printf "%s" "i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
761 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
762 "6a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
763 printf "%s" "j"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
764 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
765 "6b")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
766 printf "%s" "k"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
767 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
768 "6c")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
769 printf "%s" "l"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
770 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
771 "6d")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
772 printf "%s" "m"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
773 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
774 "6e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
775 printf "%s" "n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
776 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
777 "6f")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
778 printf "%s" "o"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
779 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
780 "70")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
781 printf "%s" "p"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
782 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
783 "71")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
784 printf "%s" "q"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
785 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
786 "72")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
787 printf "%s" "r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
788 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
789 "73")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
790 printf "%s" "s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
791 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
792 "74")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
793 printf "%s" "t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
794 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
795 "75")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
796 printf "%s" "u"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
797 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
798 "76")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
799 printf "%s" "v"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
800 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
801 "77")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
802 printf "%s" "w"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
803 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
804 "78")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
805 printf "%s" "x"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
806 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
807 "79")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
808 printf "%s" "y"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
809 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
810 "7a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
811 printf "%s" "z"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
812 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
813 #numbers
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
814 "30")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
815 printf "%s" "0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
816 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
817 "31")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
818 printf "%s" "1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
819 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
820 "32")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
821 printf "%s" "2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
822 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
823 "33")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
824 printf "%s" "3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
825 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
826 "34")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
827 printf "%s" "4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
828 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
829 "35")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
830 printf "%s" "5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
831 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
832 "36")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
833 printf "%s" "6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
834 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
835 "37")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
836 printf "%s" "7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
837 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
838 "38")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
839 printf "%s" "8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
840 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
841 "39")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
842 printf "%s" "9"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
843 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
844 "2d")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
845 printf "%s" "-"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
846 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
847 "5f")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
848 printf "%s" "_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
849 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
850 "2e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
851 printf "%s" "."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
852 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
853 "7e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
854 printf "%s" "~"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
855 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
856 #other hex
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
857 *)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
858 printf '%%%s' "$_hex_code"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
859 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
860 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
861 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
862 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
863
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
864 _json_encode() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
865 _j_str="$(sed 's/"/\\"/g' | sed "s/\r/\\r/g")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
866 _debug3 "_json_encode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
867 _debug3 "_j_str" "$_j_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
868 echo "$_j_str" | _hex_dump | _lower_case | sed 's/0a/5c 6e/g' | tr -d ' ' | _h2b | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
869 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
870
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
871 #from: http:\/\/ to http://
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
872 _json_decode() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
873 _j_str="$(sed 's#\\/#/#g')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
874 _debug3 "_json_decode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
875 _debug3 "_j_str" "$_j_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
876 echo "$_j_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
877 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
878
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
879 #options file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
880 _sed_i() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
881 options="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
882 filename="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
883 if [ -z "$filename" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
884 _usage "Usage:_sed_i options filename"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
885 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
886 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
887 _debug2 options "$options"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
888 if sed -h 2>&1 | grep "\-i\[SUFFIX]" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
889 _debug "Using sed -i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
890 sed -i "$options" "$filename"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
891 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
892 _debug "No -i support in sed"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
893 text="$(cat "$filename")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
894 echo "$text" | sed "$options" >"$filename"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
895 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
896 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
897
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
898 _egrep_o() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
899 if ! egrep -o "$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
900 sed -n 's/.*\('"$1"'\).*/\1/p'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
901 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
902 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
903
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
904 #Usage: file startline endline
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
905 _getfile() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
906 filename="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
907 startline="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
908 endline="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
909 if [ -z "$endline" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
910 _usage "Usage: file startline endline"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
911 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
912 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
913
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
914 i="$(grep -n -- "$startline" "$filename" | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
915 if [ -z "$i" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
916 _err "Can not find start line: $startline"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
917 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
918 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
919 i="$(_math "$i" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
920 _debug i "$i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
921
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
922 j="$(grep -n -- "$endline" "$filename" | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
923 if [ -z "$j" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
924 _err "Can not find end line: $endline"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
925 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
926 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
927 j="$(_math "$j" - 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
928 _debug j "$j"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
929
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
930 sed -n "$i,${j}p" "$filename"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
931
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
932 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
933
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
934 #Usage: multiline
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
935 _base64() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
936 [ "" ] #urgly
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
937 if [ "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
938 _debug3 "base64 multiline:'$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
939 ${ACME_OPENSSL_BIN:-openssl} base64 -e
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
940 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
941 _debug3 "base64 single line."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
942 ${ACME_OPENSSL_BIN:-openssl} base64 -e | tr -d '\r\n'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
943 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
944 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
945
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
946 #Usage: multiline
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
947 _dbase64() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
948 if [ "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
949 ${ACME_OPENSSL_BIN:-openssl} base64 -d -A
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
950 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
951 ${ACME_OPENSSL_BIN:-openssl} base64 -d
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
952 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
953 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
954
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
955 #file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
956 _checkcert() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
957 _cf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
958 if [ "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
959 ${ACME_OPENSSL_BIN:-openssl} x509 -noout -text -in "$_cf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
960 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
961 ${ACME_OPENSSL_BIN:-openssl} x509 -noout -text -in "$_cf" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
962 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
963 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
964
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
965 #Usage: hashalg [outputhex]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
966 #Output Base64-encoded digest
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
967 _digest() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
968 alg="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
969 if [ -z "$alg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
970 _usage "Usage: _digest hashalg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
971 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
972 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
973
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
974 outputhex="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
975
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
976 if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ] || [ "$alg" = "md5" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
977 if [ "$outputhex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
978 ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -hex | cut -d = -f 2 | tr -d ' '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
979 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
980 ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -binary | _base64
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
981 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
982 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
983 _err "$alg is not supported yet"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
984 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
985 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
986
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
987 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
988
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
989 #Usage: hashalg secret_hex [outputhex]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
990 #Output binary hmac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
991 _hmac() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
992 alg="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
993 secret_hex="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
994 outputhex="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
995
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
996 if [ -z "$secret_hex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
997 _usage "Usage: _hmac hashalg secret [outputhex]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
998 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
999 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1000
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1001 if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1002 if [ "$outputhex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1003 (${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" 2>/dev/null || ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -hmac "$(printf "%s" "$secret_hex" | _h2b)") | cut -d = -f 2 | tr -d ' '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1004 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1005 ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" -binary 2>/dev/null || ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -hmac "$(printf "%s" "$secret_hex" | _h2b)" -binary
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1006 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1007 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1008 _err "$alg is not supported yet"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1009 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1010 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1011
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1012 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1013
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1014 #Usage: keyfile hashalg
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1015 #Output: Base64-encoded signature value
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1016 _sign() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1017 keyfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1018 alg="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1019 if [ -z "$alg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1020 _usage "Usage: _sign keyfile hashalg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1021 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1022 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1023
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1024 _sign_openssl="${ACME_OPENSSL_BIN:-openssl} dgst -sign $keyfile "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1025
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1026 if grep "BEGIN RSA PRIVATE KEY" "$keyfile" >/dev/null 2>&1 || grep "BEGIN PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1027 $_sign_openssl -$alg | _base64
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1028 elif grep "BEGIN EC PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1029 if ! _signedECText="$($_sign_openssl -sha$__ECC_KEY_LEN | ${ACME_OPENSSL_BIN:-openssl} asn1parse -inform DER)"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1030 _err "Sign failed: $_sign_openssl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1031 _err "Key file: $keyfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1032 _err "Key content:$(wc -l <"$keyfile") lines"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1033 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1034 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1035 _debug3 "_signedECText" "$_signedECText"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1036 _ec_r="$(echo "$_signedECText" | _head_n 2 | _tail_n 1 | cut -d : -f 4 | tr -d "\r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1037 _ec_s="$(echo "$_signedECText" | _head_n 3 | _tail_n 1 | cut -d : -f 4 | tr -d "\r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1038 if [ "$__ECC_KEY_LEN" -eq "256" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1039 while [ "${#_ec_r}" -lt "64" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1040 _ec_r="0${_ec_r}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1041 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1042 while [ "${#_ec_s}" -lt "64" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1043 _ec_s="0${_ec_s}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1044 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1045 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1046 if [ "$__ECC_KEY_LEN" -eq "384" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1047 while [ "${#_ec_r}" -lt "96" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1048 _ec_r="0${_ec_r}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1049 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1050 while [ "${#_ec_s}" -lt "96" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1051 _ec_s="0${_ec_s}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1052 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1053 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1054 if [ "$__ECC_KEY_LEN" -eq "512" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1055 while [ "${#_ec_r}" -lt "132" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1056 _ec_r="0${_ec_r}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1057 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1058 while [ "${#_ec_s}" -lt "132" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1059 _ec_s="0${_ec_s}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1060 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1061 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1062 _debug3 "_ec_r" "$_ec_r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1063 _debug3 "_ec_s" "$_ec_s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1064 printf "%s" "$_ec_r$_ec_s" | _h2b | _base64
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1065 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1066 _err "Unknown key file format."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1067 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1068 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1069
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1070 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1071
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1072 #keylength or isEcc flag (empty str => not ecc)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1073 _isEccKey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1074 _length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1075
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1076 if [ -z "$_length" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1077 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1078 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1079
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1080 [ "$_length" != "1024" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1081 [ "$_length" != "2048" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1082 [ "$_length" != "3072" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1083 [ "$_length" != "4096" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1084 [ "$_length" != "8192" ]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1085 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1086
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1087 # _createkey 2048|ec-256 file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1088 _createkey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1089 length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1090 f="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1091 _debug2 "_createkey for file:$f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1092 eccname="$length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1093 if _startswith "$length" "ec-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1094 length=$(printf "%s" "$length" | cut -d '-' -f 2-100)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1095
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1096 if [ "$length" = "256" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1097 eccname="prime256v1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1098 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1099 if [ "$length" = "384" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1100 eccname="secp384r1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1101 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1102 if [ "$length" = "521" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1103 eccname="secp521r1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1104 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1105
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1106 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1107
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1108 if [ -z "$length" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1109 length=2048
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1110 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1111
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1112 _debug "Use length $length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1113
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1114 if ! touch "$f" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1115 _f_path="$(dirname "$f")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1116 _debug _f_path "$_f_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1117 if ! mkdir -p "$_f_path"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1118 _err "Can not create path: $_f_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1119 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1120 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1121 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1122
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1123 if _isEccKey "$length"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1124 _debug "Using ec name: $eccname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1125 if _opkey="$(${ACME_OPENSSL_BIN:-openssl} ecparam -name "$eccname" -genkey 2>/dev/null)"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1126 echo "$_opkey" >"$f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1127 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1128 _err "error ecc key name: $eccname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1129 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1130 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1131 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1132 _debug "Using RSA: $length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1133 if _opkey="$(${ACME_OPENSSL_BIN:-openssl} genrsa "$length" 2>/dev/null)"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1134 echo "$_opkey" >"$f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1135 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1136 _err "error rsa key: $length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1137 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1138 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1139 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1140
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1141 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1142 _err "Create key error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1143 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1144 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1145 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1146
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1147 #domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1148 _is_idn() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1149 _is_idn_d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1150 _debug2 _is_idn_d "$_is_idn_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1151 _idn_temp=$(printf "%s" "$_is_idn_d" | tr -d '0-9' | tr -d 'a-z' | tr -d 'A-Z' | tr -d '*.,-_')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1152 _debug2 _idn_temp "$_idn_temp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1153 [ "$_idn_temp" ]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1154 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1155
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1156 #aa.com
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1157 #aa.com,bb.com,cc.com
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1158 _idn() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1159 __idn_d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1160 if ! _is_idn "$__idn_d"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1161 printf "%s" "$__idn_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1162 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1163 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1164
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1165 if _exists idn; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1166 if _contains "$__idn_d" ','; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1167 _i_first="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1168 for f in $(echo "$__idn_d" | tr ',' ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1169 [ -z "$f" ] && continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1170 if [ -z "$_i_first" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1171 printf "%s" ","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1172 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1173 _i_first=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1174 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1175 idn --quiet "$f" | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1176 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1177 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1178 idn "$__idn_d" | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1179 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1180 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1181 _err "Please install idn to process IDN names."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1182 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1183 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1184
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1185 #_createcsr cn san_list keyfile csrfile conf acmeValidationv1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1186 _createcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1187 _debug _createcsr
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1188 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1189 domainlist="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1190 csrkey="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1191 csr="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1192 csrconf="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1193 acmeValidationv1="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1194 _debug2 domain "$domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1195 _debug2 domainlist "$domainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1196 _debug2 csrkey "$csrkey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1197 _debug2 csr "$csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1198 _debug2 csrconf "$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1199
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1200 printf "[ req_distinguished_name ]\n[ req ]\ndistinguished_name = req_distinguished_name\nreq_extensions = v3_req\n[ v3_req ]\n\nkeyUsage = nonRepudiation, digitalSignature, keyEncipherment" >"$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1201
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1202 if [ "$acmeValidationv1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1203 domainlist="$(_idn "$domainlist")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1204 printf -- "\nsubjectAltName=DNS:$domainlist" >>"$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1205 elif [ -z "$domainlist" ] || [ "$domainlist" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1206 #single domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1207 _info "Single domain" "$domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1208 printf -- "\nsubjectAltName=DNS:$(_idn "$domain")" >>"$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1209 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1210 domainlist="$(_idn "$domainlist")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1211 _debug2 domainlist "$domainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1212 if _contains "$domainlist" ","; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1213 alt="DNS:$(_idn "$domain"),DNS:$(echo "$domainlist" | sed "s/,,/,/g" | sed "s/,/,DNS:/g")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1214 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1215 alt="DNS:$(_idn "$domain"),DNS:$domainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1216 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1217 #multi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1218 _info "Multi domain" "$alt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1219 printf -- "\nsubjectAltName=$alt" >>"$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1220 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1221 if [ "$Le_OCSP_Staple" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1222 _savedomainconf Le_OCSP_Staple "$Le_OCSP_Staple"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1223 printf -- "\nbasicConstraints = CA:FALSE\n1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05" >>"$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1224 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1225
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1226 if [ "$acmeValidationv1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1227 printf "\n1.3.6.1.5.5.7.1.31=critical,DER:04:20:${acmeValidationv1}" >>"${csrconf}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1228 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1229
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1230 _csr_cn="$(_idn "$domain")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1231 _debug2 _csr_cn "$_csr_cn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1232 if _contains "$(uname -a)" "MINGW"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1233 ${ACME_OPENSSL_BIN:-openssl} req -new -sha256 -key "$csrkey" -subj "//CN=$_csr_cn" -config "$csrconf" -out "$csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1234 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1235 ${ACME_OPENSSL_BIN:-openssl} req -new -sha256 -key "$csrkey" -subj "/CN=$_csr_cn" -config "$csrconf" -out "$csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1236 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1237 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1238
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1239 #_signcsr key csr conf cert
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1240 _signcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1241 key="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1242 csr="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1243 conf="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1244 cert="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1245 _debug "_signcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1246
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1247 _msg="$(${ACME_OPENSSL_BIN:-openssl} x509 -req -days 365 -in "$csr" -signkey "$key" -extensions v3_req -extfile "$conf" -out "$cert" 2>&1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1248 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1249 _debug "$_msg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1250 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1251 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1252
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1253 #_csrfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1254 _readSubjectFromCSR() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1255 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1256 if [ -z "$_csrfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1257 _usage "_readSubjectFromCSR mycsr.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1258 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1259 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1260 ${ACME_OPENSSL_BIN:-openssl} req -noout -in "$_csrfile" -subject | tr ',' "\n" | _egrep_o "CN *=.*" | cut -d = -f 2 | cut -d / -f 1 | tr -d ' \n'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1261 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1262
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1263 #_csrfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1264 #echo comma separated domain list
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1265 _readSubjectAltNamesFromCSR() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1266 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1267 if [ -z "$_csrfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1268 _usage "_readSubjectAltNamesFromCSR mycsr.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1269 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1270 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1271
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1272 _csrsubj="$(_readSubjectFromCSR "$_csrfile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1273 _debug _csrsubj "$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1274
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1275 _dnsAltnames="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile" | grep "^ *DNS:.*" | tr -d ' \n')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1276 _debug _dnsAltnames "$_dnsAltnames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1277
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1278 if _contains "$_dnsAltnames," "DNS:$_csrsubj,"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1279 _debug "AltNames contains subject"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1280 _excapedAlgnames="$(echo "$_dnsAltnames" | tr '*' '#')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1281 _debug _excapedAlgnames "$_excapedAlgnames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1282 _escapedSubject="$(echo "$_csrsubj" | tr '*' '#')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1283 _debug _escapedSubject "$_escapedSubject"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1284 _dnsAltnames="$(echo "$_excapedAlgnames," | sed "s/DNS:$_escapedSubject,//g" | tr '#' '*' | sed "s/,\$//g")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1285 _debug _dnsAltnames "$_dnsAltnames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1286 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1287 _debug "AltNames doesn't contain subject"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1288 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1289
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1290 echo "$_dnsAltnames" | sed "s/DNS://g"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1291 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1292
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1293 #_csrfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1294 _readKeyLengthFromCSR() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1295 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1296 if [ -z "$_csrfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1297 _usage "_readKeyLengthFromCSR mycsr.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1298 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1299 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1300
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1301 _outcsr="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1302 _debug2 _outcsr "$_outcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1303 if _contains "$_outcsr" "Public Key Algorithm: id-ecPublicKey"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1304 _debug "ECC CSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1305 echo "$_outcsr" | tr "\t" " " | _egrep_o "^ *ASN1 OID:.*" | cut -d ':' -f 2 | tr -d ' '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1306 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1307 _debug "RSA CSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1308 _rkl="$(echo "$_outcsr" | tr "\t" " " | _egrep_o "^ *Public.Key:.*" | cut -d '(' -f 2 | cut -d ' ' -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1309 if [ "$_rkl" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1310 echo "$_rkl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1311 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1312 echo "$_outcsr" | tr "\t" " " | _egrep_o "RSA Public.Key:.*" | cut -d '(' -f 2 | cut -d ' ' -f 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1313 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1314 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1315 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1316
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1317 _ss() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1318 _port="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1319
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1320 if _exists "ss"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1321 _debug "Using: ss"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1322 ss -ntpl 2>/dev/null | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1323 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1324 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1325
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1326 if _exists "netstat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1327 _debug "Using: netstat"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1328 if netstat -help 2>&1 | grep "\-p proto" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1329 #for windows version netstat tool
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1330 netstat -an -p tcp | grep "LISTENING" | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1331 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1332 if netstat -help 2>&1 | grep "\-p protocol" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1333 netstat -an -p tcp | grep LISTEN | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1334 elif netstat -help 2>&1 | grep -- '-P protocol' >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1335 #for solaris
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1336 netstat -an -P tcp | grep "\.$_port " | grep "LISTEN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1337 elif netstat -help 2>&1 | grep "\-p" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1338 #for full linux
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1339 netstat -ntpl | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1340 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1341 #for busybox (embedded linux; no pid support)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1342 netstat -ntl 2>/dev/null | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1343 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1344 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1345 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1346 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1347
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1348 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1349 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1350
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1351 #outfile key cert cacert [password [name [caname]]]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1352 _toPkcs() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1353 _cpfx="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1354 _ckey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1355 _ccert="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1356 _cca="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1357 pfxPassword="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1358 pfxName="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1359 pfxCaname="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1360
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1361 if [ "$pfxCaname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1362 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca" -password "pass:$pfxPassword" -name "$pfxName" -caname "$pfxCaname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1363 elif [ "$pfxName" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1364 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca" -password "pass:$pfxPassword" -name "$pfxName"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1365 elif [ "$pfxPassword" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1366 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca" -password "pass:$pfxPassword"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1367 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1368 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1369 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1370
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1371 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1372
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1373 #domain [password] [isEcc]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1374 toPkcs() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1375 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1376 pfxPassword="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1377 if [ -z "$domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1378 _usage "Usage: $PROJECT_ENTRY --to-pkcs12 --domain <domain.tld> [--password <password>] [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1379 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1380 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1381
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1382 _isEcc="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1383
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1384 _initpath "$domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1385
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1386 _toPkcs "$CERT_PFX_PATH" "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$pfxPassword"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1387
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1388 if [ "$?" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1389 _info "Success, Pfx is exported to: $CERT_PFX_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1390 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1391
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1392 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1393
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1394 #domain [isEcc]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1395 toPkcs8() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1396 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1397
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1398 if [ -z "$domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1399 _usage "Usage: $PROJECT_ENTRY --to-pkcs8 --domain <domain.tld> [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1400 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1401 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1402
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1403 _isEcc="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1404
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1405 _initpath "$domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1406
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1407 ${ACME_OPENSSL_BIN:-openssl} pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in "$CERT_KEY_PATH" -out "$CERT_PKCS8_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1408
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1409 if [ "$?" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1410 _info "Success, $CERT_PKCS8_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1411 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1412
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1413 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1414
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1415 #[2048]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1416 createAccountKey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1417 _info "Creating account key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1418 if [ -z "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1419 _usage "Usage: $PROJECT_ENTRY --create-account-key [--accountkeylength <bits>]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1420 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1421 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1422
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1423 length=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1424 _create_account_key "$length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1425
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1426 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1427
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1428 _create_account_key() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1429
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1430 length=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1431
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1432 if [ -z "$length" ] || [ "$length" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1433 _debug "Use default length $DEFAULT_ACCOUNT_KEY_LENGTH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1434 length="$DEFAULT_ACCOUNT_KEY_LENGTH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1435 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1436
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1437 _debug length "$length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1438 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1439
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1440 mkdir -p "$CA_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1441 if [ -s "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1442 _info "Account key exists, skip"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1443 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1444 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1445 #generate account key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1446 if _createkey "$length" "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1447 chmod 600 "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1448 _info "Create account key ok."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1449 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1450 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1451 _err "Create account key error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1452 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1453 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1454 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1455
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1456 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1457
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1458 #domain [length]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1459 createDomainKey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1460 _info "Creating domain key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1461 if [ -z "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1462 _usage "Usage: $PROJECT_ENTRY --create-domain-key --domain <domain.tld> [--keylength <bits>]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1463 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1464 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1465
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1466 domain=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1467 _cdl=$2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1468
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1469 if [ -z "$_cdl" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1470 _debug "Use DEFAULT_DOMAIN_KEY_LENGTH=$DEFAULT_DOMAIN_KEY_LENGTH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1471 _cdl="$DEFAULT_DOMAIN_KEY_LENGTH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1472 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1473
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1474 _initpath "$domain" "$_cdl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1475
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1476 if [ ! -f "$CERT_KEY_PATH" ] || [ ! -s "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$_ACME_IS_RENEW" ]) || [ "$Le_ForceNewDomainKey" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1477 if _createkey "$_cdl" "$CERT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1478 _savedomainconf Le_Keylength "$_cdl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1479 _info "The domain key is here: $(__green $CERT_KEY_PATH)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1480 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1481 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1482 _err "Can not create domain key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1483 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1484 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1485 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1486 if [ "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1487 _info "Domain key exists, skip"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1488 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1489 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1490 _err "Domain key exists, do you want to overwrite the key?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1491 _err "Add '--force', and try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1492 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1493 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1494 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1495
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1496 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1497
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1498 # domain domainlist isEcc
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1499 createCSR() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1500 _info "Creating csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1501 if [ -z "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1502 _usage "Usage: $PROJECT_ENTRY --create-csr --domain <domain.tld> [--domain <domain2.tld> ...]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1503 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1504 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1505
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1506 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1507 domainlist="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1508 _isEcc="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1509
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1510 _initpath "$domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1511
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1512 if [ -f "$CSR_PATH" ] && [ "$_ACME_IS_RENEW" ] && [ -z "$FORCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1513 _info "CSR exists, skip"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1514 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1515 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1516
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1517 if [ ! -f "$CERT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1518 _err "The key file is not found: $CERT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1519 _err "Please create the key file first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1520 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1521 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1522 _createcsr "$domain" "$domainlist" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1523
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1524 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1525
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1526 _url_replace() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1527 tr '/+' '_-' | tr -d '= '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1528 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1529
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1530 #base64 string
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1531 _durl_replace_base64() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1532 _l=$((${#1} % 4))
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1533 if [ $_l -eq 2 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1534 _s="$1"'=='
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1535 elif [ $_l -eq 3 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1536 _s="$1"'='
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1537 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1538 _s="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1539 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1540 echo "$_s" | tr '_-' '/+'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1541 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1542
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1543 _time2str() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1544 #BSD
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1545 if date -u -r "$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1546 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1547 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1548
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1549 #Linux
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1550 if date -u -d@"$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1551 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1552 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1553
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1554 #Solaris
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1555 if _exists adb; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1556 _t_s_a=$(echo "0t${1}=Y" | adb)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1557 echo "$_t_s_a"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1558 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1559
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1560 #Busybox
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1561 if echo "$1" | awk '{ print strftime("%c", $0); }' 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1562 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1563 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1564 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1565
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1566 _normalizeJson() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1567 sed "s/\" *: *\([\"{\[]\)/\":\1/g" | sed "s/^ *\([^ ]\)/\1/" | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1568 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1569
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1570 _stat() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1571 #Linux
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1572 if stat -c '%U:%G' "$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1573 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1574 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1575
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1576 #BSD
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1577 if stat -f '%Su:%Sg' "$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1578 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1579 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1580
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1581 return 1 #error, 'stat' not found
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1582 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1583
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1584 #keyfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1585 _calcjwk() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1586 keyfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1587 if [ -z "$keyfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1588 _usage "Usage: _calcjwk keyfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1589 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1590 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1591
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1592 if [ "$JWK_HEADER" ] && [ "$__CACHED_JWK_KEY_FILE" = "$keyfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1593 _debug2 "Use cached jwk for file: $__CACHED_JWK_KEY_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1594 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1595 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1596
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1597 if grep "BEGIN RSA PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1598 _debug "RSA key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1599 pub_exp=$(${ACME_OPENSSL_BIN:-openssl} rsa -in "$keyfile" -noout -text | grep "^publicExponent:" | cut -d '(' -f 2 | cut -d 'x' -f 2 | cut -d ')' -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1600 if [ "${#pub_exp}" = "5" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1601 pub_exp=0$pub_exp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1602 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1603 _debug3 pub_exp "$pub_exp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1604
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1605 e=$(echo "$pub_exp" | _h2b | _base64)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1606 _debug3 e "$e"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1607
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1608 modulus=$(${ACME_OPENSSL_BIN:-openssl} rsa -in "$keyfile" -modulus -noout | cut -d '=' -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1609 _debug3 modulus "$modulus"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1610 n="$(printf "%s" "$modulus" | _h2b | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1611 _debug3 n "$n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1612
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1613 jwk='{"e": "'$e'", "kty": "RSA", "n": "'$n'"}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1614 _debug3 jwk "$jwk"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1615
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1616 JWK_HEADER='{"alg": "RS256", "jwk": '$jwk'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1617 JWK_HEADERPLACE_PART1='{"nonce": "'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1618 JWK_HEADERPLACE_PART2='", "alg": "RS256"'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1619 elif grep "BEGIN EC PRIVATE KEY" "$keyfile" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1620 _debug "EC key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1621 crv="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1622 _debug3 crv "$crv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1623 __ECC_KEY_LEN=$(echo "$crv" | cut -d "-" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1624 if [ "$__ECC_KEY_LEN" = "521" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1625 __ECC_KEY_LEN=512
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1626 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1627 _debug3 __ECC_KEY_LEN "$__ECC_KEY_LEN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1628 if [ -z "$crv" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1629 _debug "Let's try ASN1 OID"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1630 crv_oid="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep "^ASN1 OID:" | cut -d ":" -f 2 | tr -d " \r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1631 _debug3 crv_oid "$crv_oid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1632 case "${crv_oid}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1633 "prime256v1")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1634 crv="P-256"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1635 __ECC_KEY_LEN=256
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1636 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1637 "secp384r1")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1638 crv="P-384"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1639 __ECC_KEY_LEN=384
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1640 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1641 "secp521r1")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1642 crv="P-521"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1643 __ECC_KEY_LEN=512
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1644 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1645 *)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1646 _err "ECC oid : $crv_oid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1647 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1648 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1649 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1650 _debug3 crv "$crv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1651 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1652
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1653 pubi="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep -n pub: | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1654 pubi=$(_math "$pubi" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1655 _debug3 pubi "$pubi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1656
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1657 pubj="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep -n "ASN1 OID:" | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1658 pubj=$(_math "$pubj" - 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1659 _debug3 pubj "$pubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1660
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1661 pubtext="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | sed -n "$pubi,${pubj}p" | tr -d " \n\r")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1662 _debug3 pubtext "$pubtext"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1663
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1664 xlen="$(printf "%s" "$pubtext" | tr -d ':' | wc -c)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1665 xlen=$(_math "$xlen" / 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1666 _debug3 xlen "$xlen"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1667
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1668 xend=$(_math "$xlen" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1669 x="$(printf "%s" "$pubtext" | cut -d : -f 2-"$xend")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1670 _debug3 x "$x"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1671
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1672 x64="$(printf "%s" "$x" | tr -d : | _h2b | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1673 _debug3 x64 "$x64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1674
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1675 xend=$(_math "$xend" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1676 y="$(printf "%s" "$pubtext" | cut -d : -f "$xend"-10000)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1677 _debug3 y "$y"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1678
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1679 y64="$(printf "%s" "$y" | tr -d : | _h2b | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1680 _debug3 y64 "$y64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1681
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1682 jwk='{"crv": "'$crv'", "kty": "EC", "x": "'$x64'", "y": "'$y64'"}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1683 _debug3 jwk "$jwk"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1684
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1685 JWK_HEADER='{"alg": "ES'$__ECC_KEY_LEN'", "jwk": '$jwk'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1686 JWK_HEADERPLACE_PART1='{"nonce": "'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1687 JWK_HEADERPLACE_PART2='", "alg": "ES'$__ECC_KEY_LEN'"'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1688 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1689 _err "Only RSA or EC key is supported. keyfile=$keyfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1690 _debug2 "$(cat "$keyfile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1691 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1692 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1693
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1694 _debug3 JWK_HEADER "$JWK_HEADER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1695 __CACHED_JWK_KEY_FILE="$keyfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1696 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1697
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1698 _time() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1699 date -u "+%s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1700 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1701
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1702 _utc_date() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1703 date -u "+%Y-%m-%d %H:%M:%S"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1704 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1705
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1706 _mktemp() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1707 if _exists mktemp; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1708 if mktemp 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1709 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1710 elif _contains "$(mktemp 2>&1)" "-t prefix" && mktemp -t "$PROJECT_NAME" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1711 #for Mac osx
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1712 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1713 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1714 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1715 if [ -d "/tmp" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1716 echo "/tmp/${PROJECT_NAME}wefADf24sf.$(_time).tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1717 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1718 elif [ "$LE_TEMP_DIR" ] && mkdir -p "$LE_TEMP_DIR"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1719 echo "/$LE_TEMP_DIR/wefADf24sf.$(_time).tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1720 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1721 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1722 _err "Can not create temp file."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1723 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1724
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1725 _inithttp() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1726
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1727 if [ -z "$HTTP_HEADER" ] || ! touch "$HTTP_HEADER"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1728 HTTP_HEADER="$(_mktemp)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1729 _debug2 HTTP_HEADER "$HTTP_HEADER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1730 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1731
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1732 if [ "$__HTTP_INITIALIZED" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1733 if [ "$_ACME_CURL$_ACME_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1734 _debug2 "Http already initialized."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1735 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1736 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1737 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1738
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1739 if [ -z "$_ACME_CURL" ] && _exists "curl"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1740 _ACME_CURL="curl -L --silent --dump-header $HTTP_HEADER "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1741 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1742 _CURL_DUMP="$(_mktemp)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1743 _ACME_CURL="$_ACME_CURL --trace-ascii $_CURL_DUMP "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1744 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1745
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1746 if [ "$CA_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1747 _ACME_CURL="$_ACME_CURL --capath $CA_PATH "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1748 elif [ "$CA_BUNDLE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1749 _ACME_CURL="$_ACME_CURL --cacert $CA_BUNDLE "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1750 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1751
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1752 if _contains "$(curl --help 2>&1)" "--globoff"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1753 _ACME_CURL="$_ACME_CURL -g "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1754 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1755 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1756
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1757 if [ -z "$_ACME_WGET" ] && _exists "wget"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1758 _ACME_WGET="wget -q"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1759 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1760 _ACME_WGET="$_ACME_WGET -d "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1761 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1762 if [ "$CA_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1763 _ACME_WGET="$_ACME_WGET --ca-directory=$CA_PATH "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1764 elif [ "$CA_BUNDLE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1765 _ACME_WGET="$_ACME_WGET --ca-certificate=$CA_BUNDLE "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1766 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1767 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1768
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1769 #from wget 1.14: do not skip body on 404 error
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1770 if [ "$_ACME_WGET" ] && _contains "$($_ACME_WGET --help 2>&1)" "--content-on-error"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1771 _ACME_WGET="$_ACME_WGET --content-on-error "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1772 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1773
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1774 __HTTP_INITIALIZED=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1775
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1776 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1777
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1778 # body url [needbase64] [POST|PUT|DELETE] [ContentType]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1779 _post() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1780 body="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1781 _post_url="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1782 needbase64="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1783 httpmethod="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1784 _postContentType="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1785
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1786 if [ -z "$httpmethod" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1787 httpmethod="POST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1788 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1789 _debug $httpmethod
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1790 _debug "_post_url" "$_post_url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1791 _debug2 "body" "$body"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1792 _debug2 "_postContentType" "$_postContentType"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1793
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1794 _inithttp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1795
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1796 if [ "$_ACME_CURL" ] && [ "${ACME_USE_WGET:-0}" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1797 _CURL="$_ACME_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1798 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1799 _CURL="$_CURL --insecure "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1800 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1801 if [ "$httpmethod" = "HEAD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1802 _CURL="$_CURL -I "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1803 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1804 _debug "_CURL" "$_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1805 if [ "$needbase64" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1806 if [ "$body" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1807 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1808 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1809 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1810 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1811 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1812 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1813 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1814 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1815 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1816 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1817 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1818 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1819 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1820 if [ "$body" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1821 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1822 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1823 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1824 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1825 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1826 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1827 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1828 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1829 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1830 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1831 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1832 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1833 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1834 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1835 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1836 _err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1837 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1838 _err "Here is the curl dump log:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1839 _err "$(cat "$_CURL_DUMP")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1840 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1841 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1842 elif [ "$_ACME_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1843 _WGET="$_ACME_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1844 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1845 _WGET="$_WGET --no-check-certificate "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1846 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1847 if [ "$httpmethod" = "HEAD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1848 _WGET="$_WGET --read-timeout=3.0 --tries=2 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1849 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1850 _debug "_WGET" "$_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1851 if [ "$needbase64" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1852 if [ "$httpmethod" = "POST" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1853 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1854 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1855 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1856 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1857 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1858 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1859 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1860 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1861 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1862 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1863 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1864 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1865 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1866 if [ "$httpmethod" = "POST" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1867 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1868 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1869 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1870 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1871 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1872 elif [ "$httpmethod" = "HEAD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1873 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1874 response="$($_WGET --spider -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1875 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1876 response="$($_WGET --spider -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1877 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1878 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1879 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1880 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1881 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1882 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1883 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1884 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1885 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1886 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1887 if [ "$_ret" = "8" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1888 _ret=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1889 _debug "wget returns 8, the server returns a 'Bad request' response, lets process the response later."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1890 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1891 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1892 _err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1893 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1894 _sed_i "s/^ *//g" "$HTTP_HEADER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1895 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1896 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1897 _err "Neither curl nor wget is found, can not do $httpmethod."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1898 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1899 _debug "_ret" "$_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1900 printf "%s" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1901 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1902 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1903
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1904 # url getheader timeout
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1905 _get() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1906 _debug GET
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1907 url="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1908 onlyheader="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1909 t="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1910 _debug url "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1911 _debug "timeout=$t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1912
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1913 _inithttp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1914
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1915 if [ "$_ACME_CURL" ] && [ "${ACME_USE_WGET:-0}" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1916 _CURL="$_ACME_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1917 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1918 _CURL="$_CURL --insecure "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1919 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1920 if [ "$t" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1921 _CURL="$_CURL --connect-timeout $t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1922 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1923 _debug "_CURL" "$_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1924 if [ "$onlyheader" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1925 $_CURL -I --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1926 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1927 $_CURL --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1928 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1929 ret=$?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1930 if [ "$ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1931 _err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1932 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1933 _err "Here is the curl dump log:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1934 _err "$(cat "$_CURL_DUMP")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1935 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1936 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1937 elif [ "$_ACME_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1938 _WGET="$_ACME_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1939 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1940 _WGET="$_WGET --no-check-certificate "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1941 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1942 if [ "$t" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1943 _WGET="$_WGET --timeout=$t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1944 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1945 _debug "_WGET" "$_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1946 if [ "$onlyheader" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1947 $_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -S -O /dev/null "$url" 2>&1 | sed 's/^[ ]*//g'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1948 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1949 $_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -O - "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1950 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1951 ret=$?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1952 if [ "$ret" = "8" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1953 ret=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1954 _debug "wget returns 8, the server returns a 'Bad request' response, lets process the response later."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1955 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1956 if [ "$ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1957 _err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1958 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1959 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1960 ret=$?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1961 _err "Neither curl nor wget is found, can not do GET."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1962 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1963 _debug "ret" "$ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1964 return $ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1965 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1966
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1967 _head_n() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1968 head -n "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1969 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1970
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1971 _tail_n() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1972 if ! tail -n "$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1973 #fix for solaris
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1974 tail -"$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1975 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1976 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1977
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1978 # url payload needbase64 keyfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1979 _send_signed_request() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1980 url=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1981 payload=$2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1982 needbase64=$3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1983 keyfile=$4
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1984 if [ -z "$keyfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1985 keyfile="$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1986 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1987 _debug url "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1988 _debug payload "$payload"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1989
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1990 if ! _calcjwk "$keyfile"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1991 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1992 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1993
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1994 __request_conent_type="$CONTENT_TYPE_JSON"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1995
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1996 payload64=$(printf "%s" "$payload" | _base64 | _url_replace)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1997 _debug3 payload64 "$payload64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1998
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1999 MAX_REQUEST_RETRY_TIMES=20
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2000 _sleep_retry_sec=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2001 _request_retry_times=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2002 while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2003 _request_retry_times=$(_math "$_request_retry_times" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2004 _debug3 _request_retry_times "$_request_retry_times"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2005 if [ -z "$_CACHED_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2006 _headers=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2007 if [ "$ACME_NEW_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2008 _debug2 "Get nonce with HEAD. ACME_NEW_NONCE" "$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2009 nonceurl="$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2010 if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2011 _headers="$(cat "$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2012 _debug2 _headers "$_headers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2013 _CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2014 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2015 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2016 if [ -z "$_CACHED_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2017 _debug2 "Get nonce with GET. ACME_DIRECTORY" "$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2018 nonceurl="$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2019 _headers="$(_get "$nonceurl" "onlyheader")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2020 _debug2 _headers "$_headers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2021 _CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2022 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2023 if [ -z "$_CACHED_NONCE" ] && [ "$ACME_NEW_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2024 _debug2 "Get nonce with GET. ACME_NEW_NONCE" "$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2025 nonceurl="$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2026 _headers="$(_get "$nonceurl" "onlyheader")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2027 _debug2 _headers "$_headers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2028 _CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2029 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2030 _debug2 _CACHED_NONCE "$_CACHED_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2031 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2032 _err "Can not connect to $nonceurl to get nonce."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2033 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2034 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2035 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2036 _debug2 "Use _CACHED_NONCE" "$_CACHED_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2037 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2038 nonce="$_CACHED_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2039 _debug2 nonce "$nonce"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2040 if [ -z "$nonce" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2041 _info "Could not get nonce, let's try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2042 _sleep 2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2043 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2044 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2045 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2046 if [ "$url" = "$ACME_NEW_ACCOUNT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2047 protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2048 elif [ "$url" = "$ACME_REVOKE_CERT" ] && [ "$keyfile" != "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2049 protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2050 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2051 protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"kid\": \"${ACCOUNT_URL}\""'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2052 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2053 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2054 protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2055 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2056 _debug3 protected "$protected"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2057
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2058 protected64="$(printf "%s" "$protected" | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2059 _debug3 protected64 "$protected64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2060
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2061 if ! _sig_t="$(printf "%s" "$protected64.$payload64" | _sign "$keyfile" "sha256")"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2062 _err "Sign request failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2063 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2064 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2065 _debug3 _sig_t "$_sig_t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2066
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2067 sig="$(printf "%s" "$_sig_t" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2068 _debug3 sig "$sig"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2069
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2070 body="{\"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2071 _debug3 body "$body"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2072
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2073 response="$(_post "$body" "$url" "$needbase64" "POST" "$__request_conent_type")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2074 _CACHED_NONCE=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2075
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2076 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2077 _err "Can not post to $url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2078 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2079 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2080
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2081 responseHeaders="$(cat "$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2082 _debug2 responseHeaders "$responseHeaders"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2083
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2084 code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2085 _debug code "$code"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2086
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2087 _debug2 original "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2088 if echo "$responseHeaders" | grep -i "Content-Type: *application/json" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2089 response="$(echo "$response" | _normalizeJson | _json_decode)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2090 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2091 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2092
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2093 _CACHED_NONCE="$(echo "$responseHeaders" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2094
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2095 if ! _startswith "$code" "2"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2096 _body="$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2097 if [ "$needbase64" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2098 _body="$(echo "$_body" | _dbase64 multiline)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2099 _debug3 _body "$_body"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2100 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2101
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2102 if _contains "$_body" "JWS has invalid anti-replay nonce" || _contains "$_body" "JWS has an invalid anti-replay nonce"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2103 _info "It seems the CA server is busy now, let's wait and retry. Sleeping $_sleep_retry_sec seconds."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2104 _CACHED_NONCE=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2105 _sleep $_sleep_retry_sec
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2106 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2107 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2108 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2109 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2110 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2111 _info "Giving up sending to CA server after $MAX_REQUEST_RETRY_TIMES retries."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2112 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2113
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2114 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2115
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2116 #setopt "file" "opt" "=" "value" [";"]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2117 _setopt() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2118 __conf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2119 __opt="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2120 __sep="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2121 __val="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2122 __end="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2123 if [ -z "$__opt" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2124 _usage usage: _setopt '"file" "opt" "=" "value" [";"]'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2125 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2126 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2127 if [ ! -f "$__conf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2128 touch "$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2129 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2130
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2131 if grep -n "^$__opt$__sep" "$__conf" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2132 _debug3 OK
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2133 if _contains "$__val" "&"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2134 __val="$(echo "$__val" | sed 's/&/\\&/g')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2135 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2136 text="$(cat "$__conf")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2137 printf -- "%s\n" "$text" | sed "s|^$__opt$__sep.*$|$__opt$__sep$__val$__end|" >"$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2138
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2139 elif grep -n "^#$__opt$__sep" "$__conf" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2140 if _contains "$__val" "&"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2141 __val="$(echo "$__val" | sed 's/&/\\&/g')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2142 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2143 text="$(cat "$__conf")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2144 printf -- "%s\n" "$text" | sed "s|^#$__opt$__sep.*$|$__opt$__sep$__val$__end|" >"$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2145
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2146 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2147 _debug3 APP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2148 echo "$__opt$__sep$__val$__end" >>"$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2149 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2150 _debug3 "$(grep -n "^$__opt$__sep" "$__conf")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2151 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2152
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2153 #_save_conf file key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2154 #save to conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2155 _save_conf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2156 _s_c_f="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2157 _sdkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2158 _sdvalue="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2159 _b64encode="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2160 if [ "$_sdvalue" ] && [ "$_b64encode" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2161 _sdvalue="${B64CONF_START}$(printf "%s" "${_sdvalue}" | _base64)${B64CONF_END}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2162 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2163 if [ "$_s_c_f" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2164 _setopt "$_s_c_f" "$_sdkey" "=" "'$_sdvalue'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2165 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2166 _err "config file is empty, can not save $_sdkey=$_sdvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2167 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2168 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2169
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2170 #_clear_conf file key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2171 _clear_conf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2172 _c_c_f="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2173 _sdkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2174 if [ "$_c_c_f" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2175 _conf_data="$(cat "$_c_c_f")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2176 echo "$_conf_data" | sed "s/^$_sdkey *=.*$//" >"$_c_c_f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2177 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2178 _err "config file is empty, can not clear"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2179 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2180 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2181
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2182 #_read_conf file key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2183 _read_conf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2184 _r_c_f="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2185 _sdkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2186 if [ -f "$_r_c_f" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2187 _sdv="$(
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2188 eval "$(grep "^$_sdkey *=" "$_r_c_f")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2189 eval "printf \"%s\" \"\$$_sdkey\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2190 )"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2191 if _startswith "$_sdv" "${B64CONF_START}" && _endswith "$_sdv" "${B64CONF_END}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2192 _sdv="$(echo "$_sdv" | sed "s/${B64CONF_START}//" | sed "s/${B64CONF_END}//" | _dbase64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2193 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2194 printf "%s" "$_sdv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2195 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2196 _debug "config file is empty, can not read $_sdkey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2197 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2198 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2199
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2200 #_savedomainconf key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2201 #save to domain.conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2202 _savedomainconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2203 _save_conf "$DOMAIN_CONF" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2204 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2205
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2206 #_cleardomainconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2207 _cleardomainconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2208 _clear_conf "$DOMAIN_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2209 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2210
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2211 #_readdomainconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2212 _readdomainconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2213 _read_conf "$DOMAIN_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2214 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2215
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2216 #key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2217 _savedeployconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2218 _savedomainconf "SAVED_$1" "$2" "$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2219 #remove later
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2220 _cleardomainconf "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2221 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2222
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2223 #key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2224 _getdeployconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2225 _rac_key="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2226 _rac_value="$(eval echo \$"$_rac_key")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2227 if [ "$_rac_value" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2228 if _startswith "$_rac_value" '"' && _endswith "$_rac_value" '"'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2229 _debug2 "trim quotation marks"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2230 eval "export $_rac_key=$_rac_value"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2231 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2232 return 0 # do nothing
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2233 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2234 _saved=$(_readdomainconf "SAVED_$_rac_key")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2235 eval "export $_rac_key=\"$_saved\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2236 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2237
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2238 #_saveaccountconf key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2239 _saveaccountconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2240 _save_conf "$ACCOUNT_CONF_PATH" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2241 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2242
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2243 #key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2244 _saveaccountconf_mutable() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2245 _save_conf "$ACCOUNT_CONF_PATH" "SAVED_$1" "$2" "$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2246 #remove later
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2247 _clearaccountconf "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2248 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2249
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2250 #key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2251 _readaccountconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2252 _read_conf "$ACCOUNT_CONF_PATH" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2253 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2254
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2255 #key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2256 _readaccountconf_mutable() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2257 _rac_key="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2258 _readaccountconf "SAVED_$_rac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2259 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2260
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2261 #_clearaccountconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2262 _clearaccountconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2263 _clear_conf "$ACCOUNT_CONF_PATH" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2264 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2265
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2266 #_savecaconf key value
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2267 _savecaconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2268 _save_conf "$CA_CONF" "$1" "$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2269 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2270
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2271 #_readcaconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2272 _readcaconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2273 _read_conf "$CA_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2274 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2275
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2276 #_clearaccountconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2277 _clearcaconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2278 _clear_conf "$CA_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2279 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2280
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2281 # content localaddress
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2282 _startserver() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2283 content="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2284 ncaddr="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2285 _debug "content" "$content"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2286 _debug "ncaddr" "$ncaddr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2287
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2288 _debug "startserver: $$"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2289
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2290 _debug Le_HTTPPort "$Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2291 _debug Le_Listen_V4 "$Le_Listen_V4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2292 _debug Le_Listen_V6 "$Le_Listen_V6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2293
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2294 _NC="socat"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2295 if [ "$Le_Listen_V4" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2296 _NC="$_NC -4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2297 elif [ "$Le_Listen_V6" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2298 _NC="$_NC -6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2299 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2300
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2301 if [ "$DEBUG" ] && [ "$DEBUG" -gt "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2302 _NC="$_NC -d -d -v"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2303 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2304
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2305 SOCAT_OPTIONS=TCP-LISTEN:$Le_HTTPPort,crlf,reuseaddr,fork
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2306
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2307 #Adding bind to local-address
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2308 if [ "$ncaddr" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2309 SOCAT_OPTIONS="$SOCAT_OPTIONS,bind=${ncaddr}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2310 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2311
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2312 _content_len="$(printf "%s" "$content" | wc -c)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2313 _debug _content_len "$_content_len"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2314 _debug "_NC" "$_NC $SOCAT_OPTIONS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2315 $_NC $SOCAT_OPTIONS SYSTEM:"sleep 1; \
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2316 echo 'HTTP/1.0 200 OK'; \
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2317 echo 'Content-Length\: $_content_len'; \
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2318 echo ''; \
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2319 printf -- '$content';" &
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2320 serverproc="$!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2321 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2322
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2323 _stopserver() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2324 pid="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2325 _debug "pid" "$pid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2326 if [ -z "$pid" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2327 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2328 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2329
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2330 kill $pid
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2331
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2332 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2333
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2334 # sleep sec
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2335 _sleep() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2336 _sleep_sec="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2337 if [ "$__INTERACTIVE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2338 _sleep_c="$_sleep_sec"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2339 while [ "$_sleep_c" -ge "0" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2340 printf "\r \r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2341 __green "$_sleep_c"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2342 _sleep_c="$(_math "$_sleep_c" - 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2343 sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2344 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2345 printf "\r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2346 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2347 sleep "$_sleep_sec"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2348 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2349 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2350
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2351 # _starttlsserver san_a san_b port content _ncaddr acmeValidationv1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2352 _starttlsserver() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2353 _info "Starting tls server."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2354 san_a="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2355 san_b="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2356 port="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2357 content="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2358 opaddr="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2359 acmeValidationv1="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2360
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2361 _debug san_a "$san_a"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2362 _debug san_b "$san_b"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2363 _debug port "$port"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2364 _debug acmeValidationv1 "$acmeValidationv1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2365
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2366 #create key TLS_KEY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2367 if ! _createkey "2048" "$TLS_KEY"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2368 _err "Create tls validation key error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2369 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2370 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2371
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2372 #create csr
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2373 alt="$san_a"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2374 if [ "$san_b" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2375 alt="$alt,$san_b"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2376 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2377 if ! _createcsr "tls.acme.sh" "$alt" "$TLS_KEY" "$TLS_CSR" "$TLS_CONF" "$acmeValidationv1"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2378 _err "Create tls validation csr error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2379 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2380 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2381
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2382 #self signed
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2383 if ! _signcsr "$TLS_KEY" "$TLS_CSR" "$TLS_CONF" "$TLS_CERT"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2384 _err "Create tls validation cert error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2385 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2386 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2387
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2388 __S_OPENSSL="${ACME_OPENSSL_BIN:-openssl} s_server -www -cert $TLS_CERT -key $TLS_KEY "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2389 if [ "$opaddr" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2390 __S_OPENSSL="$__S_OPENSSL -accept $opaddr:$port"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2391 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2392 __S_OPENSSL="$__S_OPENSSL -accept $port"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2393 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2394
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2395 _debug Le_Listen_V4 "$Le_Listen_V4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2396 _debug Le_Listen_V6 "$Le_Listen_V6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2397 if [ "$Le_Listen_V4" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2398 __S_OPENSSL="$__S_OPENSSL -4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2399 elif [ "$Le_Listen_V6" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2400 __S_OPENSSL="$__S_OPENSSL -6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2401 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2402
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2403 if [ "$acmeValidationv1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2404 __S_OPENSSL="$__S_OPENSSL -alpn acme-tls/1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2405 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2406
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2407 _debug "$__S_OPENSSL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2408 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2409 $__S_OPENSSL -tlsextdebug &
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2410 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2411 $__S_OPENSSL >/dev/null 2>&1 &
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2412 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2413
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2414 serverproc="$!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2415 sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2416 _debug serverproc "$serverproc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2417 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2418
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2419 #file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2420 _readlink() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2421 _rf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2422 if ! readlink -f "$_rf" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2423 if _startswith "$_rf" "/"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2424 echo "$_rf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2425 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2426 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2427 echo "$(pwd)/$_rf" | _conapath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2428 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2429 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2430
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2431 _conapath() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2432 sed "s#/\./#/#g"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2433 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2434
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2435 __initHome() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2436 if [ -z "$_SCRIPT_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2437 if _exists readlink && _exists dirname; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2438 _debug "Lets find script dir."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2439 _debug "_SCRIPT_" "$_SCRIPT_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2440 _script="$(_readlink "$_SCRIPT_")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2441 _debug "_script" "$_script"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2442 _script_home="$(dirname "$_script")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2443 _debug "_script_home" "$_script_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2444 if [ -d "$_script_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2445 _SCRIPT_HOME="$_script_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2446 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2447 _err "It seems the script home is not correct:$_script_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2448 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2449 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2450 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2451
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2452 # if [ -z "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2453 # if [ -f "$DEFAULT_INSTALL_HOME/account.conf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2454 # _debug "It seems that $PROJECT_NAME is already installed in $DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2455 # LE_WORKING_DIR="$DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2456 # else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2457 # LE_WORKING_DIR="$_SCRIPT_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2458 # fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2459 # fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2460
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2461 if [ -z "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2462 _debug "Using default home:$DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2463 LE_WORKING_DIR="$DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2464 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2465 export LE_WORKING_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2466
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2467 if [ -z "$LE_CONFIG_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2468 LE_CONFIG_HOME="$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2469 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2470 _debug "Using config home:$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2471 export LE_CONFIG_HOME
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2472
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2473 _DEFAULT_ACCOUNT_CONF_PATH="$LE_CONFIG_HOME/account.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2474
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2475 if [ -z "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2476 if [ -f "$_DEFAULT_ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2477 . "$_DEFAULT_ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2478 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2479 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2480
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2481 if [ -z "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2482 ACCOUNT_CONF_PATH="$_DEFAULT_ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2483 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2484 _debug3 ACCOUNT_CONF_PATH "$ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2485 DEFAULT_LOG_FILE="$LE_CONFIG_HOME/$PROJECT_NAME.log"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2486
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2487 DEFAULT_CA_HOME="$LE_CONFIG_HOME/ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2488
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2489 if [ -z "$LE_TEMP_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2490 LE_TEMP_DIR="$LE_CONFIG_HOME/tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2491 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2492 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2493
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2494 #server
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2495 _initAPI() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2496 _api_server="${1:-$ACME_DIRECTORY}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2497 _debug "_init api for server: $_api_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2498
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2499 if [ -z "$ACME_NEW_ACCOUNT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2500 response=$(_get "$_api_server")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2501 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2502 _debug2 "response" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2503 _err "Can not init api."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2504 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2505 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2506 response=$(echo "$response" | _json_decode)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2507 _debug2 "response" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2508
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2509 ACME_KEY_CHANGE=$(echo "$response" | _egrep_o 'key-change" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2510 if [ -z "$ACME_KEY_CHANGE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2511 ACME_KEY_CHANGE=$(echo "$response" | _egrep_o 'keyChange" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2512 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2513 export ACME_KEY_CHANGE
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2514
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2515 ACME_NEW_AUTHZ=$(echo "$response" | _egrep_o 'new-authz" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2516 if [ -z "$ACME_NEW_AUTHZ" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2517 ACME_NEW_AUTHZ=$(echo "$response" | _egrep_o 'newAuthz" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2518 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2519 export ACME_NEW_AUTHZ
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2520
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2521 ACME_NEW_ORDER=$(echo "$response" | _egrep_o 'new-cert" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2522 ACME_NEW_ORDER_RES="new-cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2523 if [ -z "$ACME_NEW_ORDER" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2524 ACME_NEW_ORDER=$(echo "$response" | _egrep_o 'new-order" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2525 ACME_NEW_ORDER_RES="new-order"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2526 if [ -z "$ACME_NEW_ORDER" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2527 ACME_NEW_ORDER=$(echo "$response" | _egrep_o 'newOrder" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2528 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2529 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2530 export ACME_NEW_ORDER
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2531 export ACME_NEW_ORDER_RES
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2532
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2533 ACME_NEW_ACCOUNT=$(echo "$response" | _egrep_o 'new-reg" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2534 ACME_NEW_ACCOUNT_RES="new-reg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2535 if [ -z "$ACME_NEW_ACCOUNT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2536 ACME_NEW_ACCOUNT=$(echo "$response" | _egrep_o 'new-account" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2537 ACME_NEW_ACCOUNT_RES="new-account"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2538 if [ -z "$ACME_NEW_ACCOUNT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2539 ACME_NEW_ACCOUNT=$(echo "$response" | _egrep_o 'newAccount" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2540 if [ "$ACME_NEW_ACCOUNT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2541 export ACME_VERSION=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2542 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2543 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2544 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2545 export ACME_NEW_ACCOUNT
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2546 export ACME_NEW_ACCOUNT_RES
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2547
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2548 ACME_REVOKE_CERT=$(echo "$response" | _egrep_o 'revoke-cert" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2549 if [ -z "$ACME_REVOKE_CERT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2550 ACME_REVOKE_CERT=$(echo "$response" | _egrep_o 'revokeCert" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2551 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2552 export ACME_REVOKE_CERT
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2553
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2554 ACME_NEW_NONCE=$(echo "$response" | _egrep_o 'new-nonce" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2555 if [ -z "$ACME_NEW_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2556 ACME_NEW_NONCE=$(echo "$response" | _egrep_o 'newNonce" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2557 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2558 export ACME_NEW_NONCE
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2559
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2560 ACME_AGREEMENT=$(echo "$response" | _egrep_o 'terms-of-service" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2561 if [ -z "$ACME_AGREEMENT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2562 ACME_AGREEMENT=$(echo "$response" | _egrep_o 'termsOfService" *: *"[^"]*"' | cut -d '"' -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2563 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2564 export ACME_AGREEMENT
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2565
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2566 _debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2567 _debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2568 _debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2569 _debug "ACME_NEW_ACCOUNT" "$ACME_NEW_ACCOUNT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2570 _debug "ACME_REVOKE_CERT" "$ACME_REVOKE_CERT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2571 _debug "ACME_AGREEMENT" "$ACME_AGREEMENT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2572 _debug "ACME_NEW_NONCE" "$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2573 _debug "ACME_VERSION" "$ACME_VERSION"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2574
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2575 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2576 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2577
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2578 #[domain] [keylength or isEcc flag]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2579 _initpath() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2580 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2581 _ilength="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2582
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2583 __initHome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2584
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2585 if [ -f "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2586 . "$ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2587 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2588
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2589 if [ "$_ACME_IN_CRON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2590 if [ ! "$_USER_PATH_EXPORTED" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2591 _USER_PATH_EXPORTED=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2592 export PATH="$USER_PATH:$PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2593 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2594 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2595
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2596 if [ -z "$CA_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2597 CA_HOME="$DEFAULT_CA_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2598 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2599
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2600 if [ -z "$ACME_DIRECTORY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2601 if [ "$STAGE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2602 ACME_DIRECTORY="$DEFAULT_STAGING_CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2603 _info "Using ACME_DIRECTORY: $ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2604 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2605 default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2606 _debug default_acme_server "$default_acme_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2607 if [ "$default_acme_server" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2608 ACME_DIRECTORY="$default_acme_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2609 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2610 ACME_DIRECTORY="$DEFAULT_CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2611 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2612 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2613 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2614
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2615 _debug ACME_DIRECTORY "$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2616 _ACME_SERVER_HOST="$(echo "$ACME_DIRECTORY" | cut -d : -f 2 | tr -s / | cut -d / -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2617 _debug2 "_ACME_SERVER_HOST" "$_ACME_SERVER_HOST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2618
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2619 CA_DIR="$CA_HOME/$_ACME_SERVER_HOST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2620
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2621 _DEFAULT_CA_CONF="$CA_DIR/ca.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2622
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2623 if [ -z "$CA_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2624 CA_CONF="$_DEFAULT_CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2625 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2626 _debug3 CA_CONF "$CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2627
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2628 if [ -f "$CA_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2629 . "$CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2630 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2631
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2632 if [ -z "$ACME_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2633 ACME_DIR="/home/.acme"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2634 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2635
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2636 if [ -z "$APACHE_CONF_BACKUP_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2637 APACHE_CONF_BACKUP_DIR="$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2638 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2639
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2640 if [ -z "$USER_AGENT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2641 USER_AGENT="$DEFAULT_USER_AGENT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2642 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2643
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2644 if [ -z "$HTTP_HEADER" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2645 HTTP_HEADER="$LE_CONFIG_HOME/http.header"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2646 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2647
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2648 _OLD_ACCOUNT_KEY="$LE_WORKING_DIR/account.key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2649 _OLD_ACCOUNT_JSON="$LE_WORKING_DIR/account.json"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2650
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2651 _DEFAULT_ACCOUNT_KEY_PATH="$CA_DIR/account.key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2652 _DEFAULT_ACCOUNT_JSON_PATH="$CA_DIR/account.json"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2653 if [ -z "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2654 ACCOUNT_KEY_PATH="$_DEFAULT_ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2655 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2656
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2657 if [ -z "$ACCOUNT_JSON_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2658 ACCOUNT_JSON_PATH="$_DEFAULT_ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2659 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2660
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2661 _DEFAULT_CERT_HOME="$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2662 if [ -z "$CERT_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2663 CERT_HOME="$_DEFAULT_CERT_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2664 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2665
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2666 if [ -z "$ACME_OPENSSL_BIN" ] || [ ! -f "$ACME_OPENSSL_BIN" ] || [ ! -x "$ACME_OPENSSL_BIN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2667 ACME_OPENSSL_BIN="$DEFAULT_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2668 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2669
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2670 if [ -z "$domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2671 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2672 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2673
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2674 if [ -z "$DOMAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2675 domainhome="$CERT_HOME/$domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2676 domainhomeecc="$CERT_HOME/$domain$ECC_SUFFIX"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2677
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2678 DOMAIN_PATH="$domainhome"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2679
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2680 if _isEccKey "$_ilength"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2681 DOMAIN_PATH="$domainhomeecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2682 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2683 if [ ! -d "$domainhome" ] && [ -d "$domainhomeecc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2684 _info "The domain '$domain' seems to have a ECC cert already, please add '$(__red "--ecc")' parameter if you want to use that cert."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2685 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2686 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2687 _debug DOMAIN_PATH "$DOMAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2688 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2689
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2690 if [ -z "$DOMAIN_BACKUP_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2691 DOMAIN_BACKUP_PATH="$DOMAIN_PATH/backup"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2692 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2693
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2694 if [ -z "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2695 DOMAIN_CONF="$DOMAIN_PATH/$domain.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2696 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2697
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2698 if [ -z "$DOMAIN_SSL_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2699 DOMAIN_SSL_CONF="$DOMAIN_PATH/$domain.csr.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2700 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2701
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2702 if [ -z "$CSR_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2703 CSR_PATH="$DOMAIN_PATH/$domain.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2704 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2705 if [ -z "$CERT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2706 CERT_KEY_PATH="$DOMAIN_PATH/$domain.key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2707 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2708 if [ -z "$CERT_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2709 CERT_PATH="$DOMAIN_PATH/$domain.cer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2710 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2711 if [ -z "$CA_CERT_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2712 CA_CERT_PATH="$DOMAIN_PATH/ca.cer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2713 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2714 if [ -z "$CERT_FULLCHAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2715 CERT_FULLCHAIN_PATH="$DOMAIN_PATH/fullchain.cer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2716 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2717 if [ -z "$CERT_PFX_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2718 CERT_PFX_PATH="$DOMAIN_PATH/$domain.pfx"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2719 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2720 if [ -z "$CERT_PKCS8_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2721 CERT_PKCS8_PATH="$DOMAIN_PATH/$domain.pkcs8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2722 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2723
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2724 if [ -z "$TLS_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2725 TLS_CONF="$DOMAIN_PATH/tls.validation.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2726 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2727 if [ -z "$TLS_CERT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2728 TLS_CERT="$DOMAIN_PATH/tls.validation.cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2729 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2730 if [ -z "$TLS_KEY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2731 TLS_KEY="$DOMAIN_PATH/tls.validation.key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2732 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2733 if [ -z "$TLS_CSR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2734 TLS_CSR="$DOMAIN_PATH/tls.validation.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2735 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2736
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2737 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2738
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2739 _exec() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2740 if [ -z "$_EXEC_TEMP_ERR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2741 _EXEC_TEMP_ERR="$(_mktemp)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2742 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2743
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2744 if [ "$_EXEC_TEMP_ERR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2745 eval "$@ 2>>$_EXEC_TEMP_ERR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2746 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2747 eval "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2748 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2749 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2750
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2751 _exec_err() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2752 [ "$_EXEC_TEMP_ERR" ] && _err "$(cat "$_EXEC_TEMP_ERR")" && echo "" >"$_EXEC_TEMP_ERR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2753 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2754
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2755 _apachePath() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2756 _APACHECTL="apachectl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2757 if ! _exists apachectl; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2758 if _exists apache2ctl; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2759 _APACHECTL="apache2ctl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2760 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2761 _err "'apachectl not found. It seems that apache is not installed, or you are not root user.'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2762 _err "Please use webroot mode to try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2763 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2764 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2765 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2766
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2767 if ! _exec $_APACHECTL -V >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2768 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2769 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2770 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2771
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2772 if [ "$APACHE_HTTPD_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2773 _saveaccountconf APACHE_HTTPD_CONF "$APACHE_HTTPD_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2774 httpdconf="$APACHE_HTTPD_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2775 httpdconfname="$(basename "$httpdconfname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2776 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2777 httpdconfname="$($_APACHECTL -V | grep SERVER_CONFIG_FILE= | cut -d = -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2778 _debug httpdconfname "$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2779
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2780 if [ -z "$httpdconfname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2781 _err "Can not read apache config file."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2782 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2783 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2784
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2785 if _startswith "$httpdconfname" '/'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2786 httpdconf="$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2787 httpdconfname="$(basename "$httpdconfname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2788 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2789 httpdroot="$($_APACHECTL -V | grep HTTPD_ROOT= | cut -d = -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2790 _debug httpdroot "$httpdroot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2791 httpdconf="$httpdroot/$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2792 httpdconfname="$(basename "$httpdconfname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2793 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2794 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2795 _debug httpdconf "$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2796 _debug httpdconfname "$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2797 if [ ! -f "$httpdconf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2798 _err "Apache Config file not found" "$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2799 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2800 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2801 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2802 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2803
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2804 _restoreApache() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2805 if [ -z "$usingApache" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2806 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2807 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2808 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2809 if ! _apachePath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2810 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2811 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2812
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2813 if [ ! -f "$APACHE_CONF_BACKUP_DIR/$httpdconfname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2814 _debug "No config file to restore."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2815 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2816 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2817
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2818 cat "$APACHE_CONF_BACKUP_DIR/$httpdconfname" >"$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2819 _debug "Restored: $httpdconf."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2820 if ! _exec $_APACHECTL -t; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2821 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2822 _err "Sorry, restore apache config error, please contact me."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2823 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2824 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2825 _debug "Restored successfully."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2826 rm -f "$APACHE_CONF_BACKUP_DIR/$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2827 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2828 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2829
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2830 _setApache() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2831 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2832 if ! _apachePath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2833 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2834 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2835
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2836 #test the conf first
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2837 _info "Checking if there is an error in the apache config file before starting."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2838
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2839 if ! _exec "$_APACHECTL" -t >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2840 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2841 _err "The apache config file has error, please fix it first, then try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2842 _err "Don't worry, there is nothing changed to your system."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2843 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2844 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2845 _info "OK"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2846 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2847
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2848 #backup the conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2849 _debug "Backup apache config file" "$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2850 if ! cp "$httpdconf" "$APACHE_CONF_BACKUP_DIR/"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2851 _err "Can not backup apache config file, so abort. Don't worry, the apache config is not changed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2852 _err "This might be a bug of $PROJECT_NAME , please report issue: $PROJECT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2853 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2854 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2855 _info "JFYI, Config file $httpdconf is backuped to $APACHE_CONF_BACKUP_DIR/$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2856 _info "In case there is an error that can not be restored automatically, you may try restore it yourself."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2857 _info "The backup file will be deleted on success, just forget it."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2858
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2859 #add alias
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2860
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2861 apacheVer="$($_APACHECTL -V | grep "Server version:" | cut -d : -f 2 | cut -d " " -f 2 | cut -d '/' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2862 _debug "apacheVer" "$apacheVer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2863 apacheMajor="$(echo "$apacheVer" | cut -d . -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2864 apacheMinor="$(echo "$apacheVer" | cut -d . -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2865
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2866 if [ "$apacheVer" ] && [ "$apacheMajor$apacheMinor" -ge "24" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2867 echo "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2868 Alias /.well-known/acme-challenge $ACME_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2869 <Directory $ACME_DIR >
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2870 Require all granted
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2871 </Directory>
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2872 " >>"$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2873 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2874 echo "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2875 Alias /.well-known/acme-challenge $ACME_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2876 <Directory $ACME_DIR >
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2877 Order allow,deny
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2878 Allow from all
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2879 </Directory>
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2880 " >>"$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2881 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2882
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2883 _msg="$($_APACHECTL -t 2>&1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2884 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2885 _err "Sorry, apache config error"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2886 if _restoreApache; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2887 _err "The apache config file is restored."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2888 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2889 _err "Sorry, the apache config file can not be restored, please report bug."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2890 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2891 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2892 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2893
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2894 if [ ! -d "$ACME_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2895 mkdir -p "$ACME_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2896 chmod 755 "$ACME_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2897 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2898
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2899 if ! _exec "$_APACHECTL" graceful; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2900 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2901 _err "$_APACHECTL graceful error, please contact me."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2902 _restoreApache
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2903 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2904 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2905 usingApache="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2906 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2907 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2908
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2909 #find the real nginx conf file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2910 #backup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2911 #set the nginx conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2912 #returns the real nginx conf file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2913 _setNginx() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2914 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2915 _croot="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2916 _thumbpt="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2917
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2918 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2919 FOUND_REAL_NGINX_CONF_LN=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2920 BACKUP_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2921 _debug _croot "$_croot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2922 _start_f="$(echo "$_croot" | cut -d : -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2923 _debug _start_f "$_start_f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2924 if [ -z "$_start_f" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2925 _debug "find start conf from nginx command"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2926 if [ -z "$NGINX_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2927 if ! _exists "nginx"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2928 _err "nginx command is not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2929 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2930 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2931 NGINX_CONF="$(nginx -V 2>&1 | _egrep_o "--conf-path=[^ ]* " | tr -d " ")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2932 _debug NGINX_CONF "$NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2933 NGINX_CONF="$(echo "$NGINX_CONF" | cut -d = -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2934 _debug NGINX_CONF "$NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2935 if [ -z "$NGINX_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2936 _err "Can not find nginx conf."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2937 NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2938 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2939 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2940 if [ ! -f "$NGINX_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2941 _err "'$NGINX_CONF' doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2942 NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2943 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2944 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2945 _debug "Found nginx conf file:$NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2946 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2947 _start_f="$NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2948 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2949 _debug "Start detect nginx conf for $_d from:$_start_f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2950 if ! _checkConf "$_d" "$_start_f"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2951 _err "Can not find conf file for domain $d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2952 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2953 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2954 _info "Found conf file: $FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2955
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2956 _ln=$FOUND_REAL_NGINX_CONF_LN
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2957 _debug "_ln" "$_ln"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2958
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2959 _lnn=$(_math $_ln + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2960 _debug _lnn "$_lnn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2961 _start_tag="$(sed -n "$_lnn,${_lnn}p" "$FOUND_REAL_NGINX_CONF")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2962 _debug "_start_tag" "$_start_tag"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2963 if [ "$_start_tag" = "$NGINX_START" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2964 _info "The domain $_d is already configured, skip"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2965 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2966 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2967 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2968
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2969 mkdir -p "$DOMAIN_BACKUP_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2970 _backup_conf="$DOMAIN_BACKUP_PATH/$_d.nginx.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2971 _debug _backup_conf "$_backup_conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2972 BACKUP_NGINX_CONF="$_backup_conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2973 _info "Backup $FOUND_REAL_NGINX_CONF to $_backup_conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2974 if ! cp "$FOUND_REAL_NGINX_CONF" "$_backup_conf"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2975 _err "backup error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2976 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2977 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2978 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2979
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2980 if ! _exists "nginx"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2981 _err "nginx command is not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2982 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2983 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2984 _info "Check the nginx conf before setting up."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2985 if ! _exec "nginx -t" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2986 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2987 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2988 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2989
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2990 _info "OK, Set up nginx config file"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2991
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2992 if ! sed -n "1,${_ln}p" "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2993 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2994 _err "write nginx conf error, but don't worry, the file is restored to the original version."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2995 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2996 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2997
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2998 echo "$NGINX_START
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2999 location ~ \"^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)\$\" {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3000 default_type text/plain;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3001 return 200 \"\$1.$_thumbpt\";
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3002 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3003 #NGINX_START
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3004 " >>"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3005
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3006 if ! sed -n "${_lnn},99999p" "$_backup_conf" >>"$FOUND_REAL_NGINX_CONF"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3007 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3008 _err "write nginx conf error, but don't worry, the file is restored."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3009 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3010 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3011 _debug3 "Modified config:$(cat $FOUND_REAL_NGINX_CONF)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3012 _info "nginx conf is done, let's check it again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3013 if ! _exec "nginx -t" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3014 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3015 _err "It seems that nginx conf was broken, let's restore."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3016 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3017 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3018 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3019
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3020 _info "Reload nginx"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3021 if ! _exec "nginx -s reload" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3022 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3023 _err "It seems that nginx reload error, let's restore."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3024 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3025 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3026 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3027
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3028 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3029 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3030
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3031 #d , conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3032 _checkConf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3033 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3034 _c_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3035 _debug "Start _checkConf from:$_c_file"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3036 if [ ! -f "$2" ] && ! echo "$2" | grep '*$' >/dev/null && echo "$2" | grep '*' >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3037 _debug "wildcard"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3038 for _w_f in $2; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3039 if [ -f "$_w_f" ] && _checkConf "$1" "$_w_f"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3040 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3041 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3042 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3043 #not found
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3044 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3045 elif [ -f "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3046 _debug "single"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3047 if _isRealNginxConf "$1" "$2"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3048 _debug "$2 is found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3049 FOUND_REAL_NGINX_CONF="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3050 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3051 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3052 if cat "$2" | tr "\t" " " | grep "^ *include *.*;" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3053 _debug "Try include files"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3054 for included in $(cat "$2" | tr "\t" " " | grep "^ *include *.*;" | sed "s/include //" | tr -d " ;"); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3055 _debug "check included $included"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3056 if _checkConf "$1" "$included"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3057 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3058 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3059 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3060 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3061 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3062 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3063 _debug "$2 not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3064 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3065 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3066 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3067 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3068
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3069 #d , conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3070 _isRealNginxConf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3071 _debug "_isRealNginxConf $1 $2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3072 if [ -f "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3073 for _fln in $(tr "\t" ' ' <"$2" | grep -n "^ *server_name.* $1" | cut -d : -f 1); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3074 _debug _fln "$_fln"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3075 if [ "$_fln" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3076 _start=$(tr "\t" ' ' <"$2" | _head_n "$_fln" | grep -n "^ *server *" | grep -v server_name | _tail_n 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3077 _debug "_start" "$_start"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3078 _start_n=$(echo "$_start" | cut -d : -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3079 _start_nn=$(_math $_start_n + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3080 _debug "_start_n" "$_start_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3081 _debug "_start_nn" "$_start_nn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3082
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3083 _left="$(sed -n "${_start_nn},99999p" "$2")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3084 _debug2 _left "$_left"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3085 _end="$(echo "$_left" | tr "\t" ' ' | grep -n "^ *server *" | grep -v server_name | _head_n 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3086 _debug "_end" "$_end"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3087 if [ "$_end" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3088 _end_n=$(echo "$_end" | cut -d : -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3089 _debug "_end_n" "$_end_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3090 _seg_n=$(echo "$_left" | sed -n "1,${_end_n}p")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3091 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3092 _seg_n="$_left"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3093 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3094
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3095 _debug "_seg_n" "$_seg_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3096
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3097 _skip_ssl=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3098 for _listen_i in $(echo "$_seg_n" | tr "\t" ' ' | grep "^ *listen" | tr -d " "); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3099 if [ "$_listen_i" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3100 if [ "$(echo "$_listen_i" | _egrep_o "listen.*ssl")" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3101 _debug2 "$_listen_i is ssl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3102 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3103 _debug2 "$_listen_i is plain text"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3104 _skip_ssl=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3105 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3106 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3107 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3108 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3109
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3110 if [ "$_skip_ssl" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3111 _debug "ssl on, skip"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3112 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3113 FOUND_REAL_NGINX_CONF_LN=$_fln
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3114 _debug3 "found FOUND_REAL_NGINX_CONF_LN" "$FOUND_REAL_NGINX_CONF_LN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3115 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3116 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3117 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3118 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3119 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3120 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3121 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3122
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3123 #restore all the nginx conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3124 _restoreNginx() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3125 if [ -z "$NGINX_RESTORE_VLIST" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3126 _debug "No need to restore nginx, skip."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3127 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3128 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3129 _debug "_restoreNginx"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3130 _debug "NGINX_RESTORE_VLIST" "$NGINX_RESTORE_VLIST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3131
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3132 for ng_entry in $(echo "$NGINX_RESTORE_VLIST" | tr "$dvsep" ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3133 _debug "ng_entry" "$ng_entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3134 _nd=$(echo "$ng_entry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3135 _ngconf=$(echo "$ng_entry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3136 _ngbackupconf=$(echo "$ng_entry" | cut -d "$sep" -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3137 _info "Restoring from $_ngbackupconf to $_ngconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3138 cat "$_ngbackupconf" >"$_ngconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3139 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3140
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3141 _info "Reload nginx"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3142 if ! _exec "nginx -s reload" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3143 _exec_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3144 _err "It seems that nginx reload error, please report bug."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3145 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3146 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3147 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3148 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3149
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3150 _clearup() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3151 _stopserver "$serverproc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3152 serverproc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3153 _restoreApache
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3154 _restoreNginx
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3155 _clearupdns
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3156 if [ -z "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3157 rm -f "$TLS_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3158 rm -f "$TLS_CERT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3159 rm -f "$TLS_KEY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3160 rm -f "$TLS_CSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3161 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3162 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3163
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3164 _clearupdns() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3165 _debug "_clearupdns"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3166 _debug "dns_entries" "$dns_entries"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3167
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3168 if [ -z "$dns_entries" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3169 _debug "skip dns."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3170 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3171 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3172 _info "Removing DNS records."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3173
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3174 for entry in $dns_entries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3175 d=$(_getfield "$entry" 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3176 txtdomain=$(_getfield "$entry" 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3177 aliasDomain=$(_getfield "$entry" 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3178 _currentRoot=$(_getfield "$entry" 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3179 txt=$(_getfield "$entry" 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3180 d_api=$(_getfield "$entry" 6)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3181 _debug "d" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3182 _debug "txtdomain" "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3183 _debug "aliasDomain" "$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3184 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3185 _debug "txt" "$txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3186 _debug "d_api" "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3187 if [ "$d_api" = "$txt" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3188 d_api=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3189 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3190
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3191 if [ -z "$d_api" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3192 _info "Not Found domain api file: $d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3193 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3194 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3195
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3196 if [ "$aliasDomain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3197 txtdomain="$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3198 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3199
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3200 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3201 if ! . "$d_api"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3202 _err "Load file $d_api error. Please check your api file and try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3203 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3204 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3205
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3206 rmcommand="${_currentRoot}_rm"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3207 if ! _exists "$rmcommand"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3208 _err "It seems that your api file doesn't define $rmcommand"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3209 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3210 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3211 _info "Removing txt: $txt for domain: $txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3212 if ! $rmcommand "$txtdomain" "$txt"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3213 _err "Error removing txt for domain:$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3214 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3215 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3216 _info "Removed: Success"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3217 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3218
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3219 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3220 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3221
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3222 # webroot removelevel tokenfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3223 _clearupwebbroot() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3224 __webroot="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3225 if [ -z "$__webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3226 _debug "no webroot specified, skip"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3227 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3228 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3229
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3230 _rmpath=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3231 if [ "$2" = '1' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3232 _rmpath="$__webroot/.well-known"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3233 elif [ "$2" = '2' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3234 _rmpath="$__webroot/.well-known/acme-challenge"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3235 elif [ "$2" = '3' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3236 _rmpath="$__webroot/.well-known/acme-challenge/$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3237 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3238 _debug "Skip for removelevel:$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3239 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3240
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3241 if [ "$_rmpath" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3242 if [ "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3243 _debug "Debugging, skip removing: $_rmpath"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3244 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3245 rm -rf "$_rmpath"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3246 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3247 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3248
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3249 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3250
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3251 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3252
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3253 _on_before_issue() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3254 _chk_web_roots="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3255 _chk_main_domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3256 _chk_alt_domains="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3257 _chk_pre_hook="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3258 _chk_local_addr="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3259 _debug _on_before_issue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3260 _debug _chk_main_domain "$_chk_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3261 _debug _chk_alt_domains "$_chk_alt_domains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3262 #run pre hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3263 if [ "$_chk_pre_hook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3264 _info "Run pre hook:'$_chk_pre_hook'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3265 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3266 cd "$DOMAIN_PATH" && eval "$_chk_pre_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3267 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3268 _err "Error when run pre hook."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3269 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3270 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3271 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3272
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3273 if _hasfield "$_chk_web_roots" "$NO_VALUE"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3274 if ! _exists "socat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3275 _err "Please install socat tools first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3276 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3277 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3278 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3279
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3280 _debug Le_LocalAddress "$_chk_local_addr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3281
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3282 _index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3283 _currentRoot=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3284 _addrIndex=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3285 _w_index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3286 while true; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3287 d="$(echo "$_chk_main_domain,$_chk_alt_domains," | cut -d , -f "$_w_index")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3288 _w_index="$(_math "$_w_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3289 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3290 if [ -z "$d" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3291 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3292 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3293 _debug "Check for domain" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3294 _currentRoot="$(_getfield "$_chk_web_roots" $_index)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3295 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3296 _index=$(_math $_index + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3297 _checkport=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3298 if [ "$_currentRoot" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3299 _info "Standalone mode."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3300 if [ -z "$Le_HTTPPort" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3301 Le_HTTPPort=80
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3302 _cleardomainconf "Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3303 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3304 _savedomainconf "Le_HTTPPort" "$Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3305 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3306 _checkport="$Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3307 elif [ "$_currentRoot" = "$W_ALPN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3308 _info "Standalone alpn mode."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3309 if [ -z "$Le_TLSPort" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3310 Le_TLSPort=443
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3311 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3312 _savedomainconf "Le_TLSPort" "$Le_TLSPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3313 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3314 _checkport="$Le_TLSPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3315 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3316
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3317 if [ "$_checkport" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3318 _debug _checkport "$_checkport"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3319 _checkaddr="$(_getfield "$_chk_local_addr" $_addrIndex)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3320 _debug _checkaddr "$_checkaddr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3321
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3322 _addrIndex="$(_math $_addrIndex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3323
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3324 _netprc="$(_ss "$_checkport" | grep "$_checkport")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3325 netprc="$(echo "$_netprc" | grep "$_checkaddr")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3326 if [ -z "$netprc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3327 netprc="$(echo "$_netprc" | grep "$LOCAL_ANY_ADDRESS")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3328 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3329 if [ "$netprc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3330 _err "$netprc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3331 _err "tcp port $_checkport is already used by $(echo "$netprc" | cut -d : -f 4)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3332 _err "Please stop it first"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3333 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3334 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3335 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3336 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3337
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3338 if _hasfield "$_chk_web_roots" "apache"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3339 if ! _setApache; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3340 _err "set up apache error. Report error to me."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3341 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3342 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3343 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3344 usingApache=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3345 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3346
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3347 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3348
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3349 _on_issue_err() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3350 _chk_post_hook="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3351 _chk_vlist="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3352 _debug _on_issue_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3353
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3354 if [ "$LOG_FILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3355 _err "Please check log file for more details: $LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3356 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3357 _err "Please add '--debug' or '--log' to check more details."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3358 _err "See: $_DEBUG_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3359 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3360
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3361 #run the post hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3362 if [ "$_chk_post_hook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3363 _info "Run post hook:'$_chk_post_hook'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3364 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3365 cd "$DOMAIN_PATH" && eval "$_chk_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3366 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3367 _err "Error when run post hook."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3368 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3369 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3370 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3371
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3372 #trigger the validation to flush the pending authz
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3373 _debug2 "_chk_vlist" "$_chk_vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3374 if [ "$_chk_vlist" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3375 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3376 _debug2 "start to deactivate authz"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3377 ventries=$(echo "$_chk_vlist" | tr "$dvsep" ' ')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3378 for ventry in $ventries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3379 d=$(echo "$ventry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3380 keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3381 uri=$(echo "$ventry" | cut -d "$sep" -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3382 vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3383 _currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3384 __trigger_validation "$uri" "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3385 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3386 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3387 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3388
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3389 if [ "$_ACME_IS_RENEW" = "1" ] && _hasfield "$Le_Webroot" "$W_DNS"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3390 _err "$_DNS_MANUAL_ERR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3391 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3392
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3393 if [ "$DEBUG" ] && [ "$DEBUG" -gt "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3394 _debug "$(_dlg_versions)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3395 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3396
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3397 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3398
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3399 _on_issue_success() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3400 _chk_post_hook="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3401 _chk_renew_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3402 _debug _on_issue_success
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3403
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3404 #run the post hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3405 if [ "$_chk_post_hook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3406 _info "Run post hook:'$_chk_post_hook'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3407 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3408 export CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3409 export CERT_KEY_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3410 export CA_CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3411 export CERT_FULLCHAIN_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3412 export Le_Domain="$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3413 cd "$DOMAIN_PATH" && eval "$_chk_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3414 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3415 _err "Error when run post hook."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3416 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3417 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3418 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3419
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3420 #run renew hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3421 if [ "$_ACME_IS_RENEW" ] && [ "$_chk_renew_hook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3422 _info "Run renew hook:'$_chk_renew_hook'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3423 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3424 export CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3425 export CERT_KEY_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3426 export CA_CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3427 export CERT_FULLCHAIN_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3428 export Le_Domain="$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3429 cd "$DOMAIN_PATH" && eval "$_chk_renew_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3430 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3431 _err "Error when run renew hook."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3432 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3433 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3434 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3435
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3436 if _hasfield "$Le_Webroot" "$W_DNS" && [ -z "$FORCE_DNS_MANUAL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3437 _err "$_DNS_MANUAL_WARN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3438 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3439
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3440 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3441
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3442 #account_key_length eab-kid eab-hmac-key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3443 registeraccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3444 _account_key_length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3445 _eab_id="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3446 _eab_hmac_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3447 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3448 _regAccount "$_account_key_length" "$_eab_id" "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3449 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3450
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3451 __calcAccountKeyHash() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3452 [ -f "$ACCOUNT_KEY_PATH" ] && _digest sha256 <"$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3453 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3454
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3455 __calc_account_thumbprint() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3456 printf "%s" "$jwk" | tr -d ' ' | _digest "sha256" | _url_replace
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3457 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3458
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3459 _getAccountEmail() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3460 if [ "$ACCOUNT_EMAIL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3461 echo "$ACCOUNT_EMAIL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3462 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3463 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3464 if [ -z "$CA_EMAIL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3465 CA_EMAIL="$(_readcaconf CA_EMAIL)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3466 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3467 if [ "$CA_EMAIL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3468 echo "$CA_EMAIL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3469 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3470 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3471 _readaccountconf "ACCOUNT_EMAIL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3472 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3473
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3474 #keylength
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3475 _regAccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3476 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3477 _reg_length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3478 _eab_id="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3479 _eab_hmac_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3480 _debug3 _regAccount "$_regAccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3481 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3482
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3483 mkdir -p "$CA_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3484 if [ ! -f "$ACCOUNT_KEY_PATH" ] && [ -f "$_OLD_ACCOUNT_KEY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3485 _info "mv $_OLD_ACCOUNT_KEY to $ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3486 mv "$_OLD_ACCOUNT_KEY" "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3487 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3488
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3489 if [ ! -f "$ACCOUNT_JSON_PATH" ] && [ -f "$_OLD_ACCOUNT_JSON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3490 _info "mv $_OLD_ACCOUNT_JSON to $ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3491 mv "$_OLD_ACCOUNT_JSON" "$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3492 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3493
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3494 if [ ! -f "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3495 if ! _create_account_key "$_reg_length"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3496 _err "Create account key error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3497 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3498 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3499 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3500
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3501 if ! _calcjwk "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3502 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3503 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3504 if [ "$_eab_id" ] && [ "$_eab_hmac_key" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3505 _savecaconf CA_EAB_KEY_ID "$_eab_id"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3506 _savecaconf CA_EAB_HMAC_KEY "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3507 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3508 _eab_id=$(_readcaconf "CA_EAB_KEY_ID")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3509 _eab_hmac_key=$(_readcaconf "CA_EAB_HMAC_KEY")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3510 _secure_debug3 _eab_id "$_eab_id"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3511 _secure_debug3 _eab_hmac_key "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3512 _email="$(_getAccountEmail)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3513 if [ "$_email" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3514 _savecaconf "CA_EMAIL" "$_email"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3515 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3516 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3517 if [ "$ACME_DIRECTORY" = "$CA_ZEROSSL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3518 if [ -z "$_eab_id" ] || [ -z "$_eab_hmac_key" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3519 _info "No EAB credentials found for ZeroSSL, let's get one"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3520 if [ -z "$_email" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3521 _err "Please provide a email address for ZeroSSL account."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3522 _err "See ZeroSSL usage: $_ZEROSSL_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3523 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3524 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3525 _eabresp=$(_post "email=$_email" $_ZERO_EAB_ENDPOINT)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3526 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3527 _debug2 "$_eabresp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3528 _err "Can not get EAB credentials from ZeroSSL."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3529 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3530 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3531 _eab_id="$(echo "$_eabresp" | tr ',}' '\n' | grep '"eab_kid"' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3532 if [ -z "$_eab_id" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3533 _err "Can not resolve _eab_id"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3534 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3535 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3536 _eab_hmac_key="$(echo "$_eabresp" | tr ',}' '\n' | grep '"eab_hmac_key"' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3537 if [ -z "$_eab_hmac_key" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3538 _err "Can not resolve _eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3539 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3540 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3541 _savecaconf CA_EAB_KEY_ID "$_eab_id"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3542 _savecaconf CA_EAB_HMAC_KEY "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3543 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3544 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3545 if [ "$_eab_id" ] && [ "$_eab_hmac_key" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3546 eab_protected="{\"alg\":\"HS256\",\"kid\":\"$_eab_id\",\"url\":\"${ACME_NEW_ACCOUNT}\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3547 _debug3 eab_protected "$eab_protected"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3548
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3549 eab_protected64=$(printf "%s" "$eab_protected" | _base64 | _url_replace)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3550 _debug3 eab_protected64 "$eab_protected64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3551
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3552 eab_payload64=$(printf "%s" "$jwk" | _base64 | _url_replace)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3553 _debug3 eab_payload64 "$eab_payload64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3554
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3555 eab_sign_t="$eab_protected64.$eab_payload64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3556 _debug3 eab_sign_t "$eab_sign_t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3557
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3558 key_hex="$(_durl_replace_base64 "$_eab_hmac_key" | _dbase64 | _hex_dump | tr -d ' ')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3559 _debug3 key_hex "$key_hex"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3560
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3561 eab_signature=$(printf "%s" "$eab_sign_t" | _hmac sha256 $key_hex | _base64 | _url_replace)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3562 _debug3 eab_signature "$eab_signature"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3563
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3564 externalBinding=",\"externalAccountBinding\":{\"protected\":\"$eab_protected64\", \"payload\":\"$eab_payload64\", \"signature\":\"$eab_signature\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3565 _debug3 externalBinding "$externalBinding"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3566 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3567 if [ "$_email" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3568 email_sg="\"contact\": [\"mailto:$_email\"], "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3569 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3570 regjson="{$email_sg\"termsOfServiceAgreed\": true$externalBinding}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3571 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3572 _reg_res="$ACME_NEW_ACCOUNT_RES"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3573 regjson='{"resource": "'$_reg_res'", "terms-of-service-agreed": true, "agreement": "'$ACME_AGREEMENT'"}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3574 if [ "$_email" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3575 regjson='{"resource": "'$_reg_res'", "contact": ["mailto:'$_email'"], "terms-of-service-agreed": true, "agreement": "'$ACME_AGREEMENT'"}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3576 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3577 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3578
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3579 _info "Registering account: $ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3580
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3581 if ! _send_signed_request "${ACME_NEW_ACCOUNT}" "$regjson"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3582 _err "Register account Error: $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3583 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3584 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3585
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3586 _eabAlreadyBound=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3587 if [ "$code" = "" ] || [ "$code" = '201' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3588 echo "$response" >"$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3589 _info "Registered"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3590 elif [ "$code" = '409' ] || [ "$code" = '200' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3591 _info "Already registered"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3592 elif [ "$code" = '400' ] && _contains "$response" 'The account is not awaiting external account binding'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3593 _info "Already register EAB."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3594 _eabAlreadyBound=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3595 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3596 _err "Register account Error: $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3597 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3598 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3599
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3600 if [ -z "$_eabAlreadyBound" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3601 _debug2 responseHeaders "$responseHeaders"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3602 _accUri="$(echo "$responseHeaders" | grep -i "^Location:" | _head_n 1 | cut -d ':' -f 2- | tr -d "\r\n ")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3603 _debug "_accUri" "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3604 if [ -z "$_accUri" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3605 _err "Can not find account id url."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3606 _err "$responseHeaders"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3607 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3608 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3609 _savecaconf "ACCOUNT_URL" "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3610 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3611 ACCOUNT_URL="$(_readcaconf ACCOUNT_URL)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3612 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3613 export ACCOUNT_URL="$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3614
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3615 CA_KEY_HASH="$(__calcAccountKeyHash)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3616 _debug "Calc CA_KEY_HASH" "$CA_KEY_HASH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3617 _savecaconf CA_KEY_HASH "$CA_KEY_HASH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3618
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3619 if [ "$code" = '403' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3620 _err "It seems that the account key is already deactivated, please use a new account key."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3621 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3622 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3623
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3624 ACCOUNT_THUMBPRINT="$(__calc_account_thumbprint)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3625 _info "ACCOUNT_THUMBPRINT" "$ACCOUNT_THUMBPRINT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3626 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3627
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3628 #implement updateaccount
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3629 updateaccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3630 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3631
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3632 if [ ! -f "$ACCOUNT_KEY_PATH" ] && [ -f "$_OLD_ACCOUNT_KEY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3633 _info "mv $_OLD_ACCOUNT_KEY to $ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3634 mv "$_OLD_ACCOUNT_KEY" "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3635 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3636
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3637 if [ ! -f "$ACCOUNT_JSON_PATH" ] && [ -f "$_OLD_ACCOUNT_JSON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3638 _info "mv $_OLD_ACCOUNT_JSON to $ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3639 mv "$_OLD_ACCOUNT_JSON" "$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3640 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3641
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3642 if [ ! -f "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3643 _err "Account key is not found at: $ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3644 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3645 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3646
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3647 _accUri=$(_readcaconf "ACCOUNT_URL")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3648 _debug _accUri "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3649
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3650 if [ -z "$_accUri" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3651 _err "The account url is empty, please run '--update-account' first to update the account info first,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3652 _err "Then try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3653 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3654 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3655
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3656 if ! _calcjwk "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3657 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3658 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3659 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3660
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3661 _email="$(_getAccountEmail)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3662 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3663 if [ "$ACCOUNT_EMAIL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3664 updjson='{"contact": ["mailto:'$_email'"]}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3665 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3666 updjson='{"contact": []}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3667 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3668 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3669 # ACMEv1: Updates happen the same way a registration is done.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3670 # https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-6.3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3671 _regAccount
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3672 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3673 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3674
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3675 # this part handles ACMEv2 account updates.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3676 _send_signed_request "$_accUri" "$updjson"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3677
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3678 if [ "$code" = '200' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3679 echo "$response" >"$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3680 _info "account update success for $_accUri."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3681 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3682 _info "Error. The account was not updated."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3683 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3684 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3685 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3686
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3687 #Implement deactivate account
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3688 deactivateaccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3689 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3690
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3691 if [ ! -f "$ACCOUNT_KEY_PATH" ] && [ -f "$_OLD_ACCOUNT_KEY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3692 _info "mv $_OLD_ACCOUNT_KEY to $ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3693 mv "$_OLD_ACCOUNT_KEY" "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3694 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3695
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3696 if [ ! -f "$ACCOUNT_JSON_PATH" ] && [ -f "$_OLD_ACCOUNT_JSON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3697 _info "mv $_OLD_ACCOUNT_JSON to $ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3698 mv "$_OLD_ACCOUNT_JSON" "$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3699 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3700
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3701 if [ ! -f "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3702 _err "Account key is not found at: $ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3703 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3704 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3705
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3706 _accUri=$(_readcaconf "ACCOUNT_URL")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3707 _debug _accUri "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3708
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3709 if [ -z "$_accUri" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3710 _err "The account url is empty, please run '--update-account' first to update the account info first,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3711 _err "Then try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3712 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3713 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3714
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3715 if ! _calcjwk "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3716 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3717 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3718 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3719
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3720 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3721 _djson="{\"status\":\"deactivated\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3722 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3723 _djson="{\"resource\": \"reg\", \"status\":\"deactivated\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3724 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3725 if _send_signed_request "$_accUri" "$_djson" && _contains "$response" '"deactivated"'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3726 _info "Deactivate account success for $_accUri."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3727 _accid=$(echo "$response" | _egrep_o "\"id\" *: *[^,]*," | cut -d : -f 2 | tr -d ' ,')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3728 elif [ "$code" = "403" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3729 _info "The account is already deactivated."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3730 _accid=$(_getfield "$_accUri" "999" "/")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3731 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3732 _err "Deactivate: account failed for $_accUri."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3733 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3734 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3735
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3736 _debug "Account id: $_accid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3737 if [ "$_accid" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3738 _deactivated_account_path="$CA_DIR/deactivated/$_accid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3739 _debug _deactivated_account_path "$_deactivated_account_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3740 if mkdir -p "$_deactivated_account_path"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3741 _info "Moving deactivated account info to $_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3742 mv "$CA_CONF" "$_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3743 mv "$ACCOUNT_JSON_PATH" "$_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3744 mv "$ACCOUNT_KEY_PATH" "$_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3745 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3746 _err "Can not create dir: $_deactivated_account_path, try to remove the deactivated account key."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3747 rm -f "$CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3748 rm -f "$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3749 rm -f "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3750 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3751 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3752 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3753
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3754 # domain folder file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3755 _findHook() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3756 _hookdomain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3757 _hookcat="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3758 _hookname="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3759
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3760 if [ -f "$_SCRIPT_HOME/$_hookcat/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3761 d_api="$_SCRIPT_HOME/$_hookcat/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3762 elif [ -f "$_SCRIPT_HOME/$_hookcat/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3763 d_api="$_SCRIPT_HOME/$_hookcat/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3764 elif [ "$_hookdomain" ] && [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3765 d_api="$LE_WORKING_DIR/$_hookdomain/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3766 elif [ "$_hookdomain" ] && [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3767 d_api="$LE_WORKING_DIR/$_hookdomain/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3768 elif [ -f "$LE_WORKING_DIR/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3769 d_api="$LE_WORKING_DIR/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3770 elif [ -f "$LE_WORKING_DIR/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3771 d_api="$LE_WORKING_DIR/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3772 elif [ -f "$LE_WORKING_DIR/$_hookcat/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3773 d_api="$LE_WORKING_DIR/$_hookcat/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3774 elif [ -f "$LE_WORKING_DIR/$_hookcat/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3775 d_api="$LE_WORKING_DIR/$_hookcat/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3776 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3777
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3778 printf "%s" "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3779 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3780
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3781 #domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3782 __get_domain_new_authz() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3783 _gdnd="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3784 _info "Getting new-authz for domain" "$_gdnd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3785 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3786 _Max_new_authz_retry_times=5
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3787 _authz_i=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3788 while [ "$_authz_i" -lt "$_Max_new_authz_retry_times" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3789 _debug "Try new-authz for the $_authz_i time."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3790 if ! _send_signed_request "${ACME_NEW_AUTHZ}" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$(_idn "$_gdnd")\"}}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3791 _err "Can not get domain new authz."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3792 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3793 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3794 if _contains "$response" "No registration exists matching provided key"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3795 _err "It seems there is an error, but it's recovered now, please try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3796 _err "If you see this message for a second time, please report bug: $(__green "$PROJECT")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3797 _clearcaconf "CA_KEY_HASH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3798 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3799 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3800 if ! _contains "$response" "An error occurred while processing your request"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3801 _info "The new-authz request is ok."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3802 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3803 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3804 _authz_i="$(_math "$_authz_i" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3805 _info "The server is busy, Sleep $_authz_i to retry."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3806 _sleep "$_authz_i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3807 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3808
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3809 if [ "$_authz_i" = "$_Max_new_authz_retry_times" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3810 _err "new-authz retry reach the max $_Max_new_authz_retry_times times."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3811 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3812
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3813 if [ "$code" ] && [ "$code" != '201' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3814 _err "new-authz error: $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3815 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3816 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3817
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3818 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3819
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3820 #uri keyAuthorization
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3821 __trigger_validation() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3822 _debug2 "Trigger domain validation."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3823 _t_url="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3824 _debug2 _t_url "$_t_url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3825 _t_key_authz="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3826 _debug2 _t_key_authz "$_t_key_authz"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3827 _t_vtype="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3828 _debug2 _t_vtype "$_t_vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3829 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3830 _send_signed_request "$_t_url" "{}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3831 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3832 _send_signed_request "$_t_url" "{\"resource\": \"challenge\", \"type\": \"$_t_vtype\", \"keyAuthorization\": \"$_t_key_authz\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3833 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3834 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3835
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3836 #endpoint domain type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3837 _ns_lookup_impl() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3838 _ns_ep="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3839 _ns_domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3840 _ns_type="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3841 _debug2 "_ns_ep" "$_ns_ep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3842 _debug2 "_ns_domain" "$_ns_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3843 _debug2 "_ns_type" "$_ns_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3844
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3845 response="$(_H1="accept: application/dns-json" _get "$_ns_ep?name=$_ns_domain&type=$_ns_type")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3846 _ret=$?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3847 _debug2 "response" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3848 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3849 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3850 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3851 _answers="$(echo "$response" | tr '{}' '<>' | _egrep_o '"Answer":\[[^]]*]' | tr '<>' '\n\n')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3852 _debug2 "_answers" "$_answers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3853 echo "$_answers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3854 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3855
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3856 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3857 _ns_lookup_cf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3858 _cf_ld="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3859 _cf_ld_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3860 _cf_ep="https://cloudflare-dns.com/dns-query"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3861 _ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3862 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3863
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3864 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3865 _ns_purge_cf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3866 _cf_d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3867 _cf_d_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3868 _debug "Cloudflare purge $_cf_d_type record for domain $_cf_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3869 _cf_purl="https://cloudflare-dns.com/api/v1/purge?domain=$_cf_d&type=$_cf_d_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3870 response="$(_post "" "$_cf_purl")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3871 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3872 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3873
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3874 #checks if cf server is available
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3875 _ns_is_available_cf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3876 if _get "https://cloudflare-dns.com" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3877 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3878 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3879 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3880 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3881 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3882
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3883 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3884 _ns_lookup_google() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3885 _cf_ld="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3886 _cf_ld_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3887 _cf_ep="https://dns.google/resolve"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3888 _ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3889 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3890
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3891 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3892 _ns_lookup() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3893 if [ -z "$DOH_USE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3894 _debug "Detect dns server first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3895 if _ns_is_available_cf; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3896 _debug "Use cloudflare doh server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3897 export DOH_USE=$DOH_CLOUDFLARE
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3898 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3899 _debug "Use google doh server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3900 export DOH_USE=$DOH_GOOGLE
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3901 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3902 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3903
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3904 if [ "$DOH_USE" = "$DOH_CLOUDFLARE" ] || [ -z "$DOH_USE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3905 _ns_lookup_cf "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3906 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3907 _ns_lookup_google "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3908 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3909
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3910 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3911
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3912 #txtdomain, alias, txt
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3913 __check_txt() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3914 _c_txtdomain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3915 _c_aliasdomain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3916 _c_txt="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3917 _debug "_c_txtdomain" "$_c_txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3918 _debug "_c_aliasdomain" "$_c_aliasdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3919 _debug "_c_txt" "$_c_txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3920 _answers="$(_ns_lookup "$_c_aliasdomain" TXT)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3921 _contains "$_answers" "$_c_txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3922
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3923 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3924
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3925 #txtdomain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3926 __purge_txt() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3927 _p_txtdomain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3928 _debug _p_txtdomain "$_p_txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3929 if [ "$DOH_USE" = "$DOH_CLOUDFLARE" ] || [ -z "$DOH_USE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3930 _ns_purge_cf "$_p_txtdomain" "TXT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3931 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3932 _debug "no purge api for google dns api, just sleep 5 secs"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3933 _sleep 5
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3934 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3935
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3936 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3937
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3938 #wait and check each dns entries
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3939 _check_dns_entries() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3940 _success_txt=","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3941 _end_time="$(_time)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3942 _end_time="$(_math "$_end_time" + 1200)" #let's check no more than 20 minutes.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3943
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3944 while [ "$(_time)" -le "$_end_time" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3945 _left=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3946 for entry in $dns_entries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3947 d=$(_getfield "$entry" 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3948 txtdomain=$(_getfield "$entry" 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3949 txtdomain=$(_idn "$txtdomain")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3950 aliasDomain=$(_getfield "$entry" 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3951 aliasDomain=$(_idn "$aliasDomain")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3952 txt=$(_getfield "$entry" 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3953 d_api=$(_getfield "$entry" 6)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3954 _debug "d" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3955 _debug "txtdomain" "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3956 _debug "aliasDomain" "$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3957 _debug "txt" "$txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3958 _debug "d_api" "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3959 _info "Checking $d for $aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3960 if _contains "$_success_txt" ",$txt,"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3961 _info "Already success, continue next one."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3962 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3963 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3964
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3965 if __check_txt "$txtdomain" "$aliasDomain" "$txt"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3966 _info "Domain $d '$aliasDomain' success."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3967 _success_txt="$_success_txt,$txt,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3968 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3969 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3970 _left=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3971 _info "Not valid yet, let's wait 10 seconds and check next one."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3972 __purge_txt "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3973 if [ "$txtdomain" != "$aliasDomain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3974 __purge_txt "$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3975 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3976 _sleep 10
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3977 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3978 if [ "$_left" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3979 _info "Let's wait 10 seconds and check again".
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3980 _sleep 10
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3981 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3982 _info "All success, let's return"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3983 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3984 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3985 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3986 _info "Timed out waiting for DNS."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3987 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3988
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3989 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3990
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3991 #file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3992 _get_cert_issuers() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3993 _cfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3994 if _contains "$(${ACME_OPENSSL_BIN:-openssl} help crl2pkcs7 2>&1)" "Usage: crl2pkcs7"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3995 ${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 -nocrl -certfile $_cfile | ${ACME_OPENSSL_BIN:-openssl} pkcs7 -print_certs -text -noout | grep 'Issuer:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3996 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3997 ${ACME_OPENSSL_BIN:-openssl} x509 -in $_cfile -text -noout | grep 'Issuer:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3998 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3999 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4000
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4001 #cert issuer
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4002 _match_issuer() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4003 _cfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4004 _missuer="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4005 _fissuers="$(_get_cert_issuers $_cfile)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4006 _debug2 _fissuers "$_fissuers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4007 if _contains "$_fissuers" "$_missuer"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4008 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4009 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4010 _fissuers="$(echo "$_fissuers" | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4011 _missuer="$(echo "$_missuer" | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4012 _contains "$_fissuers" "$_missuer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4013 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4014
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4015 #webroot, domain domainlist keylength
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4016 issue() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4017 if [ -z "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4018 _usage "Usage: $PROJECT_ENTRY --issue --domain <domain.tld> --webroot <directory>"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4019 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4020 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4021 if [ -z "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4022 _usage "Please specify at least one validation method: '--webroot', '--standalone', '--apache', '--nginx' or '--dns' etc."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4023 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4024 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4025 _web_roots="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4026 _main_domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4027 _alt_domains="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4028
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4029 if _contains "$_main_domain" ","; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4030 _main_domain=$(echo "$2,$3" | cut -d , -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4031 _alt_domains=$(echo "$2,$3" | cut -d , -f 2- | sed "s/,${NO_VALUE}$//")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4032 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4033 _debug _main_domain "$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4034 _debug _alt_domains "$_alt_domains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4035
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4036 _key_length="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4037 _real_cert="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4038 _real_key="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4039 _real_ca="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4040 _reload_cmd="$8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4041 _real_fullchain="$9"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4042 _pre_hook="${10}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4043 _post_hook="${11}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4044 _renew_hook="${12}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4045 _local_addr="${13}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4046 _challenge_alias="${14}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4047 _preferred_chain="${15}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4048
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4049 if [ -z "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4050 _initpath "$_main_domain" "$_key_length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4051 mkdir -p "$DOMAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4052 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4053
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4054 if _hasfield "$_web_roots" "$W_DNS" && [ -z "$FORCE_DNS_MANUAL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4055 _err "$_DNS_MANUAL_ERROR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4056 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4057 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4058
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4059 _debug "Using ACME_DIRECTORY: $ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4060
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4061 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4062
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4063 if [ -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4064 Le_NextRenewTime=$(_readdomainconf Le_NextRenewTime)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4065 _debug Le_NextRenewTime "$Le_NextRenewTime"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4066 if [ -z "$FORCE" ] && [ "$Le_NextRenewTime" ] && [ "$(_time)" -lt "$Le_NextRenewTime" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4067 _saved_domain=$(_readdomainconf Le_Domain)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4068 _debug _saved_domain "$_saved_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4069 _saved_alt=$(_readdomainconf Le_Alt)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4070 _debug _saved_alt "$_saved_alt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4071 if [ "$_saved_domain,$_saved_alt" = "$_main_domain,$_alt_domains" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4072 _info "Domains not changed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4073 _info "Skip, Next renewal time is: $(__green "$(_readdomainconf Le_NextRenewTimeStr)")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4074 _info "Add '$(__red '--force')' to force to renew."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4075 return $RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4076 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4077 _info "Domains have changed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4078 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4079 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4080 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4081
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4082 _savedomainconf "Le_Domain" "$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4083 _savedomainconf "Le_Alt" "$_alt_domains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4084 _savedomainconf "Le_Webroot" "$_web_roots"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4085
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4086 _savedomainconf "Le_PreHook" "$_pre_hook" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4087 _savedomainconf "Le_PostHook" "$_post_hook" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4088 _savedomainconf "Le_RenewHook" "$_renew_hook" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4089
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4090 if [ "$_local_addr" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4091 _savedomainconf "Le_LocalAddress" "$_local_addr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4092 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4093 _cleardomainconf "Le_LocalAddress"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4094 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4095 if [ "$_challenge_alias" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4096 _savedomainconf "Le_ChallengeAlias" "$_challenge_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4097 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4098 _cleardomainconf "Le_ChallengeAlias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4099 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4100 if [ "$_preferred_chain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4101 _savedomainconf "Le_Preferred_Chain" "$_preferred_chain" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4102 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4103 _cleardomainconf "Le_Preferred_Chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4104 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4105
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4106 Le_API="$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4107 _savedomainconf "Le_API" "$Le_API"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4108
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4109 _info "Using CA: $ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4110 if [ "$_alt_domains" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4111 _alt_domains=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4112 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4113
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4114 if [ "$_key_length" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4115 _key_length=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4116 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4117
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4118 if ! _on_before_issue "$_web_roots" "$_main_domain" "$_alt_domains" "$_pre_hook" "$_local_addr"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4119 _err "_on_before_issue."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4120 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4121 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4122
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4123 _saved_account_key_hash="$(_readcaconf "CA_KEY_HASH")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4124 _debug2 _saved_account_key_hash "$_saved_account_key_hash"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4125
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4126 if [ -z "$ACCOUNT_URL" ] || [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4127 if ! _regAccount "$_accountkeylength"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4128 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4129 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4130 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4131 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4132 _debug "_saved_account_key_hash is not changed, skip register account."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4133 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4134
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4135 if [ -f "$CSR_PATH" ] && [ ! -f "$CERT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4136 _info "Signing from existing CSR."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4137 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4138 _key=$(_readdomainconf Le_Keylength)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4139 _debug "Read key length:$_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4140 if [ ! -f "$CERT_KEY_PATH" ] || [ "$_key_length" != "$_key" ] || [ "$Le_ForceNewDomainKey" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4141 if ! createDomainKey "$_main_domain" "$_key_length"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4142 _err "Create domain key error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4143 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4144 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4145 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4146 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4147 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4148
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4149 if ! _createcsr "$_main_domain" "$_alt_domains" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4150 _err "Create CSR error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4151 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4152 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4153 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4154 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4155 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4156
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4157 _savedomainconf "Le_Keylength" "$_key_length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4158
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4159 vlist="$Le_Vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4160 _cleardomainconf "Le_Vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4161 _info "Getting domain auth token for each domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4162 sep='#'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4163 dvsep=','
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4164 if [ -z "$vlist" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4165 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4166 #make new order request
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4167 _identifiers="{\"type\":\"dns\",\"value\":\"$(_idn "$_main_domain")\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4168 _w_index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4169 while true; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4170 d="$(echo "$_alt_domains," | cut -d , -f "$_w_index")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4171 _w_index="$(_math "$_w_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4172 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4173 if [ -z "$d" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4174 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4175 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4176 _identifiers="$_identifiers,{\"type\":\"dns\",\"value\":\"$(_idn "$d")\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4177 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4178 _debug2 _identifiers "$_identifiers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4179 if ! _send_signed_request "$ACME_NEW_ORDER" "{\"identifiers\": [$_identifiers]}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4180 _err "Create new order error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4181 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4182 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4183 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4184 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4185 Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n " | cut -d ":" -f 2-)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4186 _debug Le_LinkOrder "$Le_LinkOrder"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4187 Le_OrderFinalize="$(echo "$response" | _egrep_o '"finalize" *: *"[^"]*"' | cut -d '"' -f 4)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4188 _debug Le_OrderFinalize "$Le_OrderFinalize"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4189 if [ -z "$Le_OrderFinalize" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4190 _err "Create new order error. Le_OrderFinalize not found. $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4191 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4192 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4193 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4194 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4195
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4196 #for dns manual mode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4197 _savedomainconf "Le_OrderFinalize" "$Le_OrderFinalize"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4198
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4199 _authorizations_seg="$(echo "$response" | _json_decode | _egrep_o '"authorizations" *: *\[[^\[]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4200 _debug2 _authorizations_seg "$_authorizations_seg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4201 if [ -z "$_authorizations_seg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4202 _err "_authorizations_seg not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4203 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4204 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4205 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4206 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4207
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4208 #domain and authz map
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4209 _authorizations_map=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4210 for _authz_url in $(echo "$_authorizations_seg" | tr ',' ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4211 _debug2 "_authz_url" "$_authz_url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4212 if ! _send_signed_request "$_authz_url"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4213 _err "get to authz error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4214 _err "_authorizations_seg" "$_authorizations_seg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4215 _err "_authz_url" "$_authz_url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4216 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4217 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4218 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4219 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4220
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4221 response="$(echo "$response" | _normalizeJson)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4222 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4223 _d="$(echo "$response" | _egrep_o '"value" *: *"[^"]*"' | cut -d : -f 2 | tr -d ' "')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4224 if _contains "$response" "\"wildcard\" *: *true"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4225 _d="*.$_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4226 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4227 _debug2 _d "$_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4228 _authorizations_map="$_d,$response
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4229 $_authorizations_map"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4230 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4231 _debug2 _authorizations_map "$_authorizations_map"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4232 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4233
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4234 _index=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4235 _currentRoot=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4236 _w_index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4237 while true; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4238 d="$(echo "$_main_domain,$_alt_domains," | cut -d , -f "$_w_index")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4239 _w_index="$(_math "$_w_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4240 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4241 if [ -z "$d" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4242 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4243 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4244 _info "Getting webroot for domain" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4245 _index=$(_math $_index + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4246 _w="$(echo $_web_roots | cut -d , -f $_index)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4247 _debug _w "$_w"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4248 if [ "$_w" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4249 _currentRoot="$_w"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4250 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4251 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4252
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4253 vtype="$VTYPE_HTTP"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4254 #todo, v2 wildcard force to use dns
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4255 if _startswith "$_currentRoot" "$W_DNS"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4256 vtype="$VTYPE_DNS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4257 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4258
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4259 if [ "$_currentRoot" = "$W_ALPN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4260 vtype="$VTYPE_ALPN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4261 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4262
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4263 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4264 _idn_d="$(_idn "$d")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4265 _candidates="$(echo "$_authorizations_map" | grep -i "^$_idn_d,")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4266 _debug2 _candidates "$_candidates"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4267 if [ "$(echo "$_candidates" | wc -l)" -gt 1 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4268 for _can in $_candidates; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4269 if _startswith "$(echo "$_can" | tr '.' '|')" "$(echo "$_idn_d" | tr '.' '|'),"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4270 _candidates="$_can"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4271 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4272 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4273 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4274 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4275 response="$(echo "$_candidates" | sed "s/$_idn_d,//")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4276 _debug2 "response" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4277 if [ -z "$response" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4278 _err "get to authz error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4279 _err "_authorizations_map" "$_authorizations_map"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4280 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4281 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4282 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4283 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4284 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4285 if ! __get_domain_new_authz "$d"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4286 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4287 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4288 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4289 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4290 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4291
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4292 if [ -z "$thumbprint" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4293 thumbprint="$(__calc_account_thumbprint)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4294 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4295
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4296 entry="$(echo "$response" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4297 _debug entry "$entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4298 keyauthorization=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4299 if [ -z "$entry" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4300 if ! _startswith "$d" '*.'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4301 _debug "Not a wildcard domain, lets check whether the validation is already valid."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4302 if echo "$response" | grep '"status":"valid"' >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4303 _debug "$d is already valid."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4304 keyauthorization="$STATE_VERIFIED"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4305 _debug keyauthorization "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4306 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4307 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4308 if [ -z "$keyauthorization" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4309 _err "Error, can not get domain token entry $d for $vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4310 _supported_vtypes="$(echo "$response" | _egrep_o "\"challenges\":\[[^]]*]" | tr '{' "\n" | grep type | cut -d '"' -f 4 | tr "\n" ' ')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4311 if [ "$_supported_vtypes" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4312 _err "The supported validation types are: $_supported_vtypes, but you specified: $vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4313 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4314 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4315 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4316 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4317 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4318 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4319
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4320 if [ -z "$keyauthorization" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4321 token="$(echo "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4322 _debug token "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4323
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4324 if [ -z "$token" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4325 _err "Error, can not get domain token $entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4326 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4327 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4328 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4329 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4330 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4331 uri="$(echo "$entry" | _egrep_o '"url":"[^"]*' | cut -d '"' -f 4 | _head_n 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4332 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4333 uri="$(echo "$entry" | _egrep_o '"uri":"[^"]*' | cut -d '"' -f 4)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4334 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4335 _debug uri "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4336
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4337 if [ -z "$uri" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4338 _err "Error, can not get domain uri. $entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4339 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4340 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4341 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4342 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4343 keyauthorization="$token.$thumbprint"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4344 _debug keyauthorization "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4345
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4346 if printf "%s" "$response" | grep '"status":"valid"' >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4347 _debug "$d is already verified."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4348 keyauthorization="$STATE_VERIFIED"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4349 _debug keyauthorization "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4350 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4351 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4352
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4353 dvlist="$d$sep$keyauthorization$sep$uri$sep$vtype$sep$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4354 _debug dvlist "$dvlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4355
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4356 vlist="$vlist$dvlist$dvsep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4357
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4358 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4359 _debug vlist "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4360 #add entry
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4361 dns_entries=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4362 dnsadded=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4363 ventries=$(echo "$vlist" | tr "$dvsep" ' ')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4364 _alias_index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4365 for ventry in $ventries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4366 d=$(echo "$ventry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4367 keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4368 vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4369 _currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4370 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4371 if [ "$keyauthorization" = "$STATE_VERIFIED" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4372 _debug "$d is already verified, skip $vtype."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4373 _alias_index="$(_math "$_alias_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4374 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4375 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4376
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4377 if [ "$vtype" = "$VTYPE_DNS" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4378 dnsadded='0'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4379 _dns_root_d="$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4380 if _startswith "$_dns_root_d" "*."; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4381 _dns_root_d="$(echo "$_dns_root_d" | sed 's/*.//')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4382 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4383 _d_alias="$(_getfield "$_challenge_alias" "$_alias_index")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4384 _alias_index="$(_math "$_alias_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4385 _debug "_d_alias" "$_d_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4386 if [ "$_d_alias" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4387 if _startswith "$_d_alias" "$DNS_ALIAS_PREFIX"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4388 txtdomain="$(echo "$_d_alias" | sed "s/$DNS_ALIAS_PREFIX//")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4389 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4390 txtdomain="_acme-challenge.$_d_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4391 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4392 dns_entry="${_dns_root_d}${dvsep}_acme-challenge.$_dns_root_d$dvsep$txtdomain$dvsep$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4393 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4394 txtdomain="_acme-challenge.$_dns_root_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4395 dns_entry="${_dns_root_d}${dvsep}_acme-challenge.$_dns_root_d$dvsep$dvsep$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4396 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4397
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4398 _debug txtdomain "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4399 txt="$(printf "%s" "$keyauthorization" | _digest "sha256" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4400 _debug txt "$txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4401
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4402 d_api="$(_findHook "$_dns_root_d" $_SUB_FOLDER_DNSAPI "$_currentRoot")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4403 _debug d_api "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4404
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4405 dns_entry="$dns_entry$dvsep$txt${dvsep}$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4406 _debug2 dns_entry "$dns_entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4407 if [ "$d_api" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4408 _debug "Found domain api file: $d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4409 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4410 if [ "$_currentRoot" != "$W_DNS" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4411 _err "Can not find dns api hook for: $_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4412 _info "You need to add the txt record manually."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4413 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4414 _info "$(__red "Add the following TXT record:")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4415 _info "$(__red "Domain: '$(__green "$txtdomain")'")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4416 _info "$(__red "TXT value: '$(__green "$txt")'")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4417 _info "$(__red "Please be aware that you prepend _acme-challenge. before your domain")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4418 _info "$(__red "so the resulting subdomain will be: $txtdomain")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4419 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4420 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4421
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4422 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4423 if ! . "$d_api"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4424 _err "Load file $d_api error. Please check your api file and try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4425 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4426 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4427
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4428 addcommand="${_currentRoot}_add"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4429 if ! _exists "$addcommand"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4430 _err "It seems that your api file is not correct, it must have a function named: $addcommand"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4431 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4432 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4433 _info "Adding txt value: $txt for domain: $txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4434 if ! $addcommand "$txtdomain" "$txt"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4435 _err "Error add txt for domain:$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4436 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4437 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4438 _info "The txt record is added: Success."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4439 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4440
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4441 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4442 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4443 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4444 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4445 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4446 dns_entries="$dns_entries$dns_entry
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4447 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4448 _debug2 "$dns_entries"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4449 dnsadded='1'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4450 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4451 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4452
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4453 if [ "$dnsadded" = '0' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4454 _savedomainconf "Le_Vlist" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4455 _debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4456 _err "Please add the TXT records to the domains, and re-run with --renew."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4457 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4458 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4459 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4460 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4461
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4462 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4463
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4464 if [ "$dns_entries" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4465 if [ -z "$Le_DNSSleep" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4466 _info "Let's check each DNS record now. Sleep 20 seconds first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4467 _sleep 20
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4468 if ! _check_dns_entries; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4469 _err "check dns error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4470 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4471 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4472 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4473 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4474 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4475 _savedomainconf "Le_DNSSleep" "$Le_DNSSleep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4476 _info "Sleep $(__green $Le_DNSSleep) seconds for the txt records to take effect"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4477 _sleep "$Le_DNSSleep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4478 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4479 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4480
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4481 NGINX_RESTORE_VLIST=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4482 _debug "ok, let's start to verify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4483
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4484 _ncIndex=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4485 ventries=$(echo "$vlist" | tr "$dvsep" ' ')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4486 for ventry in $ventries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4487 d=$(echo "$ventry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4488 keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4489 uri=$(echo "$ventry" | cut -d "$sep" -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4490 vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4491 _currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4492
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4493 if [ "$keyauthorization" = "$STATE_VERIFIED" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4494 _info "$d is already verified, skip $vtype."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4495 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4496 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4497
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4498 _info "Verifying: $d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4499 _debug "d" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4500 _debug "keyauthorization" "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4501 _debug "uri" "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4502 removelevel=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4503 token="$(printf "%s" "$keyauthorization" | cut -d '.' -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4504
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4505 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4506
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4507 if [ "$vtype" = "$VTYPE_HTTP" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4508 if [ "$_currentRoot" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4509 _info "Standalone mode server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4510 _ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4511 _ncIndex="$(_math $_ncIndex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4512 _startserver "$keyauthorization" "$_ncaddr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4513 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4514 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4515 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4516 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4517 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4518 sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4519 _debug serverproc "$serverproc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4520 elif [ "$_currentRoot" = "$MODE_STATELESS" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4521 _info "Stateless mode for domain:$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4522 _sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4523 elif _startswith "$_currentRoot" "$NGINX"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4524 _info "Nginx mode for domain:$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4525 #set up nginx server
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4526 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4527 BACKUP_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4528 if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4529 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4530 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4531 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4532 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4533
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4534 if [ "$FOUND_REAL_NGINX_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4535 _realConf="$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4536 _backup="$BACKUP_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4537 _debug _realConf "$_realConf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4538 NGINX_RESTORE_VLIST="$d$sep$_realConf$sep$_backup$dvsep$NGINX_RESTORE_VLIST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4539 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4540 _sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4541 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4542 if [ "$_currentRoot" = "apache" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4543 wellknown_path="$ACME_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4544 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4545 wellknown_path="$_currentRoot/.well-known/acme-challenge"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4546 if [ ! -d "$_currentRoot/.well-known" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4547 removelevel='1'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4548 elif [ ! -d "$_currentRoot/.well-known/acme-challenge" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4549 removelevel='2'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4550 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4551 removelevel='3'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4552 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4553 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4554
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4555 _debug wellknown_path "$wellknown_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4556
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4557 _debug "writing token:$token to $wellknown_path/$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4558
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4559 mkdir -p "$wellknown_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4560
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4561 if ! printf "%s" "$keyauthorization" >"$wellknown_path/$token"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4562 _err "$d:Can not write token to file : $wellknown_path/$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4563 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4564 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4565 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4566 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4567 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4568
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4569 if [ ! "$usingApache" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4570 if webroot_owner=$(_stat "$_currentRoot"); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4571 _debug "Changing owner/group of .well-known to $webroot_owner"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4572 if ! _exec "chown -R \"$webroot_owner\" \"$_currentRoot/.well-known\""; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4573 _debug "$(cat "$_EXEC_TEMP_ERR")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4574 _exec_err >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4575 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4576 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4577 _debug "not changing owner/group of webroot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4578 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4579 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4580
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4581 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4582 elif [ "$vtype" = "$VTYPE_ALPN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4583 acmevalidationv1="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4584 _debug acmevalidationv1 "$acmevalidationv1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4585 if ! _starttlsserver "$d" "" "$Le_TLSPort" "$keyauthorization" "$_ncaddr" "$acmevalidationv1"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4586 _err "Start tls server error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4587 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4588 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4589 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4590 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4591 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4592 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4593
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4594 if ! __trigger_validation "$uri" "$keyauthorization" "$vtype"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4595 _err "$d:Can not get challenge: $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4596 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4597 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4598 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4599 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4600 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4601
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4602 if [ "$code" ] && [ "$code" != '202' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4603 if [ "$code" = '200' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4604 _debug "trigger validation code: $code"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4605 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4606 _err "$d:Challenge error: $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4607 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4608 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4609 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4610 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4611 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4612 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4613
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4614 waittimes=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4615 if [ -z "$MAX_RETRY_TIMES" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4616 MAX_RETRY_TIMES=30
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4617 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4618
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4619 while true; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4620 waittimes=$(_math "$waittimes" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4621 if [ "$waittimes" -ge "$MAX_RETRY_TIMES" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4622 _err "$d:Timeout"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4623 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4624 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4625 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4626 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4627 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4628
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4629 _debug "sleep 2 secs to verify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4630 sleep 2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4631 _debug "checking"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4632 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4633 _send_signed_request "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4634 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4635 response="$(_get "$uri")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4636 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4637 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4638 _err "$d:Verify error:$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4639 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4640 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4641 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4642 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4643 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4644 _debug2 original "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4645
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4646 response="$(echo "$response" | _normalizeJson)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4647 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4648
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4649 status=$(echo "$response" | _egrep_o '"status":"[^"]*' | cut -d : -f 2 | tr -d '"')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4650 if [ "$status" = "valid" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4651 _info "$(__green Success)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4652 _stopserver "$serverproc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4653 serverproc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4654 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4655 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4656 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4657
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4658 if [ "$status" = "invalid" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4659 error="$(echo "$response" | _egrep_o '"error":\{[^\}]*')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4660 _debug2 error "$error"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4661 errordetail="$(echo "$error" | _egrep_o '"detail": *"[^"]*' | cut -d '"' -f 4)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4662 _debug2 errordetail "$errordetail"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4663 if [ "$errordetail" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4664 _err "$d:Verify error:$errordetail"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4665 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4666 _err "$d:Verify error:$error"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4667 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4668 if [ "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4669 if [ "$vtype" = "$VTYPE_HTTP" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4670 _debug "Debug: get token url."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4671 _get "http://$d/.well-known/acme-challenge/$token" "" 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4672 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4673 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4674 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4675 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4676 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4677 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4678 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4679
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4680 if [ "$status" = "pending" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4681 _info "Pending"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4682 elif [ "$status" = "processing" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4683 _info "Processing"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4684 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4685 _err "$d:Verify error:$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4686 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4687 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4688 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4689 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4690 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4691
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4692 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4693
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4694 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4695
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4696 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4697 _info "Verify finished, start to sign."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4698 der="$(_getfile "${CSR_PATH}" "${BEGIN_CSR}" "${END_CSR}" | tr -d "\r\n" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4699
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4700 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4701 _info "Lets finalize the order."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4702 _info "Le_OrderFinalize" "$Le_OrderFinalize"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4703 if ! _send_signed_request "${Le_OrderFinalize}" "{\"csr\": \"$der\"}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4704 _err "Sign failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4705 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4706 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4707 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4708 if [ "$code" != "200" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4709 _err "Sign failed, finalize code is not 200."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4710 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4711 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4712 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4713 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4714 if [ -z "$Le_LinkOrder" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4715 Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n \t" | cut -d ":" -f 2-)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4716 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4717
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4718 _savedomainconf "Le_LinkOrder" "$Le_LinkOrder"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4719
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4720 _link_cert_retry=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4721 _MAX_CERT_RETRY=30
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4722 while [ "$_link_cert_retry" -lt "$_MAX_CERT_RETRY" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4723 if _contains "$response" "\"status\":\"valid\""; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4724 _debug "Order status is valid."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4725 Le_LinkCert="$(echo "$response" | _egrep_o '"certificate" *: *"[^"]*"' | cut -d '"' -f 4)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4726 _debug Le_LinkCert "$Le_LinkCert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4727 if [ -z "$Le_LinkCert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4728 _err "Sign error, can not find Le_LinkCert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4729 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4730 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4731 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4732 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4733 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4734 elif _contains "$response" "\"processing\""; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4735 _info "Order status is processing, lets sleep and retry."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4736 _retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *:" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4737 _debug "_retryafter" "$_retryafter"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4738 if [ "$_retryafter" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4739 _info "Retry after: $_retryafter"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4740 _sleep $_retryafter
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4741 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4742 _sleep 2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4743 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4744 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4745 _err "Sign error, wrong status"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4746 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4747 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4748 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4749 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4750 #the order is processing, so we are going to poll order status
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4751 if [ -z "$Le_LinkOrder" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4752 _err "Sign error, can not get order link location header"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4753 _err "responseHeaders" "$responseHeaders"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4754 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4755 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4756 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4757 _info "Polling order status: $Le_LinkOrder"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4758 if ! _send_signed_request "$Le_LinkOrder"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4759 _err "Sign failed, can not post to Le_LinkOrder cert:$Le_LinkOrder."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4760 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4761 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4762 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4763 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4764 _link_cert_retry="$(_math $_link_cert_retry + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4765 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4766
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4767 if [ -z "$Le_LinkCert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4768 _err "Sign failed, can not get Le_LinkCert, retry time limit."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4769 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4770 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4771 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4772 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4773 _info "Downloading cert."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4774 _info "Le_LinkCert" "$Le_LinkCert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4775 if ! _send_signed_request "$Le_LinkCert"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4776 _err "Sign failed, can not download cert:$Le_LinkCert."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4777 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4778 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4779 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4780 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4781
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4782 echo "$response" >"$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4783 _split_cert_chain "$CERT_PATH" "$CERT_FULLCHAIN_PATH" "$CA_CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4784
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4785 if [ "$_preferred_chain" ] && [ -f "$CERT_FULLCHAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4786 if ! _match_issuer "$CERT_FULLCHAIN_PATH" "$_preferred_chain"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4787 rels="$(echo "$responseHeaders" | tr -d ' <>' | grep -i "^link:" | grep -i 'rel="alternate"' | cut -d : -f 2- | cut -d ';' -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4788 _debug2 "rels" "$rels"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4789 for rel in $rels; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4790 _info "Try rel: $rel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4791 if ! _send_signed_request "$rel"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4792 _err "Sign failed, can not download cert:$rel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4793 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4794 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4795 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4796 _relcert="$CERT_PATH.alt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4797 _relfullchain="$CERT_FULLCHAIN_PATH.alt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4798 _relca="$CA_CERT_PATH.alt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4799 echo "$response" >"$_relcert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4800 _split_cert_chain "$_relcert" "$_relfullchain" "$_relca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4801 if _match_issuer "$_relfullchain" "$_preferred_chain"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4802 _info "Matched issuer in: $rel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4803 cat $_relcert >"$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4804 cat $_relfullchain >"$CERT_FULLCHAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4805 cat $_relca >"$CA_CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4806 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4807 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4808 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4809 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4810 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4811 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4812 if ! _send_signed_request "${ACME_NEW_ORDER}" "{\"resource\": \"$ACME_NEW_ORDER_RES\", \"csr\": \"$der\"}" "needbase64"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4813 _err "Sign failed. $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4814 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4815 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4816 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4817 _rcert="$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4818 Le_LinkCert="$(grep -i '^Location.*$' "$HTTP_HEADER" | _tail_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4819 echo "$BEGIN_CERT" >"$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4820
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4821 #if ! _get "$Le_LinkCert" | _base64 "multiline" >> "$CERT_PATH" ; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4822 # _debug "Get cert failed. Let's try last response."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4823 # printf -- "%s" "$_rcert" | _dbase64 "multiline" | _base64 "multiline" >> "$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4824 #fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4825
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4826 if ! printf -- "%s" "$_rcert" | _dbase64 "multiline" | _base64 "multiline" >>"$CERT_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4827 _debug "Try cert link."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4828 _get "$Le_LinkCert" | _base64 "multiline" >>"$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4829 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4830
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4831 echo "$END_CERT" >>"$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4832 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4833
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4834 _debug "Le_LinkCert" "$Le_LinkCert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4835 _savedomainconf "Le_LinkCert" "$Le_LinkCert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4836
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4837 if [ -z "$Le_LinkCert" ] || ! _checkcert "$CERT_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4838 response="$(echo "$response" | _dbase64 "multiline" | tr -d '\0' | _normalizeJson)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4839 _err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4840 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4841 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4842 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4843
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4844 if [ "$Le_LinkCert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4845 _info "$(__green "Cert success.")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4846 cat "$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4847
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4848 _info "Your cert is in $(__green " $CERT_PATH ")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4849
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4850 if [ -f "$CERT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4851 _info "Your cert key is in $(__green " $CERT_KEY_PATH ")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4852 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4853
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4854 if [ ! "$USER_PATH" ] || [ ! "$_ACME_IN_CRON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4855 USER_PATH="$PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4856 _saveaccountconf "USER_PATH" "$USER_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4857 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4858 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4859
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4860 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4861 _debug "v2 chain."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4862 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4863 cp "$CERT_PATH" "$CERT_FULLCHAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4864 Le_LinkIssuer=$(grep -i '^Link' "$HTTP_HEADER" | _head_n 1 | cut -d " " -f 2 | cut -d ';' -f 1 | tr -d '<>')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4865
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4866 if [ "$Le_LinkIssuer" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4867 if ! _contains "$Le_LinkIssuer" ":"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4868 _info "$(__red "Relative issuer link found.")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4869 Le_LinkIssuer="$_ACME_SERVER_HOST$Le_LinkIssuer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4870 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4871 _debug Le_LinkIssuer "$Le_LinkIssuer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4872 _savedomainconf "Le_LinkIssuer" "$Le_LinkIssuer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4873
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4874 _link_issuer_retry=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4875 _MAX_ISSUER_RETRY=5
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4876 while [ "$_link_issuer_retry" -lt "$_MAX_ISSUER_RETRY" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4877 _debug _link_issuer_retry "$_link_issuer_retry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4878 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4879 if _send_signed_request "$Le_LinkIssuer"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4880 echo "$response" >"$CA_CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4881 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4882 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4883 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4884 if _get "$Le_LinkIssuer" >"$CA_CERT_PATH.der"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4885 echo "$BEGIN_CERT" >"$CA_CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4886 _base64 "multiline" <"$CA_CERT_PATH.der" >>"$CA_CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4887 echo "$END_CERT" >>"$CA_CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4888 if ! _checkcert "$CA_CERT_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4889 _err "Can not get the ca cert."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4890 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4891 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4892 cat "$CA_CERT_PATH" >>"$CERT_FULLCHAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4893 rm -f "$CA_CERT_PATH.der"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4894 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4895 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4896 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4897 _link_issuer_retry=$(_math $_link_issuer_retry + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4898 _sleep "$_link_issuer_retry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4899 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4900 if [ "$_link_issuer_retry" = "$_MAX_ISSUER_RETRY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4901 _err "Max retry for issuer ca cert is reached."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4902 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4903 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4904 _debug "No Le_LinkIssuer header found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4905 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4906 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4907 [ -f "$CA_CERT_PATH" ] && _info "The intermediate CA cert is in $(__green " $CA_CERT_PATH ")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4908 [ -f "$CERT_FULLCHAIN_PATH" ] && _info "And the full chain certs is there: $(__green " $CERT_FULLCHAIN_PATH ")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4909
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4910 Le_CertCreateTime=$(_time)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4911 _savedomainconf "Le_CertCreateTime" "$Le_CertCreateTime"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4912
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4913 Le_CertCreateTimeStr=$(date -u)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4914 _savedomainconf "Le_CertCreateTimeStr" "$Le_CertCreateTimeStr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4915
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4916 if [ -z "$Le_RenewalDays" ] || [ "$Le_RenewalDays" -lt "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4917 Le_RenewalDays="$DEFAULT_RENEW"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4918 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4919 _savedomainconf "Le_RenewalDays" "$Le_RenewalDays"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4920 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4921
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4922 if [ "$CA_BUNDLE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4923 _saveaccountconf CA_BUNDLE "$CA_BUNDLE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4924 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4925 _clearaccountconf "CA_BUNDLE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4926 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4927
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4928 if [ "$CA_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4929 _saveaccountconf CA_PATH "$CA_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4930 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4931 _clearaccountconf "CA_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4932 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4933
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4934 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4935 _saveaccountconf HTTPS_INSECURE "$HTTPS_INSECURE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4936 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4937 _clearaccountconf "HTTPS_INSECURE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4938 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4939
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4940 if [ "$Le_Listen_V4" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4941 _savedomainconf "Le_Listen_V4" "$Le_Listen_V4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4942 _cleardomainconf Le_Listen_V6
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4943 elif [ "$Le_Listen_V6" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4944 _savedomainconf "Le_Listen_V6" "$Le_Listen_V6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4945 _cleardomainconf Le_Listen_V4
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4946 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4947
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4948 if [ "$Le_ForceNewDomainKey" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4949 _savedomainconf "Le_ForceNewDomainKey" "$Le_ForceNewDomainKey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4950 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4951 _cleardomainconf Le_ForceNewDomainKey
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4952 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4953
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4954 Le_NextRenewTime=$(_math "$Le_CertCreateTime" + "$Le_RenewalDays" \* 24 \* 60 \* 60)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4955
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4956 Le_NextRenewTimeStr=$(_time2str "$Le_NextRenewTime")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4957 _savedomainconf "Le_NextRenewTimeStr" "$Le_NextRenewTimeStr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4958
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4959 Le_NextRenewTime=$(_math "$Le_NextRenewTime" - 86400)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4960 _savedomainconf "Le_NextRenewTime" "$Le_NextRenewTime"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4961
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4962 if [ "$_real_cert$_real_key$_real_ca$_reload_cmd$_real_fullchain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4963 _savedomainconf "Le_RealCertPath" "$_real_cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4964 _savedomainconf "Le_RealCACertPath" "$_real_ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4965 _savedomainconf "Le_RealKeyPath" "$_real_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4966 _savedomainconf "Le_ReloadCmd" "$_reload_cmd" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4967 _savedomainconf "Le_RealFullChainPath" "$_real_fullchain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4968 if ! _installcert "$_main_domain" "$_real_cert" "$_real_key" "$_real_ca" "$_real_fullchain" "$_reload_cmd"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4969 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4970 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4971 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4972
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4973 if ! _on_issue_success "$_post_hook" "$_renew_hook"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4974 _err "Call hook error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4975 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4976 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4977 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4978
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4979 #in_out_cert out_fullchain out_ca
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4980 _split_cert_chain() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4981 _certf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4982 _fullchainf="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4983 _caf="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4984 if [ "$(grep -- "$BEGIN_CERT" "$_certf" | wc -l)" -gt "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4985 _debug "Found cert chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4986 cat "$_certf" >"$_fullchainf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4987 _end_n="$(grep -n -- "$END_CERT" "$_fullchainf" | _head_n 1 | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4988 _debug _end_n "$_end_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4989 sed -n "1,${_end_n}p" "$_fullchainf" >"$_certf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4990 _end_n="$(_math $_end_n + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4991 sed -n "${_end_n},9999p" "$_fullchainf" >"$_caf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4992 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4993 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4994
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4995 #domain [isEcc]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4996 renew() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4997 Le_Domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4998 if [ -z "$Le_Domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4999 _usage "Usage: $PROJECT_ENTRY --renew --domain <domain.tld> [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5000 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5001 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5002
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5003 _isEcc="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5004
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5005 _initpath "$Le_Domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5006
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5007 _info "$(__green "Renew: '$Le_Domain'")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5008 if [ ! -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5009 _info "'$Le_Domain' is not an issued domain, skip."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5010 return $RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5011 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5012
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5013 if [ "$Le_RenewalDays" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5014 _savedomainconf Le_RenewalDays "$Le_RenewalDays"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5015 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5016
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5017 . "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5018 _debug Le_API "$Le_API"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5019
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5020 if [ "$Le_API" = "$LETSENCRYPT_CA_V1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5021 _cleardomainconf Le_API
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5022 Le_API="$DEFAULT_CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5023 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5024 if [ "$Le_API" = "$LETSENCRYPT_STAGING_CA_V1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5025 _cleardomainconf Le_API
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5026 Le_API="$DEFAULT_STAGING_CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5027 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5028
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5029 if [ "$Le_API" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5030 export ACME_DIRECTORY="$Le_API"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5031 #reload ca configs
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5032 ACCOUNT_KEY_PATH=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5033 ACCOUNT_JSON_PATH=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5034 CA_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5035 _debug3 "initpath again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5036 _initpath "$Le_Domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5037 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5038
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5039 if [ -z "$FORCE" ] && [ "$Le_NextRenewTime" ] && [ "$(_time)" -lt "$Le_NextRenewTime" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5040 _info "Skip, Next renewal time is: $(__green "$Le_NextRenewTimeStr")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5041 _info "Add '$(__red '--force')' to force to renew."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5042 return "$RENEW_SKIP"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5043 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5044
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5045 if [ "$_ACME_IN_CRON" = "1" ] && [ -z "$Le_CertCreateTime" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5046 _info "Skip invalid cert for: $Le_Domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5047 return $RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5048 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5049
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5050 _ACME_IS_RENEW="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5051 Le_ReloadCmd="$(_readdomainconf Le_ReloadCmd)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5052 Le_PreHook="$(_readdomainconf Le_PreHook)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5053 Le_PostHook="$(_readdomainconf Le_PostHook)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5054 Le_RenewHook="$(_readdomainconf Le_RenewHook)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5055 Le_Preferred_Chain="$(_readdomainconf Le_Preferred_Chain)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5056 issue "$Le_Webroot" "$Le_Domain" "$Le_Alt" "$Le_Keylength" "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath" "$Le_PreHook" "$Le_PostHook" "$Le_RenewHook" "$Le_LocalAddress" "$Le_ChallengeAlias" "$Le_Preferred_Chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5057 res="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5058 if [ "$res" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5059 return "$res"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5060 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5061
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5062 if [ "$Le_DeployHook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5063 _deploy "$Le_Domain" "$Le_DeployHook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5064 res="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5065 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5066
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5067 _ACME_IS_RENEW=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5068
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5069 return "$res"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5070 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5071
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5072 #renewAll [stopRenewOnError]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5073 renewAll() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5074 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5075 _stopRenewOnError="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5076 _debug "_stopRenewOnError" "$_stopRenewOnError"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5077 _ret="0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5078 _success_msg=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5079 _error_msg=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5080 _skipped_msg=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5081 _error_level=$NOTIFY_LEVEL_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5082 _notify_code=$RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5083 _set_level=${NOTIFY_LEVEL:-$NOTIFY_LEVEL_DEFAULT}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5084 _debug "_set_level" "$_set_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5085 for di in "${CERT_HOME}"/*.*/; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5086 _debug di "$di"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5087 if ! [ -d "$di" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5088 _debug "Not a directory, skip: $di"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5089 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5090 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5091 d=$(basename "$di")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5092 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5093 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5094 if _endswith "$d" "$ECC_SUFFIX"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5095 _isEcc=$(echo "$d" | cut -d "$ECC_SEP" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5096 d=$(echo "$d" | cut -d "$ECC_SEP" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5097 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5098 renew "$d" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5099 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5100 rc="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5101 _debug "Return code: $rc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5102 if [ "$rc" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5103 if [ $_error_level -gt $NOTIFY_LEVEL_RENEW ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5104 _error_level="$NOTIFY_LEVEL_RENEW"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5105 _notify_code=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5106 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5107 if [ "$_ACME_IN_CRON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5108 if [ $_set_level -ge $NOTIFY_LEVEL_RENEW ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5109 if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5110 _send_notify "Renew $d success" "Good, the cert is renewed." "$NOTIFY_HOOK" 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5111 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5112 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5113 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5114 _success_msg="${_success_msg} $d
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5115 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5116 elif [ "$rc" = "$RENEW_SKIP" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5117 if [ $_error_level -gt $NOTIFY_LEVEL_SKIP ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5118 _error_level="$NOTIFY_LEVEL_SKIP"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5119 _notify_code=$RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5120 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5121 if [ "$_ACME_IN_CRON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5122 if [ $_set_level -ge $NOTIFY_LEVEL_SKIP ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5123 if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5124 _send_notify "Renew $d skipped" "Good, the cert is skipped." "$NOTIFY_HOOK" "$RENEW_SKIP"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5125 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5126 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5127 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5128 _info "Skipped $d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5129 _skipped_msg="${_skipped_msg} $d
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5130 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5131 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5132 if [ $_error_level -gt $NOTIFY_LEVEL_ERROR ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5133 _error_level="$NOTIFY_LEVEL_ERROR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5134 _notify_code=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5135 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5136 if [ "$_ACME_IN_CRON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5137 if [ $_set_level -ge $NOTIFY_LEVEL_ERROR ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5138 if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5139 _send_notify "Renew $d error" "There is an error." "$NOTIFY_HOOK" 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5140 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5141 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5142 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5143 _error_msg="${_error_msg} $d
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5144 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5145 if [ "$_stopRenewOnError" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5146 _err "Error renew $d, stop now."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5147 _ret="$rc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5148 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5149 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5150 _ret="$rc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5151 _err "Error renew $d."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5152 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5153 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5154 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5155 _debug _error_level "$_error_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5156 _debug _set_level "$_set_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5157 if [ "$_ACME_IN_CRON" ] && [ $_error_level -le $_set_level ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5158 if [ -z "$NOTIFY_MODE" ] || [ "$NOTIFY_MODE" = "$NOTIFY_MODE_BULK" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5159 _msg_subject="Renew"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5160 if [ "$_error_msg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5161 _msg_subject="${_msg_subject} Error"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5162 _msg_data="Error certs:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5163 ${_error_msg}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5164 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5165 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5166 if [ "$_success_msg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5167 _msg_subject="${_msg_subject} Success"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5168 _msg_data="${_msg_data}Success certs:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5169 ${_success_msg}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5170 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5171 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5172 if [ "$_skipped_msg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5173 _msg_subject="${_msg_subject} Skipped"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5174 _msg_data="${_msg_data}Skipped certs:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5175 ${_skipped_msg}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5176 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5177 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5178
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5179 _send_notify "$_msg_subject" "$_msg_data" "$NOTIFY_HOOK" "$_notify_code"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5180 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5181 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5182
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5183 return "$_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5184 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5185
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5186 #csr webroot
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5187 signcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5188 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5189 _csrW="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5190 if [ -z "$_csrfile" ] || [ -z "$_csrW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5191 _usage "Usage: $PROJECT_ENTRY --sign-csr --csr <csr-file> --webroot <directory>"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5192 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5193 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5194
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5195 _real_cert="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5196 _real_key="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5197 _real_ca="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5198 _reload_cmd="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5199 _real_fullchain="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5200 _pre_hook="${8}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5201 _post_hook="${9}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5202 _renew_hook="${10}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5203 _local_addr="${11}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5204 _challenge_alias="${12}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5205
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5206 _csrsubj=$(_readSubjectFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5207 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5208 _err "Can not read subject from csr: $_csrfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5209 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5210 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5211 _debug _csrsubj "$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5212 if _contains "$_csrsubj" ' ' || ! _contains "$_csrsubj" '.'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5213 _info "It seems that the subject: $_csrsubj is not a valid domain name. Drop it."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5214 _csrsubj=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5215 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5216
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5217 _csrdomainlist=$(_readSubjectAltNamesFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5218 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5219 _err "Can not read domain list from csr: $_csrfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5220 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5221 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5222 _debug "_csrdomainlist" "$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5223
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5224 if [ -z "$_csrsubj" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5225 _csrsubj="$(_getfield "$_csrdomainlist" 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5226 _debug _csrsubj "$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5227 _csrdomainlist="$(echo "$_csrdomainlist" | cut -d , -f 2-)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5228 _debug "_csrdomainlist" "$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5229 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5230
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5231 if [ -z "$_csrsubj" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5232 _err "Can not read subject from csr: $_csrfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5233 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5234 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5235
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5236 _csrkeylength=$(_readKeyLengthFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5237 if [ "$?" != "0" ] || [ -z "$_csrkeylength" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5238 _err "Can not read key length from csr: $_csrfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5239 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5240 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5241
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5242 if [ -z "$ACME_VERSION" ] && _contains "$_csrsubj,$_csrdomainlist" "*."; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5243 export ACME_VERSION=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5244 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5245 _initpath "$_csrsubj" "$_csrkeylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5246 mkdir -p "$DOMAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5247
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5248 _info "Copy csr to: $CSR_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5249 cp "$_csrfile" "$CSR_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5250
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5251 issue "$_csrW" "$_csrsubj" "$_csrdomainlist" "$_csrkeylength" "$_real_cert" "$_real_key" "$_real_ca" "$_reload_cmd" "$_real_fullchain" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_addr" "$_challenge_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5252
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5253 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5254
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5255 showcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5256 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5257 _csrd="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5258 if [ -z "$_csrfile" ] && [ -z "$_csrd" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5259 _usage "Usage: $PROJECT_ENTRY --show-csr --csr <csr-file>"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5260 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5261 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5262
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5263 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5264
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5265 _csrsubj=$(_readSubjectFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5266 if [ "$?" != "0" ] || [ -z "$_csrsubj" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5267 _err "Can not read subject from csr: $_csrfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5268 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5269 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5270
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5271 _info "Subject=$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5272
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5273 _csrdomainlist=$(_readSubjectAltNamesFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5274 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5275 _err "Can not read domain list from csr: $_csrfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5276 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5277 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5278 _debug "_csrdomainlist" "$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5279
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5280 _info "SubjectAltNames=$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5281
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5282 _csrkeylength=$(_readKeyLengthFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5283 if [ "$?" != "0" ] || [ -z "$_csrkeylength" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5284 _err "Can not read key length from csr: $_csrfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5285 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5286 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5287 _info "KeyLength=$_csrkeylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5288 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5289
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5290 #listraw domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5291 list() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5292 _raw="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5293 _domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5294 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5295
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5296 _sep="|"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5297 if [ "$_raw" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5298 if [ -z "$_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5299 printf "%s\n" "Main_Domain${_sep}KeyLength${_sep}SAN_Domains${_sep}CA${_sep}Created${_sep}Renew"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5300 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5301 for di in "${CERT_HOME}"/*.*/; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5302 d=$(basename "$di")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5303 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5304 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5305 if _endswith "$d" "$ECC_SUFFIX"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5306 _isEcc="ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5307 d=$(echo "$d" | cut -d "$ECC_SEP" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5308 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5309 DOMAIN_CONF="$di/$d.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5310 if [ -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5311 . "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5312 _ca="$(_getCAShortName "$Le_API")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5313 if [ -z "$_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5314 printf "%s\n" "$Le_Domain${_sep}\"$Le_Keylength\"${_sep}$Le_Alt${_sep}$_ca${_sep}$Le_CertCreateTimeStr${_sep}$Le_NextRenewTimeStr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5315 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5316 if [ "$_domain" = "$d" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5317 cat "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5318 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5319 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5320 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5321 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5322 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5323 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5324 if _exists column; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5325 list "raw" "$_domain" | column -t -s "$_sep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5326 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5327 list "raw" "$_domain" | tr "$_sep" '\t'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5328 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5329 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5330
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5331 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5332
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5333 _deploy() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5334 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5335 _hooks="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5336
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5337 for _d_api in $(echo "$_hooks" | tr ',' " "); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5338 _deployApi="$(_findHook "$_d" $_SUB_FOLDER_DEPLOY "$_d_api")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5339 if [ -z "$_deployApi" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5340 _err "The deploy hook $_d_api is not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5341 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5342 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5343 _debug _deployApi "$_deployApi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5344
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5345 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5346 if ! . "$_deployApi"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5347 _err "Load file $_deployApi error. Please check your api file and try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5348 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5349 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5350
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5351 d_command="${_d_api}_deploy"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5352 if ! _exists "$d_command"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5353 _err "It seems that your api file is not correct, it must have a function named: $d_command"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5354 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5355 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5356
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5357 if ! $d_command "$_d" "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$CERT_FULLCHAIN_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5358 _err "Error deploy for domain:$_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5359 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5360 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5361 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5362 _err "Deploy error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5363 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5364 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5365 _info "$(__green Success)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5366 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5367 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5368 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5369
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5370 #domain hooks
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5371 deploy() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5372 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5373 _hooks="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5374 _isEcc="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5375 if [ -z "$_hooks" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5376 _usage "Usage: $PROJECT_ENTRY --deploy --domain <domain.tld> --deploy-hook <hookname> [--ecc] "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5377 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5378 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5379
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5380 _initpath "$_d" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5381 if [ ! -d "$DOMAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5382 _err "The domain '$_d' is not a cert name. You must use the cert name to specify the cert to install."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5383 _err "Can not find path:'$DOMAIN_PATH'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5384 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5385 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5386
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5387 . "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5388
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5389 _savedomainconf Le_DeployHook "$_hooks"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5390
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5391 _deploy "$_d" "$_hooks"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5392 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5393
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5394 installcert() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5395 _main_domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5396 if [ -z "$_main_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5397 _usage "Usage: $PROJECT_ENTRY --install-cert --domain <domain.tld> [--ecc] [--cert-file <file>] [--key-file <file>] [--ca-file <file>] [ --reloadcmd <command>] [--fullchain-file <file>]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5398 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5399 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5400
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5401 _real_cert="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5402 _real_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5403 _real_ca="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5404 _reload_cmd="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5405 _real_fullchain="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5406 _isEcc="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5407
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5408 _initpath "$_main_domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5409 if [ ! -d "$DOMAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5410 _err "The domain '$_main_domain' is not a cert name. You must use the cert name to specify the cert to install."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5411 _err "Can not find path:'$DOMAIN_PATH'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5412 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5413 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5414
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5415 _savedomainconf "Le_RealCertPath" "$_real_cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5416 _savedomainconf "Le_RealCACertPath" "$_real_ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5417 _savedomainconf "Le_RealKeyPath" "$_real_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5418 _savedomainconf "Le_ReloadCmd" "$_reload_cmd" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5419 _savedomainconf "Le_RealFullChainPath" "$_real_fullchain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5420
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5421 _installcert "$_main_domain" "$_real_cert" "$_real_key" "$_real_ca" "$_real_fullchain" "$_reload_cmd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5422 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5423
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5424 #domain cert key ca fullchain reloadcmd backup-prefix
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5425 _installcert() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5426 _main_domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5427 _real_cert="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5428 _real_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5429 _real_ca="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5430 _real_fullchain="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5431 _reload_cmd="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5432 _backup_prefix="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5433
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5434 if [ "$_real_cert" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5435 _real_cert=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5436 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5437 if [ "$_real_key" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5438 _real_key=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5439 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5440 if [ "$_real_ca" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5441 _real_ca=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5442 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5443 if [ "$_reload_cmd" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5444 _reload_cmd=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5445 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5446 if [ "$_real_fullchain" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5447 _real_fullchain=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5448 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5449
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5450 _backup_path="$DOMAIN_BACKUP_PATH/$_backup_prefix"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5451 mkdir -p "$_backup_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5452
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5453 if [ "$_real_cert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5454 _info "Installing cert to:$_real_cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5455 if [ -f "$_real_cert" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5456 cp "$_real_cert" "$_backup_path/cert.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5457 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5458 cat "$CERT_PATH" >"$_real_cert" || return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5459 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5460
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5461 if [ "$_real_ca" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5462 _info "Installing CA to:$_real_ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5463 if [ "$_real_ca" = "$_real_cert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5464 echo "" >>"$_real_ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5465 cat "$CA_CERT_PATH" >>"$_real_ca" || return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5466 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5467 if [ -f "$_real_ca" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5468 cp "$_real_ca" "$_backup_path/ca.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5469 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5470 cat "$CA_CERT_PATH" >"$_real_ca" || return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5471 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5472 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5473
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5474 if [ "$_real_key" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5475 _info "Installing key to:$_real_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5476 if [ -f "$_real_key" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5477 cp "$_real_key" "$_backup_path/key.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5478 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5479 if [ -f "$_real_key" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5480 cat "$CERT_KEY_PATH" >"$_real_key" || return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5481 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5482 cat "$CERT_KEY_PATH" >"$_real_key" || return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5483 chmod 600 "$_real_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5484 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5485 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5486
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5487 if [ "$_real_fullchain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5488 _info "Installing full chain to:$_real_fullchain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5489 if [ -f "$_real_fullchain" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5490 cp "$_real_fullchain" "$_backup_path/fullchain.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5491 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5492 cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5493 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5494
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5495 if [ "$_reload_cmd" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5496 _info "Run reload cmd: $_reload_cmd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5497 if (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5498 export CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5499 export CERT_KEY_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5500 export CA_CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5501 export CERT_FULLCHAIN_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5502 export Le_Domain="$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5503 cd "$DOMAIN_PATH" && eval "$_reload_cmd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5504 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5505 _info "$(__green "Reload success")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5506 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5507 _err "Reload error for :$Le_Domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5508 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5509 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5510
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5511 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5512
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5513 __read_password() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5514 unset _pp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5515 prompt="Enter Password:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5516 while IFS= read -p "$prompt" -r -s -n 1 char; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5517 if [ "$char" = $'\0' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5518 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5519 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5520 prompt='*'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5521 _pp="$_pp$char"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5522 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5523 echo "$_pp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5524 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5525
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5526 _install_win_taskscheduler() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5527 _lesh="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5528 _centry="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5529 _randomminute="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5530 if ! _exists cygpath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5531 _err "cygpath not found"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5532 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5533 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5534 if ! _exists schtasks; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5535 _err "schtasks.exe is not found, are you on Windows?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5536 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5537 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5538 _winbash="$(cygpath -w $(which bash))"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5539 _debug _winbash "$_winbash"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5540 if [ -z "$_winbash" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5541 _err "can not find bash path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5542 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5543 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5544 _myname="$(whoami)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5545 _debug "_myname" "$_myname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5546 if [ -z "$_myname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5547 _err "can not find my user name"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5548 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5549 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5550 _debug "_lesh" "$_lesh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5551
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5552 _info "To install scheduler task in your Windows account, you must input your windows password."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5553 _info "$PROJECT_NAME doesn't save your password."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5554 _info "Please input your Windows password for: $(__green "$_myname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5555 _password="$(__read_password)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5556 #SCHTASKS.exe '/create' '/SC' 'DAILY' '/TN' "$_WINDOWS_SCHEDULER_NAME" '/F' '/ST' "00:$_randomminute" '/RU' "$_myname" '/RP' "$_password" '/TR' "$_winbash -l -c '$_lesh --cron --home \"$LE_WORKING_DIR\" $_centry'" >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5557 echo SCHTASKS.exe '/create' '/SC' 'DAILY' '/TN' "$_WINDOWS_SCHEDULER_NAME" '/F' '/ST' "00:$_randomminute" '/RU' "$_myname" '/RP' "$_password" '/TR' "\"$_winbash -l -c '$_lesh --cron --home \"$LE_WORKING_DIR\" $_centry'\"" | cmd.exe >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5558 echo
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5559
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5560 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5561
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5562 _uninstall_win_taskscheduler() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5563 if ! _exists schtasks; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5564 _err "schtasks.exe is not found, are you on Windows?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5565 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5566 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5567 if ! echo SCHTASKS /query /tn "$_WINDOWS_SCHEDULER_NAME" | cmd.exe >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5568 _debug "scheduler $_WINDOWS_SCHEDULER_NAME is not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5569 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5570 _info "Removing $_WINDOWS_SCHEDULER_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5571 echo SCHTASKS /delete /f /tn "$_WINDOWS_SCHEDULER_NAME" | cmd.exe >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5572 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5573 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5574
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5575 #confighome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5576 installcronjob() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5577 _c_home="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5578 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5579 _CRONTAB="crontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5580 if [ -f "$LE_WORKING_DIR/$PROJECT_ENTRY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5581 lesh="\"$LE_WORKING_DIR\"/$PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5582 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5583 _err "Can not install cronjob, $PROJECT_ENTRY not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5584 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5585 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5586 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5587 _c_entry="--config-home \"$_c_home\" "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5588 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5589 _t=$(_time)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5590 random_minute=$(_math $_t % 60)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5591
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5592 if ! _exists "$_CRONTAB" && _exists "fcrontab"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5593 _CRONTAB="fcrontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5594 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5595
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5596 if ! _exists "$_CRONTAB"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5597 if _exists cygpath && _exists schtasks.exe; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5598 _info "It seems you are on Windows, let's install Windows scheduler task."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5599 if _install_win_taskscheduler "$lesh" "$_c_entry" "$random_minute"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5600 _info "Install Windows scheduler task success."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5601 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5602 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5603 _err "Install Windows scheduler task failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5604 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5605 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5606 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5607 _err "crontab/fcrontab doesn't exist, so, we can not install cron jobs."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5608 _err "All your certs will not be renewed automatically."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5609 _err "You must add your own cron job to call '$PROJECT_ENTRY --cron' everyday."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5610 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5611 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5612 _info "Installing cron job"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5613 if ! $_CRONTAB -l | grep "$PROJECT_ENTRY --cron"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5614 if _exists uname && uname -a | grep SunOS >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5615 $_CRONTAB -l | {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5616 cat
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5617 echo "$random_minute 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" $_c_entry> /dev/null"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5618 } | $_CRONTAB --
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5619 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5620 $_CRONTAB -l | {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5621 cat
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5622 echo "$random_minute 0 * * * $lesh --cron --home \"$LE_WORKING_DIR\" $_c_entry> /dev/null"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5623 } | $_CRONTAB -
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5624 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5625 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5626 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5627 _err "Install cron job failed. You need to manually renew your certs."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5628 _err "Or you can add cronjob by yourself:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5629 _err "$lesh --cron --home \"$LE_WORKING_DIR\" > /dev/null"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5630 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5631 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5632 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5633
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5634 uninstallcronjob() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5635 _CRONTAB="crontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5636 if ! _exists "$_CRONTAB" && _exists "fcrontab"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5637 _CRONTAB="fcrontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5638 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5639
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5640 if ! _exists "$_CRONTAB"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5641 if _exists cygpath && _exists schtasks.exe; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5642 _info "It seems you are on Windows, let's uninstall Windows scheduler task."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5643 if _uninstall_win_taskscheduler; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5644 _info "Uninstall Windows scheduler task success."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5645 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5646 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5647 _err "Uninstall Windows scheduler task failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5648 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5649 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5650 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5651 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5652 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5653 _info "Removing cron job"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5654 cr="$($_CRONTAB -l | grep "$PROJECT_ENTRY --cron")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5655 if [ "$cr" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5656 if _exists uname && uname -a | grep solaris >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5657 $_CRONTAB -l | sed "/$PROJECT_ENTRY --cron/d" | $_CRONTAB --
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5658 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5659 $_CRONTAB -l | sed "/$PROJECT_ENTRY --cron/d" | $_CRONTAB -
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5660 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5661 LE_WORKING_DIR="$(echo "$cr" | cut -d ' ' -f 9 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5662 _info LE_WORKING_DIR "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5663 if _contains "$cr" "--config-home"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5664 LE_CONFIG_HOME="$(echo "$cr" | cut -d ' ' -f 11 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5665 _debug LE_CONFIG_HOME "$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5666 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5667 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5668 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5669
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5670 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5671
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5672 #domain isECC revokeReason
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5673 revoke() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5674 Le_Domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5675 if [ -z "$Le_Domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5676 _usage "Usage: $PROJECT_ENTRY --revoke --domain <domain.tld> [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5677 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5678 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5679
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5680 _isEcc="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5681 _reason="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5682 if [ -z "$_reason" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5683 _reason="0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5684 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5685 _initpath "$Le_Domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5686 if [ ! -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5687 _err "$Le_Domain is not a issued domain, skip."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5688 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5689 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5690
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5691 if [ ! -f "$CERT_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5692 _err "Cert for $Le_Domain $CERT_PATH is not found, skip."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5693 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5694 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5695
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5696 cert="$(_getfile "${CERT_PATH}" "${BEGIN_CERT}" "${END_CERT}" | tr -d "\r\n" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5697
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5698 if [ -z "$cert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5699 _err "Cert for $Le_Domain is empty found, skip."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5700 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5701 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5702
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5703 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5704
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5705 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5706 data="{\"certificate\": \"$cert\",\"reason\":$_reason}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5707 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5708 data="{\"resource\": \"revoke-cert\", \"certificate\": \"$cert\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5709 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5710 uri="${ACME_REVOKE_CERT}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5711
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5712 if [ -f "$CERT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5713 _info "Try domain key first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5714 if _send_signed_request "$uri" "$data" "" "$CERT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5715 if [ -z "$response" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5716 _info "Revoke success."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5717 rm -f "$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5718 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5719 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5720 _err "Revoke error by domain key."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5721 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5722 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5723 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5724 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5725 _info "Domain key file doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5726 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5727
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5728 _info "Try account key."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5729
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5730 if _send_signed_request "$uri" "$data" "" "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5731 if [ -z "$response" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5732 _info "Revoke success."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5733 rm -f "$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5734 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5735 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5736 _err "Revoke error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5737 _debug "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5738 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5739 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5740 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5741 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5742
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5743 #domain ecc
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5744 remove() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5745 Le_Domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5746 if [ -z "$Le_Domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5747 _usage "Usage: $PROJECT_ENTRY --remove --domain <domain.tld> [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5748 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5749 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5750
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5751 _isEcc="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5752
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5753 _initpath "$Le_Domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5754 _removed_conf="$DOMAIN_CONF.removed"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5755 if [ ! -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5756 if [ -f "$_removed_conf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5757 _err "$Le_Domain is already removed, You can remove the folder by yourself: $DOMAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5758 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5759 _err "$Le_Domain is not a issued domain, skip."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5760 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5761 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5762 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5763
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5764 if mv "$DOMAIN_CONF" "$_removed_conf"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5765 _info "$Le_Domain is removed, the key and cert files are in $(__green $DOMAIN_PATH)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5766 _info "You can remove them by yourself."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5767 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5768 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5769 _err "Remove $Le_Domain failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5770 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5771 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5772 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5773
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5774 #domain vtype
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5775 _deactivate() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5776 _d_domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5777 _d_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5778 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5779
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5780 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5781 _identifiers="{\"type\":\"dns\",\"value\":\"$_d_domain\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5782 if ! _send_signed_request "$ACME_NEW_ORDER" "{\"identifiers\": [$_identifiers]}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5783 _err "Can not get domain new order."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5784 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5785 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5786 _authorizations_seg="$(echo "$response" | _egrep_o '"authorizations" *: *\[[^\]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5787 _debug2 _authorizations_seg "$_authorizations_seg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5788 if [ -z "$_authorizations_seg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5789 _err "_authorizations_seg not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5790 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5791 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5792 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5793 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5794
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5795 authzUri="$_authorizations_seg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5796 _debug2 "authzUri" "$authzUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5797 if ! _send_signed_request "$authzUri"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5798 _err "get to authz error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5799 _err "_authorizations_seg" "$_authorizations_seg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5800 _err "authzUri" "$authzUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5801 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5802 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5803 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5804 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5805
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5806 response="$(echo "$response" | _normalizeJson)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5807 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5808 _URL_NAME="url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5809 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5810 if ! __get_domain_new_authz "$_d_domain"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5811 _err "Can not get domain new authz token."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5812 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5813 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5814
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5815 authzUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ':' -f 2- | tr -d "\r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5816 _debug "authzUri" "$authzUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5817 if [ "$code" ] && [ ! "$code" = '201' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5818 _err "new-authz error: $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5819 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5820 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5821 _URL_NAME="uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5822 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5823
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5824 entries="$(echo "$response" | _egrep_o "[^{]*\"type\":\"[^\"]*\", *\"status\": *\"valid\", *\"$_URL_NAME\"[^}]*")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5825 if [ -z "$entries" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5826 _info "No valid entries found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5827 if [ -z "$thumbprint" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5828 thumbprint="$(__calc_account_thumbprint)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5829 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5830 _debug "Trigger validation."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5831 vtype="$VTYPE_DNS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5832 entry="$(echo "$response" | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5833 _debug entry "$entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5834 if [ -z "$entry" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5835 _err "Error, can not get domain token $d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5836 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5837 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5838 token="$(echo "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5839 _debug token "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5840
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5841 uri="$(echo "$entry" | _egrep_o "\"$_URL_NAME\":\"[^\"]*" | cut -d : -f 2,3 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5842 _debug uri "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5843
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5844 keyauthorization="$token.$thumbprint"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5845 _debug keyauthorization "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5846 __trigger_validation "$uri" "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5847
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5848 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5849
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5850 _d_i=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5851 _d_max_retry=$(echo "$entries" | wc -l)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5852 while [ "$_d_i" -lt "$_d_max_retry" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5853 _info "Deactivate: $_d_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5854 _d_i="$(_math $_d_i + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5855 entry="$(echo "$entries" | sed -n "${_d_i}p")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5856 _debug entry "$entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5857
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5858 if [ -z "$entry" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5859 _info "No more valid entry found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5860 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5861 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5862
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5863 _vtype="$(echo "$entry" | _egrep_o '"type": *"[^"]*"' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5864 _debug _vtype "$_vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5865 _info "Found $_vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5866
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5867 uri="$(echo "$entry" | _egrep_o "\"$_URL_NAME\":\"[^\"]*" | cut -d : -f 2,3 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5868 _debug uri "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5869
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5870 if [ "$_d_type" ] && [ "$_d_type" != "$_vtype" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5871 _info "Skip $_vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5872 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5873 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5874
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5875 _info "Deactivate: $_vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5876
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5877 if [ "$ACME_VERSION" = "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5878 _djson="{\"status\":\"deactivated\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5879 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5880 _djson="{\"resource\": \"authz\", \"status\":\"deactivated\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5881 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5882
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5883 if _send_signed_request "$authzUri" "$_djson" && _contains "$response" '"deactivated"'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5884 _info "Deactivate: $_vtype success."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5885 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5886 _err "Can not deactivate $_vtype."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5887 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5888 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5889
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5890 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5891 _debug "$_d_i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5892 if [ "$_d_i" -eq "$_d_max_retry" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5893 _info "Deactivated success!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5894 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5895 _err "Deactivate failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5896 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5897
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5898 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5899
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5900 deactivate() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5901 _d_domain_list="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5902 _d_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5903 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5904 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5905 _debug _d_domain_list "$_d_domain_list"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5906 if [ -z "$(echo $_d_domain_list | cut -d , -f 1)" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5907 _usage "Usage: $PROJECT_ENTRY --deactivate --domain <domain.tld> [--domain <domain2.tld> ...]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5908 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5909 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5910 for _d_dm in $(echo "$_d_domain_list" | tr ',' ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5911 if [ -z "$_d_dm" ] || [ "$_d_dm" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5912 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5913 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5914 if ! _deactivate "$_d_dm" "$_d_type"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5915 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5916 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5917 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5918 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5919
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5920 # Detect profile file if not specified as environment variable
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5921 _detect_profile() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5922 if [ -n "$PROFILE" -a -f "$PROFILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5923 echo "$PROFILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5924 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5925 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5926
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5927 DETECTED_PROFILE=''
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5928 SHELLTYPE="$(basename "/$SHELL")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5929
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5930 if [ "$SHELLTYPE" = "bash" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5931 if [ -f "$HOME/.bashrc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5932 DETECTED_PROFILE="$HOME/.bashrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5933 elif [ -f "$HOME/.bash_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5934 DETECTED_PROFILE="$HOME/.bash_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5935 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5936 elif [ "$SHELLTYPE" = "zsh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5937 DETECTED_PROFILE="$HOME/.zshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5938 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5939
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5940 if [ -z "$DETECTED_PROFILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5941 if [ -f "$HOME/.profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5942 DETECTED_PROFILE="$HOME/.profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5943 elif [ -f "$HOME/.bashrc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5944 DETECTED_PROFILE="$HOME/.bashrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5945 elif [ -f "$HOME/.bash_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5946 DETECTED_PROFILE="$HOME/.bash_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5947 elif [ -f "$HOME/.zshrc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5948 DETECTED_PROFILE="$HOME/.zshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5949 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5950 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5951
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5952 echo "$DETECTED_PROFILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5953 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5954
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5955 _initconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5956 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5957 if [ ! -f "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5958 echo "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5959 #LOG_FILE=\"$DEFAULT_LOG_FILE\"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5960 #LOG_LEVEL=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5961 #AUTO_UPGRADE=\"1\"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5962 #NO_TIMESTAMP=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5963 " >"$ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5964 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5965 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5966
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5967 # nocron
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5968 _precheck() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5969 _nocron="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5970
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5971 if ! _exists "curl" && ! _exists "wget"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5972 _err "Please install curl or wget first, we need to access http resources."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5973 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5974 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5975
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5976 if [ -z "$_nocron" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5977 if ! _exists "crontab" && ! _exists "fcrontab"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5978 if _exists cygpath && _exists schtasks.exe; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5979 _info "It seems you are on Windows, we will install Windows scheduler task."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5980 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5981 _err "It is recommended to install crontab first. try to install 'cron, crontab, crontabs or vixie-cron'."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5982 _err "We need to set cron job to renew the certs automatically."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5983 _err "Otherwise, your certs will not be able to be renewed automatically."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5984 if [ -z "$FORCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5985 _err "Please add '--force' and try install again to go without crontab."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5986 _err "./$PROJECT_ENTRY --install --force"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5987 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5988 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5989 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5990 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5991 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5992
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5993 if ! _exists "${ACME_OPENSSL_BIN:-openssl}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5994 _err "Please install openssl first. ACME_OPENSSL_BIN=$ACME_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5995 _err "We need openssl to generate keys."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5996 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5997 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5998
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5999 if ! _exists "socat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6000 _err "It is recommended to install socat first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6001 _err "We use socat for standalone server if you use standalone mode."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6002 _err "If you don't use standalone mode, just ignore this warning."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6003 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6004
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6005 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6006 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6007
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6008 _setShebang() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6009 _file="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6010 _shebang="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6011 if [ -z "$_shebang" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6012 _usage "Usage: file shebang"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6013 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6014 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6015 cp "$_file" "$_file.tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6016 echo "$_shebang" >"$_file"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6017 sed -n 2,99999p "$_file.tmp" >>"$_file"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6018 rm -f "$_file.tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6019 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6020
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6021 #confighome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6022 _installalias() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6023 _c_home="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6024 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6025
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6026 _envfile="$LE_WORKING_DIR/$PROJECT_ENTRY.env"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6027 if [ "$_upgrading" ] && [ "$_upgrading" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6028 echo "$(cat "$_envfile")" | sed "s|^LE_WORKING_DIR.*$||" >"$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6029 echo "$(cat "$_envfile")" | sed "s|^alias le.*$||" >"$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6030 echo "$(cat "$_envfile")" | sed "s|^alias le.sh.*$||" >"$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6031 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6032
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6033 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6034 _c_entry=" --config-home '$_c_home'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6035 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6036
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6037 _setopt "$_envfile" "export LE_WORKING_DIR" "=" "\"$LE_WORKING_DIR\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6038 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6039 _setopt "$_envfile" "export LE_CONFIG_HOME" "=" "\"$LE_CONFIG_HOME\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6040 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6041 _sed_i "/^export LE_CONFIG_HOME/d" "$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6042 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6043 _setopt "$_envfile" "alias $PROJECT_ENTRY" "=" "\"$LE_WORKING_DIR/$PROJECT_ENTRY$_c_entry\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6044
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6045 _profile="$(_detect_profile)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6046 if [ "$_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6047 _debug "Found profile: $_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6048 _info "Installing alias to '$_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6049 _setopt "$_profile" ". \"$_envfile\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6050 _info "OK, Close and reopen your terminal to start using $PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6051 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6052 _info "No profile is found, you will need to go into $LE_WORKING_DIR to use $PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6053 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6054
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6055 #for csh
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6056 _cshfile="$LE_WORKING_DIR/$PROJECT_ENTRY.csh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6057 _csh_profile="$HOME/.cshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6058 if [ -f "$_csh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6059 _info "Installing alias to '$_csh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6060 _setopt "$_cshfile" "setenv LE_WORKING_DIR" " " "\"$LE_WORKING_DIR\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6061 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6062 _setopt "$_cshfile" "setenv LE_CONFIG_HOME" " " "\"$LE_CONFIG_HOME\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6063 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6064 _sed_i "/^setenv LE_CONFIG_HOME/d" "$_cshfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6065 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6066 _setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY$_c_entry\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6067 _setopt "$_csh_profile" "source \"$_cshfile\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6068 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6069
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6070 #for tcsh
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6071 _tcsh_profile="$HOME/.tcshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6072 if [ -f "$_tcsh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6073 _info "Installing alias to '$_tcsh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6074 _setopt "$_cshfile" "setenv LE_WORKING_DIR" " " "\"$LE_WORKING_DIR\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6075 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6076 _setopt "$_cshfile" "setenv LE_CONFIG_HOME" " " "\"$LE_CONFIG_HOME\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6077 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6078 _setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY$_c_entry\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6079 _setopt "$_tcsh_profile" "source \"$_cshfile\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6080 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6081
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6082 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6083
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6084 # nocron confighome noprofile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6085 install() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6086
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6087 if [ -z "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6088 LE_WORKING_DIR="$DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6089 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6090
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6091 _nocron="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6092 _c_home="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6093 _noprofile="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6094 if ! _initpath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6095 _err "Install failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6096 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6097 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6098 if [ "$_nocron" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6099 _debug "Skip install cron job"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6100 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6101
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6102 if [ "$_ACME_IN_CRON" != "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6103 if ! _precheck "$_nocron"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6104 _err "Pre-check failed, can not install."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6105 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6106 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6107 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6108
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6109 if [ -z "$_c_home" ] && [ "$LE_CONFIG_HOME" != "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6110 _info "Using config home: $LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6111 _c_home="$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6112 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6113
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6114 #convert from le
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6115 if [ -d "$HOME/.le" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6116 for envfile in "le.env" "le.sh.env"; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6117 if [ -f "$HOME/.le/$envfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6118 if grep "le.sh" "$HOME/.le/$envfile" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6119 _upgrading="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6120 _info "You are upgrading from le.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6121 _info "Renaming \"$HOME/.le\" to $LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6122 mv "$HOME/.le" "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6123 mv "$LE_WORKING_DIR/$envfile" "$LE_WORKING_DIR/$PROJECT_ENTRY.env"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6124 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6125 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6126 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6127 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6128 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6129
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6130 _info "Installing to $LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6131
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6132 if [ ! -d "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6133 if ! mkdir -p "$LE_WORKING_DIR"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6134 _err "Can not create working dir: $LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6135 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6136 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6137
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6138 chmod 700 "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6139 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6140
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6141 if [ ! -d "$LE_CONFIG_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6142 if ! mkdir -p "$LE_CONFIG_HOME"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6143 _err "Can not create config dir: $LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6144 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6145 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6146
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6147 chmod 700 "$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6148 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6149
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6150 cp "$PROJECT_ENTRY" "$LE_WORKING_DIR/" && chmod +x "$LE_WORKING_DIR/$PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6151
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6152 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6153 _err "Install failed, can not copy $PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6154 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6155 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6156
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6157 _info "Installed to $LE_WORKING_DIR/$PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6158
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6159 if [ "$_ACME_IN_CRON" != "1" ] && [ -z "$_noprofile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6160 _installalias "$_c_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6161 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6162
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6163 for subf in $_SUB_FOLDERS; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6164 if [ -d "$subf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6165 mkdir -p "$LE_WORKING_DIR/$subf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6166 cp "$subf"/* "$LE_WORKING_DIR"/"$subf"/
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6167 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6168 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6169
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6170 if [ ! -f "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6171 _initconf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6172 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6173
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6174 if [ "$_DEFAULT_ACCOUNT_CONF_PATH" != "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6175 _setopt "$_DEFAULT_ACCOUNT_CONF_PATH" "ACCOUNT_CONF_PATH" "=" "\"$ACCOUNT_CONF_PATH\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6176 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6177
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6178 if [ "$_DEFAULT_CERT_HOME" != "$CERT_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6179 _saveaccountconf "CERT_HOME" "$CERT_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6180 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6181
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6182 if [ "$_DEFAULT_ACCOUNT_KEY_PATH" != "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6183 _saveaccountconf "ACCOUNT_KEY_PATH" "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6184 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6185
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6186 if [ -z "$_nocron" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6187 installcronjob "$_c_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6188 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6189
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6190 if [ -z "$NO_DETECT_SH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6191 #Modify shebang
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6192 if _exists bash; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6193 _bash_path="$(bash -c "command -v bash 2>/dev/null")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6194 if [ -z "$_bash_path" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6195 _bash_path="$(bash -c 'echo $SHELL')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6196 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6197 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6198 if [ "$_bash_path" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6199 _info "Good, bash is found, so change the shebang to use bash as preferred."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6200 _shebang='#!'"$_bash_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6201 _setShebang "$LE_WORKING_DIR/$PROJECT_ENTRY" "$_shebang"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6202 for subf in $_SUB_FOLDERS; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6203 if [ -d "$LE_WORKING_DIR/$subf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6204 for _apifile in "$LE_WORKING_DIR/$subf/"*.sh; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6205 _setShebang "$_apifile" "$_shebang"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6206 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6207 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6208 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6209 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6210 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6211
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6212 _info OK
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6213 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6214
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6215 # nocron
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6216 uninstall() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6217 _nocron="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6218 if [ -z "$_nocron" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6219 uninstallcronjob
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6220 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6221 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6222
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6223 _uninstallalias
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6224
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6225 rm -f "$LE_WORKING_DIR/$PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6226 _info "The keys and certs are in \"$(__green "$LE_CONFIG_HOME")\", you can remove them by yourself."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6227
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6228 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6229
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6230 _uninstallalias() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6231 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6232
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6233 _profile="$(_detect_profile)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6234 if [ "$_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6235 _info "Uninstalling alias from: '$_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6236 text="$(cat "$_profile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6237 echo "$text" | sed "s|^.*\"$LE_WORKING_DIR/$PROJECT_NAME.env\"$||" >"$_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6238 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6239
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6240 _csh_profile="$HOME/.cshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6241 if [ -f "$_csh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6242 _info "Uninstalling alias from: '$_csh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6243 text="$(cat "$_csh_profile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6244 echo "$text" | sed "s|^.*\"$LE_WORKING_DIR/$PROJECT_NAME.csh\"$||" >"$_csh_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6245 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6246
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6247 _tcsh_profile="$HOME/.tcshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6248 if [ -f "$_tcsh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6249 _info "Uninstalling alias from: '$_csh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6250 text="$(cat "$_tcsh_profile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6251 echo "$text" | sed "s|^.*\"$LE_WORKING_DIR/$PROJECT_NAME.csh\"$||" >"$_tcsh_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6252 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6253
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6254 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6255
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6256 cron() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6257 export _ACME_IN_CRON=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6258 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6259 _info "$(__green "===Starting cron===")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6260 if [ "$AUTO_UPGRADE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6261 export LE_WORKING_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6262 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6263 if ! upgrade; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6264 _err "Cron:Upgrade failed!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6265 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6266 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6267 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6268 . "$LE_WORKING_DIR/$PROJECT_ENTRY" >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6269
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6270 if [ -t 1 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6271 __INTERACTIVE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6272 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6273
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6274 _info "Auto upgraded to: $VER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6275 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6276 renewAll
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6277 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6278 _ACME_IN_CRON=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6279 _info "$(__green "===End cron===")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6280 exit $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6281 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6282
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6283 version() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6284 echo "$PROJECT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6285 echo "v$VER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6286 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6287
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6288 # subject content hooks code
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6289 _send_notify() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6290 _nsubject="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6291 _ncontent="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6292 _nhooks="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6293 _nerror="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6294
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6295 if [ "$NOTIFY_LEVEL" = "$NOTIFY_LEVEL_DISABLE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6296 _debug "The NOTIFY_LEVEL is $NOTIFY_LEVEL, disabled, just return."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6297 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6298 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6299
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6300 if [ -z "$_nhooks" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6301 _debug "The NOTIFY_HOOK is empty, just return."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6302 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6303 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6304
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6305 _send_err=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6306 for _n_hook in $(echo "$_nhooks" | tr ',' " "); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6307 _n_hook_file="$(_findHook "" $_SUB_FOLDER_NOTIFY "$_n_hook")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6308 _info "Sending via: $_n_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6309 _debug "Found $_n_hook_file for $_n_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6310 if [ -z "$_n_hook_file" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6311 _err "Can not find the hook file for $_n_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6312 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6313 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6314 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6315 if ! . "$_n_hook_file"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6316 _err "Load file $_n_hook_file error. Please check your api file and try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6317 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6318 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6319
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6320 d_command="${_n_hook}_send"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6321 if ! _exists "$d_command"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6322 _err "It seems that your api file is not correct, it must have a function named: $d_command"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6323 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6324 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6325
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6326 if ! $d_command "$_nsubject" "$_ncontent" "$_nerror"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6327 _err "Error send message by $d_command"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6328 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6329 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6330
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6331 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6332 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6333 _err "Set $_n_hook_file error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6334 _send_err=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6335 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6336 _info "$_n_hook $(__green Success)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6337 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6338 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6339 return $_send_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6340
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6341 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6342
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6343 # hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6344 _set_notify_hook() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6345 _nhooks="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6346
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6347 _test_subject="Hello, this is a notification from $PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6348 _test_content="If you receive this message, your notification works."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6349
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6350 _send_notify "$_test_subject" "$_test_content" "$_nhooks" 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6351
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6352 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6353
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6354 #[hook] [level] [mode]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6355 setnotify() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6356 _nhook="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6357 _nlevel="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6358 _nmode="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6359
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6360 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6361
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6362 if [ -z "$_nhook$_nlevel$_nmode" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6363 _usage "Usage: $PROJECT_ENTRY --set-notify [--notify-hook <hookname>] [--notify-level <0|1|2|3>] [--notify-mode <0|1>]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6364 _usage "$_NOTIFY_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6365 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6366 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6367
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6368 if [ "$_nlevel" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6369 _info "Set notify level to: $_nlevel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6370 export "NOTIFY_LEVEL=$_nlevel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6371 _saveaccountconf "NOTIFY_LEVEL" "$NOTIFY_LEVEL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6372 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6373
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6374 if [ "$_nmode" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6375 _info "Set notify mode to: $_nmode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6376 export "NOTIFY_MODE=$_nmode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6377 _saveaccountconf "NOTIFY_MODE" "$NOTIFY_MODE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6378 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6379
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6380 if [ "$_nhook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6381 _info "Set notify hook to: $_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6382 if [ "$_nhook" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6383 _info "Clear notify hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6384 _clearaccountconf "NOTIFY_HOOK"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6385 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6386 if _set_notify_hook "$_nhook"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6387 export NOTIFY_HOOK="$_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6388 _saveaccountconf "NOTIFY_HOOK" "$NOTIFY_HOOK"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6389 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6390 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6391 _err "Can not set notify hook to: $_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6392 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6393 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6394 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6395 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6396
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6397 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6398
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6399 showhelp() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6400 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6401 version
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6402 echo "Usage: $PROJECT_ENTRY <command> ... [parameters ...]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6403 Commands:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6404 -h, --help Show this help message.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6405 -v, --version Show version info.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6406 --install Install $PROJECT_NAME to your system.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6407 --uninstall Uninstall $PROJECT_NAME, and uninstall the cron job.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6408 --upgrade Upgrade $PROJECT_NAME to the latest code from $PROJECT.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6409 --issue Issue a cert.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6410 --deploy Deploy the cert to your server.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6411 -i, --install-cert Install the issued cert to apache/nginx or any other server.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6412 -r, --renew Renew a cert.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6413 --renew-all Renew all the certs.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6414 --revoke Revoke a cert.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6415 --remove Remove the cert from list of certs known to $PROJECT_NAME.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6416 --list List all the certs.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6417 --to-pkcs12 Export the certificate and key to a pfx file.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6418 --to-pkcs8 Convert to pkcs8 format.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6419 --sign-csr Issue a cert from an existing csr.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6420 --show-csr Show the content of a csr.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6421 -ccr, --create-csr Create CSR, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6422 --create-domain-key Create an domain private key, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6423 --update-account Update account info.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6424 --register-account Register account key.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6425 --deactivate-account Deactivate the account.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6426 --create-account-key Create an account private key, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6427 --install-cronjob Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6428 --uninstall-cronjob Uninstall the cron job. The 'uninstall' command can do this automatically.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6429 --cron Run cron job to renew all the certs.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6430 --set-notify Set the cron notification hook, level or mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6431 --deactivate Deactivate the domain authz, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6432 --set-default-ca Used with '--server', Set the default CA to use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6433 See: $_SERVER_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6434 Parameters:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6435 -d, --domain <domain.tld> Specifies a domain, used to issue, renew or revoke etc.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6436 --challenge-alias <domain.tld> The challenge domain alias for DNS alias mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6437 See: $_DNS_ALIAS_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6438 --domain-alias <domain.tld> The domain alias for DNS alias mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6439 See: $_DNS_ALIAS_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6440 --preferred-chain <chain> If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6441 If no match, the default offered chain will be used. (default: empty)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6442 See: $_PREFERRED_CHAIN_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6443 -f, --force Force install, force cert renewal or override sudo restrictions.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6444 --staging, --test Use staging server, for testing.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6445 --debug [0|1|2|3] Output debug info. Defaults to 1 if argument is omitted.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6446 --output-insecure Output all the sensitive messages.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6447 By default all the credentials/sensitive messages are hidden from the output/debug/log for security.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6448 -w, --webroot <directory> Specifies the web root folder for web root mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6449 --standalone Use standalone mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6450 --alpn Use standalone alpn mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6451 --stateless Use stateless mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6452 See: $_STATELESS_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6453 --apache Use apache mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6454 --dns [dns_hook] Use dns manual mode or dns api. Defaults to manual mode when argument is omitted.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6455 See: $_DNS_API_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6456 --dnssleep <seconds> The time in seconds to wait for all the txt records to propagate in dns api mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6457 It's not necessary to use this by default, $PROJECT_NAME polls dns status by DOH automatically.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6458 -k, --keylength <bits> Specifies the domain key length: 2048, 3072, 4096, 8192 or ec-256, ec-384, ec-521.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6459 -ak, --accountkeylength <bits> Specifies the account key length: 2048, 3072, 4096
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6460 --log [file] Specifies the log file. Defaults to \"$DEFAULT_LOG_FILE\" if argument is omitted.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6461 --log-level <1|2> Specifies the log level, default is 1.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6462 --syslog <0|3|6|7> Syslog level, 0: disable syslog, 3: error, 6: info, 7: debug.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6463 --eab-kid <eab_key_id> Key Identifier for External Account Binding.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6464 --eab-hmac-key <eab_hmac_key> HMAC key for External Account Binding.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6465 These parameters are to install the cert to nginx/apache or any other server after issue/renew a cert:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6466 --cert-file <file> Path to copy the cert file to after issue/renew..
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6467 --key-file <file> Path to copy the key file to after issue/renew.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6468 --ca-file <file> Path to copy the intermediate cert file to after issue/renew.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6469 --fullchain-file <file> Path to copy the fullchain cert file to after issue/renew.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6470 --reloadcmd <command> Command to execute after issue/renew to reload the server.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6471 --server <server_uri> ACME Directory Resource URI. (default: $DEFAULT_CA)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6472 See: $_SERVER_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6473 --accountconf <file> Specifies a customized account config file.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6474 --home <directory> Specifies the home dir for $PROJECT_NAME.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6475 --cert-home <directory> Specifies the home dir to save all the certs, only valid for '--install' command.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6476 --config-home <directory> Specifies the home dir to save all the configurations.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6477 --useragent <string> Specifies the user agent string. it will be saved for future use too.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6478 -m, --accountemail <email> Specifies the account email, only valid for the '--install' and '--update-account' command.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6479 --accountkey <file> Specifies the account key path, only valid for the '--install' command.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6480 --days <ndays> Specifies the days to renew the cert when using '--issue' command. The default value is $DEFAULT_RENEW days.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6481 --httpport <port> Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6482 --tlsport <port> Specifies the standalone tls listening port. Only valid if the server is behind a reverse proxy or load balancer.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6483 --local-address <ip> Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6484 --listraw Only used for '--list' command, list the certs in raw format.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6485 -se, --stop-renew-on-error Only valid for '--renew-all' command. Stop if one cert has error in renewal.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6486 --insecure Do not check the server certificate, in some devices, the api server's certificate may not be trusted.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6487 --ca-bundle <file> Specifies the path to the CA certificate bundle to verify api server's certificate.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6488 --ca-path <directory> Specifies directory containing CA certificates in PEM format, used by wget or curl.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6489 --nocron Only valid for '--install' command, which means: do not install the default cron job.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6490 In this case, the certs will not be renewed automatically.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6491 --noprofile Only valid for '--install' command, which means: do not install aliases to user profile.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6492 --no-color Do not output color text.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6493 --force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6494 --ecc Specifies to use the ECC cert. Valid for '--install-cert', '--renew', '--revoke', '--to-pkcs12' and '--create-csr'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6495 --csr <file> Specifies the input csr.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6496 --pre-hook <command> Command to be run before obtaining any certificates.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6497 --post-hook <command> Command to be run after attempting to obtain/renew certificates. Runs regardless of whether obtain/renew succeeded or failed.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6498 --renew-hook <command> Command to be run after each successfully renewed certificate.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6499 --deploy-hook <hookname> The hook file to deploy cert
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6500 --ocsp, --ocsp-must-staple Generate OCSP-Must-Staple extension.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6501 --always-force-new-domain-key Generate new domain key on renewal. Otherwise, the domain key is not changed by default.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6502 --auto-upgrade [0|1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future. Defaults to 1 if argument is omitted.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6503 --listen-v4 Force standalone/tls server to listen at ipv4.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6504 --listen-v6 Force standalone/tls server to listen at ipv6.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6505 --openssl-bin <file> Specifies a custom openssl bin location.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6506 --use-wget Force to use wget, if you have both curl and wget installed.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6507 --yes-I-know-dns-manual-mode-enough-go-ahead-please Force use of dns manual mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6508 See: $_DNS_MANUAL_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6509 -b, --branch <branch> Only valid for '--upgrade' command, specifies the branch name to upgrade to.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6510 --notify-level <0|1|2|3> Set the notification level: Default value is $NOTIFY_LEVEL_DEFAULT.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6511 0: disabled, no notification will be sent.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6512 1: send notifications only when there is an error.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6513 2: send notifications when a cert is successfully renewed, or there is an error.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6514 3: send notifications when a cert is skipped, renewed, or error.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6515 --notify-mode <0|1> Set notification mode. Default value is $NOTIFY_MODE_DEFAULT.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6516 0: Bulk mode. Send all the domain's notifications in one message(mail).
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6517 1: Cert mode. Send a message for every single cert.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6518 --notify-hook <hookname> Set the notify hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6519 --revoke-reason <0-10> The reason for revocation, can be used in conjunction with the '--revoke' command.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6520 See: $_REVOKE_WIKI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6521 --password <password> Add a password to exported pfx file. Use with --to-pkcs12.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6522 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6523 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6524
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6525 # nocron noprofile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6526 _installOnline() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6527 _info "Installing from online archive."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6528 _nocron="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6529 _noprofile="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6530 if [ ! "$BRANCH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6531 BRANCH="master"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6532 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6533
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6534 target="$PROJECT/archive/$BRANCH.tar.gz"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6535 _info "Downloading $target"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6536 localname="$BRANCH.tar.gz"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6537 if ! _get "$target" >$localname; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6538 _err "Download error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6539 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6540 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6541 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6542 _info "Extracting $localname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6543 if ! (tar xzf $localname || gtar xzf $localname); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6544 _err "Extraction error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6545 exit 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6546 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6547
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6548 cd "$PROJECT_NAME-$BRANCH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6549 chmod +x $PROJECT_ENTRY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6550 if ./$PROJECT_ENTRY install "$_nocron" "" "$_noprofile"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6551 _info "Install success!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6552 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6553 _saveaccountconf "UPGRADE_HASH" "$(_getUpgradeHash)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6554 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6555
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6556 cd ..
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6557
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6558 rm -rf "$PROJECT_NAME-$BRANCH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6559 rm -f "$localname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6560 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6561 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6562
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6563 _getRepoHash() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6564 _hash_path=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6565 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6566 _hash_url="https://api.github.com/repos/acmesh-official/$PROJECT_NAME/git/refs/$_hash_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6567 _get $_hash_url | tr -d "\r\n" | tr '{},' '\n' | grep '"sha":' | cut -d '"' -f 4
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6568 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6569
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6570 _getUpgradeHash() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6571 _b="$BRANCH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6572 if [ -z "$_b" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6573 _b="master"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6574 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6575 _hash=$(_getRepoHash "heads/$_b")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6576 if [ -z "$_hash" ]; then _hash=$(_getRepoHash "tags/$_b"); fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6577 echo $_hash
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6578 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6579
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6580 upgrade() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6581 if (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6582 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6583 [ -z "$FORCE" ] && [ "$(_getUpgradeHash)" = "$(_readaccountconf "UPGRADE_HASH")" ] && _info "Already uptodate!" && exit 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6584 export LE_WORKING_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6585 cd "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6586 _installOnline "nocron" "noprofile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6587 ); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6588 _info "Upgrade success!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6589 exit 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6590 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6591 _err "Upgrade failed!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6592 exit 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6593 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6594 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6595
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6596 _processAccountConf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6597 if [ "$_useragent" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6598 _saveaccountconf "USER_AGENT" "$_useragent"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6599 elif [ "$USER_AGENT" ] && [ "$USER_AGENT" != "$DEFAULT_USER_AGENT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6600 _saveaccountconf "USER_AGENT" "$USER_AGENT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6601 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6602
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6603 if [ "$_openssl_bin" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6604 _saveaccountconf "ACME_OPENSSL_BIN" "$_openssl_bin"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6605 elif [ "$ACME_OPENSSL_BIN" ] && [ "$ACME_OPENSSL_BIN" != "$DEFAULT_OPENSSL_BIN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6606 _saveaccountconf "ACME_OPENSSL_BIN" "$ACME_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6607 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6608
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6609 if [ "$_auto_upgrade" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6610 _saveaccountconf "AUTO_UPGRADE" "$_auto_upgrade"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6611 elif [ "$AUTO_UPGRADE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6612 _saveaccountconf "AUTO_UPGRADE" "$AUTO_UPGRADE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6613 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6614
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6615 if [ "$_use_wget" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6616 _saveaccountconf "ACME_USE_WGET" "$_use_wget"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6617 elif [ "$ACME_USE_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6618 _saveaccountconf "ACME_USE_WGET" "$ACME_USE_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6619 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6620
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6621 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6622
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6623 _checkSudo() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6624 if [ "$SUDO_GID" ] && [ "$SUDO_COMMAND" ] && [ "$SUDO_USER" ] && [ "$SUDO_UID" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6625 if [ "$SUDO_USER" = "root" ] && [ "$SUDO_UID" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6626 #it's root using sudo, no matter it's using sudo or not, just fine
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6627 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6628 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6629 if [ -n "$SUDO_COMMAND" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6630 #it's a normal user doing "sudo su", or `sudo -i` or `sudo -s`
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6631 _endswith "$SUDO_COMMAND" /bin/su || grep "^$SUDO_COMMAND\$" /etc/shells >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6632 return $?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6633 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6634 #otherwise
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6635 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6636 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6637 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6638 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6639
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6640 #server
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6641 _selectServer() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6642 _server="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6643 _server_lower="$(echo "$_server" | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6644 _sindex=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6645 for snames in $CA_NAMES; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6646 snames="$(echo "$snames" | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6647 _sindex="$(_math $_sindex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6648 _debug2 "_selectServer try snames" "$snames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6649 for sname in $(echo "$snames" | tr ',' ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6650 if [ "$_server_lower" = "$sname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6651 _debug2 "_selectServer match $sname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6652 _serverdir="$(_getfield "$CA_SERVERS" $_sindex)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6653 _debug "Selected server: $_serverdir"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6654 ACME_DIRECTORY="$_serverdir"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6655 export ACME_DIRECTORY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6656 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6657 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6658 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6659 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6660 ACME_DIRECTORY="$_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6661 export ACME_DIRECTORY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6662 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6663
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6664 #url
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6665 _getCAShortName() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6666 caurl="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6667 if [ -z "$caurl" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6668 caurl="$DEFAULT_CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6669 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6670 caurl_lower="$(echo $caurl | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6671 _sindex=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6672 for surl in $(echo "$CA_SERVERS" | _lower_case | tr , ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6673 _sindex="$(_math $_sindex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6674 if [ "$caurl_lower" = "$surl" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6675 _nindex=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6676 for snames in $CA_NAMES; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6677 _nindex="$(_math $_nindex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6678 if [ $_nindex -ge $_sindex ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6679 _getfield "$snames" 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6680 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6681 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6682 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6683 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6684 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6685 echo "$caurl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6686 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6687
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6688 #set default ca to $ACME_DIRECTORY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6689 setdefaultca() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6690 if [ -z "$ACME_DIRECTORY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6691 _err "Please give a --server parameter."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6692 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6693 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6694 _saveaccountconf "DEFAULT_ACME_SERVER" "$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6695 _info "Changed default CA to: $(__green "$ACME_DIRECTORY")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6696 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6697
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6698 _process() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6699 _CMD=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6700 _domain=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6701 _altdomains="$NO_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6702 _webroot=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6703 _challenge_alias=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6704 _keylength=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6705 _accountkeylength=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6706 _cert_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6707 _key_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6708 _ca_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6709 _fullchain_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6710 _reloadcmd=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6711 _password=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6712 _accountconf=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6713 _useragent=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6714 _accountemail=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6715 _accountkey=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6716 _certhome=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6717 _confighome=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6718 _httpport=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6719 _tlsport=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6720 _dnssleep=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6721 _listraw=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6722 _stopRenewOnError=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6723 #_insecure=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6724 _ca_bundle=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6725 _ca_path=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6726 _nocron=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6727 _noprofile=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6728 _ecc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6729 _csr=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6730 _pre_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6731 _post_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6732 _renew_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6733 _deploy_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6734 _logfile=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6735 _log=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6736 _local_address=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6737 _log_level=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6738 _auto_upgrade=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6739 _listen_v4=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6740 _listen_v6=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6741 _openssl_bin=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6742 _syslog=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6743 _use_wget=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6744 _server=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6745 _notify_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6746 _notify_level=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6747 _notify_mode=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6748 _revoke_reason=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6749 _eab_kid=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6750 _eab_hmac_key=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6751 _preferred_chain=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6752 while [ ${#} -gt 0 ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6753 case "${1}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6754
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6755 --help | -h)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6756 showhelp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6757 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6758 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6759 --version | -v)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6760 version
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6761 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6762 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6763 --install)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6764 _CMD="install"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6765 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6766 --uninstall)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6767 _CMD="uninstall"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6768 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6769 --upgrade)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6770 _CMD="upgrade"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6771 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6772 --issue)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6773 _CMD="issue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6774 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6775 --deploy)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6776 _CMD="deploy"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6777 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6778 --sign-csr | --signcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6779 _CMD="signcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6780 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6781 --show-csr | --showcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6782 _CMD="showcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6783 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6784 -i | --install-cert | --installcert)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6785 _CMD="installcert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6786 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6787 --renew | -r)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6788 _CMD="renew"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6789 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6790 --renew-all | --renewAll | --renewall)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6791 _CMD="renewAll"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6792 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6793 --revoke)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6794 _CMD="revoke"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6795 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6796 --remove)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6797 _CMD="remove"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6798 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6799 --list)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6800 _CMD="list"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6801 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6802 --install-cronjob | --installcronjob)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6803 _CMD="installcronjob"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6804 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6805 --uninstall-cronjob | --uninstallcronjob)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6806 _CMD="uninstallcronjob"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6807 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6808 --cron)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6809 _CMD="cron"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6810 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6811 --to-pkcs12 | --to-pkcs | --toPkcs)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6812 _CMD="toPkcs"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6813 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6814 --to-pkcs8 | --toPkcs8)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6815 _CMD="toPkcs8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6816 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6817 --create-account-key | --createAccountKey | --createaccountkey | -cak)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6818 _CMD="createAccountKey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6819 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6820 --create-domain-key | --createDomainKey | --createdomainkey | -cdk)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6821 _CMD="createDomainKey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6822 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6823 -ccr | --create-csr | --createCSR | --createcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6824 _CMD="createCSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6825 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6826 --deactivate)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6827 _CMD="deactivate"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6828 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6829 --update-account | --updateaccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6830 _CMD="updateaccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6831 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6832 --register-account | --registeraccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6833 _CMD="registeraccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6834 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6835 --deactivate-account)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6836 _CMD="deactivateaccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6837 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6838 --set-notify)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6839 _CMD="setnotify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6840 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6841 --set-default-ca)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6842 _CMD="setdefaultca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6843 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6844 -d | --domain)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6845 _dvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6846
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6847 if [ "$_dvalue" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6848 if _startswith "$_dvalue" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6849 _err "'$_dvalue' is not a valid domain for parameter '$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6850 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6851 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6852 if _is_idn "$_dvalue" && ! _exists idn; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6853 _err "It seems that $_dvalue is an IDN( Internationalized Domain Names), please install 'idn' command first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6854 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6855 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6856
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6857 if _startswith "$_dvalue" "*."; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6858 _debug "Wildcard domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6859 export ACME_VERSION=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6860 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6861 if [ -z "$_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6862 _domain="$_dvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6863 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6864 if [ "$_altdomains" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6865 _altdomains="$_dvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6866 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6867 _altdomains="$_altdomains,$_dvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6868 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6869 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6870 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6871
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6872 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6873 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6874
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6875 -f | --force)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6876 FORCE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6877 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6878 --staging | --test)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6879 STAGE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6880 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6881 --server)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6882 _server="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6883 _selectServer "$_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6884 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6885 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6886 --debug)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6887 if [ -z "$2" ] || _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6888 DEBUG="$DEBUG_LEVEL_DEFAULT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6889 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6890 DEBUG="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6891 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6892 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6893 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6894 --output-insecure)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6895 export OUTPUT_INSECURE=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6896 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6897 -w | --webroot)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6898 wvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6899 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6900 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6901 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6902 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6903 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6904 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6905 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6906 --challenge-alias)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6907 cvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6908 _challenge_alias="$_challenge_alias$cvalue,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6909 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6910 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6911 --domain-alias)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6912 cvalue="$DNS_ALIAS_PREFIX$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6913 _challenge_alias="$_challenge_alias$cvalue,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6914 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6915 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6916 --standalone)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6917 wvalue="$NO_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6918 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6919 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6920 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6921 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6922 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6923 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6924 --alpn)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6925 wvalue="$W_ALPN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6926 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6927 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6928 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6929 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6930 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6931 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6932 --stateless)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6933 wvalue="$MODE_STATELESS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6934 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6935 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6936 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6937 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6938 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6939 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6940 --local-address)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6941 lvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6942 _local_address="$_local_address$lvalue,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6943 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6944 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6945 --apache)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6946 wvalue="apache"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6947 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6948 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6949 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6950 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6951 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6952 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6953 --nginx)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6954 wvalue="$NGINX"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6955 if [ "$2" ] && ! _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6956 wvalue="$NGINX$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6957 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6958 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6959 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6960 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6961 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6962 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6963 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6964 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6965 --dns)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6966 wvalue="$W_DNS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6967 if [ "$2" ] && ! _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6968 wvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6969 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6970 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6971 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6972 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6973 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6974 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6975 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6976 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6977 --dnssleep)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6978 _dnssleep="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6979 Le_DNSSleep="$_dnssleep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6980 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6981 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6982
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6983 --keylength | -k)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6984 _keylength="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6985 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6986 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6987 -ak | --accountkeylength)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6988 _accountkeylength="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6989 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6990 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6991
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6992 --cert-file | --certpath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6993 _cert_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6994 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6995 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6996 --key-file | --keypath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6997 _key_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6998 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6999 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7000 --ca-file | --capath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7001 _ca_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7002 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7003 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7004 --fullchain-file | --fullchainpath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7005 _fullchain_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7006 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7007 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7008 --reloadcmd | --reloadCmd)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7009 _reloadcmd="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7010 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7011 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7012 --password)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7013 _password="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7014 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7015 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7016 --accountconf)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7017 _accountconf="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7018 ACCOUNT_CONF_PATH="$_accountconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7019 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7020 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7021 --home)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7022 LE_WORKING_DIR="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7023 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7024 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7025 --cert-home | --certhome)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7026 _certhome="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7027 CERT_HOME="$_certhome"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7028 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7029 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7030 --config-home)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7031 _confighome="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7032 LE_CONFIG_HOME="$_confighome"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7033 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7034 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7035 --useragent)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7036 _useragent="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7037 USER_AGENT="$_useragent"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7038 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7039 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7040 -m | --accountemail)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7041 _accountemail="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7042 ACCOUNT_EMAIL="$_accountemail"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7043 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7044 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7045 --accountkey)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7046 _accountkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7047 ACCOUNT_KEY_PATH="$_accountkey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7048 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7049 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7050 --days)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7051 _days="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7052 Le_RenewalDays="$_days"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7053 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7054 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7055 --httpport)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7056 _httpport="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7057 Le_HTTPPort="$_httpport"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7058 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7059 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7060 --tlsport)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7061 _tlsport="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7062 Le_TLSPort="$_tlsport"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7063 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7064 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7065 --listraw)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7066 _listraw="raw"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7067 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7068 -se | --stop-renew-on-error | --stopRenewOnError | --stoprenewonerror)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7069 _stopRenewOnError="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7070 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7071 --insecure)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7072 #_insecure="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7073 HTTPS_INSECURE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7074 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7075 --ca-bundle)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7076 _ca_bundle="$(_readlink "$2")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7077 CA_BUNDLE="$_ca_bundle"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7078 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7079 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7080 --ca-path)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7081 _ca_path="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7082 CA_PATH="$_ca_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7083 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7084 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7085 --nocron)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7086 _nocron="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7087 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7088 --noprofile)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7089 _noprofile="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7090 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7091 --no-color)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7092 export ACME_NO_COLOR=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7093 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7094 --force-color)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7095 export ACME_FORCE_COLOR=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7096 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7097 --ecc)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7098 _ecc="isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7099 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7100 --csr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7101 _csr="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7102 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7103 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7104 --pre-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7105 _pre_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7106 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7107 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7108 --post-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7109 _post_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7110 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7111 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7112 --renew-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7113 _renew_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7114 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7115 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7116 --deploy-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7117 if [ -z "$2" ] || _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7118 _usage "Please specify a value for '--deploy-hook'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7119 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7120 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7121 _deploy_hook="$_deploy_hook$2,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7122 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7123 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7124 --ocsp-must-staple | --ocsp)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7125 Le_OCSP_Staple="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7126 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7127 --always-force-new-domain-key)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7128 if [ -z "$2" ] || _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7129 Le_ForceNewDomainKey=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7130 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7131 Le_ForceNewDomainKey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7132 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7133 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7134 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7135 --yes-I-know-dns-manual-mode-enough-go-ahead-please)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7136 export FORCE_DNS_MANUAL=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7137 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7138 --log | --logfile)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7139 _log="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7140 _logfile="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7141 if _startswith "$_logfile" '-'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7142 _logfile=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7143 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7144 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7145 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7146 LOG_FILE="$_logfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7147 if [ -z "$LOG_LEVEL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7148 LOG_LEVEL="$DEFAULT_LOG_LEVEL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7149 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7150 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7151 --log-level)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7152 _log_level="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7153 LOG_LEVEL="$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7154 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7155 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7156 --syslog)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7157 if ! _startswith "$2" '-'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7158 _syslog="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7159 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7160 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7161 if [ -z "$_syslog" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7162 _syslog="$SYSLOG_LEVEL_DEFAULT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7163 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7164 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7165 --auto-upgrade)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7166 _auto_upgrade="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7167 if [ -z "$_auto_upgrade" ] || _startswith "$_auto_upgrade" '-'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7168 _auto_upgrade="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7169 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7170 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7171 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7172 AUTO_UPGRADE="$_auto_upgrade"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7173 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7174 --listen-v4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7175 _listen_v4="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7176 Le_Listen_V4="$_listen_v4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7177 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7178 --listen-v6)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7179 _listen_v6="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7180 Le_Listen_V6="$_listen_v6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7181 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7182 --openssl-bin)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7183 _openssl_bin="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7184 ACME_OPENSSL_BIN="$_openssl_bin"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7185 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7186 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7187 --use-wget)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7188 _use_wget="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7189 ACME_USE_WGET="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7190 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7191 --branch | -b)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7192 export BRANCH="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7193 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7194 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7195 --notify-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7196 _nhook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7197 if _startswith "$_nhook" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7198 _err "'$_nhook' is not a hook name for '$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7199 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7200 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7201 if [ "$_notify_hook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7202 _notify_hook="$_notify_hook,$_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7203 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7204 _notify_hook="$_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7205 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7206 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7207 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7208 --notify-level)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7209 _nlevel="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7210 if _startswith "$_nlevel" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7211 _err "'$_nlevel' is not a integer for '$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7212 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7213 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7214 _notify_level="$_nlevel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7215 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7216 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7217 --notify-mode)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7218 _nmode="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7219 if _startswith "$_nmode" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7220 _err "'$_nmode' is not a integer for '$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7221 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7222 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7223 _notify_mode="$_nmode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7224 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7225 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7226 --revoke-reason)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7227 _revoke_reason="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7228 if _startswith "$_revoke_reason" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7229 _err "'$_revoke_reason' is not a integer for '$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7230 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7231 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7232 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7233 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7234 --eab-kid)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7235 _eab_kid="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7236 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7237 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7238 --eab-hmac-key)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7239 _eab_hmac_key="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7240 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7241 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7242 --preferred-chain)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7243 _preferred_chain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7244 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7245 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7246 *)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7247 _err "Unknown parameter : $1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7248 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7249 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7250 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7251
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7252 shift 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7253 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7254
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7255 if [ "${_CMD}" != "install" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7256 if [ "$__INTERACTIVE" ] && ! _checkSudo; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7257 if [ -z "$FORCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7258 #Use "echo" here, instead of _info. it's too early
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7259 echo "It seems that you are using sudo, please read this link first:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7260 echo "$_SUDO_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7261 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7262 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7263 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7264 __initHome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7265 if [ "$_log" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7266 if [ -z "$_logfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7267 _logfile="$DEFAULT_LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7268 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7269 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7270 if [ "$_logfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7271 _saveaccountconf "LOG_FILE" "$_logfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7272 LOG_FILE="$_logfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7273 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7274
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7275 if [ "$_log_level" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7276 _saveaccountconf "LOG_LEVEL" "$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7277 LOG_LEVEL="$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7278 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7279
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7280 if [ "$_syslog" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7281 if _exists logger; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7282 if [ "$_syslog" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7283 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7284 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7285 _saveaccountconf "SYS_LOG" "$_syslog"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7286 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7287 SYS_LOG="$_syslog"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7288 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7289 _err "The 'logger' command is not found, can not enable syslog."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7290 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7291 SYS_LOG=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7292 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7293 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7294
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7295 _processAccountConf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7296 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7297
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7298 _debug2 LE_WORKING_DIR "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7299
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7300 if [ "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7301 version
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7302 if [ "$_server" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7303 _debug "Using server: $_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7304 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7305 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7306 _debug "Running cmd: ${_CMD}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7307 case "${_CMD}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7308 install) install "$_nocron" "$_confighome" "$_noprofile" ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7309 uninstall) uninstall "$_nocron" ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7310 upgrade) upgrade ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7311 issue)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7312 issue "$_webroot" "$_domain" "$_altdomains" "$_keylength" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address" "$_challenge_alias" "$_preferred_chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7313 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7314 deploy)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7315 deploy "$_domain" "$_deploy_hook" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7316 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7317 signcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7318 signcsr "$_csr" "$_webroot" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address" "$_challenge_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7319 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7320 showcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7321 showcsr "$_csr" "$_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7322 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7323 installcert)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7324 installcert "$_domain" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7325 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7326 renew)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7327 renew "$_domain" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7328 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7329 renewAll)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7330 renewAll "$_stopRenewOnError"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7331 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7332 revoke)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7333 revoke "$_domain" "$_ecc" "$_revoke_reason"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7334 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7335 remove)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7336 remove "$_domain" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7337 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7338 deactivate)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7339 deactivate "$_domain,$_altdomains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7340 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7341 registeraccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7342 registeraccount "$_accountkeylength" "$_eab_kid" "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7343 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7344 updateaccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7345 updateaccount
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7346 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7347 deactivateaccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7348 deactivateaccount
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7349 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7350 list)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7351 list "$_listraw" "$_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7352 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7353 installcronjob) installcronjob "$_confighome" ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7354 uninstallcronjob) uninstallcronjob ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7355 cron) cron ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7356 toPkcs)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7357 toPkcs "$_domain" "$_password" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7358 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7359 toPkcs8)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7360 toPkcs8 "$_domain" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7361 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7362 createAccountKey)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7363 createAccountKey "$_accountkeylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7364 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7365 createDomainKey)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7366 createDomainKey "$_domain" "$_keylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7367 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7368 createCSR)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7369 createCSR "$_domain" "$_altdomains" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7370 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7371 setnotify)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7372 setnotify "$_notify_hook" "$_notify_level" "$_notify_mode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7373 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7374 setdefaultca)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7375 setdefaultca
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7376 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7377 *)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7378 if [ "$_CMD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7379 _err "Invalid command: $_CMD"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7380 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7381 showhelp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7382 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7383 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7384 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7385 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7386 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7387 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7388 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7389
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7390 if [ "${_CMD}" = "install" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7391 if [ "$_log" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7392 if [ -z "$LOG_FILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7393 LOG_FILE="$DEFAULT_LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7394 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7395 _saveaccountconf "LOG_FILE" "$LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7396 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7397
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7398 if [ "$_log_level" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7399 _saveaccountconf "LOG_LEVEL" "$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7400 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7401
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7402 if [ "$_syslog" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7403 if _exists logger; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7404 if [ "$_syslog" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7405 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7406 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7407 _saveaccountconf "SYS_LOG" "$_syslog"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7408 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7409 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7410 _err "The 'logger' command is not found, can not enable syslog."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7411 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7412 SYS_LOG=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7413 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7414 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7415
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7416 _processAccountConf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7417 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7418
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7419 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7420
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7421 if [ "$INSTALLONLINE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7422 INSTALLONLINE=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7423 _installOnline
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7424 exit
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7425 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7426
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7427 main() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7428 [ -z "$1" ] && showhelp && return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7429 if _startswith "$1" '-'; then _process "$@"; else "$@"; fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7430 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7431
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7432 main "$@"