Mercurial Hosting > luan

annotate host/acme.sh @ 2015:61b0cc7db09c default tip fixssl

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Manually specify letsencrypt server due to acme default server change (to zerossl)
author Violet7
date Sat, 27 Sep 2025 13:37:11 -0700
parents b735ed134662
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1 #!/bin/bash
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3 VER=3.1.2
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5 PROJECT_NAME="acme.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7 PROJECT_ENTRY="acme.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
9 PROJECT="https://github.com/acmesh-official/$PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
10
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
11 DEFAULT_INSTALL_HOME="$HOME/.$PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
12
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
13 _WINDOWS_SCHEDULER_NAME="$PROJECT_NAME.cron"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
14
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
15 _SCRIPT_="$0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
16
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
17 _SUB_FOLDER_NOTIFY="notify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
18 _SUB_FOLDER_DNSAPI="dnsapi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
19 _SUB_FOLDER_DEPLOY="deploy"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
20
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
21 _SUB_FOLDERS="$_SUB_FOLDER_DNSAPI $_SUB_FOLDER_DEPLOY $_SUB_FOLDER_NOTIFY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
22
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
23 CA_LETSENCRYPT_V2="https://acme-v02.api.letsencrypt.org/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
24 CA_LETSENCRYPT_V2_TEST="https://acme-staging-v02.api.letsencrypt.org/directory"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
25
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
26 CA_ZEROSSL="https://acme.zerossl.com/v2/DV90"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
27 _ZERO_EAB_ENDPOINT="https://api.zerossl.com/acme/eab-credentials-email"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
28
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
29 CA_SSLCOM_RSA="https://acme.ssl.com/sslcom-dv-rsa"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
30 CA_SSLCOM_ECC="https://acme.ssl.com/sslcom-dv-ecc"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
31
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
32 CA_GOOGLE="https://dv.acme-v02.api.pki.goog/directory"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
33 CA_GOOGLE_TEST="https://dv.acme-v02.test-api.pki.goog/directory"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
34
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
35 DEFAULT_CA=$CA_ZEROSSL
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
36 DEFAULT_STAGING_CA=$CA_LETSENCRYPT_V2_TEST
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
37
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
38 CA_NAMES="
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
39 ZeroSSL.com,zerossl
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
40 LetsEncrypt.org,letsencrypt
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
41 LetsEncrypt.org_test,letsencrypt_test,letsencrypttest
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
42 SSL.com,sslcom
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
43 Google.com,google
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
44 Google.com_test,googletest,google_test
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
45 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
46
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
47 CA_SERVERS="$CA_ZEROSSL,$CA_LETSENCRYPT_V2,$CA_LETSENCRYPT_V2_TEST,$CA_SSLCOM_RSA,$CA_GOOGLE,$CA_GOOGLE_TEST"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
48
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
49 DEFAULT_USER_AGENT="$PROJECT_NAME/$VER ($PROJECT)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
50
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
51 DEFAULT_ACCOUNT_KEY_LENGTH=ec-256
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
52 DEFAULT_DOMAIN_KEY_LENGTH=ec-256
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
53
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
54 DEFAULT_OPENSSL_BIN="openssl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
55
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
56 VTYPE_HTTP="http-01"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
57 VTYPE_DNS="dns-01"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
58 VTYPE_ALPN="tls-alpn-01"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
59
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
60 ID_TYPE_DNS="dns"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
61 ID_TYPE_IP="ip"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
62
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
63 LOCAL_ANY_ADDRESS="0.0.0.0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
64
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
65 DEFAULT_RENEW=60
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
66
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
67 NO_VALUE="no"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
68
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
69 W_DNS="dns"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
70 W_ALPN="alpn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
71 DNS_ALIAS_PREFIX="="
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
72
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
73 MODE_STATELESS="stateless"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
74
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
75 STATE_VERIFIED="verified_ok"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
76
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
77 NGINX="nginx:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
78 NGINX_START="#ACME_NGINX_START"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
79 NGINX_END="#ACME_NGINX_END"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
80
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
81 BEGIN_CSR="-----BEGIN [NEW ]\{0,4\}CERTIFICATE REQUEST-----"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
82 END_CSR="-----END [NEW ]\{0,4\}CERTIFICATE REQUEST-----"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
83
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
84 BEGIN_CERT="-----BEGIN CERTIFICATE-----"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
85 END_CERT="-----END CERTIFICATE-----"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
86
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
87 CONTENT_TYPE_JSON="application/jose+json"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
88 RENEW_SKIP=2
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
89 CODE_DNS_MANUAL=3
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
90
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
91 B64CONF_START="__ACME_BASE64__START_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
92 B64CONF_END="__ACME_BASE64__END_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
93
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
94 ECC_SEP="_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
95 ECC_SUFFIX="${ECC_SEP}ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
96
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
97 LOG_LEVEL_1=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
98 LOG_LEVEL_2=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
99 LOG_LEVEL_3=3
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
100 DEFAULT_LOG_LEVEL="$LOG_LEVEL_2"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
101
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
102 DEBUG_LEVEL_1=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
103 DEBUG_LEVEL_2=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
104 DEBUG_LEVEL_3=3
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
105 DEBUG_LEVEL_DEFAULT=$DEBUG_LEVEL_2
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
106 DEBUG_LEVEL_NONE=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
107
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
108 DOH_CLOUDFLARE=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
109 DOH_GOOGLE=2
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
110 DOH_ALI=3
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
111 DOH_DP=4
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
112
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
113 HIDDEN_VALUE="[hidden](please add '--output-insecure' to see this value)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
114
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
115 SYSLOG_ERROR="user.error"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
116 SYSLOG_INFO="user.info"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
117 SYSLOG_DEBUG="user.debug"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
118
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
119 #error
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
120 SYSLOG_LEVEL_ERROR=3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
121 #info
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
122 SYSLOG_LEVEL_INFO=6
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
123 #debug
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
124 SYSLOG_LEVEL_DEBUG=7
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
125 #debug2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
126 SYSLOG_LEVEL_DEBUG_2=8
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
127 #debug3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
128 SYSLOG_LEVEL_DEBUG_3=9
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
129
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
130 SYSLOG_LEVEL_DEFAULT=$SYSLOG_LEVEL_ERROR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
131 #none
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
132 SYSLOG_LEVEL_NONE=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
133
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
134 NOTIFY_LEVEL_DISABLE=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
135 NOTIFY_LEVEL_ERROR=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
136 NOTIFY_LEVEL_RENEW=2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
137 NOTIFY_LEVEL_SKIP=3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
138
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
139 NOTIFY_LEVEL_DEFAULT=$NOTIFY_LEVEL_RENEW
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
140
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
141 NOTIFY_MODE_BULK=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
142 NOTIFY_MODE_CERT=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
143
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
144 NOTIFY_MODE_DEFAULT=$NOTIFY_MODE_BULK
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
145
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
146 _BASE64_ENCODED_CFGS="Le_PreHook Le_PostHook Le_RenewHook Le_Preferred_Chain Le_ReloadCmd"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
147
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
148 _DEBUG_WIKI="https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
149
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
150 _PREPARE_LINK="https://github.com/acmesh-official/acme.sh/wiki/Install-preparations"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
151
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
152 _STATELESS_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Stateless-Mode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
153
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
154 _DNS_ALIAS_WIKI="https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
155
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
156 _DNS_MANUAL_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dns-manual-mode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
157
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
158 _DNS_API_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dnsapi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
159
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
160 _NOTIFY_WIKI="https://github.com/acmesh-official/acme.sh/wiki/notify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
161
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
162 _SUDO_WIKI="https://github.com/acmesh-official/acme.sh/wiki/sudo"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
163
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
164 _REVOKE_WIKI="https://github.com/acmesh-official/acme.sh/wiki/revokecert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
165
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
166 _ZEROSSL_WIKI="https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
167
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
168 _SSLCOM_WIKI="https://github.com/acmesh-official/acme.sh/wiki/SSL.com-CA"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
169
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
170 _SERVER_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
171
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
172 _PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
173
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
174 _VALIDITY_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Validity"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
175
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
176 _DNSCHECK_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dnscheck"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
177
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
178 _DNS_MANUAL_ERR="The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
179
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
180 _DNS_MANUAL_WARN="It seems that you are using dns manual mode. please take care: $_DNS_MANUAL_ERR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
181
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
182 _DNS_MANUAL_ERROR="It seems that you are using dns manual mode. Read this link first: $_DNS_MANUAL_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
183
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
184 __INTERACTIVE=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
185 if [ -t 1 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
186 __INTERACTIVE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
187 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
188
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
189 __green() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
190 if [ "${__INTERACTIVE}${ACME_NO_COLOR:-0}" = "10" -o "${ACME_FORCE_COLOR}" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
191 printf '\33[1;32m%b\33[0m' "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
192 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
193 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
194 printf -- "%b" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
195 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
196
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
197 __red() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
198 if [ "${__INTERACTIVE}${ACME_NO_COLOR:-0}" = "10" -o "${ACME_FORCE_COLOR}" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
199 printf '\33[1;31m%b\33[0m' "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
200 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
201 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
202 printf -- "%b" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
203 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
204
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
205 _printargs() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
206 _exitstatus="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
207 if [ -z "$NO_TIMESTAMP" ] || [ "$NO_TIMESTAMP" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
208 printf -- "%s" "[$(date)] "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
209 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
210 if [ -z "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
211 printf -- "%s" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
212 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
213 printf -- "%s" "$1='$2'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
214 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
215 printf "\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
216 # return the saved exit status
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
217 return "$_exitstatus"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
218 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
219
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
220 _dlg_versions() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
221 echo "Diagnosis versions: "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
222 echo "openssl:$ACME_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
223 if _exists "${ACME_OPENSSL_BIN:-openssl}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
224 ${ACME_OPENSSL_BIN:-openssl} version 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
225 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
226 echo "$ACME_OPENSSL_BIN doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
227 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
228
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
229 echo "Apache:"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
230 if [ "$_APACHECTL" ] && _exists "$_APACHECTL"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
231 $_APACHECTL -V 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
232 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
233 echo "Apache doesn't exist."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
234 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
235
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
236 echo "nginx:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
237 if _exists "nginx"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
238 nginx -V 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
239 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
240 echo "nginx doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
241 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
242
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
243 echo "socat:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
244 if _exists "socat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
245 socat -V 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
246 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
247 _debug "socat doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
248 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
249 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
250
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
251 #class
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
252 _syslog() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
253 _exitstatus="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
254 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" = "$SYSLOG_LEVEL_NONE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
255 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
256 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
257 _logclass="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
258 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
259 if [ -z "$__logger_i" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
260 if _contains "$(logger --help 2>&1)" "-i"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
261 __logger_i="logger -i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
262 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
263 __logger_i="logger"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
264 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
265 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
266 $__logger_i -t "$PROJECT_NAME" -p "$_logclass" "$(_printargs "$@")" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
267 return "$_exitstatus"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
268 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
269
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
270 _log() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
271 [ -z "$LOG_FILE" ] && return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
272 _printargs "$@" >>"$LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
273 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
274
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
275 _info() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
276 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
277 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_INFO" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
278 _syslog "$SYSLOG_INFO" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
279 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
280 _printargs "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
281 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
282
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
283 _err() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
284 _syslog "$SYSLOG_ERROR" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
285 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
286 if [ -z "$NO_TIMESTAMP" ] || [ "$NO_TIMESTAMP" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
287 printf -- "%s" "[$(date)] " >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
288 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
289 if [ -z "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
290 __red "$1" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
291 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
292 __red "$1='$2'" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
293 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
294 printf "\n" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
295 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
296 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
297
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
298 _usage() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
299 __red "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
300 printf "\n" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
301 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
302
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
303 __debug_bash_helper() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
304 # At this point only do for --debug 3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
305 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -lt "$DEBUG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
306 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
307 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
308 # Return extra debug info when running with bash, otherwise return empty
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
309 # string.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
310 if [ -z "${BASH_VERSION}" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
311 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
312 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
313 # We are a bash shell at this point, return the filename, function name, and
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
314 # line number as a string
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
315 _dbh_saveIFS=$IFS
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
316 IFS=" "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
317 # Must use eval or syntax error happens under dash. The eval should use
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
318 # single quotes as older versions of busybox had a bug with double quotes and
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
319 # eval.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
320 # Use 'caller 1' as we want one level up the stack as we should be called
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
321 # by one of the _debug* functions
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
322 eval '_dbh_called=($(caller 1))'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
323 IFS=$_dbh_saveIFS
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
324 eval '_dbh_file=${_dbh_called[2]}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
325 if [ -n "${_script_home}" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
326 # Trim off the _script_home directory name
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
327 eval '_dbh_file=${_dbh_file#$_script_home/}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
328 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
329 eval '_dbh_function=${_dbh_called[1]}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
330 eval '_dbh_lineno=${_dbh_called[0]}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
331 printf "%-40s " "$_dbh_file:${_dbh_function}:${_dbh_lineno}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
332 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
333
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
334 _debug() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
335 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
336 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
337 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
338 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
339 _syslog "$SYSLOG_DEBUG" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
340 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
341 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
342 _bash_debug=$(__debug_bash_helper)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
343 _printargs "${_bash_debug}$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
344 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
345 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
346
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
347 #output the sensitive messages
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
348 _secure_debug() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
349 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
350 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
351 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
352 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
353 _log "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
354 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
355 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
356 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
357 _syslog "$SYSLOG_DEBUG" "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
358 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
359 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
360 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
361 _printargs "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
362 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
363 _printargs "$1" "$HIDDEN_VALUE" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
364 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
365 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
366 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
367
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
368 _debug2() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
369 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
370 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
371 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
372 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
373 _syslog "$SYSLOG_DEBUG" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
374 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
375 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
376 _bash_debug=$(__debug_bash_helper)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
377 _printargs "${_bash_debug}$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
378 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
379 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
380
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
381 _secure_debug2() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
382 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
383 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
384 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
385 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
386 _log "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
387 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
388 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
389 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
390 _syslog "$SYSLOG_DEBUG" "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
391 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
392 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
393 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
394 _printargs "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
395 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
396 _printargs "$1" "$HIDDEN_VALUE" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
397 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
398 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
399 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
400
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
401 _debug3() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
402 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
403 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
404 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
405 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
406 _syslog "$SYSLOG_DEBUG" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
407 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
408 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
409 _bash_debug=$(__debug_bash_helper)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
410 _printargs "${_bash_debug}$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
411 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
412 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
413
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
414 _secure_debug3() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
415 if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
416 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
417 _log "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
418 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
419 _log "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
420 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
421 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
422 if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
423 _syslog "$SYSLOG_DEBUG" "$1" "$HIDDEN_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
424 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
425 if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_3" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
426 if [ "$OUTPUT_INSECURE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
427 _printargs "$@" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
428 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
429 _printargs "$1" "$HIDDEN_VALUE" >&2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
430 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
431 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
432 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
433
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
434 __USE_TR_TAG=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
435 if [ "$(echo "abc" | LANG=C tr a-z A-Z 2>/dev/null)" != "ABC" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
436 __USE_TR_TAG="1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
437 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
438 export __USE_TR_TAG
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
439
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
440 _upper_case() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
441 if [ "$__USE_TR_TAG" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
442 LANG=C tr '[:lower:]' '[:upper:]'
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
443 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
444 # shellcheck disable=SC2018,SC2019
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
445 LANG=C tr '[a-z]' '[A-Z]'
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
446 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
447 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
448
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
449 _lower_case() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
450 if [ "$__USE_TR_TAG" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
451 LANG=C tr '[:upper:]' '[:lower:]'
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
452 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
453 # shellcheck disable=SC2018,SC2019
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
454 LANG=C tr '[A-Z]' '[a-z]'
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
455 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
456 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
457
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
458 _startswith() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
459 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
460 _sub="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
461 echo "$_str" | grep -- "^$_sub" >/dev/null 2>&1
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
462 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
463
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
464 _endswith() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
465 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
466 _sub="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
467 echo "$_str" | grep -- "$_sub\$" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
468 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
469
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
470 _contains() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
471 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
472 _sub="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
473 echo "$_str" | grep -- "$_sub" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
474 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
475
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
476 _hasfield() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
477 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
478 _field="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
479 _sep="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
480 if [ -z "$_field" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
481 _usage "Usage: str field [sep]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
482 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
483 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
484
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
485 if [ -z "$_sep" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
486 _sep=","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
487 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
488
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
489 for f in $(echo "$_str" | tr "$_sep" ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
490 if [ "$f" = "$_field" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
491 _debug2 "'$_str' contains '$_field'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
492 return 0 #contains ok
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
493 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
494 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
495 _debug2 "'$_str' does not contain '$_field'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
496 return 1 #not contains
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
497 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
498
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
499 # str index [sep]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
500 _getfield() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
501 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
502 _findex="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
503 _sep="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
504
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
505 if [ -z "$_findex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
506 _usage "Usage: str field [sep]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
507 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
508 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
509
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
510 if [ -z "$_sep" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
511 _sep=","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
512 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
513
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
514 _ffi="$_findex"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
515 while [ "$_ffi" -gt "0" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
516 _fv="$(echo "$_str" | cut -d "$_sep" -f "$_ffi")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
517 if [ "$_fv" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
518 printf -- "%s" "$_fv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
519 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
520 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
521 _ffi="$(_math "$_ffi" - 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
522 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
523
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
524 printf -- "%s" "$_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
525
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
526 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
527
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
528 _exists() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
529 cmd="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
530 if [ -z "$cmd" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
531 _usage "Usage: _exists cmd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
532 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
533 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
534
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
535 if eval type type >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
536 eval type "$cmd" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
537 elif command >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
538 command -v "$cmd" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
539 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
540 which "$cmd" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
541 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
542 ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
543 _debug3 "$cmd exists=$ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
544 return $ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
545 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
546
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
547 #a + b
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
548 _math() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
549 _m_opts="$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
550 printf "%s" "$(($_m_opts))"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
551 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
552
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
553 _h_char_2_dec() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
554 _ch=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
555 case "${_ch}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
556 a | A)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
557 printf "10"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
558 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
559 b | B)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
560 printf "11"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
561 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
562 c | C)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
563 printf "12"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
564 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
565 d | D)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
566 printf "13"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
567 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
568 e | E)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
569 printf "14"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
570 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
571 f | F)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
572 printf "15"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
573 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
574 *)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
575 printf "%s" "$_ch"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
576 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
577 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
578
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
579 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
580
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
581 _URGLY_PRINTF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
582 if [ "$(printf '\x41')" != 'A' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
583 _URGLY_PRINTF=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
584 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
585
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
586 _ESCAPE_XARGS=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
587 if _exists xargs && [ "$(printf %s '\\x41' | xargs printf)" = 'A' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
588 _ESCAPE_XARGS=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
589 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
590
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
591 _h2b() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
592 if _exists xxd; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
593 if _contains "$(xxd --help 2>&1)" "assumes -c30"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
594 if xxd -r -p -c 9999 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
595 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
596 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
597 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
598 if xxd -r -p 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
599 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
600 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
601 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
602 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
603
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
604 hex=$(cat)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
605 ic=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
606 jc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
607 _debug2 _URGLY_PRINTF "$_URGLY_PRINTF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
608 if [ -z "$_URGLY_PRINTF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
609 if [ "$_ESCAPE_XARGS" ] && _exists xargs; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
610 _debug2 "xargs"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
611 echo "$hex" | _upper_case | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/g' | xargs printf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
612 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
613 for h in $(echo "$hex" | _upper_case | sed 's/\([0-9A-F]\{2\}\)/ \1/g'); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
614 if [ -z "$h" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
615 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
616 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
617 printf "\x$h%s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
618 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
619 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
620 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
621 for c in $(echo "$hex" | _upper_case | sed 's/\([0-9A-F]\)/ \1/g'); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
622 if [ -z "$ic" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
623 ic=$c
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
624 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
625 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
626 jc=$c
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
627 ic="$(_h_char_2_dec "$ic")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
628 jc="$(_h_char_2_dec "$jc")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
629 printf '\'"$(printf "%o" "$(_math "$ic" \* 16 + $jc)")""%s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
630 ic=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
631 jc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
632 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
633 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
634
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
635 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
636
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
637 _is_solaris() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
638 _contains "${__OS__:=$(uname -a)}" "solaris" || _contains "${__OS__:=$(uname -a)}" "SunOS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
639 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
640
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
641 #_ascii_hex str
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
642 #this can only process ascii chars, should only be used when od command is missing as a backup way.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
643 _ascii_hex() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
644 _debug2 "Using _ascii_hex"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
645 _str="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
646 _str_len=${#_str}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
647 _h_i=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
648 while [ "$_h_i" -le "$_str_len" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
649 _str_c="$(printf "%s" "$_str" | cut -c "$_h_i")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
650 printf " %02x" "'$_str_c"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
651 _h_i="$(_math "$_h_i" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
652 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
653 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
654
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
655 #stdin output hexstr splited by one space
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
656 #input:"abc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
657 #output: " 61 62 63"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
658 _hex_dump() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
659 if _exists od; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
660 od -A n -v -t x1 | tr -s " " | sed 's/ $//' | tr -d "\r\t\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
661 elif _exists hexdump; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
662 _debug3 "using hexdump"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
663 hexdump -v -e '/1 ""' -e '/1 " %02x" ""'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
664 elif _exists xxd; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
665 _debug3 "using xxd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
666 xxd -ps -c 20 -i | sed "s/ 0x/ /g" | tr -d ",\n" | tr -s " "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
667 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
668 _debug3 "using _ascii_hex"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
669 str=$(cat)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
670 _ascii_hex "$str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
671 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
672 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
673
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
674 #url encode, no-preserved chars
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
675 #A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
676 #41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
677
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
678 #a b c d e f g h i j k l m n o p q r s t u v w x y z
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
679 #61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 78 79 7a
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
680
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
681 #0 1 2 3 4 5 6 7 8 9 - _ . ~
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
682 #30 31 32 33 34 35 36 37 38 39 2d 5f 2e 7e
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
683
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
684 #_url_encode [upper-hex] the encoded hex will be upper-case if the argument upper-hex is followed
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
685 #stdin stdout
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
686 _url_encode() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
687 _upper_hex=$1
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
688 _hex_str=$(_hex_dump)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
689 _debug3 "_url_encode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
690 _debug3 "_hex_str" "$_hex_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
691 for _hex_code in $_hex_str; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
692 #upper case
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
693 case "${_hex_code}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
694 "41")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
695 printf "%s" "A"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
696 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
697 "42")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
698 printf "%s" "B"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
699 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
700 "43")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
701 printf "%s" "C"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
702 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
703 "44")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
704 printf "%s" "D"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
705 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
706 "45")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
707 printf "%s" "E"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
708 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
709 "46")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
710 printf "%s" "F"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
711 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
712 "47")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
713 printf "%s" "G"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
714 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
715 "48")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
716 printf "%s" "H"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
717 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
718 "49")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
719 printf "%s" "I"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
720 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
721 "4a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
722 printf "%s" "J"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
723 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
724 "4b")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
725 printf "%s" "K"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
726 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
727 "4c")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
728 printf "%s" "L"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
729 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
730 "4d")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
731 printf "%s" "M"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
732 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
733 "4e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
734 printf "%s" "N"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
735 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
736 "4f")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
737 printf "%s" "O"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
738 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
739 "50")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
740 printf "%s" "P"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
741 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
742 "51")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
743 printf "%s" "Q"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
744 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
745 "52")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
746 printf "%s" "R"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
747 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
748 "53")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
749 printf "%s" "S"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
750 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
751 "54")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
752 printf "%s" "T"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
753 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
754 "55")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
755 printf "%s" "U"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
756 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
757 "56")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
758 printf "%s" "V"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
759 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
760 "57")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
761 printf "%s" "W"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
762 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
763 "58")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
764 printf "%s" "X"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
765 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
766 "59")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
767 printf "%s" "Y"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
768 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
769 "5a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
770 printf "%s" "Z"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
771 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
772
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
773 #lower case
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
774 "61")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
775 printf "%s" "a"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
776 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
777 "62")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
778 printf "%s" "b"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
779 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
780 "63")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
781 printf "%s" "c"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
782 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
783 "64")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
784 printf "%s" "d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
785 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
786 "65")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
787 printf "%s" "e"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
788 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
789 "66")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
790 printf "%s" "f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
791 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
792 "67")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
793 printf "%s" "g"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
794 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
795 "68")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
796 printf "%s" "h"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
797 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
798 "69")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
799 printf "%s" "i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
800 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
801 "6a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
802 printf "%s" "j"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
803 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
804 "6b")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
805 printf "%s" "k"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
806 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
807 "6c")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
808 printf "%s" "l"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
809 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
810 "6d")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
811 printf "%s" "m"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
812 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
813 "6e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
814 printf "%s" "n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
815 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
816 "6f")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
817 printf "%s" "o"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
818 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
819 "70")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
820 printf "%s" "p"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
821 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
822 "71")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
823 printf "%s" "q"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
824 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
825 "72")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
826 printf "%s" "r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
827 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
828 "73")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
829 printf "%s" "s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
830 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
831 "74")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
832 printf "%s" "t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
833 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
834 "75")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
835 printf "%s" "u"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
836 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
837 "76")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
838 printf "%s" "v"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
839 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
840 "77")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
841 printf "%s" "w"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
842 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
843 "78")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
844 printf "%s" "x"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
845 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
846 "79")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
847 printf "%s" "y"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
848 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
849 "7a")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
850 printf "%s" "z"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
851 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
852 #numbers
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
853 "30")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
854 printf "%s" "0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
855 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
856 "31")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
857 printf "%s" "1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
858 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
859 "32")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
860 printf "%s" "2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
861 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
862 "33")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
863 printf "%s" "3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
864 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
865 "34")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
866 printf "%s" "4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
867 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
868 "35")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
869 printf "%s" "5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
870 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
871 "36")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
872 printf "%s" "6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
873 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
874 "37")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
875 printf "%s" "7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
876 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
877 "38")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
878 printf "%s" "8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
879 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
880 "39")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
881 printf "%s" "9"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
882 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
883 "2d")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
884 printf "%s" "-"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
885 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
886 "5f")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
887 printf "%s" "_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
888 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
889 "2e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
890 printf "%s" "."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
891 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
892 "7e")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
893 printf "%s" "~"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
894 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
895 #other hex
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
896 *)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
897 if [ "$_upper_hex" = "upper-hex" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
898 _hex_code=$(printf "%s" "$_hex_code" | _upper_case)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
899 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
900 printf '%%%s' "$_hex_code"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
901 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
902 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
903 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
904 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
905
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
906 _json_encode() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
907 _j_str="$(sed 's/"/\\"/g' | sed "s/\r/\\r/g")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
908 _debug3 "_json_encode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
909 _debug3 "_j_str" "$_j_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
910 echo "$_j_str" | _hex_dump | _lower_case | sed 's/0a/5c 6e/g' | tr -d ' ' | _h2b | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
911 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
912
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
913 #from: http:\/\/ to http://
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
914 _json_decode() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
915 _j_str="$(sed 's#\\/#/#g')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
916 _debug3 "_json_decode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
917 _debug3 "_j_str" "$_j_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
918 echo "$_j_str"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
919 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
920
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
921 #options file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
922 _sed_i() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
923 options="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
924 filename="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
925 if [ -z "$filename" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
926 _usage "Usage:_sed_i options filename"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
927 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
928 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
929 _debug2 options "$options"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
930 if sed -h 2>&1 | grep "\-i\[SUFFIX]" >/dev/null 2>&1; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
931 _debug "Using sed -i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
932 sed -i "$options" "$filename"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
933 elif sed -h 2>&1 | grep "\-i extension" >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
934 _debug "Using FreeBSD sed -i"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
935 sed -i "" "$options" "$filename"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
936 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
937 _debug "No -i support in sed"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
938 text="$(cat "$filename")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
939 echo "$text" | sed "$options" >"$filename"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
940 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
941 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
942
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
943 if [ "$(echo abc | egrep -o b 2>/dev/null)" = "b" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
944 __USE_EGREP=1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
945 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
946 __USE_EGREP=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
947 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
948
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
949 _egrep_o() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
950 if [ "$__USE_EGREP" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
951 egrep -o -- "$1" 2>/dev/null
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
952 else
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
953 sed -n 's/.*\('"$1"'\).*/\1/p'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
954 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
955 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
956
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
957 #Usage: file startline endline
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
958 _getfile() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
959 filename="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
960 startline="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
961 endline="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
962 if [ -z "$endline" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
963 _usage "Usage: file startline endline"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
964 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
965 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
966
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
967 i="$(grep -n -- "$startline" "$filename" | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
968 if [ -z "$i" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
969 _err "Cannot find start line: $startline"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
970 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
971 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
972 i="$(_math "$i" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
973 _debug i "$i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
974
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
975 j="$(grep -n -- "$endline" "$filename" | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
976 if [ -z "$j" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
977 _err "Cannot find end line: $endline"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
978 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
979 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
980 j="$(_math "$j" - 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
981 _debug j "$j"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
982
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
983 sed -n "$i,${j}p" "$filename"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
984
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
985 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
986
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
987 #Usage: multiline
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
988 _base64() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
989 [ "" ] #urgly
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
990 if [ "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
991 _debug3 "base64 multiline:'$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
992 ${ACME_OPENSSL_BIN:-openssl} base64 -e
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
993 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
994 _debug3 "base64 single line."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
995 ${ACME_OPENSSL_BIN:-openssl} base64 -e | tr -d '\r\n'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
996 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
997 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
998
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
999 #Usage: multiline
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1000 _dbase64() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1001 if [ "$1" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1002 ${ACME_OPENSSL_BIN:-openssl} base64 -d
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1003 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1004 ${ACME_OPENSSL_BIN:-openssl} base64 -d -A
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1005 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1006 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1007
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1008 #file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1009 _checkcert() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1010 _cf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1011 if [ "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1012 ${ACME_OPENSSL_BIN:-openssl} x509 -noout -text -in "$_cf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1013 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1014 ${ACME_OPENSSL_BIN:-openssl} x509 -noout -text -in "$_cf" >/dev/null 2>&1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1015 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1016 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1017
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1018 #Usage: hashalg [outputhex]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1019 #Output Base64-encoded digest
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1020 _digest() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1021 alg="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1022 if [ -z "$alg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1023 _usage "Usage: _digest hashalg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1024 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1025 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1026
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1027 outputhex="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1028
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1029 if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ] || [ "$alg" = "md5" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1030 if [ "$outputhex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1031 ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -hex | cut -d = -f 2 | tr -d ' '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1032 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1033 ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -binary | _base64
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1034 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1035 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1036 _err "$alg is not supported yet"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1037 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1038 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1039
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1040 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1041
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1042 #Usage: hashalg secret_hex [outputhex]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1043 #Output binary hmac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1044 _hmac() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1045 alg="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1046 secret_hex="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1047 outputhex="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1048
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1049 if [ -z "$secret_hex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1050 _usage "Usage: _hmac hashalg secret [outputhex]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1051 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1052 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1053
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1054 if [ "$alg" = "sha256" ] || [ "$alg" = "sha1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1055 if [ "$outputhex" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1056 (${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" 2>/dev/null || ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -hmac "$(printf "%s" "$secret_hex" | _h2b)") | cut -d = -f 2 | tr -d ' '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1057 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1058 ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -mac HMAC -macopt "hexkey:$secret_hex" -binary 2>/dev/null || ${ACME_OPENSSL_BIN:-openssl} dgst -"$alg" -hmac "$(printf "%s" "$secret_hex" | _h2b)" -binary
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1059 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1060 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1061 _err "$alg is not supported yet"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1062 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1063 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1064
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1065 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1066
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1067 #Usage: keyfile hashalg
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1068 #Output: Base64-encoded signature value
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1069 _sign() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1070 keyfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1071 alg="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1072 if [ -z "$alg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1073 _usage "Usage: _sign keyfile hashalg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1074 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1075 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1076
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1077 _sign_openssl="${ACME_OPENSSL_BIN:-openssl} dgst -sign $keyfile "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1078
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1079 if _isRSA "$keyfile" >/dev/null 2>&1; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1080 $_sign_openssl -$alg | _base64
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1081 elif _isEcc "$keyfile" >/dev/null 2>&1; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1082 if ! _signedECText="$($_sign_openssl -sha$__ECC_KEY_LEN | ${ACME_OPENSSL_BIN:-openssl} asn1parse -inform DER)"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1083 _err "Sign failed: $_sign_openssl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1084 _err "Key file: $keyfile"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1085 _err "Key content: $(wc -l <"$keyfile") lines"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1086 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1087 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1088 _debug3 "_signedECText" "$_signedECText"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1089 _ec_r="$(echo "$_signedECText" | _head_n 2 | _tail_n 1 | cut -d : -f 4 | tr -d "\r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1090 _ec_s="$(echo "$_signedECText" | _head_n 3 | _tail_n 1 | cut -d : -f 4 | tr -d "\r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1091 if [ "$__ECC_KEY_LEN" -eq "256" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1092 while [ "${#_ec_r}" -lt "64" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1093 _ec_r="0${_ec_r}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1094 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1095 while [ "${#_ec_s}" -lt "64" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1096 _ec_s="0${_ec_s}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1097 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1098 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1099 if [ "$__ECC_KEY_LEN" -eq "384" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1100 while [ "${#_ec_r}" -lt "96" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1101 _ec_r="0${_ec_r}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1102 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1103 while [ "${#_ec_s}" -lt "96" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1104 _ec_s="0${_ec_s}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1105 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1106 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1107 if [ "$__ECC_KEY_LEN" -eq "512" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1108 while [ "${#_ec_r}" -lt "132" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1109 _ec_r="0${_ec_r}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1110 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1111 while [ "${#_ec_s}" -lt "132" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1112 _ec_s="0${_ec_s}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1113 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1114 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1115 _debug3 "_ec_r" "$_ec_r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1116 _debug3 "_ec_s" "$_ec_s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1117 printf "%s" "$_ec_r$_ec_s" | _h2b | _base64
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1118 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1119 _err "Unknown key file format."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1120 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1121 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1122
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1123 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1124
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1125 #keylength or isEcc flag (empty str => not ecc)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1126 _isEccKey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1127 _length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1128
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1129 if [ -z "$_length" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1130 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1131 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1132
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1133 [ "$_length" != "1024" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1134 [ "$_length" != "2048" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1135 [ "$_length" != "3072" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1136 [ "$_length" != "4096" ] &&
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1137 [ "$_length" != "8192" ]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1138 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1139
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1140 # _createkey 2048|ec-256 file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1141 _createkey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1142 length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1143 f="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1144 _debug2 "_createkey for file:$f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1145 eccname="$length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1146 if _startswith "$length" "ec-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1147 length=$(printf "%s" "$length" | cut -d '-' -f 2-100)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1148
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1149 if [ "$length" = "256" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1150 eccname="prime256v1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1151 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1152 if [ "$length" = "384" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1153 eccname="secp384r1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1154 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1155 if [ "$length" = "521" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1156 eccname="secp521r1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1157 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1158
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1159 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1160
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1161 if [ -z "$length" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1162 length=2048
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1163 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1164
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1165 _debug "Using length $length"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1166
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1167 if ! [ -e "$f" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1168 if ! touch "$f" >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1169 _f_path="$(dirname "$f")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1170 _debug _f_path "$_f_path"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1171 if ! mkdir -p "$_f_path"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1172 _err "Cannot create path: $_f_path"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1173 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1174 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1175 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1176 if ! touch "$f" >/dev/null 2>&1; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1177 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1178 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1179 chmod 600 "$f"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1180 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1181
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1182 if _isEccKey "$length"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1183 _debug "Using EC name: $eccname"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1184 if _opkey="$(${ACME_OPENSSL_BIN:-openssl} ecparam -name "$eccname" -noout -genkey 2>/dev/null)"; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1185 echo "$_opkey" >"$f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1186 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1187 _err "Error encountered for ECC key named $eccname"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1188 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1189 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1190 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1191 _debug "Using RSA: $length"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1192 __traditional=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1193 if _contains "$(${ACME_OPENSSL_BIN:-openssl} help genrsa 2>&1)" "-traditional"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1194 __traditional="-traditional"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1195 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1196 if _opkey="$(${ACME_OPENSSL_BIN:-openssl} genrsa $__traditional "$length" 2>/dev/null)"; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1197 echo "$_opkey" >"$f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1198 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1199 _err "Error encountered for RSA key of length $length"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1200 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1201 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1202 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1203
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1204 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1205 _err "Key creation error."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1206 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1207 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1208 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1209
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1210 #domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1211 _is_idn() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1212 _is_idn_d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1213 _debug2 _is_idn_d "$_is_idn_d"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1214 _idn_temp=$(printf "%s" "$_is_idn_d" | tr -d '[0-9]' | tr -d '[a-z]' | tr -d '[A-Z]' | tr -d '*.,-_')
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1215 _debug2 _idn_temp "$_idn_temp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1216 [ "$_idn_temp" ]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1217 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1218
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1219 #aa.com
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1220 #aa.com,bb.com,cc.com
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1221 _idn() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1222 __idn_d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1223 if ! _is_idn "$__idn_d"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1224 printf "%s" "$__idn_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1225 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1226 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1227
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1228 if _exists idn; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1229 if _contains "$__idn_d" ','; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1230 _i_first="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1231 for f in $(echo "$__idn_d" | tr ',' ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1232 [ -z "$f" ] && continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1233 if [ -z "$_i_first" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1234 printf "%s" ","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1235 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1236 _i_first=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1237 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1238 idn --quiet "$f" | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1239 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1240 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1241 idn "$__idn_d" | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1242 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1243 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1244 _err "Please install idn to process IDN names."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1245 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1246 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1247
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1248 #_createcsr cn san_list keyfile csrfile conf acmeValidationv1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1249 _createcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1250 _debug _createcsr
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1251 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1252 domainlist="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1253 csrkey="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1254 csr="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1255 csrconf="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1256 acmeValidationv1="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1257 _debug2 domain "$domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1258 _debug2 domainlist "$domainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1259 _debug2 csrkey "$csrkey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1260 _debug2 csr "$csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1261 _debug2 csrconf "$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1262
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1263 printf "[ req_distinguished_name ]\n[ req ]\ndistinguished_name = req_distinguished_name\nreq_extensions = v3_req\n[ v3_req ]" >"$csrconf"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1264
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1265 if [ "$Le_ExtKeyUse" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1266 _savedomainconf Le_ExtKeyUse "$Le_ExtKeyUse"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1267 printf "\nextendedKeyUsage=$Le_ExtKeyUse\n" >>"$csrconf"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1268 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1269 printf "\nextendedKeyUsage=serverAuth,clientAuth\n" >>"$csrconf"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1270 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1271
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1272 if [ "$acmeValidationv1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1273 domainlist="$(_idn "$domainlist")"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1274 _debug2 domainlist "$domainlist"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1275 alt=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1276 for dl in $(echo "$domainlist" | tr "," ' '); do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1277 if [ "$alt" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1278 alt="$alt,$(_getIdType "$dl" | _upper_case):$dl"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1279 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1280 alt="$(_getIdType "$dl" | _upper_case):$dl"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1281 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1282 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1283 printf -- "\nsubjectAltName=$alt" >>"$csrconf"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1284 elif [ -z "$domainlist" ] || [ "$domainlist" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1285 #single domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1286 _info "Single domain" "$domain"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1287 printf -- "\nsubjectAltName=$(_getIdType "$domain" | _upper_case):$(_idn "$domain")" >>"$csrconf"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1288 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1289 domainlist="$(_idn "$domainlist")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1290 _debug2 domainlist "$domainlist"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1291 alt="$(_getIdType "$domain" | _upper_case):$(_idn "$domain")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1292 for dl in $(echo "'$domainlist'" | sed "s/,/' '/g"); do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1293 dl=$(echo "$dl" | tr -d "'")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1294 alt="$alt,$(_getIdType "$dl" | _upper_case):$dl"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1295 done
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1296 #multi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1297 _info "Multi domain" "$alt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1298 printf -- "\nsubjectAltName=$alt" >>"$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1299 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1300 if [ "$Le_OCSP_Staple" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1301 _savedomainconf Le_OCSP_Staple "$Le_OCSP_Staple"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1302 printf -- "\nbasicConstraints = CA:FALSE\n1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05" >>"$csrconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1303 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1304
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1305 if [ "$acmeValidationv1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1306 printf "\n1.3.6.1.5.5.7.1.31=critical,DER:04:20:${acmeValidationv1}" >>"${csrconf}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1307 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1308
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1309 _csr_cn="$(_idn "$domain")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1310 _debug2 _csr_cn "$_csr_cn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1311 if _contains "$(uname -a)" "MINGW"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1312 if _isIP "$_csr_cn"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1313 ${ACME_OPENSSL_BIN:-openssl} req -new -sha256 -key "$csrkey" -subj "//O=$PROJECT_NAME" -config "$csrconf" -out "$csr"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1314 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1315 ${ACME_OPENSSL_BIN:-openssl} req -new -sha256 -key "$csrkey" -subj "//CN=$_csr_cn" -config "$csrconf" -out "$csr"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1316 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1317 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1318 if _isIP "$_csr_cn"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1319 ${ACME_OPENSSL_BIN:-openssl} req -new -sha256 -key "$csrkey" -subj "/O=$PROJECT_NAME" -config "$csrconf" -out "$csr"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1320 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1321 ${ACME_OPENSSL_BIN:-openssl} req -new -sha256 -key "$csrkey" -subj "/CN=$_csr_cn" -config "$csrconf" -out "$csr"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1322 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1323 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1324 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1325
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1326 #_signcsr key csr conf cert
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1327 _signcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1328 key="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1329 csr="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1330 conf="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1331 cert="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1332 _debug "_signcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1333
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1334 _msg="$(${ACME_OPENSSL_BIN:-openssl} x509 -req -days 365 -in "$csr" -signkey "$key" -extensions v3_req -extfile "$conf" -out "$cert" 2>&1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1335 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1336 _debug "$_msg"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1337 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1338 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1339
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1340 #_csrfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1341 _readSubjectFromCSR() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1342 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1343 if [ -z "$_csrfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1344 _usage "_readSubjectFromCSR mycsr.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1345 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1346 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1347 ${ACME_OPENSSL_BIN:-openssl} req -noout -in "$_csrfile" -subject | tr ',' "\n" | _egrep_o "CN *=.*" | cut -d = -f 2 | cut -d / -f 1 | tr -d ' \n'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1348 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1349
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1350 #_csrfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1351 #echo comma separated domain list
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1352 _readSubjectAltNamesFromCSR() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1353 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1354 if [ -z "$_csrfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1355 _usage "_readSubjectAltNamesFromCSR mycsr.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1356 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1357 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1358
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1359 _csrsubj="$(_readSubjectFromCSR "$_csrfile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1360 _debug _csrsubj "$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1361
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1362 _dnsAltnames="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile" | grep "^ *DNS:.*" | tr -d ' \n')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1363 _debug _dnsAltnames "$_dnsAltnames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1364
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1365 if _contains "$_dnsAltnames," "DNS:$_csrsubj,"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1366 _debug "AltNames contains subject"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1367 _excapedAlgnames="$(echo "$_dnsAltnames" | tr '*' '#')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1368 _debug _excapedAlgnames "$_excapedAlgnames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1369 _escapedSubject="$(echo "$_csrsubj" | tr '*' '#')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1370 _debug _escapedSubject "$_escapedSubject"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1371 _dnsAltnames="$(echo "$_excapedAlgnames," | sed "s/DNS:$_escapedSubject,//g" | tr '#' '*' | sed "s/,\$//g")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1372 _debug _dnsAltnames "$_dnsAltnames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1373 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1374 _debug "AltNames doesn't contain subject"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1375 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1376
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1377 echo "$_dnsAltnames" | sed "s/DNS://g"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1378 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1379
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1380 #_csrfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1381 _readKeyLengthFromCSR() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1382 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1383 if [ -z "$_csrfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1384 _usage "_readKeyLengthFromCSR mycsr.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1385 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1386 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1387
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1388 _outcsr="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1389 _debug2 _outcsr "$_outcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1390 if _contains "$_outcsr" "Public Key Algorithm: id-ecPublicKey"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1391 _debug "ECC CSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1392 echo "$_outcsr" | tr "\t" " " | _egrep_o "^ *ASN1 OID:.*" | cut -d ':' -f 2 | tr -d ' '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1393 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1394 _debug "RSA CSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1395 _rkl="$(echo "$_outcsr" | tr "\t" " " | _egrep_o "^ *Public.Key:.*" | cut -d '(' -f 2 | cut -d ' ' -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1396 if [ "$_rkl" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1397 echo "$_rkl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1398 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1399 echo "$_outcsr" | tr "\t" " " | _egrep_o "RSA Public.Key:.*" | cut -d '(' -f 2 | cut -d ' ' -f 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1400 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1401 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1402 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1403
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1404 _ss() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1405 _port="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1406
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1407 if _exists "ss"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1408 _debug "Using: ss"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1409 ss -ntpl 2>/dev/null | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1410 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1411 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1412
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1413 if [ "$(uname)" = "AIX" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1414 _debug "Using: AIX netstat"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1415 netstat -an | grep "^tcp" | grep "LISTEN" | grep "\.$_port "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1416 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1417 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1418
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1419 if _exists "netstat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1420 _debug "Using: netstat"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1421 if netstat -help 2>&1 | grep "\-p proto" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1422 #for windows version netstat tool
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1423 netstat -an -p tcp | grep "LISTENING" | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1424 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1425 if netstat -help 2>&1 | grep "\-p protocol" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1426 netstat -an -p tcp | grep LISTEN | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1427 elif netstat -help 2>&1 | grep -- '-P protocol' >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1428 #for solaris
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1429 netstat -an -P tcp | grep "\.$_port " | grep "LISTEN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1430 elif netstat -help 2>&1 | grep "\-p" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1431 #for full linux
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1432 netstat -ntpl | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1433 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1434 #for busybox (embedded linux; no pid support)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1435 netstat -ntl 2>/dev/null | grep ":$_port "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1436 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1437 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1438 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1439 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1440
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1441 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1442 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1443
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1444 #outfile key cert cacert [password [name [caname]]]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1445 _toPkcs() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1446 _cpfx="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1447 _ckey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1448 _ccert="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1449 _cca="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1450 pfxPassword="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1451 pfxName="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1452 pfxCaname="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1453
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1454 if [ "$pfxCaname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1455 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca" -password "pass:$pfxPassword" -name "$pfxName" -caname "$pfxCaname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1456 elif [ "$pfxName" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1457 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca" -password "pass:$pfxPassword" -name "$pfxName"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1458 elif [ "$pfxPassword" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1459 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca" -password "pass:$pfxPassword"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1460 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1461 ${ACME_OPENSSL_BIN:-openssl} pkcs12 -export -out "$_cpfx" -inkey "$_ckey" -in "$_ccert" -certfile "$_cca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1462 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1463 if [ "$?" = "0" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1464 _savedomainconf "Le_PFXPassword" "$pfxPassword"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1465 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1466
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1467 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1468
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1469 #domain [password] [isEcc]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1470 toPkcs() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1471 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1472 pfxPassword="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1473 if [ -z "$domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1474 _usage "Usage: $PROJECT_ENTRY --to-pkcs12 --domain <domain.tld> [--password <password>] [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1475 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1476 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1477
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1478 _isEcc="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1479
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1480 _initpath "$domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1481
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1482 _toPkcs "$CERT_PFX_PATH" "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$pfxPassword"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1483
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1484 if [ "$?" = "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1485 _info "Success, PFX has been exported to: $CERT_PFX_PATH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1486 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1487
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1488 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1489
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1490 #domain [isEcc]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1491 toPkcs8() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1492 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1493
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1494 if [ -z "$domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1495 _usage "Usage: $PROJECT_ENTRY --to-pkcs8 --domain <domain.tld> [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1496 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1497 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1498
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1499 _isEcc="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1500
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1501 _initpath "$domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1502
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1503 ${ACME_OPENSSL_BIN:-openssl} pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in "$CERT_KEY_PATH" -out "$CERT_PKCS8_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1504
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1505 if [ "$?" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1506 _info "Success, $CERT_PKCS8_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1507 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1508
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1509 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1510
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1511 #[2048]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1512 createAccountKey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1513 _info "Creating account key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1514 if [ -z "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1515 _usage "Usage: $PROJECT_ENTRY --create-account-key [--accountkeylength <bits>]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1516 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1517 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1518
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1519 length=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1520 _create_account_key "$length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1521
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1522 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1523
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1524 _create_account_key() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1525
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1526 length=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1527
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1528 if [ -z "$length" ] || [ "$length" = "$NO_VALUE" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1529 _debug "Using default length $DEFAULT_ACCOUNT_KEY_LENGTH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1530 length="$DEFAULT_ACCOUNT_KEY_LENGTH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1531 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1532
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1533 _debug length "$length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1534 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1535
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1536 mkdir -p "$CA_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1537 if [ -s "$ACCOUNT_KEY_PATH" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1538 _info "Account key exists, skipping"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1539 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1540 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1541 #generate account key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1542 if _createkey "$length" "$ACCOUNT_KEY_PATH"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1543 _info "Account key creation OK."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1544 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1545 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1546 _err "Account key creation error."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1547 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1548 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1549 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1550
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1551 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1552
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1553 #domain [length]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1554 createDomainKey() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1555 _info "Creating domain key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1556 if [ -z "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1557 _usage "Usage: $PROJECT_ENTRY --create-domain-key --domain <domain.tld> [--keylength <bits>]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1558 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1559 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1560
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1561 domain=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1562 _cdl=$2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1563
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1564 if [ -z "$_cdl" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1565 _debug "Using DEFAULT_DOMAIN_KEY_LENGTH=$DEFAULT_DOMAIN_KEY_LENGTH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1566 _cdl="$DEFAULT_DOMAIN_KEY_LENGTH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1567 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1568
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1569 _initpath "$domain" "$_cdl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1570
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1571 if [ ! -f "$CERT_KEY_PATH" ] || [ ! -s "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$_ACME_IS_RENEW" ]) || [ "$Le_ForceNewDomainKey" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1572 if _createkey "$_cdl" "$CERT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1573 _savedomainconf Le_Keylength "$_cdl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1574 _info "The domain key is here: $(__green $CERT_KEY_PATH)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1575 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1576 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1577 _err "Cannot create domain key"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1578 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1579 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1580 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1581 if [ "$_ACME_IS_RENEW" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1582 _info "Domain key exists, skipping"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1583 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1584 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1585 _err "Domain key exists, do you want to overwrite it?"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1586 _err "If so, add '--force' and try again."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1587 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1588 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1589 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1590
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1591 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1592
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1593 # domain domainlist isEcc
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1594 createCSR() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1595 _info "Creating CSR"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1596 if [ -z "$1" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1597 _usage "Usage: $PROJECT_ENTRY --create-csr --domain <domain.tld> [--domain <domain2.tld> ...] [--ecc]"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1598 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1599 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1600
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1601 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1602 domainlist="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1603 _isEcc="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1604
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1605 _initpath "$domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1606
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1607 if [ -f "$CSR_PATH" ] && [ "$_ACME_IS_RENEW" ] && [ -z "$FORCE" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1608 _info "CSR exists, skipping"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1609 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1610 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1611
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1612 if [ ! -f "$CERT_KEY_PATH" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1613 _err "This key file was not found: $CERT_KEY_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1614 _err "Please create it first."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1615 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1616 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1617 _createcsr "$domain" "$domainlist" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1618
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1619 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1620
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1621 _url_replace() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1622 tr '/+' '_-' | tr -d '= '
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1623 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1624
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1625 #base64 string
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1626 _durl_replace_base64() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1627 _l=$((${#1} % 4))
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1628 if [ $_l -eq 2 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1629 _s="$1"'=='
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1630 elif [ $_l -eq 3 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1631 _s="$1"'='
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1632 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1633 _s="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1634 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1635 echo "$_s" | tr '_-' '/+'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1636 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1637
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1638 _time2str() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1639 #BSD
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1640 if date -u -r "$1" -j "+%Y-%m-%dT%H:%M:%SZ" 2>/dev/null; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1641 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1642 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1643
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1644 #Linux
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1645 if date -u --date=@"$1" "+%Y-%m-%dT%H:%M:%SZ" 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1646 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1647 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1648
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1649 #Omnios
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1650 if date -u -r "$1" +"%Y-%m-%dT%H:%M:%SZ" 2>/dev/null; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1651 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1652 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1653
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1654 #Solaris
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1655 if printf "%(%Y-%m-%dT%H:%M:%SZ)T\n" $1 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1656 return
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1657 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1658
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1659 #Busybox
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1660 if echo "$1" | awk '{ print strftime("%Y-%m-%dT%H:%M:%SZ", $0); }' 2>/dev/null; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1661 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1662 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1663 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1664
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1665 _normalizeJson() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1666 sed "s/\" *: *\([\"{\[]\)/\":\1/g" | sed "s/^ *\([^ ]\)/\1/" | tr -d "\r\n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1667 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1668
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1669 _stat() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1670 #Linux
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1671 if stat -c '%U:%G' "$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1672 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1673 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1674
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1675 #BSD
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1676 if stat -f '%Su:%Sg' "$1" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1677 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1678 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1679
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1680 return 1 #error, 'stat' not found
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1681 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1682
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1683 #keyfile
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1684 _isRSA() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1685 keyfile=$1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1686 if grep "BEGIN RSA PRIVATE KEY" "$keyfile" >/dev/null 2>&1 || ${ACME_OPENSSL_BIN:-openssl} rsa -in "$keyfile" -noout -text 2>&1 | grep "^publicExponent:" 2>&1 >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1687 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1688 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1689 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1690 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1691
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1692 #keyfile
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1693 _isEcc() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1694 keyfile=$1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1695 if grep "BEGIN EC PRIVATE KEY" "$keyfile" >/dev/null 2>&1 || ${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep "^NIST CURVE:" 2>&1 >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1696 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1697 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1698 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1699 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1700
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1701 #keyfile
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1702 _calcjwk() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1703 keyfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1704 if [ -z "$keyfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1705 _usage "Usage: _calcjwk keyfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1706 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1707 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1708
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1709 if [ "$JWK_HEADER" ] && [ "$__CACHED_JWK_KEY_FILE" = "$keyfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1710 _debug2 "Use cached jwk for file: $__CACHED_JWK_KEY_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1711 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1712 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1713
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1714 if _isRSA "$keyfile"; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1715 _debug "RSA key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1716 pub_exp=$(${ACME_OPENSSL_BIN:-openssl} rsa -in "$keyfile" -noout -text | grep "^publicExponent:" | cut -d '(' -f 2 | cut -d 'x' -f 2 | cut -d ')' -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1717 if [ "${#pub_exp}" = "5" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1718 pub_exp=0$pub_exp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1719 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1720 _debug3 pub_exp "$pub_exp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1721
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1722 e=$(echo "$pub_exp" | _h2b | _base64)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1723 _debug3 e "$e"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1724
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1725 modulus=$(${ACME_OPENSSL_BIN:-openssl} rsa -in "$keyfile" -modulus -noout | cut -d '=' -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1726 _debug3 modulus "$modulus"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1727 n="$(printf "%s" "$modulus" | _h2b | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1728 _debug3 n "$n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1729
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1730 jwk='{"e": "'$e'", "kty": "RSA", "n": "'$n'"}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1731 _debug3 jwk "$jwk"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1732
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1733 JWK_HEADER='{"alg": "RS256", "jwk": '$jwk'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1734 JWK_HEADERPLACE_PART1='{"nonce": "'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1735 JWK_HEADERPLACE_PART2='", "alg": "RS256"'
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1736 elif _isEcc "$keyfile"; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1737 _debug "EC key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1738 crv="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep "^NIST CURVE:" | cut -d ":" -f 2 | tr -d " \r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1739 _debug3 crv "$crv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1740 __ECC_KEY_LEN=$(echo "$crv" | cut -d "-" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1741 if [ "$__ECC_KEY_LEN" = "521" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1742 __ECC_KEY_LEN=512
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1743 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1744 _debug3 __ECC_KEY_LEN "$__ECC_KEY_LEN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1745 if [ -z "$crv" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1746 _debug "Let's try ASN1 OID"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1747 crv_oid="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep "^ASN1 OID:" | cut -d ":" -f 2 | tr -d " \r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1748 _debug3 crv_oid "$crv_oid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1749 case "${crv_oid}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1750 "prime256v1")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1751 crv="P-256"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1752 __ECC_KEY_LEN=256
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1753 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1754 "secp384r1")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1755 crv="P-384"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1756 __ECC_KEY_LEN=384
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1757 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1758 "secp521r1")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1759 crv="P-521"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1760 __ECC_KEY_LEN=512
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1761 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1762 *)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1763 _err "ECC oid: $crv_oid"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1764 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1765 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1766 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1767 _debug3 crv "$crv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1768 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1769
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1770 pubi="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep -n pub: | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1771 pubi=$(_math "$pubi" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1772 _debug3 pubi "$pubi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1773
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1774 pubj="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | grep -n "ASN1 OID:" | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1775 pubj=$(_math "$pubj" - 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1776 _debug3 pubj "$pubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1777
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1778 pubtext="$(${ACME_OPENSSL_BIN:-openssl} ec -in "$keyfile" -noout -text 2>/dev/null | sed -n "$pubi,${pubj}p" | tr -d " \n\r")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1779 _debug3 pubtext "$pubtext"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1780
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1781 xlen="$(printf "%s" "$pubtext" | tr -d ':' | wc -c)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1782 xlen=$(_math "$xlen" / 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1783 _debug3 xlen "$xlen"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1784
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1785 xend=$(_math "$xlen" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1786 x="$(printf "%s" "$pubtext" | cut -d : -f 2-"$xend")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1787 _debug3 x "$x"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1788
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1789 x64="$(printf "%s" "$x" | tr -d : | _h2b | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1790 _debug3 x64 "$x64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1791
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1792 xend=$(_math "$xend" + 1)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1793 y="$(printf "%s" "$pubtext" | cut -d : -f "$xend"-2048)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1794 _debug3 y "$y"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1795
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1796 y64="$(printf "%s" "$y" | tr -d : | _h2b | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1797 _debug3 y64 "$y64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1798
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1799 jwk='{"crv": "'$crv'", "kty": "EC", "x": "'$x64'", "y": "'$y64'"}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1800 _debug3 jwk "$jwk"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1801
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1802 JWK_HEADER='{"alg": "ES'$__ECC_KEY_LEN'", "jwk": '$jwk'}'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1803 JWK_HEADERPLACE_PART1='{"nonce": "'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1804 JWK_HEADERPLACE_PART2='", "alg": "ES'$__ECC_KEY_LEN'"'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1805 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1806 _err "Only RSA or EC keys are supported. keyfile=$keyfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1807 _debug2 "$(cat "$keyfile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1808 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1809 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1810
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1811 _debug3 JWK_HEADER "$JWK_HEADER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1812 __CACHED_JWK_KEY_FILE="$keyfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1813 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1814
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1815 _time() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1816 date -u "+%s"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1817 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1818
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1819 #support 2 formats:
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1820 # 2022-04-01 08:10:33 to 1648800633
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1821 #or 2022-04-01T08:10:33Z to 1648800633
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1822 _date2time() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1823 #Mac/BSD
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1824 if date -u -j -f "%Y-%m-%d %H:%M:%S" "$(echo "$1" | tr -d "Z" | tr "T" ' ')" +"%s" 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1825 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1826 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1827 #Linux
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1828 if date -u -d "$(echo "$1" | tr -d "Z" | tr "T" ' ')" +"%s" 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1829 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1830 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1831
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1832 #Solaris
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1833 if gdate -u -d "$(echo "$1" | tr -d "Z" | tr "T" ' ')" +"%s" 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1834 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1835 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1836 #Omnios
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1837 if python3 -c "import datetime; print(int(datetime.datetime.strptime(\"$1\", \"%Y-%m-%d %H:%M:%S\").replace(tzinfo=datetime.timezone.utc).timestamp()))" 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1838 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1839 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1840 #Omnios
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1841 if python3 -c "import datetime; print(int(datetime.datetime.strptime(\"$1\", \"%Y-%m-%dT%H:%M:%SZ\").replace(tzinfo=datetime.timezone.utc).timestamp()))" 2>/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1842 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1843 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1844 _err "Cannot parse _date2time $1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1845 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1846 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1847
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1848 _utc_date() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1849 date -u "+%Y-%m-%d %H:%M:%S"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1850 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1851
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1852 _mktemp() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1853 if _exists mktemp; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1854 if mktemp 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1855 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1856 elif _contains "$(mktemp 2>&1)" "-t prefix" && mktemp -t "$PROJECT_NAME" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1857 #for Mac osx
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1858 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1859 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1860 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1861 if [ -d "/tmp" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1862 echo "/tmp/${PROJECT_NAME}wefADf24sf.$(_time).tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1863 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1864 elif [ "$LE_TEMP_DIR" ] && mkdir -p "$LE_TEMP_DIR"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1865 echo "/$LE_TEMP_DIR/wefADf24sf.$(_time).tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1866 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1867 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1868 _err "Cannot create temp file."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1869 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1870
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1871 #clear all the https envs to cause _inithttp() to run next time.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1872 _resethttp() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1873 __HTTP_INITIALIZED=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1874 _ACME_CURL=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1875 _ACME_WGET=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1876 ACME_HTTP_NO_REDIRECTS=""
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1877 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1878
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1879 _inithttp() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1880
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1881 if [ -z "$HTTP_HEADER" ] || ! touch "$HTTP_HEADER"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1882 HTTP_HEADER="$(_mktemp)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1883 _debug2 HTTP_HEADER "$HTTP_HEADER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1884 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1885
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1886 if [ "$__HTTP_INITIALIZED" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1887 if [ "$_ACME_CURL$_ACME_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1888 _debug2 "Http already initialized."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1889 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1890 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1891 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1892
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1893 if [ -z "$_ACME_CURL" ] && _exists "curl"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1894 _ACME_CURL="curl --silent --dump-header $HTTP_HEADER "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1895 if [ -z "$ACME_HTTP_NO_REDIRECTS" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1896 _ACME_CURL="$_ACME_CURL -L "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1897 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1898 if [ "$DEBUG" ] && [ "$DEBUG" -ge 2 ]; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1899 _CURL_DUMP="$(_mktemp)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1900 _ACME_CURL="$_ACME_CURL --trace-ascii $_CURL_DUMP "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1901 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1902
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1903 if [ "$CA_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1904 _ACME_CURL="$_ACME_CURL --capath $CA_PATH "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1905 elif [ "$CA_BUNDLE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1906 _ACME_CURL="$_ACME_CURL --cacert $CA_BUNDLE "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1907 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1908
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1909 if _contains "$(curl --help 2>&1)" "--globoff" || _contains "$(curl --help curl 2>&1)" "--globoff"; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1910 _ACME_CURL="$_ACME_CURL -g "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1911 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1912
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1913 #don't use --fail-with-body
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1914 ##from curl 7.76: return fail on HTTP errors but keep the body
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1915 #if _contains "$(curl --help http 2>&1)" "--fail-with-body"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1916 # _ACME_CURL="$_ACME_CURL --fail-with-body "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1917 #fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1918 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1919
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1920 if [ -z "$_ACME_WGET" ] && _exists "wget"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1921 _ACME_WGET="wget -q"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1922 if [ "$ACME_HTTP_NO_REDIRECTS" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1923 _ACME_WGET="$_ACME_WGET --max-redirect 0 "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1924 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1925 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1926 if [ "$_ACME_WGET" ] && _contains "$($_ACME_WGET --help 2>&1)" "--debug"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1927 _ACME_WGET="$_ACME_WGET -d "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1928 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1929 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1930 if [ "$CA_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1931 _ACME_WGET="$_ACME_WGET --ca-directory=$CA_PATH "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1932 elif [ "$CA_BUNDLE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1933 _ACME_WGET="$_ACME_WGET --ca-certificate=$CA_BUNDLE "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1934 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1935
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1936 #from wget 1.14: do not skip body on 404 error
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1937 if _contains "$(wget --help 2>&1)" "--content-on-error"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1938 _ACME_WGET="$_ACME_WGET --content-on-error "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
1939 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1940 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1941
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1942 __HTTP_INITIALIZED=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1943
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1944 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1945
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1946 # body url [needbase64] [POST|PUT|DELETE] [ContentType]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1947 _post() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1948 body="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1949 _post_url="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1950 needbase64="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1951 httpmethod="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1952 _postContentType="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1953
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1954 if [ -z "$httpmethod" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1955 httpmethod="POST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1956 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1957 _debug $httpmethod
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1958 _debug "_post_url" "$_post_url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1959 _debug2 "body" "$body"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1960 _debug2 "_postContentType" "$_postContentType"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1961
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1962 _inithttp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1963
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1964 if [ "$_ACME_CURL" ] && [ "${ACME_USE_WGET:-0}" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1965 _CURL="$_ACME_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1966 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1967 _CURL="$_CURL --insecure "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1968 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1969 if [ "$httpmethod" = "HEAD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1970 _CURL="$_CURL -I "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1971 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1972 _debug "_CURL" "$_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1973 if [ "$needbase64" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1974 if [ "$body" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1975 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1976 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1977 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1978 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1979 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1980 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1981 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1982 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1983 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1984 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1985 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1986 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1987 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1988 if [ "$body" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1989 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1990 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1991 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1992 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" --data "$body" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1993 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1994 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1995 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1996 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "Content-Type: $_postContentType" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1997 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1998 response="$($_CURL --user-agent "$USER_AGENT" -X $httpmethod -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$_post_url")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
1999 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2000 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2001 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2002 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2003 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2004 _err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2005 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2006 _err "Here is the curl dump log:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2007 _err "$(cat "$_CURL_DUMP")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2008 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2009 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2010 elif [ "$_ACME_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2011 _WGET="$_ACME_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2012 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2013 _WGET="$_WGET --no-check-certificate "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2014 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2015 if [ "$httpmethod" = "HEAD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2016 _WGET="$_WGET --read-timeout=3.0 --tries=2 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2017 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2018 _debug "_WGET" "$_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2019 if [ "$needbase64" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2020 if [ "$httpmethod" = "POST" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2021 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2022 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2023 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2024 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2025 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2026 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2027 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2028 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2029 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2030 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER" | _base64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2031 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2032 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2033 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2034 if [ "$httpmethod" = "POST" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2035 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2036 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2037 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2038 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2039 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2040 elif [ "$httpmethod" = "HEAD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2041 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2042 response="$($_WGET --spider -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2043 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2044 response="$($_WGET --spider -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --post-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2045 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2046 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2047 if [ "$_postContentType" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2048 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --header "Content-Type: $_postContentType" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2049 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2050 response="$($_WGET -S -O - --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" --method $httpmethod --body-data="$body" "$_post_url" 2>"$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2051 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2052 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2053 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2054 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2055 if [ "$_ret" = "8" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2056 _ret=0
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2057 _debug "wget returned 8 as the server returned a 'Bad Request' response. Let's process the response later."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2058 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2059 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2060 _err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2061 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2062 if _contains "$_WGET" " -d "; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2063 # Demultiplex wget debug output
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2064 cat "$HTTP_HEADER" >&2
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2065 _sed_i '/^[^ ][^ ]/d; /^ *$/d' "$HTTP_HEADER"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2066 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2067 # remove leading whitespaces from header to match curl format
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2068 _sed_i 's/^ //g' "$HTTP_HEADER"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2069 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2070 _ret="$?"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2071 _err "Neither curl nor wget have been found, cannot make $httpmethod request."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2072 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2073 _debug "_ret" "$_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2074 printf "%s" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2075 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2076 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2077
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2078 # url getheader timeout
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2079 _get() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2080 _debug GET
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2081 url="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2082 onlyheader="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2083 t="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2084 _debug url "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2085 _debug "timeout=$t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2086
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2087 _inithttp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2088
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2089 if [ "$_ACME_CURL" ] && [ "${ACME_USE_WGET:-0}" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2090 _CURL="$_ACME_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2091 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2092 _CURL="$_CURL --insecure "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2093 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2094 if [ "$t" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2095 _CURL="$_CURL --connect-timeout $t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2096 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2097 _debug "_CURL" "$_CURL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2098 if [ "$onlyheader" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2099 $_CURL -I --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2100 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2101 $_CURL --user-agent "$USER_AGENT" -H "$_H1" -H "$_H2" -H "$_H3" -H "$_H4" -H "$_H5" "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2102 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2103 ret=$?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2104 if [ "$ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2105 _err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2106 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2107 _err "Here is the curl dump log:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2108 _err "$(cat "$_CURL_DUMP")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2109 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2110 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2111 elif [ "$_ACME_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2112 _WGET="$_ACME_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2113 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2114 _WGET="$_WGET --no-check-certificate "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2115 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2116 if [ "$t" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2117 _WGET="$_WGET --timeout=$t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2118 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2119 _debug "_WGET" "$_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2120 if [ "$onlyheader" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2121 _wget_out="$($_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -S -O /dev/null "$url" 2>&1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2122 if _contains "$_WGET" " -d "; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2123 # Demultiplex wget debug output
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2124 echo "$_wget_out" >&2
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2125 echo "$_wget_out" | sed '/^[^ ][^ ]/d; /^ *$/d; s/^ //g' -
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2126 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2127 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2128 $_WGET --user-agent="$USER_AGENT" --header "$_H5" --header "$_H4" --header "$_H3" --header "$_H2" --header "$_H1" -S -O - "$url" 2>"$HTTP_HEADER"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2129 if _contains "$_WGET" " -d "; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2130 # Demultiplex wget debug output
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2131 cat "$HTTP_HEADER" >&2
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2132 _sed_i '/^[^ ][^ ]/d; /^ *$/d' "$HTTP_HEADER"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2133 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2134 # remove leading whitespaces from header to match curl format
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2135 _sed_i 's/^ //g' "$HTTP_HEADER"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2136 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2137 ret=$?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2138 if [ "$ret" = "8" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2139 ret=0
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2140 _debug "wget returned 8 as the server returned a 'Bad Request' response. Let's process the response later."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2141 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2142 if [ "$ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2143 _err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2144 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2145 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2146 ret=$?
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2147 _err "Neither curl nor wget have been found, cannot make GET request."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2148 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2149 _debug "ret" "$ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2150 return $ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2151 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2152
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2153 _head_n() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2154 head -n "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2155 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2156
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2157 _tail_n() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2158 if _is_solaris; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2159 #fix for solaris
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2160 tail -"$1"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2161 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2162 tail -n "$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2163 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2164 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2165
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2166 _tail_c() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2167 tail -c "$1" 2>/dev/null || tail -"$1"c
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2168 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2169
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2170 # url payload needbase64 keyfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2171 _send_signed_request() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2172 url=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2173 payload=$2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2174 needbase64=$3
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2175 keyfile=$4
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2176 if [ -z "$keyfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2177 keyfile="$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2178 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2179 _debug "=======Sending Signed Request======="
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2180 _debug url "$url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2181 _debug payload "$payload"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2182
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2183 if ! _calcjwk "$keyfile"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2184 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2185 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2186
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2187 __request_conent_type="$CONTENT_TYPE_JSON"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2188
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2189 payload64=$(printf "%s" "$payload" | _base64 | _url_replace)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2190 _debug3 payload64 "$payload64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2191
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2192 MAX_REQUEST_RETRY_TIMES=20
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2193 _sleep_retry_sec=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2194 _request_retry_times=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2195 while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2196 _request_retry_times=$(_math "$_request_retry_times" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2197 _debug3 _request_retry_times "$_request_retry_times"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2198 if [ -z "$_CACHED_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2199 _headers=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2200 if [ "$ACME_NEW_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2201 _debug2 "Get nonce with HEAD. ACME_NEW_NONCE" "$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2202 nonceurl="$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2203 if _post "" "$nonceurl" "" "HEAD" "$__request_conent_type" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2204 _headers="$(cat "$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2205 _debug2 _headers "$_headers"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2206 _CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2 | cut -d , -f 1)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2207 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2208 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2209 if [ -z "$_CACHED_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2210 _debug2 "Get nonce with GET. ACME_DIRECTORY" "$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2211 nonceurl="$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2212 _headers="$(_get "$nonceurl" "onlyheader")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2213 _debug2 _headers "$_headers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2214 _CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2215 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2216 if [ -z "$_CACHED_NONCE" ] && [ "$ACME_NEW_NONCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2217 _debug2 "Get nonce with GET. ACME_NEW_NONCE" "$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2218 nonceurl="$ACME_NEW_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2219 _headers="$(_get "$nonceurl" "onlyheader")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2220 _debug2 _headers "$_headers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2221 _CACHED_NONCE="$(echo "$_headers" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2222 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2223 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2224 _err "Cannot connect to $nonceurl to get nonce."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2225 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2226 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2227 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2228 _debug2 "Use _CACHED_NONCE" "$_CACHED_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2229 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2230 nonce="$_CACHED_NONCE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2231 _debug2 nonce "$nonce"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2232 if [ -z "$nonce" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2233 _info "Could not get nonce, let's try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2234 _sleep 2
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2235 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2236 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2237
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2238 if [ "$url" = "$ACME_NEW_ACCOUNT" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2239 protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2240 elif [ "$url" = "$ACME_REVOKE_CERT" ] && [ "$keyfile" != "$ACCOUNT_KEY_PATH" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2241 protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2242 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2243 protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"kid\": \"${ACCOUNT_URL}\""'}'
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2244 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2245
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2246 _debug3 protected "$protected"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2247
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2248 protected64="$(printf "%s" "$protected" | _base64 | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2249 _debug3 protected64 "$protected64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2250
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2251 if ! _sig_t="$(printf "%s" "$protected64.$payload64" | _sign "$keyfile" "sha256")"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2252 _err "Sign request failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2253 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2254 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2255 _debug3 _sig_t "$_sig_t"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2256
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2257 sig="$(printf "%s" "$_sig_t" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2258 _debug3 sig "$sig"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2259
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2260 body="{\"protected\": \"$protected64\", \"payload\": \"$payload64\", \"signature\": \"$sig\"}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2261 _debug3 body "$body"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2262
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2263 response="$(_post "$body" "$url" "$needbase64" "POST" "$__request_conent_type")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2264 _CACHED_NONCE=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2265
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2266 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2267 _err "Cannot make POST request to $url"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2268 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2269 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2270
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2271 responseHeaders="$(cat "$HTTP_HEADER")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2272 _debug2 responseHeaders "$responseHeaders"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2273
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2274 code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\r\n")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2275 _debug code "$code"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2276
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2277 _debug2 original "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2278 if echo "$responseHeaders" | grep -i "Content-Type: *application/json" >/dev/null 2>&1; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2279 response="$(echo "$response" | _json_decode | _normalizeJson)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2280 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2281 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2282
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2283 _CACHED_NONCE="$(echo "$responseHeaders" | grep -i "Replay-Nonce:" | _head_n 1 | tr -d "\r\n " | cut -d ':' -f 2 | cut -d , -f 1)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2284
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2285 if ! _startswith "$code" "2"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2286 _body="$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2287 if [ "$needbase64" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2288 _body="$(echo "$_body" | _dbase64 multiline)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2289 _debug3 _body "$_body"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2290 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2291
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2292 _retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *: *[0-9]\+ *" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2293 if [ "$code" = '503' ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2294 _sleep_overload_retry_sec=$_retryafter
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2295 if [ -z "$_sleep_overload_retry_sec" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2296 _sleep_overload_retry_sec=5
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2297 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2298 if [ $_sleep_overload_retry_sec -le 600 ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2299 _info "It seems the CA server is currently overloaded, let's wait and retry. Sleeping for $_sleep_overload_retry_sec seconds."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2300 _sleep $_sleep_overload_retry_sec
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2301 continue
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2302 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2303 _info "The retryafter=$_retryafter value is too large (> 600), will not retry anymore."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2304 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2305 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2306 if _contains "$_body" "JWS has invalid anti-replay nonce" || _contains "$_body" "JWS has an invalid anti-replay nonce"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2307 _info "It seems the CA server is busy now, let's wait and retry. Sleeping for $_sleep_retry_sec seconds."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2308 _CACHED_NONCE=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2309 _sleep $_sleep_retry_sec
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2310 continue
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2311 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2312 if _contains "$_body" "The Replay Nonce is not recognized"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2313 _info "The replay nonce is not valid, let's get a new one. Sleeping for $_sleep_retry_sec seconds."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2314 _CACHED_NONCE=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2315 _sleep $_sleep_retry_sec
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2316 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2317 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2318 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2319 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2320 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2321 _info "Giving up sending to CA server after $MAX_REQUEST_RETRY_TIMES retries."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2322 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2323
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2324 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2325
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2326 #setopt "file" "opt" "=" "value" [";"]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2327 _setopt() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2328 __conf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2329 __opt="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2330 __sep="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2331 __val="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2332 __end="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2333 if [ -z "$__opt" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2334 _usage usage: _setopt '"file" "opt" "=" "value" [";"]'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2335 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2336 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2337 if [ ! -f "$__conf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2338 touch "$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2339 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2340 if [ -n "$(_tail_c 1 <"$__conf")" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2341 echo >>"$__conf"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2342 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2343
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2344 if grep -n "^$__opt$__sep" "$__conf" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2345 _debug3 OK
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2346 if _contains "$__val" "&"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2347 __val="$(echo "$__val" | sed 's/&/\\&/g')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2348 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2349 if _contains "$__val" "|"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2350 __val="$(echo "$__val" | sed 's/|/\\|/g')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2351 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2352 text="$(cat "$__conf")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2353 printf -- "%s\n" "$text" | sed "s|^$__opt$__sep.*$|$__opt$__sep$__val$__end|" >"$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2354
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2355 elif grep -n "^#$__opt$__sep" "$__conf" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2356 if _contains "$__val" "&"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2357 __val="$(echo "$__val" | sed 's/&/\\&/g')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2358 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2359 if _contains "$__val" "|"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2360 __val="$(echo "$__val" | sed 's/|/\\|/g')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2361 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2362 text="$(cat "$__conf")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2363 printf -- "%s\n" "$text" | sed "s|^#$__opt$__sep.*$|$__opt$__sep$__val$__end|" >"$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2364
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2365 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2366 _debug3 APP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2367 echo "$__opt$__sep$__val$__end" >>"$__conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2368 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2369 _debug3 "$(grep -n "^$__opt$__sep" "$__conf")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2370 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2371
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2372 #_save_conf file key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2373 #save to conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2374 _save_conf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2375 _s_c_f="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2376 _sdkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2377 _sdvalue="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2378 _b64encode="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2379 if [ "$_sdvalue" ] && [ "$_b64encode" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2380 _sdvalue="${B64CONF_START}$(printf "%s" "${_sdvalue}" | _base64)${B64CONF_END}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2381 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2382 if [ "$_s_c_f" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2383 _setopt "$_s_c_f" "$_sdkey" "=" "'$_sdvalue'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2384 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2385 _err "Config file is empty, cannot save $_sdkey=$_sdvalue"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2386 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2387 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2388
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2389 #_clear_conf file key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2390 _clear_conf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2391 _c_c_f="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2392 _sdkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2393 if [ "$_c_c_f" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2394 _conf_data="$(cat "$_c_c_f")"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2395 echo "$_conf_data" | sed "/^$_sdkey *=.*$/d" >"$_c_c_f"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2396 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2397 _err "Config file is empty, cannot clear"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2398 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2399 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2400
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2401 #_read_conf file key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2402 _read_conf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2403 _r_c_f="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2404 _sdkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2405 if [ -f "$_r_c_f" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2406 _sdv="$(
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2407 eval "$(grep "^$_sdkey *=" "$_r_c_f")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2408 eval "printf \"%s\" \"\$$_sdkey\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2409 )"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2410 if _startswith "$_sdv" "${B64CONF_START}" && _endswith "$_sdv" "${B64CONF_END}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2411 _sdv="$(echo "$_sdv" | sed "s/${B64CONF_START}//" | sed "s/${B64CONF_END}//" | _dbase64)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2412 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2413 printf "%s" "$_sdv"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2414 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2415 _debug "Config file is empty, cannot read $_sdkey"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2416 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2417 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2418
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2419 #_savedomainconf key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2420 #save to domain.conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2421 _savedomainconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2422 _save_conf "$DOMAIN_CONF" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2423 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2424
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2425 #_cleardomainconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2426 _cleardomainconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2427 _clear_conf "$DOMAIN_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2428 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2429
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2430 #_readdomainconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2431 _readdomainconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2432 _read_conf "$DOMAIN_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2433 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2434
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2435 #_migratedomainconf oldkey newkey base64encode
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2436 _migratedomainconf() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2437 _old_key="$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2438 _new_key="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2439 _b64encode="$3"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2440 _old_value=$(_readdomainconf "$_old_key")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2441 _cleardomainconf "$_old_key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2442 if [ -z "$_old_value" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2443 return 1 # migrated failed: old value is empty
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2444 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2445 _new_value=$(_readdomainconf "$_new_key")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2446 if [ -n "$_new_value" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2447 _debug "Domain config new key exists, old key $_old_key='$_old_value' has been removed."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2448 return 1 # migrated failed: old value replaced by new value
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2449 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2450 _savedomainconf "$_new_key" "$_old_value" "$_b64encode"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2451 _debug "Domain config $_old_key has been migrated to $_new_key."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2452 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2453
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2454 #_migratedeployconf oldkey newkey base64encode
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2455 _migratedeployconf() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2456 _migratedomainconf "$1" "SAVED_$2" "$3" ||
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2457 _migratedomainconf "SAVED_$1" "SAVED_$2" "$3" # try only when oldkey itself is not found
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2458 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2459
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2460 #key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2461 _savedeployconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2462 _savedomainconf "SAVED_$1" "$2" "$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2463 #remove later
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2464 _cleardomainconf "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2465 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2466
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2467 #key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2468 _getdeployconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2469 _rac_key="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2470 _rac_value="$(eval echo \$"$_rac_key")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2471 if [ "$_rac_value" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2472 if _startswith "$_rac_value" '"' && _endswith "$_rac_value" '"'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2473 _debug2 "trim quotation marks"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2474 eval $_rac_key=$_rac_value
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2475 export $_rac_key
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2476 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2477 return 0 # do nothing
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2478 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2479 _saved="$(_readdomainconf "SAVED_$_rac_key")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2480 eval $_rac_key=\$_saved
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2481 export $_rac_key
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2482 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2483
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2484 #_saveaccountconf key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2485 _saveaccountconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2486 _save_conf "$ACCOUNT_CONF_PATH" "$@"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2487 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2488
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2489 #key value base64encode
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2490 _saveaccountconf_mutable() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2491 _save_conf "$ACCOUNT_CONF_PATH" "SAVED_$1" "$2" "$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2492 #remove later
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2493 _clearaccountconf "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2494 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2495
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2496 #key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2497 _readaccountconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2498 _read_conf "$ACCOUNT_CONF_PATH" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2499 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2500
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2501 #key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2502 _readaccountconf_mutable() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2503 _rac_key="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2504 _readaccountconf "SAVED_$_rac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2505 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2506
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2507 #_clearaccountconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2508 _clearaccountconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2509 _clear_conf "$ACCOUNT_CONF_PATH" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2510 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2511
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2512 #key
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2513 _clearaccountconf_mutable() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2514 _clearaccountconf "SAVED_$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2515 #remove later
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2516 _clearaccountconf "$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2517 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2518
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2519 #_savecaconf key value
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2520 _savecaconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2521 _save_conf "$CA_CONF" "$1" "$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2522 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2523
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2524 #_readcaconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2525 _readcaconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2526 _read_conf "$CA_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2527 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2528
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2529 #_clearaccountconf key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2530 _clearcaconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2531 _clear_conf "$CA_CONF" "$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2532 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2533
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2534 # content localaddress
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2535 _startserver() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2536 content="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2537 ncaddr="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2538 _debug "content" "$content"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2539 _debug "ncaddr" "$ncaddr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2540
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2541 _debug "startserver: $$"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2542
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2543 _debug Le_HTTPPort "$Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2544 _debug Le_Listen_V4 "$Le_Listen_V4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2545 _debug Le_Listen_V6 "$Le_Listen_V6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2546
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2547 _NC="socat"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2548 if [ "$Le_Listen_V6" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2549 _NC="$_NC -6"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2550 SOCAT_OPTIONS=TCP6-LISTEN
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2551 elif [ "$Le_Listen_V4" ]; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2552 _NC="$_NC -4"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2553 SOCAT_OPTIONS=TCP4-LISTEN
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2554 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2555 SOCAT_OPTIONS=TCP-LISTEN
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2556 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2557
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2558 if [ "$DEBUG" ] && [ "$DEBUG" -gt "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2559 _NC="$_NC -d -d -v"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2560 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2561
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2562 SOCAT_OPTIONS=$SOCAT_OPTIONS:$Le_HTTPPort,crlf,reuseaddr,fork
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2563
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2564 #Adding bind to local-address
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2565 if [ "$ncaddr" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2566 SOCAT_OPTIONS="$SOCAT_OPTIONS,bind=${ncaddr}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2567 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2568
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2569 _content_len="$(printf "%s" "$content" | wc -c)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2570 _debug _content_len "$_content_len"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2571 _debug "_NC" "$_NC $SOCAT_OPTIONS"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2572 export _SOCAT_ERR="$(_mktemp)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2573 $_NC $SOCAT_OPTIONS SYSTEM:"sleep 1; \
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2574 echo 'HTTP/1.0 200 OK'; \
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2575 echo 'Content-Length\: $_content_len'; \
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2576 echo ''; \
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2577 printf '%s' '$content';" 2>"$_SOCAT_ERR" &
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2578 serverproc="$!"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2579 if [ -f "$_SOCAT_ERR" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2580 if grep "Permission denied" "$_SOCAT_ERR" >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2581 _err "socat: $(cat $_SOCAT_ERR)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2582 _err "Can not listen for user: $(whoami)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2583 _err "Maybe try with root again?"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2584 rm -f "$_SOCAT_ERR"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2585 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2586 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2587 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2588 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2589
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2590 _stopserver() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2591 pid="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2592 _debug "pid" "$pid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2593 if [ -z "$pid" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2594 rm -f "$_SOCAT_ERR"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2595 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2596 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2597
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2598 kill $pid
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2599 rm -f "$_SOCAT_ERR"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2600
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2601 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2602
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2603 # sleep sec
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2604 _sleep() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2605 _sleep_sec="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2606 if [ "$__INTERACTIVE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2607 _sleep_c="$_sleep_sec"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2608 while [ "$_sleep_c" -ge "0" ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2609 printf "\r \r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2610 __green "$_sleep_c"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2611 _sleep_c="$(_math "$_sleep_c" - 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2612 sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2613 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2614 printf "\r"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2615 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2616 sleep "$_sleep_sec"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2617 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2618 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2619
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2620 # _starttlsserver san_a san_b port content _ncaddr acmeValidationv1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2621 _starttlsserver() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2622 _info "Starting tls server."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2623 san_a="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2624 san_b="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2625 port="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2626 content="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2627 opaddr="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2628 acmeValidationv1="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2629
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2630 _debug san_a "$san_a"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2631 _debug san_b "$san_b"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2632 _debug port "$port"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2633 _debug acmeValidationv1 "$acmeValidationv1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2634
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2635 #create key TLS_KEY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2636 if ! _createkey "2048" "$TLS_KEY"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2637 _err "Error creating TLS validation key."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2638 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2639 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2640
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2641 #create csr
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2642 alt="$san_a"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2643 if [ "$san_b" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2644 alt="$alt,$san_b"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2645 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2646 if ! _createcsr "tls.acme.sh" "$alt" "$TLS_KEY" "$TLS_CSR" "$TLS_CONF" "$acmeValidationv1"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2647 _err "Error creating TLS validation CSR."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2648 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2649 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2650
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2651 #self signed
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2652 if ! _signcsr "$TLS_KEY" "$TLS_CSR" "$TLS_CONF" "$TLS_CERT"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2653 _err "Error creating TLS validation cert."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2654 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2655 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2656
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2657 __S_OPENSSL="${ACME_OPENSSL_BIN:-openssl} s_server -www -cert $TLS_CERT -key $TLS_KEY "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2658 if [ "$opaddr" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2659 __S_OPENSSL="$__S_OPENSSL -accept $opaddr:$port"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2660 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2661 __S_OPENSSL="$__S_OPENSSL -accept $port"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2662 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2663
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2664 _debug Le_Listen_V4 "$Le_Listen_V4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2665 _debug Le_Listen_V6 "$Le_Listen_V6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2666 if [ "$Le_Listen_V4" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2667 __S_OPENSSL="$__S_OPENSSL -4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2668 elif [ "$Le_Listen_V6" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2669 __S_OPENSSL="$__S_OPENSSL -6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2670 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2671
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2672 if [ "$acmeValidationv1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2673 __S_OPENSSL="$__S_OPENSSL -alpn acme-tls/1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2674 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2675
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2676 _debug "$__S_OPENSSL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2677 if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2678 $__S_OPENSSL -tlsextdebug &
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2679 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2680 $__S_OPENSSL >/dev/null 2>&1 &
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2681 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2682
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2683 serverproc="$!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2684 sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2685 _debug serverproc "$serverproc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2686 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2687
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2688 #file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2689 _readlink() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2690 _rf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2691 if ! readlink -f "$_rf" 2>/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2692 if _startswith "$_rf" "/"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2693 echo "$_rf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2694 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2695 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2696 echo "$(pwd)/$_rf" | _conapath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2697 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2698 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2699
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2700 _conapath() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2701 sed "s#/\./#/#g"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2702 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2703
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2704 __initHome() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2705 if [ -z "$_SCRIPT_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2706 if _exists readlink && _exists dirname; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2707 _debug "Let's find the script directory."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2708 _debug "_SCRIPT_" "$_SCRIPT_"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2709 _script="$(_readlink "$_SCRIPT_")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2710 _debug "_script" "$_script"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2711 _script_home="$(dirname "$_script")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2712 _debug "_script_home" "$_script_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2713 if [ -d "$_script_home" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2714 export _SCRIPT_HOME="$_script_home"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2715 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2716 _err "It seems the script home is not correct: $_script_home"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2717 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2718 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2719 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2720
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2721 # if [ -z "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2722 # if [ -f "$DEFAULT_INSTALL_HOME/account.conf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2723 # _debug "It seems that $PROJECT_NAME is already installed in $DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2724 # LE_WORKING_DIR="$DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2725 # else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2726 # LE_WORKING_DIR="$_SCRIPT_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2727 # fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2728 # fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2729
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2730 if [ -z "$LE_WORKING_DIR" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2731 _debug "Using default home: $DEFAULT_INSTALL_HOME"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2732 LE_WORKING_DIR="$DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2733 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2734 export LE_WORKING_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2735
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2736 if [ -z "$LE_CONFIG_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2737 LE_CONFIG_HOME="$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2738 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2739 _debug "Using config home: $LE_CONFIG_HOME"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2740 export LE_CONFIG_HOME
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2741
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2742 _DEFAULT_ACCOUNT_CONF_PATH="$LE_CONFIG_HOME/account.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2743
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2744 if [ -z "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2745 if [ -f "$_DEFAULT_ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2746 . "$_DEFAULT_ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2747 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2748 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2749
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2750 if [ -z "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2751 ACCOUNT_CONF_PATH="$_DEFAULT_ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2752 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2753 _debug3 ACCOUNT_CONF_PATH "$ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2754 DEFAULT_LOG_FILE="$LE_CONFIG_HOME/$PROJECT_NAME.log"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2755
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2756 DEFAULT_CA_HOME="$LE_CONFIG_HOME/ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2757
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2758 if [ -z "$LE_TEMP_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2759 LE_TEMP_DIR="$LE_CONFIG_HOME/tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2760 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2761 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2762
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2763 _clearAPI() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2764 ACME_NEW_ACCOUNT=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2765 ACME_KEY_CHANGE=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2766 ACME_NEW_AUTHZ=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2767 ACME_NEW_ORDER=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2768 ACME_REVOKE_CERT=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2769 ACME_NEW_NONCE=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2770 ACME_AGREEMENT=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2771 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2772
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2773 #server
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2774 _initAPI() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2775 _api_server="${1:-$ACME_DIRECTORY}"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2776 _debug "_init API for server: $_api_server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2777
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2778 MAX_API_RETRY_TIMES=10
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2779 _sleep_retry_sec=10
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2780 _request_retry_times=0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2781 while [ -z "$ACME_NEW_ACCOUNT" ] && [ "${_request_retry_times}" -lt "$MAX_API_RETRY_TIMES" ]; do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2782 _request_retry_times=$(_math "$_request_retry_times" + 1)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2783 response=$(_get "$_api_server" "" 10)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2784 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2785 _debug2 "response" "$response"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2786 _info "Cannot init API for: $_api_server."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2787 _info "Sleeping for $_sleep_retry_sec seconds and retrying."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2788 _sleep "$_sleep_retry_sec"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2789 continue
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2790 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2791 response=$(echo "$response" | _json_decode)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2792 _debug2 "response" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2793
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2794 ACME_KEY_CHANGE=$(echo "$response" | _egrep_o 'keyChange" *: *"[^"]*"' | cut -d '"' -f 3)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2795 export ACME_KEY_CHANGE
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2796
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2797 ACME_NEW_AUTHZ=$(echo "$response" | _egrep_o 'newAuthz" *: *"[^"]*"' | cut -d '"' -f 3)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2798 export ACME_NEW_AUTHZ
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2799
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2800 ACME_NEW_ORDER=$(echo "$response" | _egrep_o 'newOrder" *: *"[^"]*"' | cut -d '"' -f 3)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2801 export ACME_NEW_ORDER
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2802
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2803 ACME_NEW_ACCOUNT=$(echo "$response" | _egrep_o 'newAccount" *: *"[^"]*"' | cut -d '"' -f 3)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2804 export ACME_NEW_ACCOUNT
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2805
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2806 ACME_REVOKE_CERT=$(echo "$response" | _egrep_o 'revokeCert" *: *"[^"]*"' | cut -d '"' -f 3)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2807 export ACME_REVOKE_CERT
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2808
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2809 ACME_NEW_NONCE=$(echo "$response" | _egrep_o 'newNonce" *: *"[^"]*"' | cut -d '"' -f 3)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2810 export ACME_NEW_NONCE
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2811
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2812 ACME_AGREEMENT=$(echo "$response" | _egrep_o 'termsOfService" *: *"[^"]*"' | cut -d '"' -f 3)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2813 export ACME_AGREEMENT
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2814
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2815 _debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2816 _debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2817 _debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2818 _debug "ACME_NEW_ACCOUNT" "$ACME_NEW_ACCOUNT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2819 _debug "ACME_REVOKE_CERT" "$ACME_REVOKE_CERT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2820 _debug "ACME_AGREEMENT" "$ACME_AGREEMENT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2821 _debug "ACME_NEW_NONCE" "$ACME_NEW_NONCE"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2822 if [ "$ACME_NEW_ACCOUNT" ] && [ "$ACME_NEW_ORDER" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2823 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2824 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2825 _info "Sleeping for $_sleep_retry_sec seconds and retrying."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2826 _sleep "$_sleep_retry_sec"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2827 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2828 if [ "$ACME_NEW_ACCOUNT" ] && [ "$ACME_NEW_ORDER" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2829 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2830 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2831 _err "Cannot init API for $_api_server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2832 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2833 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2834
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2835 _clearCA() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2836 export CA_CONF=
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2837 export ACCOUNT_KEY_PATH=
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2838 export ACCOUNT_JSON_PATH=
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2839 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2840
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2841 #[domain] [keylength or isEcc flag]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2842 _initpath() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2843 domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2844 _ilength="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2845
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2846 __initHome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2847
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2848 if [ -f "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2849 . "$ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2850 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2851
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2852 if [ "$_ACME_IN_CRON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2853 if [ ! "$_USER_PATH_EXPORTED" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2854 _USER_PATH_EXPORTED=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2855 export PATH="$USER_PATH:$PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2856 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2857 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2858
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2859 if [ -z "$CA_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2860 CA_HOME="$DEFAULT_CA_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2861 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2862
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2863 if [ -z "$ACME_DIRECTORY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2864 if [ "$STAGE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2865 ACME_DIRECTORY="$DEFAULT_STAGING_CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2866 _info "Using ACME_DIRECTORY: $ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2867 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2868 default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2869 _debug default_acme_server "$default_acme_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2870 if [ "$default_acme_server" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2871 ACME_DIRECTORY="$default_acme_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2872 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2873 ACME_DIRECTORY="$DEFAULT_CA"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2874 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2875 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2876 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2877
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2878 _debug ACME_DIRECTORY "$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2879 _ACME_SERVER_HOST="$(echo "$ACME_DIRECTORY" | cut -d : -f 2 | tr -s / | cut -d / -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2880 _debug2 "_ACME_SERVER_HOST" "$_ACME_SERVER_HOST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2881
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2882 _ACME_SERVER_PATH="$(echo "$ACME_DIRECTORY" | cut -d : -f 2- | tr -s / | cut -d / -f 3-)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2883 _debug2 "_ACME_SERVER_PATH" "$_ACME_SERVER_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2884
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2885 CA_DIR="$CA_HOME/$_ACME_SERVER_HOST/$_ACME_SERVER_PATH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2886 _DEFAULT_CA_CONF="$CA_DIR/ca.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2887 if [ -z "$CA_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2888 CA_CONF="$_DEFAULT_CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2889 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2890 _debug3 CA_CONF "$CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2891
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2892 _OLD_CADIR="$CA_HOME/$_ACME_SERVER_HOST"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2893 _OLD_ACCOUNT_KEY="$_OLD_CADIR/account.key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2894 _OLD_ACCOUNT_JSON="$_OLD_CADIR/account.json"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2895 _OLD_CA_CONF="$_OLD_CADIR/ca.conf"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2896
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2897 _DEFAULT_ACCOUNT_KEY_PATH="$CA_DIR/account.key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2898 _DEFAULT_ACCOUNT_JSON_PATH="$CA_DIR/account.json"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2899 if [ -z "$ACCOUNT_KEY_PATH" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2900 ACCOUNT_KEY_PATH="$_DEFAULT_ACCOUNT_KEY_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2901 if [ -f "$_OLD_ACCOUNT_KEY" ] && ! [ -f "$ACCOUNT_KEY_PATH" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2902 mkdir -p "$CA_DIR"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2903 mv "$_OLD_ACCOUNT_KEY" "$ACCOUNT_KEY_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2904 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2905 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2906
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2907 if [ -z "$ACCOUNT_JSON_PATH" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2908 ACCOUNT_JSON_PATH="$_DEFAULT_ACCOUNT_JSON_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2909 if [ -f "$_OLD_ACCOUNT_JSON" ] && ! [ -f "$ACCOUNT_JSON_PATH" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2910 mkdir -p "$CA_DIR"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2911 mv "$_OLD_ACCOUNT_JSON" "$ACCOUNT_JSON_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2912 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2913 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2914
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2915 if [ -f "$_OLD_CA_CONF" ] && ! [ -f "$CA_CONF" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2916 mkdir -p "$CA_DIR"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2917 mv "$_OLD_CA_CONF" "$CA_CONF"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2918 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2919
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2920 if [ -f "$CA_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2921 . "$CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2922 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2923
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2924 if [ -z "$ACME_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2925 ACME_DIR="/home/.acme"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2926 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2927
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2928 if [ -z "$APACHE_CONF_BACKUP_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2929 APACHE_CONF_BACKUP_DIR="$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2930 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2931
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2932 if [ -z "$USER_AGENT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2933 USER_AGENT="$DEFAULT_USER_AGENT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2934 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2935
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2936 if [ -z "$HTTP_HEADER" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2937 HTTP_HEADER="$LE_CONFIG_HOME/http.header"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2938 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2939
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2940 _DEFAULT_CERT_HOME="$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2941 if [ -z "$CERT_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2942 CERT_HOME="$_DEFAULT_CERT_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2943 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2944
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2945 if [ -z "$ACME_OPENSSL_BIN" ] || [ ! -f "$ACME_OPENSSL_BIN" ] || [ ! -x "$ACME_OPENSSL_BIN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2946 ACME_OPENSSL_BIN="$DEFAULT_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2947 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2948
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2949 if [ -z "$domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2950 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2951 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2952
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2953 if [ -z "$DOMAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2954 domainhome="$CERT_HOME/$domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2955 domainhomeecc="$CERT_HOME/$domain$ECC_SUFFIX"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2956
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2957 DOMAIN_PATH="$domainhome"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2958
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2959 if _isEccKey "$_ilength"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2960 DOMAIN_PATH="$domainhomeecc"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2961 elif [ -z "$__SELECTED_RSA_KEY" ]; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2962 if [ ! -d "$domainhome" ] && [ -d "$domainhomeecc" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2963 _info "The domain '$domain' seems to already have an ECC cert, let's use it."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2964 DOMAIN_PATH="$domainhomeecc"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2965 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2966 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2967 _debug DOMAIN_PATH "$DOMAIN_PATH"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
2968 export DOMAIN_PATH
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2969 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2970
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2971 if [ -z "$DOMAIN_BACKUP_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2972 DOMAIN_BACKUP_PATH="$DOMAIN_PATH/backup"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2973 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2974
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2975 if [ -z "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2976 DOMAIN_CONF="$DOMAIN_PATH/$domain.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2977 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2978
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2979 if [ -z "$DOMAIN_SSL_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2980 DOMAIN_SSL_CONF="$DOMAIN_PATH/$domain.csr.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2981 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2982
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2983 if [ -z "$CSR_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2984 CSR_PATH="$DOMAIN_PATH/$domain.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2985 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2986 if [ -z "$CERT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2987 CERT_KEY_PATH="$DOMAIN_PATH/$domain.key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2988 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2989 if [ -z "$CERT_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2990 CERT_PATH="$DOMAIN_PATH/$domain.cer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2991 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2992 if [ -z "$CA_CERT_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2993 CA_CERT_PATH="$DOMAIN_PATH/ca.cer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2994 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2995 if [ -z "$CERT_FULLCHAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2996 CERT_FULLCHAIN_PATH="$DOMAIN_PATH/fullchain.cer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2997 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2998 if [ -z "$CERT_PFX_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
2999 CERT_PFX_PATH="$DOMAIN_PATH/$domain.pfx"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3000 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3001 if [ -z "$CERT_PKCS8_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3002 CERT_PKCS8_PATH="$DOMAIN_PATH/$domain.pkcs8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3003 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3004
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3005 if [ -z "$TLS_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3006 TLS_CONF="$DOMAIN_PATH/tls.validation.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3007 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3008 if [ -z "$TLS_CERT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3009 TLS_CERT="$DOMAIN_PATH/tls.validation.cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3010 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3011 if [ -z "$TLS_KEY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3012 TLS_KEY="$DOMAIN_PATH/tls.validation.key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3013 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3014 if [ -z "$TLS_CSR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3015 TLS_CSR="$DOMAIN_PATH/tls.validation.csr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3016 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3017
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3018 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3019
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3020 _apachePath() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3021 _APACHECTL="apachectl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3022 if ! _exists apachectl; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3023 if _exists apache2ctl; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3024 _APACHECTL="apache2ctl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3025 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3026 _err "'apachectl not found. It seems that Apache is not installed or you are not root.'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3027 _err "Please use webroot mode to try again."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3028 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3029 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3030 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3031
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3032 if ! $_APACHECTL -V >/dev/null; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3033 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3034 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3035
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3036 if [ "$APACHE_HTTPD_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3037 _saveaccountconf APACHE_HTTPD_CONF "$APACHE_HTTPD_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3038 httpdconf="$APACHE_HTTPD_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3039 httpdconfname="$(basename "$httpdconfname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3040 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3041 httpdconfname="$($_APACHECTL -V | grep SERVER_CONFIG_FILE= | cut -d = -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3042 _debug httpdconfname "$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3043
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3044 if [ -z "$httpdconfname" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3045 _err "Cannot read Apache config file."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3046 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3047 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3048
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3049 if _startswith "$httpdconfname" '/'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3050 httpdconf="$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3051 httpdconfname="$(basename "$httpdconfname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3052 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3053 httpdroot="$($_APACHECTL -V | grep HTTPD_ROOT= | cut -d = -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3054 _debug httpdroot "$httpdroot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3055 httpdconf="$httpdroot/$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3056 httpdconfname="$(basename "$httpdconfname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3057 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3058 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3059 _debug httpdconf "$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3060 _debug httpdconfname "$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3061 if [ ! -f "$httpdconf" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3062 _err "Apache config file not found" "$httpdconf"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3063 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3064 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3065 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3066 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3067
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3068 _restoreApache() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3069 if [ -z "$usingApache" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3070 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3071 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3072 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3073 if ! _apachePath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3074 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3075 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3076
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3077 if [ ! -f "$APACHE_CONF_BACKUP_DIR/$httpdconfname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3078 _debug "No config file to restore."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3079 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3080 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3081
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3082 cat "$APACHE_CONF_BACKUP_DIR/$httpdconfname" >"$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3083 _debug "Restored: $httpdconf."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3084 if ! $_APACHECTL -t; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3085 _err "Sorry, there's been an error restoring the Apache config. Please ask for support on $PROJECT."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3086 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3087 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3088 _debug "Restored successfully."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3089 rm -f "$APACHE_CONF_BACKUP_DIR/$httpdconfname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3090 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3091 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3092
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3093 _setApache() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3094 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3095 if ! _apachePath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3096 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3097 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3098
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3099 #test the conf first
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3100 _info "Checking if there is an error in the Apache config file before starting."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3101
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3102 if ! $_APACHECTL -t >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3103 _err "The Apache config file has errors, please fix them first then try again."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3104 _err "Don't worry, no changes to your system have been made."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3105 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3106 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3107 _info "OK"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3108 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3109
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3110 #backup the conf
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3111 _debug "Backing up Apache config file" "$httpdconf"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3112 if ! cp "$httpdconf" "$APACHE_CONF_BACKUP_DIR/"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3113 _err "Cannot backup Apache config file, aborting. Don't worry, the Apache config has not been changed."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3114 _err "This might be an $PROJECT_NAME bug, please open an issue on $PROJECT"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3115 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3116 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3117 _info "Config file $httpdconf has been backed up to $APACHE_CONF_BACKUP_DIR/$httpdconfname"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3118 _info "In case an error causes it to not be restored automatically, you can restore it yourself."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3119 _info "You do not need to do anything on success, as the backup file will automatically be deleted."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3120
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3121 #add alias
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3122
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3123 apacheVer="$($_APACHECTL -V | grep "Server version:" | cut -d : -f 2 | cut -d " " -f 2 | cut -d '/' -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3124 _debug "apacheVer" "$apacheVer"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3125 apacheMajor="$(echo "$apacheVer" | cut -d . -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3126 apacheMinor="$(echo "$apacheVer" | cut -d . -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3127
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3128 if [ "$apacheVer" ] && [ "$apacheMajor$apacheMinor" -ge "24" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3129 echo "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3130 Alias /.well-known/acme-challenge $ACME_DIR
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3131
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3132 <Directory $ACME_DIR >
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3133 Require all granted
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3134 </Directory>
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3135 " >>"$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3136 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3137 echo "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3138 Alias /.well-known/acme-challenge $ACME_DIR
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3139
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3140 <Directory $ACME_DIR >
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3141 Order allow,deny
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3142 Allow from all
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3143 </Directory>
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3144 " >>"$httpdconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3145 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3146
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3147 _msg="$($_APACHECTL -t 2>&1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3148 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3149 _err "Sorry, an Apache config error has occurred"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3150 if _restoreApache; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3151 _err "The Apache config file has been restored."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3152 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3153 _err "Sorry, the Apache config file cannot be restored, please open an issue on $PROJECT."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3154 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3155 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3156 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3157
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3158 if [ ! -d "$ACME_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3159 mkdir -p "$ACME_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3160 chmod 755 "$ACME_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3161 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3162
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3163 if ! $_APACHECTL graceful; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3164 _err "$_APACHECTL graceful error, please open an issue on $PROJECT."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3165 _restoreApache
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3166 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3167 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3168 usingApache="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3169 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3170 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3171
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3172 #find the real nginx conf file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3173 #backup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3174 #set the nginx conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3175 #returns the real nginx conf file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3176 _setNginx() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3177 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3178 _croot="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3179 _thumbpt="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3180
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3181 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3182 FOUND_REAL_NGINX_CONF_LN=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3183 BACKUP_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3184 _debug _croot "$_croot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3185 _start_f="$(echo "$_croot" | cut -d : -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3186 _debug _start_f "$_start_f"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3187 if [ -z "$_start_f" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3188 _debug "Finding config using the nginx command"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3189 if [ -z "$NGINX_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3190 if ! _exists "nginx"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3191 _err "nginx command not found."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3192 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3193 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3194 NGINX_CONF="$(nginx -V 2>&1 | _egrep_o "\-\-conf-path=[^ ]* " | tr -d " ")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3195 _debug NGINX_CONF "$NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3196 NGINX_CONF="$(echo "$NGINX_CONF" | cut -d = -f 2)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3197 _debug NGINX_CONF "$NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3198 if [ -z "$NGINX_CONF" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3199 _err "Cannot find nginx config."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3200 NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3201 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3202 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3203 if [ ! -f "$NGINX_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3204 _err "'$NGINX_CONF' doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3205 NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3206 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3207 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3208 _debug "Found nginx config file: $NGINX_CONF"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3209 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3210 _start_f="$NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3211 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3212 _debug "Detecting nginx conf for $_d from: $_start_f"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3213 if ! _checkConf "$_d" "$_start_f"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3214 _err "Cannot find config file for domain $d"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3215 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3216 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3217 _info "Found config file: $FOUND_REAL_NGINX_CONF"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3218
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3219 _ln=$FOUND_REAL_NGINX_CONF_LN
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3220 _debug "_ln" "$_ln"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3221
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3222 _lnn=$(_math $_ln + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3223 _debug _lnn "$_lnn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3224 _start_tag="$(sed -n "$_lnn,${_lnn}p" "$FOUND_REAL_NGINX_CONF")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3225 _debug "_start_tag" "$_start_tag"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3226 if [ "$_start_tag" = "$NGINX_START" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3227 _info "The domain $_d is already configured, skipping"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3228 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3229 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3230 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3231
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3232 mkdir -p "$DOMAIN_BACKUP_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3233 _backup_conf="$DOMAIN_BACKUP_PATH/$_d.nginx.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3234 _debug _backup_conf "$_backup_conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3235 BACKUP_NGINX_CONF="$_backup_conf"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3236 _info "Backing $FOUND_REAL_NGINX_CONF up to $_backup_conf"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3237 if ! cp "$FOUND_REAL_NGINX_CONF" "$_backup_conf"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3238 _err "Backup error."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3239 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3240 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3241 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3242
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3243 if ! _exists "nginx"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3244 _err "nginx command not found."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3245 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3246 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3247 _info "Checking the nginx config before setting up."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3248 if ! nginx -t >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3249 _err "It seems that the nginx config is not correct, cannot continue."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3250 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3251 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3252
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3253 _info "OK, setting up the nginx config file"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3254
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3255 if ! sed -n "1,${_ln}p" "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3256 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3257 _err "Error writing nginx config. Restoring it to its original version."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3258 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3259 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3260
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3261 echo "$NGINX_START
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3262 location ~ \"^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)\$\" {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3263 default_type text/plain;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3264 return 200 \"\$1.$_thumbpt\";
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3265 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3266 #NGINX_START
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3267 " >>"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3268
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3269 if ! sed -n "${_lnn},99999p" "$_backup_conf" >>"$FOUND_REAL_NGINX_CONF"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3270 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3271 _err "Error writing nginx config. Restoring it to its original version."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3272 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3273 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3274 _debug3 "Modified config:$(cat $FOUND_REAL_NGINX_CONF)"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3275 _info "nginx config has been written, let's check it again."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3276 if ! nginx -t >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3277 _err "There seems to be a problem with the nginx config, let's restore it to its original version."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3278 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3279 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3280 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3281
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3282 _info "Reloading nginx"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3283 if ! nginx -s reload >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3284 _err "There seems to be a problem with the nginx config, let's restore it to its original version."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3285 cat "$_backup_conf" >"$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3286 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3287 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3288
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3289 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3290 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3291
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3292 #d , conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3293 _checkConf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3294 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3295 _c_file="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3296 _debug "Starting _checkConf from: $_c_file"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3297 if [ ! -f "$2" ] && ! echo "$2" | grep '*$' >/dev/null && echo "$2" | grep '*' >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3298 _debug "wildcard"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3299 for _w_f in $2; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3300 if [ -f "$_w_f" ] && _checkConf "$1" "$_w_f"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3301 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3302 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3303 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3304 #not found
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3305 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3306 elif [ -f "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3307 _debug "single"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3308 if _isRealNginxConf "$1" "$2"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3309 _debug "$2 found."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3310 FOUND_REAL_NGINX_CONF="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3311 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3312 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3313 if cat "$2" | tr "\t" " " | grep "^ *include *.*;" >/dev/null; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3314 _debug "Trying include files"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3315 for included in $(cat "$2" | tr "\t" " " | grep "^ *include *.*;" | sed "s/include //" | tr -d " ;"); do
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3316 _debug "Checking included $included"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3317 if ! _startswith "$included" "/" && _exists dirname; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3318 _relpath="$(dirname "$2")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3319 _debug "_relpath" "$_relpath"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3320 included="$_relpath/$included"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3321 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3322 if _checkConf "$1" "$included"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3323 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3324 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3325 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3326 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3327 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3328 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3329 _debug "$2 not found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3330 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3331 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3332 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3333 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3334
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3335 #d , conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3336 _isRealNginxConf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3337 _debug "_isRealNginxConf $1 $2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3338 if [ -f "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3339 for _fln in $(tr "\t" ' ' <"$2" | grep -n "^ *server_name.* $1" | cut -d : -f 1); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3340 _debug _fln "$_fln"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3341 if [ "$_fln" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3342 _start=$(tr "\t" ' ' <"$2" | _head_n "$_fln" | grep -n "^ *server *" | grep -v server_name | _tail_n 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3343 _debug "_start" "$_start"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3344 _start_n=$(echo "$_start" | cut -d : -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3345 _start_nn=$(_math $_start_n + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3346 _debug "_start_n" "$_start_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3347 _debug "_start_nn" "$_start_nn"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3348
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3349 _left="$(sed -n "${_start_nn},99999p" "$2")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3350 _debug2 _left "$_left"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3351 _end="$(echo "$_left" | tr "\t" ' ' | grep -n "^ *server *" | grep -v server_name | _head_n 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3352 _debug "_end" "$_end"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3353 if [ "$_end" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3354 _end_n=$(echo "$_end" | cut -d : -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3355 _debug "_end_n" "$_end_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3356 _seg_n=$(echo "$_left" | sed -n "1,${_end_n}p")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3357 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3358 _seg_n="$_left"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3359 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3360
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3361 _debug "_seg_n" "$_seg_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3362
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3363 _skip_ssl=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3364 for _listen_i in $(echo "$_seg_n" | tr "\t" ' ' | grep "^ *listen" | tr -d " "); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3365 if [ "$_listen_i" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3366 if [ "$(echo "$_listen_i" | _egrep_o "listen.*ssl")" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3367 _debug2 "$_listen_i is ssl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3368 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3369 _debug2 "$_listen_i is plain text"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3370 _skip_ssl=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3371 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3372 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3373 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3374 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3375
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3376 if [ "$_skip_ssl" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3377 _debug "ssl on, skip"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3378 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3379 FOUND_REAL_NGINX_CONF_LN=$_fln
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3380 _debug3 "found FOUND_REAL_NGINX_CONF_LN" "$FOUND_REAL_NGINX_CONF_LN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3381 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3382 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3383 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3384 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3385 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3386 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3387 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3388
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3389 #restore all the nginx conf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3390 _restoreNginx() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3391 if [ -z "$NGINX_RESTORE_VLIST" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3392 _debug "No need to restore nginx config, skipping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3393 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3394 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3395 _debug "_restoreNginx"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3396 _debug "NGINX_RESTORE_VLIST" "$NGINX_RESTORE_VLIST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3397
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3398 for ng_entry in $(echo "$NGINX_RESTORE_VLIST" | tr "$dvsep" ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3399 _debug "ng_entry" "$ng_entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3400 _nd=$(echo "$ng_entry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3401 _ngconf=$(echo "$ng_entry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3402 _ngbackupconf=$(echo "$ng_entry" | cut -d "$sep" -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3403 _info "Restoring from $_ngbackupconf to $_ngconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3404 cat "$_ngbackupconf" >"$_ngconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3405 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3406
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3407 _info "Reloading nginx"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3408 if ! nginx -s reload >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3409 _err "An error occurred while reloading nginx, please open an issue on $PROJECT."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3410 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3411 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3412 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3413 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3414
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3415 _clearup() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3416 _stopserver "$serverproc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3417 serverproc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3418 _restoreApache
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3419 _restoreNginx
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3420 _clearupdns
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3421 if [ -z "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3422 rm -f "$TLS_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3423 rm -f "$TLS_CERT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3424 rm -f "$TLS_KEY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3425 rm -f "$TLS_CSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3426 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3427 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3428
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3429 _clearupdns() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3430 _debug "_clearupdns"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3431 _debug "dns_entries" "$dns_entries"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3432
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3433 if [ -z "$dns_entries" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3434 _debug "Skipping dns."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3435 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3436 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3437 _info "Removing DNS records."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3438
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3439 for entry in $dns_entries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3440 d=$(_getfield "$entry" 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3441 txtdomain=$(_getfield "$entry" 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3442 aliasDomain=$(_getfield "$entry" 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3443 _currentRoot=$(_getfield "$entry" 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3444 txt=$(_getfield "$entry" 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3445 d_api=$(_getfield "$entry" 6)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3446 _debug "d" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3447 _debug "txtdomain" "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3448 _debug "aliasDomain" "$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3449 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3450 _debug "txt" "$txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3451 _debug "d_api" "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3452 if [ "$d_api" = "$txt" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3453 d_api=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3454 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3455
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3456 if [ -z "$d_api" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3457 _info "Domain API file was not found: $d_api"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3458 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3459 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3460
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3461 if [ "$aliasDomain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3462 txtdomain="$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3463 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3464
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3465 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3466 if ! . "$d_api"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3467 _err "Error loading file $d_api. Please check your API file and try again."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3468 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3469 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3470
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3471 rmcommand="${_currentRoot}_rm"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3472 if ! _exists "$rmcommand"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3473 _err "It seems that your API file doesn't define $rmcommand"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3474 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3475 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3476 _info "Removing txt: $txt for domain: $txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3477 if ! $rmcommand "$txtdomain" "$txt"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3478 _err "Error removing txt for domain: $txtdomain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3479 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3480 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3481 _info "Successfully removed"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3482 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3483
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3484 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3485 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3486
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3487 # webroot removelevel tokenfile
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3488 _clearupwebbroot() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3489 __webroot="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3490 if [ -z "$__webroot" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3491 _debug "No webroot specified, skipping"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3492 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3493 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3494
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3495 _rmpath=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3496 if [ "$2" = '1' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3497 _rmpath="$__webroot/.well-known"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3498 elif [ "$2" = '2' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3499 _rmpath="$__webroot/.well-known/acme-challenge"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3500 elif [ "$2" = '3' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3501 _rmpath="$__webroot/.well-known/acme-challenge/$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3502 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3503 _debug "Skipping for removelevel: $2"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3504 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3505
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3506 if [ "$_rmpath" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3507 if [ "$DEBUG" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3508 _debug "Debugging, not removing: $_rmpath"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3509 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3510 rm -rf "$_rmpath"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3511 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3512 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3513
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3514 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3515
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3516 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3517
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3518 _on_before_issue() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3519 _chk_web_roots="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3520 _chk_main_domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3521 _chk_alt_domains="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3522 _chk_pre_hook="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3523 _chk_local_addr="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3524 _debug _on_before_issue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3525 _debug _chk_main_domain "$_chk_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3526 _debug _chk_alt_domains "$_chk_alt_domains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3527 #run pre hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3528 if [ "$_chk_pre_hook" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3529 _info "Running pre hook:'$_chk_pre_hook'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3530 if ! (
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3531 export Le_Domain="$_chk_main_domain"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3532 export Le_Alt="$_chk_alt_domains"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3533 cd "$DOMAIN_PATH" && eval "$_chk_pre_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3534 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3535 _err "Error occurred when running pre hook."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3536 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3537 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3538 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3539
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3540 if _hasfield "$_chk_web_roots" "$NO_VALUE"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3541 if ! _exists "socat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3542 _err "Please install socat tools first."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3543 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3544 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3545 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3546
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3547 _debug Le_LocalAddress "$_chk_local_addr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3548
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3549 _index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3550 _currentRoot=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3551 _addrIndex=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3552 _w_index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3553 while true; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3554 d="$(echo "$_chk_main_domain,$_chk_alt_domains," | cut -d , -f "$_w_index")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3555 _w_index="$(_math "$_w_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3556 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3557 if [ -z "$d" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3558 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3559 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3560 _debug "Checking for domain" "$d"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3561 _currentRoot="$(_getfield "$_chk_web_roots" $_index)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3562 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3563 _index=$(_math $_index + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3564 _checkport=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3565 if [ "$_currentRoot" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3566 _info "Standalone mode."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3567 if [ -z "$Le_HTTPPort" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3568 Le_HTTPPort=80
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3569 _cleardomainconf "Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3570 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3571 _savedomainconf "Le_HTTPPort" "$Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3572 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3573 _checkport="$Le_HTTPPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3574 elif [ "$_currentRoot" = "$W_ALPN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3575 _info "Standalone alpn mode."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3576 if [ -z "$Le_TLSPort" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3577 Le_TLSPort=443
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3578 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3579 _savedomainconf "Le_TLSPort" "$Le_TLSPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3580 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3581 _checkport="$Le_TLSPort"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3582 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3583
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3584 if [ "$_checkport" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3585 _debug _checkport "$_checkport"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3586 _checkaddr="$(_getfield "$_chk_local_addr" $_addrIndex)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3587 _debug _checkaddr "$_checkaddr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3588
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3589 _addrIndex="$(_math $_addrIndex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3590
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3591 _netprc="$(_ss "$_checkport" | grep "$_checkport")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3592 netprc="$(echo "$_netprc" | grep "$_checkaddr")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3593 if [ -z "$netprc" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3594 netprc="$(echo "$_netprc" | grep "$LOCAL_ANY_ADDRESS:$_checkport")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3595 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3596 if [ "$netprc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3597 _err "$netprc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3598 _err "tcp port $_checkport is already used by $(echo "$netprc" | cut -d : -f 4)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3599 _err "Please stop it first"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3600 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3601 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3602 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3603 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3604
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3605 if _hasfield "$_chk_web_roots" "apache"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3606 if ! _setApache; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3607 _err "Error setting up Apache. Please open an issue on $PROJECT."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3608 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3609 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3610 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3611 usingApache=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3612 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3613
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3614 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3615
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3616 _on_issue_err() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3617 _chk_post_hook="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3618 _chk_vlist="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3619 _debug _on_issue_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3620
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3621 if [ "$LOG_FILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3622 _err "Please check log file for more details: $LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3623 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3624 _err "Please add '--debug' or '--log' to see more information."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3625 _err "See: $_DEBUG_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3626 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3627
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3628 #run the post hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3629 if [ "$_chk_post_hook" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3630 _info "Running post hook: '$_chk_post_hook'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3631 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3632 cd "$DOMAIN_PATH" && eval "$_chk_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3633 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3634 _err "Error encountered while running post hook."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3635 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3636 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3637 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3638
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3639 #trigger the validation to flush the pending authz
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3640 _debug2 "_chk_vlist" "$_chk_vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3641 if [ "$_chk_vlist" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3642 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3643 _debug2 "start to deactivate authz"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3644 ventries=$(echo "$_chk_vlist" | tr "$dvsep" ' ')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3645 for ventry in $ventries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3646 d=$(echo "$ventry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3647 keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3648 uri=$(echo "$ventry" | cut -d "$sep" -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3649 vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3650 _currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3651 __trigger_validation "$uri" "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3652 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3653 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3654 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3655
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3656 if [ "$_ACME_IS_RENEW" = "1" ] && _hasfield "$Le_Webroot" "$W_DNS"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3657 _err "$_DNS_MANUAL_ERR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3658 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3659
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3660 if [ "$DEBUG" ] && [ "$DEBUG" -gt "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3661 _debug "$(_dlg_versions)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3662 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3663
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3664 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3665
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3666 _on_issue_success() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3667 _chk_post_hook="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3668 _chk_renew_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3669 _debug _on_issue_success
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3670
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3671 #run the post hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3672 if [ "$_chk_post_hook" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3673 _info "Running post hook:'$_chk_post_hook'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3674 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3675 export CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3676 export CERT_KEY_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3677 export CA_CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3678 export CERT_FULLCHAIN_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3679 export Le_Domain="$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3680 cd "$DOMAIN_PATH" && eval "$_chk_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3681 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3682 _err "Error encountered while running post hook."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3683 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3684 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3685 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3686
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3687 #run renew hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3688 if [ "$_ACME_IS_RENEW" ] && [ "$_chk_renew_hook" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3689 _info "Running renew hook: '$_chk_renew_hook'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3690 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3691 export CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3692 export CERT_KEY_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3693 export CA_CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3694 export CERT_FULLCHAIN_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3695 export Le_Domain="$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3696 cd "$DOMAIN_PATH" && eval "$_chk_renew_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3697 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3698 _err "Error encountered while running renew hook."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3699 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3700 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3701 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3702
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3703 if _hasfield "$Le_Webroot" "$W_DNS" && [ -z "$FORCE_DNS_MANUAL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3704 _err "$_DNS_MANUAL_WARN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3705 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3706
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3707 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3708
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3709 #account_key_length eab-kid eab-hmac-key
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3710 registeraccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3711 _account_key_length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3712 _eab_id="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3713 _eab_hmac_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3714 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3715 _regAccount "$_account_key_length" "$_eab_id" "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3716 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3717
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3718 __calcAccountKeyHash() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3719 [ -f "$ACCOUNT_KEY_PATH" ] && _digest sha256 <"$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3720 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3721
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3722 __calc_account_thumbprint() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3723 printf "%s" "$jwk" | tr -d ' ' | _digest "sha256" | _url_replace
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3724 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3725
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3726 _getAccountEmail() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3727 if [ "$ACCOUNT_EMAIL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3728 echo "$ACCOUNT_EMAIL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3729 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3730 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3731 if [ -z "$CA_EMAIL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3732 CA_EMAIL="$(_readcaconf CA_EMAIL)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3733 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3734 if [ "$CA_EMAIL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3735 echo "$CA_EMAIL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3736 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3737 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3738 _readaccountconf "ACCOUNT_EMAIL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3739 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3740
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3741 #keylength
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3742 _regAccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3743 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3744 _reg_length="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3745 _eab_id="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3746 _eab_hmac_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3747 _debug3 _regAccount "$_regAccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3748 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3749
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3750 mkdir -p "$CA_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3751
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3752 if [ ! -f "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3753 if ! _create_account_key "$_reg_length"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3754 _err "Error creating account key."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3755 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3756 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3757 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3758
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3759 if ! _calcjwk "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3760 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3761 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3762 if [ "$_eab_id" ] && [ "$_eab_hmac_key" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3763 _savecaconf CA_EAB_KEY_ID "$_eab_id"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3764 _savecaconf CA_EAB_HMAC_KEY "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3765 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3766 _eab_id=$(_readcaconf "CA_EAB_KEY_ID")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3767 _eab_hmac_key=$(_readcaconf "CA_EAB_HMAC_KEY")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3768 _secure_debug3 _eab_id "$_eab_id"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3769 _secure_debug3 _eab_hmac_key "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3770 _email="$(_getAccountEmail)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3771 if [ "$_email" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3772 _savecaconf "CA_EMAIL" "$_email"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3773 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3774
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3775 if [ "$ACME_DIRECTORY" = "$CA_ZEROSSL" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3776 if [ -z "$_eab_id" ] || [ -z "$_eab_hmac_key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3777 _info "No EAB credentials found for ZeroSSL, let's obtain them"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3778 if [ -z "$_email" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3779 _info "$(__green "$PROJECT_NAME is using ZeroSSL as default CA now.")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3780 _info "$(__green "Please update your account with an email address first.")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3781 _info "$(__green "$PROJECT_ENTRY --register-account -m my@example.com")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3782 _info "See: $(__green "$_ZEROSSL_WIKI")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3783 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3784 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3785 _eabresp=$(_post "email=$_email" $_ZERO_EAB_ENDPOINT)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3786 if [ "$?" != "0" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3787 _debug2 "$_eabresp"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3788 _err "Cannot get EAB credentials from ZeroSSL."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3789 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3790 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3791 _secure_debug2 _eabresp "$_eabresp"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3792 _eab_id="$(echo "$_eabresp" | tr ',}' '\n\n' | grep '"eab_kid"' | cut -d : -f 2 | tr -d '"')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3793 _secure_debug2 _eab_id "$_eab_id"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3794 if [ -z "$_eab_id" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3795 _err "Cannot resolve _eab_id"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3796 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3797 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3798 _eab_hmac_key="$(echo "$_eabresp" | tr ',}' '\n\n' | grep '"eab_hmac_key"' | cut -d : -f 2 | tr -d '"')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3799 _secure_debug2 _eab_hmac_key "$_eab_hmac_key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3800 if [ -z "$_eab_hmac_key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3801 _err "Cannot resolve _eab_hmac_key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3802 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3803 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3804 _savecaconf CA_EAB_KEY_ID "$_eab_id"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3805 _savecaconf CA_EAB_HMAC_KEY "$_eab_hmac_key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3806 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3807 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3808 if [ "$_eab_id" ] && [ "$_eab_hmac_key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3809 eab_protected="{\"alg\":\"HS256\",\"kid\":\"$_eab_id\",\"url\":\"${ACME_NEW_ACCOUNT}\"}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3810 _debug3 eab_protected "$eab_protected"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3811
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3812 eab_protected64=$(printf "%s" "$eab_protected" | _base64 | _url_replace)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3813 _debug3 eab_protected64 "$eab_protected64"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3814
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3815 eab_payload64=$(printf "%s" "$jwk" | _base64 | _url_replace)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3816 _debug3 eab_payload64 "$eab_payload64"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3817
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3818 eab_sign_t="$eab_protected64.$eab_payload64"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3819 _debug3 eab_sign_t "$eab_sign_t"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3820
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3821 key_hex="$(_durl_replace_base64 "$_eab_hmac_key" | _dbase64 | _hex_dump | tr -d ' ')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3822 _debug3 key_hex "$key_hex"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3823
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3824 eab_signature=$(printf "%s" "$eab_sign_t" | _hmac sha256 $key_hex | _base64 | _url_replace)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3825 _debug3 eab_signature "$eab_signature"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3826
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3827 externalBinding=",\"externalAccountBinding\":{\"protected\":\"$eab_protected64\", \"payload\":\"$eab_payload64\", \"signature\":\"$eab_signature\"}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3828 _debug3 externalBinding "$externalBinding"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3829 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3830 if [ "$_email" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3831 email_sg="\"contact\": [\"mailto:$_email\"], "
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3832 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3833 regjson="{$email_sg\"termsOfServiceAgreed\": true$externalBinding}"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3834
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3835 _info "Registering account: $ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3836
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3837 if ! _send_signed_request "${ACME_NEW_ACCOUNT}" "$regjson"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3838 _err "Error registering account: $response"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3839 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3840 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3841
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3842 _eabAlreadyBound=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3843 if [ "$code" = "" ] || [ "$code" = '201' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3844 echo "$response" >"$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3845 _info "Registered"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3846 elif [ "$code" = '409' ] || [ "$code" = '200' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3847 _info "Already registered"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3848 elif [ "$code" = '400' ] && _contains "$response" 'The account is not awaiting external account binding'; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3849 _info "EAB already registered"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3850 _eabAlreadyBound=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3851 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3852 _err "Account registration error: $response"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3853 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3854 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3855
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3856 if [ -z "$_eabAlreadyBound" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3857 _debug2 responseHeaders "$responseHeaders"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3858 _accUri="$(echo "$responseHeaders" | grep -i "^Location:" | _head_n 1 | cut -d ':' -f 2- | tr -d "\r\n ")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3859 _debug "_accUri" "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3860 if [ -z "$_accUri" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3861 _err "Cannot find account id url."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3862 _err "$responseHeaders"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3863 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3864 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3865 _savecaconf "ACCOUNT_URL" "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3866 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3867 ACCOUNT_URL="$(_readcaconf ACCOUNT_URL)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3868 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3869 export ACCOUNT_URL="$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3870
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3871 CA_KEY_HASH="$(__calcAccountKeyHash)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3872 _debug "Calc CA_KEY_HASH" "$CA_KEY_HASH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3873 _savecaconf CA_KEY_HASH "$CA_KEY_HASH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3874
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3875 if [ "$code" = '403' ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3876 _err "It seems that the account key has been deactivated, please use a new account key."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3877 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3878 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3879
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3880 ACCOUNT_THUMBPRINT="$(__calc_account_thumbprint)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3881 _info "ACCOUNT_THUMBPRINT" "$ACCOUNT_THUMBPRINT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3882 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3883
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3884 #implement updateaccount
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3885 updateaccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3886 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3887
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3888 if [ ! -f "$ACCOUNT_KEY_PATH" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3889 _err "Account key not found at: $ACCOUNT_KEY_PATH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3890 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3891 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3892
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3893 _accUri=$(_readcaconf "ACCOUNT_URL")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3894 _debug _accUri "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3895
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3896 if [ -z "$_accUri" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3897 _err "The account URL is empty, please run '--update-account' first to update the account info, then try again."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3898 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3899 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3900
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3901 if ! _calcjwk "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3902 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3903 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3904 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3905
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3906 _email="$(_getAccountEmail)"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3907
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3908 if [ "$_email" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3909 updjson='{"contact": ["mailto:'$_email'"]}'
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3910 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3911 updjson='{"contact": []}'
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3912 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3913
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3914 _send_signed_request "$_accUri" "$updjson"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3915
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3916 if [ "$code" = '200' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3917 echo "$response" >"$ACCOUNT_JSON_PATH"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3918 _info "Account update success for $_accUri."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3919
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3920 ACCOUNT_THUMBPRINT="$(__calc_account_thumbprint)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3921 _info "ACCOUNT_THUMBPRINT" "$ACCOUNT_THUMBPRINT"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3922 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3923 _info "An error occurred and the account was not updated."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3924 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3925 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3926 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3927
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3928 #Implement deactivate account
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3929 deactivateaccount() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3930 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3931
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3932 if [ ! -f "$ACCOUNT_KEY_PATH" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3933 _err "Account key not found at: $ACCOUNT_KEY_PATH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3934 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3935 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3936
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3937 _accUri=$(_readcaconf "ACCOUNT_URL")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3938 _debug _accUri "$_accUri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3939
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3940 if [ -z "$_accUri" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3941 _err "The account URL is empty, please run '--update-account' first to update the account info, then try again."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3942 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3943 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3944
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3945 if ! _calcjwk "$ACCOUNT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3946 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3947 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3948 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3949
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3950 _djson="{\"status\":\"deactivated\"}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3951
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3952 if _send_signed_request "$_accUri" "$_djson" && _contains "$response" '"deactivated"'; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3953 _info "Successfully deactivated account $_accUri."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3954 _accid=$(echo "$response" | _egrep_o "\"id\" *: *[^,]*," | cut -d : -f 2 | tr -d ' ,')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3955 elif [ "$code" = "403" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3956 _info "The account is already deactivated."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3957 _accid=$(_getfield "$_accUri" "999" "/")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3958 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3959 _err "Account deactivation failed for $_accUri."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3960 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3961 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3962
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3963 _debug "Account id: $_accid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3964 if [ "$_accid" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3965 _deactivated_account_path="$CA_DIR/deactivated/$_accid"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3966 _debug _deactivated_account_path "$_deactivated_account_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3967 if mkdir -p "$_deactivated_account_path"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3968 _info "Moving deactivated account info to $_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3969 mv "$CA_CONF" "$_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3970 mv "$ACCOUNT_JSON_PATH" "$_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3971 mv "$ACCOUNT_KEY_PATH" "$_deactivated_account_path/"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3972 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
3973 _err "Cannot create dir: $_deactivated_account_path, try to remove the deactivated account key."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3974 rm -f "$CA_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3975 rm -f "$ACCOUNT_JSON_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3976 rm -f "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3977 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3978 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3979 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3980
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3981 # domain folder file
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3982 _findHook() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3983 _hookdomain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3984 _hookcat="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3985 _hookname="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3986
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3987 if [ -f "$_SCRIPT_HOME/$_hookcat/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3988 d_api="$_SCRIPT_HOME/$_hookcat/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3989 elif [ -f "$_SCRIPT_HOME/$_hookcat/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3990 d_api="$_SCRIPT_HOME/$_hookcat/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3991 elif [ "$_hookdomain" ] && [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3992 d_api="$LE_WORKING_DIR/$_hookdomain/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3993 elif [ "$_hookdomain" ] && [ -f "$LE_WORKING_DIR/$_hookdomain/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3994 d_api="$LE_WORKING_DIR/$_hookdomain/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3995 elif [ -f "$LE_WORKING_DIR/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3996 d_api="$LE_WORKING_DIR/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3997 elif [ -f "$LE_WORKING_DIR/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3998 d_api="$LE_WORKING_DIR/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
3999 elif [ -f "$LE_WORKING_DIR/$_hookcat/$_hookname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4000 d_api="$LE_WORKING_DIR/$_hookcat/$_hookname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4001 elif [ -f "$LE_WORKING_DIR/$_hookcat/$_hookname.sh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4002 d_api="$LE_WORKING_DIR/$_hookcat/$_hookname.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4003 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4004
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4005 printf "%s" "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4006 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4007
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4008 #domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4009 __get_domain_new_authz() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4010 _gdnd="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4011 _info "Getting new-authz for domain" "$_gdnd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4012 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4013 _Max_new_authz_retry_times=5
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4014 _authz_i=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4015 while [ "$_authz_i" -lt "$_Max_new_authz_retry_times" ]; do
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4016 _debug "Trying new-authz, attempt number $_authz_i."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4017 if ! _send_signed_request "${ACME_NEW_AUTHZ}" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$(_idn "$_gdnd")\"}}"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4018 _err "Cannot get new authz for domain."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4019 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4020 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4021 if _contains "$response" "No registration exists matching provided key"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4022 _err "There has been an error, but it might now be resolved, please try again."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4023 _err "If you see this message for a second time, please report this as a bug: $(__green "$PROJECT")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4024 _clearcaconf "CA_KEY_HASH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4025 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4026 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4027 if ! _contains "$response" "An error occurred while processing your request"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4028 _info "new-authz request successful."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4029 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4030 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4031 _authz_i="$(_math "$_authz_i" + 1)"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4032 _info "The server is busy, sleeping for $_authz_i seconds and retrying."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4033 _sleep "$_authz_i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4034 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4035
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4036 if [ "$_authz_i" = "$_Max_new_authz_retry_times" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4037 _err "new-authz has been retried $_Max_new_authz_retry_times times, stopping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4038 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4039
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4040 if [ "$code" ] && [ "$code" != '201' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4041 _err "new-authz error: $response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4042 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4043 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4044
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4045 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4046
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4047 #uri keyAuthorization
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4048 __trigger_validation() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4049 _debug2 "Trigger domain validation."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4050 _t_url="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4051 _debug2 _t_url "$_t_url"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4052 _t_key_authz="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4053 _debug2 _t_key_authz "$_t_key_authz"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4054 _t_vtype="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4055 _debug2 _t_vtype "$_t_vtype"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4056
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4057 _send_signed_request "$_t_url" "{}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4058
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4059 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4060
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4061 #endpoint domain type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4062 _ns_lookup_impl() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4063 _ns_ep="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4064 _ns_domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4065 _ns_type="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4066 _debug2 "_ns_ep" "$_ns_ep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4067 _debug2 "_ns_domain" "$_ns_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4068 _debug2 "_ns_type" "$_ns_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4069
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4070 response="$(_H1="accept: application/dns-json" _get "$_ns_ep?name=$_ns_domain&type=$_ns_type")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4071 _ret=$?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4072 _debug2 "response" "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4073 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4074 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4075 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4076 _answers="$(echo "$response" | tr '{}' '<>' | _egrep_o '"Answer":\[[^]]*]' | tr '<>' '\n\n')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4077 _debug2 "_answers" "$_answers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4078 echo "$_answers"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4079 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4080
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4081 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4082 _ns_lookup_cf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4083 _cf_ld="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4084 _cf_ld_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4085 _cf_ep="https://cloudflare-dns.com/dns-query"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4086 _ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4087 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4088
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4089 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4090 _ns_purge_cf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4091 _cf_d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4092 _cf_d_type="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4093 _debug "Purging Cloudflare $_cf_d_type record for domain $_cf_d"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4094 _cf_purl="https://cloudflare-dns.com/api/v1/purge?domain=$_cf_d&type=$_cf_d_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4095 response="$(_post "" "$_cf_purl")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4096 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4097 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4098
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4099 #checks if cf server is available
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4100 _ns_is_available_cf() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4101 if _get "https://cloudflare-dns.com" "" 10 >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4102 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4103 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4104 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4105 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4106 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4107
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4108 _ns_is_available_google() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4109 if _get "https://dns.google" "" 10 >/dev/null; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4110 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4111 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4112 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4113 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4114 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4115
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4116 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4117 _ns_lookup_google() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4118 _cf_ld="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4119 _cf_ld_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4120 _cf_ep="https://dns.google/resolve"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4121 _ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4122 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4123
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4124 _ns_is_available_ali() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4125 if _get "https://dns.alidns.com" "" 10 >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4126 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4127 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4128 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4129 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4130 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4131
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4132 #domain, type
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4133 _ns_lookup_ali() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4134 _cf_ld="$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4135 _cf_ld_type="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4136 _cf_ep="https://dns.alidns.com/resolve"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4137 _ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4138 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4139
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4140 _ns_is_available_dp() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4141 if _get "https://doh.pub" "" 10 >/dev/null; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4142 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4143 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4144 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4145 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4146 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4147
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4148 #dnspod
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4149 _ns_lookup_dp() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4150 _cf_ld="$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4151 _cf_ld_type="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4152 _cf_ep="https://doh.pub/dns-query"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4153 _ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4154 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4155
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4156 _ns_select_doh() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4157 if [ -z "$DOH_USE" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4158 _debug "Detecting DNS server first."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4159 if _ns_is_available_cf; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4160 _debug "Using Cloudflare doh server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4161 export DOH_USE=$DOH_CLOUDFLARE
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4162 elif _ns_is_available_google; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4163 _debug "Using Google DOH server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4164 export DOH_USE=$DOH_GOOGLE
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4165 elif _ns_is_available_ali; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4166 _debug "Using Aliyun DOH server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4167 export DOH_USE=$DOH_ALI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4168 elif _ns_is_available_dp; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4169 _debug "Using DNS POD DOH server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4170 export DOH_USE=$DOH_DP
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4171 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4172 _err "No DOH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4173 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4174 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4175 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4176
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4177 #domain, type
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4178 _ns_lookup() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4179 _ns_select_doh
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4180 if [ "$DOH_USE" = "$DOH_CLOUDFLARE" ] || [ -z "$DOH_USE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4181 _ns_lookup_cf "$@"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4182 elif [ "$DOH_USE" = "$DOH_GOOGLE" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4183 _ns_lookup_google "$@"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4184 elif [ "$DOH_USE" = "$DOH_ALI" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4185 _ns_lookup_ali "$@"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4186 elif [ "$DOH_USE" = "$DOH_DP" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4187 _ns_lookup_dp "$@"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4188 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4189 _err "Unknown DOH provider: DOH_USE=$DOH_USE"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4190 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4191
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4192 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4193
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4194 #txtdomain, alias, txt
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4195 __check_txt() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4196 _c_txtdomain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4197 _c_aliasdomain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4198 _c_txt="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4199 _debug "_c_txtdomain" "$_c_txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4200 _debug "_c_aliasdomain" "$_c_aliasdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4201 _debug "_c_txt" "$_c_txt"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4202 _ns_select_doh
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4203 _answers="$(_ns_lookup "$_c_aliasdomain" TXT)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4204 _contains "$_answers" "$_c_txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4205
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4206 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4207
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4208 #txtdomain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4209 __purge_txt() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4210 _p_txtdomain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4211 _debug _p_txtdomain "$_p_txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4212 if [ "$DOH_USE" = "$DOH_CLOUDFLARE" ] || [ -z "$DOH_USE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4213 _ns_purge_cf "$_p_txtdomain" "TXT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4214 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4215 _debug "No purge API for this DOH API, just sleeping for 5 seconds"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4216 _sleep 5
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4217 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4218
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4219 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4220
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4221 #wait and check each dns entries
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4222 _check_dns_entries() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4223 _success_txt=","
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4224 _end_time="$(_time)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4225 _end_time="$(_math "$_end_time" + 1200)" #let's check no more than 20 minutes.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4226
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4227 while [ "$(_time)" -le "$_end_time" ]; do
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4228 _info "You can use '--dnssleep' to disable public dns checks."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4229 _info "See: $_DNSCHECK_WIKI"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4230 _left=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4231 for entry in $dns_entries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4232 d=$(_getfield "$entry" 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4233 txtdomain=$(_getfield "$entry" 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4234 txtdomain=$(_idn "$txtdomain")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4235 aliasDomain=$(_getfield "$entry" 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4236 aliasDomain=$(_idn "$aliasDomain")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4237 txt=$(_getfield "$entry" 5)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4238 d_api=$(_getfield "$entry" 6)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4239 _debug "d" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4240 _debug "txtdomain" "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4241 _debug "aliasDomain" "$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4242 _debug "txt" "$txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4243 _debug "d_api" "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4244 _info "Checking $d for $aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4245 if _contains "$_success_txt" ",$txt,"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4246 _info "Already succeeded, continuing."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4247 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4248 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4249
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4250 if __check_txt "$txtdomain" "$aliasDomain" "$txt"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4251 _info "Success for domain $d '$aliasDomain'."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4252 _success_txt="$_success_txt,$txt,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4253 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4254 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4255 _left=1
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4256 _info "Not valid yet, let's wait for 10 seconds then check the next one."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4257 __purge_txt "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4258 if [ "$txtdomain" != "$aliasDomain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4259 __purge_txt "$aliasDomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4260 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4261 _sleep 10
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4262 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4263 if [ "$_left" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4264 _info "Let's wait for 10 seconds and check again".
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4265 _sleep 10
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4266 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4267 _info "All checks succeeded"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4268 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4269 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4270 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4271 _info "Timed out waiting for DNS."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4272 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4273
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4274 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4275
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4276 #file
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4277 _get_chain_issuers() {
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4278 _cfile="$1"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4279 if _contains "$(${ACME_OPENSSL_BIN:-openssl} help crl2pkcs7 2>&1)" "Usage: crl2pkcs7" || _contains "$(${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 -help 2>&1)" "Usage: crl2pkcs7" || _contains "$(${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 help 2>&1)" "unknown option help"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4280 ${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 -nocrl -certfile $_cfile | ${ACME_OPENSSL_BIN:-openssl} pkcs7 -print_certs -text -noout | grep -i 'Issuer:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4281 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4282 _cindex=1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4283 for _startn in $(grep -n -- "$BEGIN_CERT" "$_cfile" | cut -d : -f 1); do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4284 _endn="$(grep -n -- "$END_CERT" "$_cfile" | cut -d : -f 1 | _head_n $_cindex | _tail_n 1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4285 _debug2 "_startn" "$_startn"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4286 _debug2 "_endn" "$_endn"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4287 if [ "$DEBUG" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4288 _debug2 "cert$_cindex" "$(sed -n "$_startn,${_endn}p" "$_cfile")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4289 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4290 sed -n "$_startn,${_endn}p" "$_cfile" | ${ACME_OPENSSL_BIN:-openssl} x509 -text -noout | grep 'Issuer:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2 | sed "s/ *\(.*\)/\1/"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4291 _cindex=$(_math $_cindex + 1)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4292 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4293 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4294 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4295
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4296 #
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4297 _get_chain_subjects() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4298 _cfile="$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4299 if _contains "$(${ACME_OPENSSL_BIN:-openssl} help crl2pkcs7 2>&1)" "Usage: crl2pkcs7" || _contains "$(${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 -help 2>&1)" "Usage: crl2pkcs7" || _contains "$(${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 help 2>&1)" "unknown option help"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4300 ${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 -nocrl -certfile $_cfile | ${ACME_OPENSSL_BIN:-openssl} pkcs7 -print_certs -text -noout | grep -i 'Subject:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4301 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4302 _cindex=1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4303 for _startn in $(grep -n -- "$BEGIN_CERT" "$_cfile" | cut -d : -f 1); do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4304 _endn="$(grep -n -- "$END_CERT" "$_cfile" | cut -d : -f 1 | _head_n $_cindex | _tail_n 1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4305 _debug2 "_startn" "$_startn"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4306 _debug2 "_endn" "$_endn"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4307 if [ "$DEBUG" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4308 _debug2 "cert$_cindex" "$(sed -n "$_startn,${_endn}p" "$_cfile")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4309 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4310 sed -n "$_startn,${_endn}p" "$_cfile" | ${ACME_OPENSSL_BIN:-openssl} x509 -text -noout | grep -i 'Subject:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2 | sed "s/ *\(.*\)/\1/"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4311 _cindex=$(_math $_cindex + 1)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4312 done
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4313 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4314 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4315
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4316 #cert issuer
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4317 _match_issuer() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4318 _cfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4319 _missuer="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4320 _fissuers="$(_get_chain_issuers $_cfile)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4321 _debug2 _fissuers "$_fissuers"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4322 _rootissuer="$(echo "$_fissuers" | _lower_case | _tail_n 1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4323 _debug2 _rootissuer "$_rootissuer"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4324 _missuer="$(echo "$_missuer" | _lower_case)"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4325 _contains "$_rootissuer" "$_missuer"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4326 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4327
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4328 #ip
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4329 _isIPv4() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4330 for seg in $(echo "$1" | tr '.' ' '); do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4331 _debug2 seg "$seg"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4332 if [ "$(echo "$seg" | tr -d '[0-9]')" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4333 #not all number
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4334 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4335 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4336 if [ $seg -ge 0 ] && [ $seg -lt 256 ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4337 continue
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4338 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4339 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4340 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4341 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4342 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4343
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4344 #ip6
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4345 _isIPv6() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4346 _contains "$1" ":"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4347 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4348
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4349 #ip
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4350 _isIP() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4351 _isIPv4 "$1" || _isIPv6 "$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4352 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4353
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4354 #identifier
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4355 _getIdType() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4356 if _isIP "$1"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4357 echo "$ID_TYPE_IP"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4358 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4359 echo "$ID_TYPE_DNS"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4360 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4361 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4362
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4363 # beginTime dateTo
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4364 # beginTime is full string format("2022-04-01T08:10:33Z"), beginTime can be empty, to use current time
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4365 # dateTo can be ether in full string format("2022-04-01T08:10:33Z") or in delta format(+5d or +20h)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4366 _convertValidaty() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4367 _beginTime="$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4368 _dateTo="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4369 _debug2 "_beginTime" "$_beginTime"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4370 _debug2 "_dateTo" "$_dateTo"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4371
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4372 if _startswith "$_dateTo" "+"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4373 _v_begin=$(_time)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4374 if [ "$_beginTime" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4375 _v_begin="$(_date2time "$_beginTime")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4376 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4377 _debug2 "_v_begin" "$_v_begin"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4378 if _endswith "$_dateTo" "h"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4379 _v_end=$(_math "$_v_begin + 60 * 60 * $(echo "$_dateTo" | tr -d '+h')")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4380 elif _endswith "$_dateTo" "d"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4381 _v_end=$(_math "$_v_begin + 60 * 60 * 24 * $(echo "$_dateTo" | tr -d '+d')")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4382 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4383 _err "Unrecognized format for _dateTo: $_dateTo"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4384 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4385 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4386 _debug2 "_v_end" "$_v_end"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4387 _time2str "$_v_end"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4388 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4389 if [ "$(_time)" -gt "$(_date2time "$_dateTo")" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4390 _err "The validity end date is in the past: _dateTo = $_dateTo"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4391 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4392 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4393 echo "$_dateTo"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4394 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4395 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4396
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4397 #webroot, domain domainlist keylength
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4398 issue() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4399 if [ -z "$2" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4400 _usage "Usage: $PROJECT_ENTRY --issue --domain <domain.tld> --webroot <directory>"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4401 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4402 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4403 if [ -z "$1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4404 _usage "Please specify at least one validation method: '--webroot', '--standalone', '--apache', '--nginx' or '--dns' etc."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4405 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4406 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4407 _web_roots="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4408 _main_domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4409 _alt_domains="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4410
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4411 if _contains "$_main_domain" ","; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4412 _main_domain=$(echo "$2,$3" | cut -d , -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4413 _alt_domains=$(echo "$2,$3" | cut -d , -f 2- | sed "s/,${NO_VALUE}$//")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4414 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4415 _debug _main_domain "$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4416 _debug _alt_domains "$_alt_domains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4417
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4418 _key_length="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4419 _real_cert="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4420 _real_key="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4421 _real_ca="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4422 _reload_cmd="$8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4423 _real_fullchain="$9"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4424 _pre_hook="${10}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4425 _post_hook="${11}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4426 _renew_hook="${12}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4427 _local_addr="${13}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4428 _challenge_alias="${14}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4429 _preferred_chain="${15}"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4430 _valid_from="${16}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4431 _valid_to="${17}"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4432
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4433 if [ -z "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4434 _initpath "$_main_domain" "$_key_length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4435 mkdir -p "$DOMAIN_PATH"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4436 elif ! _hasfield "$_web_roots" "$W_DNS"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4437 Le_OrderFinalize=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4438 Le_LinkOrder=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4439 Le_LinkCert=""
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4440 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4441
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4442 if _hasfield "$_web_roots" "$W_DNS" && [ -z "$FORCE_DNS_MANUAL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4443 _err "$_DNS_MANUAL_ERROR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4444 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4445 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4446
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4447 if [ -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4448 Le_NextRenewTime=$(_readdomainconf Le_NextRenewTime)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4449 _debug Le_NextRenewTime "$Le_NextRenewTime"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4450 if [ -z "$FORCE" ] && [ "$Le_NextRenewTime" ] && [ "$(_time)" -lt "$Le_NextRenewTime" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4451 _valid_to_saved=$(_readdomainconf Le_Valid_to)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4452 if [ "$_valid_to_saved" ] && ! _startswith "$_valid_to_saved" "+"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4453 _info "The domain is set to be valid to: $_valid_to_saved"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4454 _info "It cannot be renewed automatically"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4455 _info "See: $_VALIDITY_WIKI"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4456 return $RENEW_SKIP
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4457 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4458 _saved_domain=$(_readdomainconf Le_Domain)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4459 _debug _saved_domain "$_saved_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4460 _saved_alt=$(_readdomainconf Le_Alt)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4461 _debug _saved_alt "$_saved_alt"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4462 _normized_saved_domains="$(echo "$_saved_domain,$_saved_alt" | tr "," "\n" | sort | tr '\n' ',')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4463 _debug _normized_saved_domains "$_normized_saved_domains"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4464
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4465 _normized_domains="$(echo "$_main_domain,$_alt_domains" | tr "," "\n" | sort | tr '\n' ',')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4466 _debug _normized_domains "$_normized_domains"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4467
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4468 if [ "$_normized_saved_domains" = "$_normized_domains" ]; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4469 _info "Domains not changed."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4470 _info "Skipping. Next renewal time is: $(__green "$(_readdomainconf Le_NextRenewTimeStr)")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4471 _info "Add '$(__red '--force')' to force renewal."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4472 return $RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4473 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4474 _info "Domains have changed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4475 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4476 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4477 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4478
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4479 _debug "Using ACME_DIRECTORY: $ACME_DIRECTORY"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4480 if ! _initAPI; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4481 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4482 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4483
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4484 _savedomainconf "Le_Domain" "$_main_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4485 _savedomainconf "Le_Alt" "$_alt_domains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4486 _savedomainconf "Le_Webroot" "$_web_roots"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4487
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4488 _savedomainconf "Le_PreHook" "$_pre_hook" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4489 _savedomainconf "Le_PostHook" "$_post_hook" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4490 _savedomainconf "Le_RenewHook" "$_renew_hook" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4491
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4492 if [ "$_local_addr" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4493 _savedomainconf "Le_LocalAddress" "$_local_addr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4494 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4495 _cleardomainconf "Le_LocalAddress"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4496 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4497 if [ "$_challenge_alias" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4498 _savedomainconf "Le_ChallengeAlias" "$_challenge_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4499 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4500 _cleardomainconf "Le_ChallengeAlias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4501 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4502 if [ "$_preferred_chain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4503 _savedomainconf "Le_Preferred_Chain" "$_preferred_chain" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4504 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4505 _cleardomainconf "Le_Preferred_Chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4506 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4507
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4508 Le_API="$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4509 _savedomainconf "Le_API" "$Le_API"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4510
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4511 _info "Using CA: $ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4512 if [ "$_alt_domains" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4513 _alt_domains=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4514 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4515
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4516 if ! _on_before_issue "$_web_roots" "$_main_domain" "$_alt_domains" "$_pre_hook" "$_local_addr"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4517 _err "_on_before_issue."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4518 _on_issue_err "$_post_hook"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4519 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4520 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4521
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4522 _saved_account_key_hash="$(_readcaconf "CA_KEY_HASH")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4523 _debug2 _saved_account_key_hash "$_saved_account_key_hash"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4524
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4525 if [ -z "$ACCOUNT_URL" ] || [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4526 if ! _regAccount "$_accountkeylength"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4527 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4528 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4529 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4530 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4531 _debug "_saved_account_key_hash was not changed, skipping account registration."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4532 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4533
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4534 export Le_Next_Domain_Key="$CERT_KEY_PATH.next"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4535 if [ -f "$CSR_PATH" ] && [ ! -f "$CERT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4536 _info "Signing from existing CSR."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4537 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4538 # When renewing from an old version, the empty Le_Keylength means 2048.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4539 # Note, do not use DEFAULT_DOMAIN_KEY_LENGTH as that value may change over
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4540 # time but an empty value implies 2048 specifically.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4541 _key=$(_readdomainconf Le_Keylength)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4542 if [ -z "$_key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4543 _key=2048
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4544 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4545 _debug "Read key length: $_key"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4546 if [ ! -f "$CERT_KEY_PATH" ] || [ "$_key_length" != "$_key" ] || [ "$Le_ForceNewDomainKey" = "1" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4547 if [ "$Le_ForceNewDomainKey" = "1" ] && [ -f "$Le_Next_Domain_Key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4548 _info "Using pre-generated key: $Le_Next_Domain_Key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4549 cat "$Le_Next_Domain_Key" >"$CERT_KEY_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4550 echo "" >"$Le_Next_Domain_Key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4551 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4552 if ! createDomainKey "$_main_domain" "$_key_length"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4553 _err "Error creating domain key."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4554 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4555 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4556 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4557 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4558 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4559 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4560 if [ "$Le_ForceNewDomainKey" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4561 _info "Generating next pre-generate key."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4562 if [ ! -e "$Le_Next_Domain_Key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4563 touch "$Le_Next_Domain_Key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4564 chmod 600 "$Le_Next_Domain_Key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4565 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4566 if ! _createkey "$_key_length" "$Le_Next_Domain_Key"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4567 _err "Cannot pre-generate domain key"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4568 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4569 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4570 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4571 if ! _createcsr "$_main_domain" "$_alt_domains" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4572 _err "Error creating CSR."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4573 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4574 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4575 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4576 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4577 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4578
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4579 _savedomainconf "Le_Keylength" "$_key_length"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4580
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4581 vlist="$Le_Vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4582 _cleardomainconf "Le_Vlist"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4583 _debug "Getting domain auth token for each domain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4584 sep='#'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4585 dvsep=','
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4586 if [ -z "$vlist" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4587 #make new order request
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4588 _identifiers="{\"type\":\"$(_getIdType "$_main_domain")\",\"value\":\"$(_idn "$_main_domain")\"}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4589 _w_index=1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4590 while true; do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4591 d="$(echo "$_alt_domains," | cut -d , -f "$_w_index")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4592 _w_index="$(_math "$_w_index" + 1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4593 _debug d "$d"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4594 if [ -z "$d" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4595 break
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4596 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4597 _identifiers="$_identifiers,{\"type\":\"$(_getIdType "$d")\",\"value\":\"$(_idn "$d")\"}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4598 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4599 _debug2 _identifiers "$_identifiers"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4600 _notBefore=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4601 _notAfter=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4602
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4603 if [ "$_valid_from" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4604 _savedomainconf "Le_Valid_From" "$_valid_from"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4605 _debug2 "_valid_from" "$_valid_from"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4606 _notBefore="$(_convertValidaty "" "$_valid_from")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4607 if [ "$?" != "0" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4608 _err "Cannot parse _valid_from: $_valid_from"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4609 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4610 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4611 if [ "$(_time)" -gt "$(_date2time "$_notBefore")" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4612 _notBefore=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4613 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4614 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4615 _cleardomainconf "Le_Valid_From"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4616 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4617 _debug2 _notBefore "$_notBefore"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4618
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4619 if [ "$_valid_to" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4620 _debug2 "_valid_to" "$_valid_to"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4621 _savedomainconf "Le_Valid_To" "$_valid_to"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4622 _notAfter="$(_convertValidaty "$_notBefore" "$_valid_to")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4623 if [ "$?" != "0" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4624 _err "Cannot parse _valid_to: $_valid_to"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4625 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4626 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4627 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4628 _cleardomainconf "Le_Valid_To"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4629 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4630 _debug2 "_notAfter" "$_notAfter"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4631
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4632 _newOrderObj="{\"identifiers\": [$_identifiers]"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4633 if [ "$_notBefore" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4634 _newOrderObj="$_newOrderObj,\"notBefore\": \"$_notBefore\""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4635 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4636 if [ "$_notAfter" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4637 _newOrderObj="$_newOrderObj,\"notAfter\": \"$_notAfter\""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4638 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4639 _debug "STEP 1, Ordering a Certificate"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4640 if ! _send_signed_request "$ACME_NEW_ORDER" "$_newOrderObj}"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4641 _err "Error creating new order."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4642 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4643 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4644 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4645 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4646 if _contains "$response" "invalid"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4647 if echo "$response" | _normalizeJson | grep '"status":"invalid"' >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4648 _err "Create new order with invalid status."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4649 _err "$response"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4650 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4651 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4652 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4653 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4654 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4655
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4656 Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n " | cut -d ":" -f 2-)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4657 _debug Le_LinkOrder "$Le_LinkOrder"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4658 Le_OrderFinalize="$(echo "$response" | _egrep_o '"finalize" *: *"[^"]*"' | cut -d '"' -f 4)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4659 _debug Le_OrderFinalize "$Le_OrderFinalize"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4660 if [ -z "$Le_OrderFinalize" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4661 _err "Error creating new order. Le_OrderFinalize not found. $response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4662 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4663 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4664 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4665 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4666
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4667 #for dns manual mode
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4668 _savedomainconf "Le_OrderFinalize" "$Le_OrderFinalize"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4669
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4670 _authorizations_seg="$(echo "$response" | _json_decode | _egrep_o '"authorizations" *: *\[[^\[]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4671 _debug2 _authorizations_seg "$_authorizations_seg"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4672 if [ -z "$_authorizations_seg" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4673 _err "_authorizations_seg not found."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4674 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4675 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4676 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4677 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4678
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4679 _debug "STEP 2, Get the authorizations of each domain"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4680 #domain and authz map
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4681 _authorizations_map=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4682 for _authz_url in $(echo "$_authorizations_seg" | tr ',' ' '); do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4683 _debug2 "_authz_url" "$_authz_url"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4684 if ! _send_signed_request "$_authz_url"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4685 _err "Error getting authz."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4686 _err "_authorizations_seg" "$_authorizations_seg"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4687 _err "_authz_url" "$_authz_url"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4688 _err "$response"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4689 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4690 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4691 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4692 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4693
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4694 response="$(echo "$response" | _normalizeJson)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4695 _debug2 response "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4696 if echo "$response" | grep '"status":"invalid"' >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4697 _err "get authz objec with invalid status, please try again later."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4698 _err "_authorizations_seg" "$_authorizations_seg"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4699 _err "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4700 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4701 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4702 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4703 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4704 _d="$(echo "$response" | _egrep_o '"value" *: *"[^"]*"' | cut -d : -f 2- | tr -d ' "')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4705 if _contains "$response" "\"wildcard\" *: *true"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4706 _d="*.$_d"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4707 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4708 _debug2 _d "$_d"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4709 _authorizations_map="$_d,$response#$_authz_url
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4710 $_authorizations_map"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4711 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4712
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4713 _debug2 _authorizations_map "$_authorizations_map"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4714
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4715 _index=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4716 _currentRoot=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4717 _w_index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4718 while true; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4719 d="$(echo "$_main_domain,$_alt_domains," | cut -d , -f "$_w_index")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4720 _w_index="$(_math "$_w_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4721 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4722 if [ -z "$d" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4723 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4724 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4725 _info "Getting webroot for domain" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4726 _index=$(_math $_index + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4727 _w="$(echo $_web_roots | cut -d , -f $_index)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4728 _debug _w "$_w"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4729 if [ "$_w" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4730 _currentRoot="$_w"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4731 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4732 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4733
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4734 vtype="$VTYPE_HTTP"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4735 #todo, v2 wildcard force to use dns
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4736 if _startswith "$_currentRoot" "$W_DNS"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4737 vtype="$VTYPE_DNS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4738 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4739
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4740 if [ "$_currentRoot" = "$W_ALPN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4741 vtype="$VTYPE_ALPN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4742 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4743
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4744 _idn_d="$(_idn "$d")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4745 _candidates="$(echo "$_authorizations_map" | grep -i "^$_idn_d,")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4746 _debug2 _candidates "$_candidates"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4747 if [ "$(echo "$_candidates" | wc -l)" -gt 1 ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4748 for _can in $_candidates; do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4749 if _startswith "$(echo "$_can" | tr '.' '|')" "$(echo "$_idn_d" | tr '.' '|'),"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4750 _candidates="$_can"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4751 break
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4752 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4753 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4754 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4755 response="$(echo "$_candidates" | sed "s/$_idn_d,//")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4756 _debug2 "response" "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4757 if [ -z "$response" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4758 _err "Error getting authz."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4759 _err "_authorizations_map" "$_authorizations_map"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4760 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4761 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4762 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4763 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4764 _authz_url="$(echo "$_candidates" | sed "s/$_idn_d,//" | _egrep_o "#.*" | sed "s/^#//")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4765 _debug _authz_url "$_authz_url"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4766 if [ -z "$thumbprint" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4767 thumbprint="$(__calc_account_thumbprint)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4768 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4769
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4770 keyauthorization=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4771
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4772 if echo "$response" | grep '"status":"valid"' >/dev/null 2>&1; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4773 _debug "$d is already valid."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4774 keyauthorization="$STATE_VERIFIED"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4775 _debug keyauthorization "$keyauthorization"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4776 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4777
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4778 # Fix for empty error objects in response which mess up the original code, adapted from fix suggested here: https://github.com/acmesh-official/acme.sh/issues/4933#issuecomment-1870499018
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4779 entry="$(echo "$response" | sed s/'"error":{}'/'"error":null'/ | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4780 _debug entry "$entry"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4781
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4782 if [ -z "$keyauthorization" -a -z "$entry" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4783 _err "Cannot get domain token entry $d for $vtype"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4784 _supported_vtypes="$(echo "$response" | _egrep_o "\"challenges\":\[[^]]*]" | tr '{' "\n" | grep type | cut -d '"' -f 4 | tr "\n" ' ')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4785 if [ "$_supported_vtypes" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4786 _err "Supported validation types are: $_supported_vtypes, but you specified: $vtype"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4787 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4788 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4789 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4790 return 1
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4791 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4792
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4793 if [ -z "$keyauthorization" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4794 token="$(echo "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4795 _debug token "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4796
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4797 if [ -z "$token" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4798 _err "Cannot get domain token $entry"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4799 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4800 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4801 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4802 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4803
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4804 uri="$(echo "$entry" | _egrep_o '"url":"[^"]*' | cut -d '"' -f 4 | _head_n 1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4805
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4806 _debug uri "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4807
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4808 if [ -z "$uri" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4809 _err "Cannot get domain URI $entry"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4810 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4811 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4812 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4813 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4814 keyauthorization="$token.$thumbprint"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4815 _debug keyauthorization "$keyauthorization"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4816 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4817
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4818 dvlist="$d$sep$keyauthorization$sep$uri$sep$vtype$sep$_currentRoot$sep$_authz_url"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4819 _debug dvlist "$dvlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4820
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4821 vlist="$vlist$dvlist$dvsep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4822
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4823 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4824 _debug vlist "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4825 #add entry
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4826 dns_entries=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4827 dnsadded=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4828 ventries=$(echo "$vlist" | tr "$dvsep" ' ')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4829 _alias_index=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4830 for ventry in $ventries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4831 d=$(echo "$ventry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4832 keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4833 vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4834 _currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4835 _authz_url=$(echo "$ventry" | cut -d "$sep" -f 6)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4836 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4837 if [ "$keyauthorization" = "$STATE_VERIFIED" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4838 _debug "$d has already been verified, skipping $vtype."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4839 _alias_index="$(_math "$_alias_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4840 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4841 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4842
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4843 if [ "$vtype" = "$VTYPE_DNS" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4844 dnsadded='0'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4845 _dns_root_d="$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4846 if _startswith "$_dns_root_d" "*."; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4847 _dns_root_d="$(echo "$_dns_root_d" | sed 's/*.//')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4848 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4849 _d_alias="$(_getfield "$_challenge_alias" "$_alias_index")"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4850 test "$_d_alias" = "$NO_VALUE" && _d_alias=""
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4851 _alias_index="$(_math "$_alias_index" + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4852 _debug "_d_alias" "$_d_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4853 if [ "$_d_alias" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4854 if _startswith "$_d_alias" "$DNS_ALIAS_PREFIX"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4855 txtdomain="$(echo "$_d_alias" | sed "s/$DNS_ALIAS_PREFIX//")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4856 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4857 txtdomain="_acme-challenge.$_d_alias"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4858 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4859 dns_entry="${_dns_root_d}${dvsep}_acme-challenge.$_dns_root_d$dvsep$txtdomain$dvsep$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4860 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4861 txtdomain="_acme-challenge.$_dns_root_d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4862 dns_entry="${_dns_root_d}${dvsep}_acme-challenge.$_dns_root_d$dvsep$dvsep$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4863 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4864
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4865 _debug txtdomain "$txtdomain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4866 txt="$(printf "%s" "$keyauthorization" | _digest "sha256" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4867 _debug txt "$txt"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4868
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4869 d_api="$(_findHook "$_dns_root_d" $_SUB_FOLDER_DNSAPI "$_currentRoot")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4870 _debug d_api "$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4871
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4872 dns_entry="$dns_entry$dvsep$txt${dvsep}$d_api"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4873 _debug2 dns_entry "$dns_entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4874 if [ "$d_api" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4875 _debug "Found domain API file: $d_api"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4876 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4877 if [ "$_currentRoot" != "$W_DNS" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4878 _err "Cannot find DNS API hook for: $_currentRoot"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4879 _info "You need to add the TXT record manually."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4880 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4881 _info "$(__red "Add the following TXT record:")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4882 _info "$(__red "Domain: '$(__green "$txtdomain")'")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4883 _info "$(__red "TXT value: '$(__green "$txt")'")"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4884 _info "$(__red "Please make sure to prepend '_acme-challenge.' to your domain")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4885 _info "$(__red "so that the resulting subdomain is: $txtdomain")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4886 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4887 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4888
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4889 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4890 if ! . "$d_api"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4891 _err "Error loading file $d_api. Please check your API file and try again."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4892 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4893 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4894
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4895 addcommand="${_currentRoot}_add"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4896 if ! _exists "$addcommand"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4897 _err "It seems that your API file is incorrect. Make sure it has a function named: $addcommand"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4898 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4899 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4900 _info "Adding TXT value: $txt for domain: $txtdomain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4901 if ! $addcommand "$txtdomain" "$txt"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4902 _err "Error adding TXT record to domain: $txtdomain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4903 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4904 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4905 _info "The TXT record has been successfully added."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4906 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4907
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4908 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4909 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4910 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4911 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4912 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4913 dns_entries="$dns_entries$dns_entry
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4914 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4915 _debug2 "$dns_entries"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4916 dnsadded='1'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4917 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4918 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4919
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4920 if [ "$dnsadded" = '0' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4921 _savedomainconf "Le_Vlist" "$vlist"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4922 _debug "DNS record not yet added. Will save to $DOMAIN_CONF and exit."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4923 _err "Please add the TXT records to the domains, and re-run with --renew."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4924 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4925 _clearup
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4926 # If asked to be in manual DNS mode, flag this exit with a separate
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4927 # error so it can be distinguished from other failures.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4928 return $CODE_DNS_MANUAL
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4929 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4930
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4931 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4932
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4933 if [ "$dns_entries" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4934 if [ -z "$Le_DNSSleep" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4935 _info "Let's check each DNS record now. Sleeping for 20 seconds first."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4936 _sleep 20
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4937 if ! _check_dns_entries; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4938 _err "Error checking DNS."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4939 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4940 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4941 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4942 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4943 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4944 _savedomainconf "Le_DNSSleep" "$Le_DNSSleep"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4945 _info "Sleeping for $(__green $Le_DNSSleep) seconds to wait for the the TXT records to take effect"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4946 _sleep "$Le_DNSSleep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4947 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4948 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4949
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4950 NGINX_RESTORE_VLIST=""
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4951 _debug "OK, let's start verification"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4952
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4953 _ncIndex=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4954 ventries=$(echo "$vlist" | tr "$dvsep" ' ')
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4955 for ventry in $ventries; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4956 d=$(echo "$ventry" | cut -d "$sep" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4957 keyauthorization=$(echo "$ventry" | cut -d "$sep" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4958 uri=$(echo "$ventry" | cut -d "$sep" -f 3)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4959 vtype=$(echo "$ventry" | cut -d "$sep" -f 4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4960 _currentRoot=$(echo "$ventry" | cut -d "$sep" -f 5)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4961 _authz_url=$(echo "$ventry" | cut -d "$sep" -f 6)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4962 if [ "$keyauthorization" = "$STATE_VERIFIED" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4963 _info "$d is already verified, skipping $vtype."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4964 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4965 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4966
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4967 _info "Verifying: $d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4968 _debug "d" "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4969 _debug "keyauthorization" "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4970 _debug "uri" "$uri"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4971 _debug "_authz_url" "$_authz_url"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4972 removelevel=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4973 token="$(printf "%s" "$keyauthorization" | cut -d '.' -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4974
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4975 _debug "_currentRoot" "$_currentRoot"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4976
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4977 if [ "$vtype" = "$VTYPE_HTTP" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4978 if [ "$_currentRoot" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4979 _info "Standalone mode server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4980 _ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4981 _ncIndex="$(_math $_ncIndex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4982 _startserver "$keyauthorization" "$_ncaddr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4983 if [ "$?" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4984 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4985 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4986 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4987 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4988 sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4989 _debug serverproc "$serverproc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4990 elif [ "$_currentRoot" = "$MODE_STATELESS" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4991 _info "Stateless mode for domain: $d"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4992 _sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4993 elif _startswith "$_currentRoot" "$NGINX"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
4994 _info "Nginx mode for domain: $d"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4995 #set up nginx server
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4996 FOUND_REAL_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4997 BACKUP_NGINX_CONF=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4998 if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
4999 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5000 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5001 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5002 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5003
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5004 if [ "$FOUND_REAL_NGINX_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5005 _realConf="$FOUND_REAL_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5006 _backup="$BACKUP_NGINX_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5007 _debug _realConf "$_realConf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5008 NGINX_RESTORE_VLIST="$d$sep$_realConf$sep$_backup$dvsep$NGINX_RESTORE_VLIST"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5009 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5010 _sleep 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5011 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5012 if [ "$_currentRoot" = "apache" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5013 wellknown_path="$ACME_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5014 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5015 wellknown_path="$_currentRoot/.well-known/acme-challenge"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5016 if [ ! -d "$_currentRoot/.well-known" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5017 removelevel='1'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5018 elif [ ! -d "$_currentRoot/.well-known/acme-challenge" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5019 removelevel='2'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5020 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5021 removelevel='3'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5022 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5023 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5024
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5025 _debug wellknown_path "$wellknown_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5026
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5027 _debug "Writing token: $token to $wellknown_path/$token"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5028
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5029 # Ensure .well-known is visible to web server user/group
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5030 # https://github.com/Neilpang/acme.sh/pull/32
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5031 if ! (umask ugo+rx &&
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5032 mkdir -p "$wellknown_path" &&
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5033 printf "%s" "$keyauthorization" >"$wellknown_path/$token"); then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5034 _err "$d: Cannot write token to file: $wellknown_path/$token"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5035 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5036 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5037 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5038 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5039 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5040 if ! chmod a+r "$wellknown_path/$token"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5041 _debug "chmod failed, will just continue."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5042 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5043 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5044 elif [ "$vtype" = "$VTYPE_ALPN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5045 acmevalidationv1="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5046 _debug acmevalidationv1 "$acmevalidationv1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5047 if ! _starttlsserver "$d" "" "$Le_TLSPort" "$keyauthorization" "$_ncaddr" "$acmevalidationv1"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5048 _err "Error starting TLS server."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5049 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5050 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5051 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5052 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5053 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5054 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5055
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5056 if ! __trigger_validation "$uri" "$keyauthorization" "$vtype"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5057 _err "$d: Cannot get challenge: $response"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5058 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5059 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5060 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5061 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5062 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5063
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5064 if [ "$code" ] && [ "$code" != '202' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5065 if [ "$code" = '200' ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5066 _debug "Trigger validation code: $code"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5067 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5068 _err "$d: Challenge error: $response"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5069 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5070 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5071 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5072 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5073 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5074 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5075
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5076 waittimes=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5077 if [ -z "$MAX_RETRY_TIMES" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5078 MAX_RETRY_TIMES=30
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5079 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5080
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5081 _debug "Let's check the authz status"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5082 while true; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5083 waittimes=$(_math "$waittimes" + 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5084 if [ "$waittimes" -ge "$MAX_RETRY_TIMES" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5085 _err "$d: Timeout"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5086 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5087 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5088 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5089 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5090 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5091
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5092 _debug2 original "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5093
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5094 response="$(echo "$response" | _normalizeJson)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5095 _debug2 response "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5096
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5097 status=$(echo "$response" | _egrep_o '"status":"[^"]*' | cut -d : -f 2 | tr -d '"')
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5098 _debug2 status "$status"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5099 if _contains "$status" "invalid"; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5100 error="$(echo "$response" | _egrep_o '"error":\{[^\}]*')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5101 _debug2 error "$error"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5102 errordetail="$(echo "$error" | _egrep_o '"detail": *"[^"]*' | cut -d '"' -f 4)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5103 _debug2 errordetail "$errordetail"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5104 if [ "$errordetail" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5105 _err "$d: Invalid status. Verification error details: $errordetail"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5106 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5107 _err "$d: Invalid status, Verification error: $error"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5108 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5109 if [ "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5110 if [ "$vtype" = "$VTYPE_HTTP" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5111 _debug "Debug: GET token URL."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5112 _get "http://$d/.well-known/acme-challenge/$token" "" 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5113 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5114 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5115 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5116 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5117 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5118 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5119 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5120
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5121 if _contains "$status" "valid"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5122 _info "$(__green Success)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5123 _stopserver "$serverproc"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5124 serverproc=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5125 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5126 break
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5127 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5128
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5129 if _contains "$status" "pending"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5130 _info "Pending. The CA is processing your order, please wait. ($waittimes/$MAX_RETRY_TIMES)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5131 elif _contains "$status" "processing"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5132 _info "Processing. The CA is processing your order, please wait. ($waittimes/$MAX_RETRY_TIMES)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5133 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5134 _err "$d: Unknown status: $status. Verification error: $response"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5135 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5136 _clearup
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5137 _on_issue_err "$_post_hook" "$vlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5138 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5139 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5140 _debug "Sleep 2 seconds before verifying again"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5141 _sleep 2
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5142 _debug "Checking"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5143
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5144 _send_signed_request "$_authz_url"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5145
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5146 if [ "$?" != "0" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5147 _err "$d: Invalid code. Verification error: $response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5148 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5149 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5150 _on_issue_err "$_post_hook" "$vlist"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5151 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5152 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5153 _retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *: *[0-9]\+ *" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5154 _sleep_overload_retry_sec=$_retryafter
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5155 if [ "$_sleep_overload_retry_sec" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5156 if [ $_sleep_overload_retry_sec -le 600 ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5157 _sleep $_sleep_overload_retry_sec
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5158 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5159 _info "The retryafter=$_retryafter value is too large (> 600), will not retry anymore."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5160 _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5161 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5162 _on_issue_err "$_post_hook" "$vlist"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5163 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5164 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5165 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5166 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5167
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5168 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5169
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5170 _clearup
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5171 _info "Verification finished, beginning signing."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5172 der="$(_getfile "${CSR_PATH}" "${BEGIN_CSR}" "${END_CSR}" | tr -d "\r\n" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5173
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5174 _info "Let's finalize the order."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5175 _info "Le_OrderFinalize" "$Le_OrderFinalize"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5176 if ! _send_signed_request "${Le_OrderFinalize}" "{\"csr\": \"$der\"}"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5177 _err "Signing failed."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5178 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5179 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5180 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5181 if [ "$code" != "200" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5182 _err "Signing failed. Finalize code was not 200."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5183 _err "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5184 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5185 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5186 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5187 if [ -z "$Le_LinkOrder" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5188 Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n \t" | cut -d ":" -f 2-)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5189 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5190
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5191 _savedomainconf "Le_LinkOrder" "$Le_LinkOrder"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5192
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5193 _link_cert_retry=0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5194 _MAX_CERT_RETRY=30
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5195 while [ "$_link_cert_retry" -lt "$_MAX_CERT_RETRY" ]; do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5196 if _contains "$response" "\"status\":\"valid\""; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5197 _debug "Order status is valid."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5198 Le_LinkCert="$(echo "$response" | _egrep_o '"certificate" *: *"[^"]*"' | cut -d '"' -f 4)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5199 _debug Le_LinkCert "$Le_LinkCert"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5200 if [ -z "$Le_LinkCert" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5201 _err "A signing error occurred: could not find Le_LinkCert"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5202 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5203 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5204 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5205 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5206 break
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5207 elif _contains "$response" "\"processing\""; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5208 _info "Order status is 'processing', let's sleep and retry."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5209 _retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *:" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5210 _debug "_retryafter" "$_retryafter"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5211 if [ "$_retryafter" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5212 _info "Sleeping for $_retryafter seconds then retrying"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5213 _sleep $_retryafter
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5214 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5215 _sleep 2
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5216 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5217 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5218 _err "Signing error: wrong status"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5219 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5220 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5221 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5222 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5223 #the order is processing, so we are going to poll order status
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5224 if [ -z "$Le_LinkOrder" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5225 _err "Signing error: could not get order link location header"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5226 _err "responseHeaders" "$responseHeaders"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5227 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5228 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5229 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5230 _info "Polling order status: $Le_LinkOrder"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5231 if ! _send_signed_request "$Le_LinkOrder"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5232 _err "Signing failed. Could not make POST request to Le_LinkOrder for cert: $Le_LinkOrder."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5233 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5234 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5235 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5236 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5237 _link_cert_retry="$(_math $_link_cert_retry + 1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5238 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5239
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5240 if [ -z "$Le_LinkCert" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5241 _err "Signing failed. Could not get Le_LinkCert, and stopped retrying after reaching the retry limit."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5242 _err "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5243 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5244 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5245 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5246 _info "Downloading cert."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5247 _info "Le_LinkCert" "$Le_LinkCert"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5248 if ! _send_signed_request "$Le_LinkCert"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5249 _err "Signing failed. Could not download cert: $Le_LinkCert."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5250 _err "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5251 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5252 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5253 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5254
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5255 echo "$response" >"$CERT_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5256 _split_cert_chain "$CERT_PATH" "$CERT_FULLCHAIN_PATH" "$CA_CERT_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5257 if [ -z "$_preferred_chain" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5258 _preferred_chain=$(_readcaconf DEFAULT_PREFERRED_CHAIN)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5259 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5260 if [ "$_preferred_chain" ] && [ -f "$CERT_FULLCHAIN_PATH" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5261 if [ "$DEBUG" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5262 _debug "Default chain issuers: " "$(_get_chain_issuers "$CERT_FULLCHAIN_PATH")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5263 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5264 if ! _match_issuer "$CERT_FULLCHAIN_PATH" "$_preferred_chain"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5265 rels="$(echo "$responseHeaders" | tr -d ' <>' | grep -i "^link:" | grep -i 'rel="alternate"' | cut -d : -f 2- | cut -d ';' -f 1)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5266 _debug2 "rels" "$rels"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5267 for rel in $rels; do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5268 _info "Trying rel: $rel"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5269 if ! _send_signed_request "$rel"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5270 _err "Signing failed, could not download cert: $rel"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5271 _err "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5272 continue
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5273 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5274 _relcert="$CERT_PATH.alt"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5275 _relfullchain="$CERT_FULLCHAIN_PATH.alt"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5276 _relca="$CA_CERT_PATH.alt"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5277 echo "$response" >"$_relcert"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5278 _split_cert_chain "$_relcert" "$_relfullchain" "$_relca"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5279 if [ "$DEBUG" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5280 _debug "rel chain issuers: " "$(_get_chain_issuers "$_relfullchain")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5281 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5282 if _match_issuer "$_relfullchain" "$_preferred_chain"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5283 _info "Matched issuer in: $rel"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5284 cat $_relcert >"$CERT_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5285 cat $_relfullchain >"$CERT_FULLCHAIN_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5286 cat $_relca >"$CA_CERT_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5287 rm -f "$_relcert"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5288 rm -f "$_relfullchain"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5289 rm -f "$_relca"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5290 break
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5291 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5292 rm -f "$_relcert"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5293 rm -f "$_relfullchain"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5294 rm -f "$_relca"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5295 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5296 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5297 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5298
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5299 _debug "Le_LinkCert" "$Le_LinkCert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5300 _savedomainconf "Le_LinkCert" "$Le_LinkCert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5301
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5302 if [ -z "$Le_LinkCert" ] || ! _checkcert "$CERT_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5303 response="$(echo "$response" | _dbase64 "multiline" | tr -d '\0' | _normalizeJson)"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5304 _err "Signing failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5305 _on_issue_err "$_post_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5306 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5307 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5308
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5309 if [ "$Le_LinkCert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5310 _info "$(__green "Cert success.")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5311 cat "$CERT_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5312
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5313 _info "Your cert is in: $(__green "$CERT_PATH")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5314
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5315 if [ -f "$CERT_KEY_PATH" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5316 _info "Your cert key is in: $(__green "$CERT_KEY_PATH")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5317 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5318
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5319 if [ ! "$USER_PATH" ] || [ ! "$_ACME_IN_CRON" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5320 USER_PATH="$PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5321 _saveaccountconf "USER_PATH" "$USER_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5322 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5323 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5324
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5325 [ -f "$CA_CERT_PATH" ] && _info "The intermediate CA cert is in: $(__green "$CA_CERT_PATH")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5326 [ -f "$CERT_FULLCHAIN_PATH" ] && _info "And the full-chain cert is in: $(__green "$CERT_FULLCHAIN_PATH")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5327 if [ "$Le_ForceNewDomainKey" ] && [ -e "$Le_Next_Domain_Key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5328 _info "Your pre-generated key for future cert key changes is in: $(__green "$Le_Next_Domain_Key")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5329 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5330
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5331 Le_CertCreateTime=$(_time)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5332 _savedomainconf "Le_CertCreateTime" "$Le_CertCreateTime"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5333
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5334 Le_CertCreateTimeStr=$(_time2str "$Le_CertCreateTime")
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5335 _savedomainconf "Le_CertCreateTimeStr" "$Le_CertCreateTimeStr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5336
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5337 if [ -z "$Le_RenewalDays" ] || [ "$Le_RenewalDays" -lt "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5338 Le_RenewalDays="$DEFAULT_RENEW"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5339 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5340 _savedomainconf "Le_RenewalDays" "$Le_RenewalDays"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5341 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5342
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5343 if [ "$CA_BUNDLE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5344 _saveaccountconf CA_BUNDLE "$CA_BUNDLE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5345 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5346 _clearaccountconf "CA_BUNDLE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5347 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5348
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5349 if [ "$CA_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5350 _saveaccountconf CA_PATH "$CA_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5351 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5352 _clearaccountconf "CA_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5353 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5354
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5355 if [ "$HTTPS_INSECURE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5356 _saveaccountconf HTTPS_INSECURE "$HTTPS_INSECURE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5357 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5358 _clearaccountconf "HTTPS_INSECURE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5359 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5360
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5361 if [ "$Le_Listen_V4" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5362 _savedomainconf "Le_Listen_V4" "$Le_Listen_V4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5363 _cleardomainconf Le_Listen_V6
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5364 elif [ "$Le_Listen_V6" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5365 _savedomainconf "Le_Listen_V6" "$Le_Listen_V6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5366 _cleardomainconf Le_Listen_V4
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5367 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5368
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5369 if [ "$Le_ForceNewDomainKey" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5370 _savedomainconf "Le_ForceNewDomainKey" "$Le_ForceNewDomainKey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5371 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5372 _cleardomainconf Le_ForceNewDomainKey
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5373 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5374 if [ "$_notAfter" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5375 Le_NextRenewTime=$(_date2time "$_notAfter")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5376 Le_NextRenewTimeStr="$_notAfter"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5377 if [ "$_valid_to" ] && ! _startswith "$_valid_to" "+"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5378 _info "The domain is set to be valid until: $_valid_to"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5379 _info "It cannot be renewed automatically"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5380 _info "See: $_VALIDITY_WIKI"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5381 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5382 _now=$(_time)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5383 _debug2 "_now" "$_now"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5384 _lifetime=$(_math $Le_NextRenewTime - $_now)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5385 _debug2 "_lifetime" "$_lifetime"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5386 if [ $_lifetime -gt 86400 ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5387 #if lifetime is logner than one day, it will renew one day before
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5388 Le_NextRenewTime=$(_math $Le_NextRenewTime - 86400)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5389 Le_NextRenewTimeStr=$(_time2str "$Le_NextRenewTime")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5390 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5391 #if lifetime is less than 24 hours, it will renew one hour before
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5392 Le_NextRenewTime=$(_math $Le_NextRenewTime - 3600)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5393 Le_NextRenewTimeStr=$(_time2str "$Le_NextRenewTime")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5394 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5395 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5396 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5397 Le_NextRenewTime=$(_math "$Le_CertCreateTime" + "$Le_RenewalDays" \* 24 \* 60 \* 60)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5398 Le_NextRenewTime=$(_math "$Le_NextRenewTime" - 86400)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5399 Le_NextRenewTimeStr=$(_time2str "$Le_NextRenewTime")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5400 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5401 _savedomainconf "Le_NextRenewTimeStr" "$Le_NextRenewTimeStr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5402 _savedomainconf "Le_NextRenewTime" "$Le_NextRenewTime"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5403
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5404 #convert to pkcs12
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5405 if [ "$Le_PFXPassword" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5406 _toPkcs "$CERT_PFX_PATH" "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$Le_PFXPassword"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5407 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5408 export CERT_PFX_PATH
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5409
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5410 if [ "$_real_cert$_real_key$_real_ca$_reload_cmd$_real_fullchain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5411 _savedomainconf "Le_RealCertPath" "$_real_cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5412 _savedomainconf "Le_RealCACertPath" "$_real_ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5413 _savedomainconf "Le_RealKeyPath" "$_real_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5414 _savedomainconf "Le_ReloadCmd" "$_reload_cmd" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5415 _savedomainconf "Le_RealFullChainPath" "$_real_fullchain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5416 if ! _installcert "$_main_domain" "$_real_cert" "$_real_key" "$_real_ca" "$_real_fullchain" "$_reload_cmd"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5417 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5418 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5419 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5420
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5421 if ! _on_issue_success "$_post_hook" "$_renew_hook"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5422 _err "Error calling hook."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5423 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5424 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5425 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5426
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5427 #in_out_cert out_fullchain out_ca
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5428 _split_cert_chain() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5429 _certf="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5430 _fullchainf="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5431 _caf="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5432 if [ "$(grep -- "$BEGIN_CERT" "$_certf" | wc -l)" -gt "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5433 _debug "Found cert chain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5434 cat "$_certf" >"$_fullchainf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5435 _end_n="$(grep -n -- "$END_CERT" "$_fullchainf" | _head_n 1 | cut -d : -f 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5436 _debug _end_n "$_end_n"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5437 sed -n "1,${_end_n}p" "$_fullchainf" >"$_certf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5438 _end_n="$(_math $_end_n + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5439 sed -n "${_end_n},9999p" "$_fullchainf" >"$_caf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5440 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5441 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5442
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5443 #domain [isEcc] [server]
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5444 renew() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5445 Le_Domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5446 if [ -z "$Le_Domain" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5447 _usage "Usage: $PROJECT_ENTRY --renew --domain <domain.tld> [--ecc] [--server server]"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5448 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5449 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5450
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5451 _isEcc="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5452 _renewServer="$3"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5453 _debug "_renewServer" "$_renewServer"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5454
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5455 _initpath "$Le_Domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5456
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5457 _set_level=${NOTIFY_LEVEL:-$NOTIFY_LEVEL_DEFAULT}
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5458 _info "$(__green "Renewing: '$Le_Domain'")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5459 if [ ! -f "$DOMAIN_CONF" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5460 _info "'$Le_Domain' is not an issued domain, skipping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5461 return $RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5462 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5463
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5464 if [ "$Le_RenewalDays" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5465 _savedomainconf Le_RenewalDays "$Le_RenewalDays"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5466 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5467
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5468 . "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5469 _debug Le_API "$Le_API"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5470
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5471 case "$Le_API" in
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5472 "$CA_LETSENCRYPT_V2_TEST")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5473 _info "Switching back to $CA_LETSENCRYPT_V2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5474 Le_API="$CA_LETSENCRYPT_V2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5475 ;;
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5476 "$CA_GOOGLE_TEST")
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5477 _info "Switching back to $CA_GOOGLE"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5478 Le_API="$CA_GOOGLE"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5479 ;;
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5480 esac
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5481
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5482 if [ "$_server" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5483 Le_API="$_server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5484 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5485 _info "Renewing using Le_API=$Le_API"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5486
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5487 _clearAPI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5488 _clearCA
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5489 export ACME_DIRECTORY="$Le_API"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5490
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5491 #reload ca configs
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5492 _debug2 "initpath again."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5493 _initpath "$Le_Domain" "$_isEcc"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5494
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5495 if [ -z "$FORCE" ] && [ "$Le_NextRenewTime" ] && [ "$(_time)" -lt "$Le_NextRenewTime" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5496 _info "Skipping. Next renewal time is: $(__green "$Le_NextRenewTimeStr")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5497 _info "Add '$(__red '--force')' to force renewal."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5498 if [ -z "$_ACME_IN_RENEWALL" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5499 if [ $_set_level -ge $NOTIFY_LEVEL_SKIP ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5500 _send_notify "Renew $Le_Domain skipped" "Good, the cert is skipped." "$NOTIFY_HOOK" "$RENEW_SKIP"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5501 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5502 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5503 return "$RENEW_SKIP"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5504 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5505
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5506 if [ "$_ACME_IN_CRON" = "1" ] && [ -z "$Le_CertCreateTime" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5507 _info "Skipping invalid cert for: $Le_Domain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5508 return $RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5509 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5510
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5511 _ACME_IS_RENEW="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5512 Le_ReloadCmd="$(_readdomainconf Le_ReloadCmd)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5513 Le_PreHook="$(_readdomainconf Le_PreHook)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5514 Le_PostHook="$(_readdomainconf Le_PostHook)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5515 Le_RenewHook="$(_readdomainconf Le_RenewHook)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5516 Le_Preferred_Chain="$(_readdomainconf Le_Preferred_Chain)"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5517 # When renewing from an old version, the empty Le_Keylength means 2048.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5518 # Note, do not use DEFAULT_DOMAIN_KEY_LENGTH as that value may change over
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5519 # time but an empty value implies 2048 specifically.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5520 Le_Keylength="$(_readdomainconf Le_Keylength)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5521 if [ -z "$Le_Keylength" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5522 Le_Keylength=2048
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5523 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5524 if [ "$CA_LETSENCRYPT_V2" = "$Le_API" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5525 #letsencrypt doesn't support ocsp anymore
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5526 if [ "$Le_OCSP_Staple" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5527 export Le_OCSP_Staple=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5528 _cleardomainconf Le_OCSP_Staple
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5529 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5530 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5531 issue "$Le_Webroot" "$Le_Domain" "$Le_Alt" "$Le_Keylength" "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath" "$Le_PreHook" "$Le_PostHook" "$Le_RenewHook" "$Le_LocalAddress" "$Le_ChallengeAlias" "$Le_Preferred_Chain" "$Le_Valid_From" "$Le_Valid_To"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5532 res="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5533 if [ "$res" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5534 return "$res"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5535 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5536
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5537 if [ "$Le_DeployHook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5538 _deploy "$Le_Domain" "$Le_DeployHook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5539 res="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5540 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5541
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5542 _ACME_IS_RENEW=""
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5543 if [ -z "$_ACME_IN_RENEWALL" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5544 if [ "$res" = "0" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5545 if [ $_set_level -ge $NOTIFY_LEVEL_RENEW ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5546 _send_notify "Renew $d success" "Good, the cert is renewed." "$NOTIFY_HOOK" 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5547 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5548 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5549 if [ $_set_level -ge $NOTIFY_LEVEL_ERROR ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5550 _send_notify "Renew $d error" "There is an error." "$NOTIFY_HOOK" 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5551 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5552 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5553 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5554
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5555 return "$res"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5556 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5557
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5558 #renewAll [stopRenewOnError] [server]
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5559 renewAll() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5560 _initpath
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5561 _clearCA
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5562 _stopRenewOnError="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5563 _debug "_stopRenewOnError" "$_stopRenewOnError"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5564
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5565 _server="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5566 _debug "_server" "$_server"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5567
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5568 _ret="0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5569 _success_msg=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5570 _error_msg=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5571 _skipped_msg=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5572 _error_level=$NOTIFY_LEVEL_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5573 _notify_code=$RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5574 _set_level=${NOTIFY_LEVEL:-$NOTIFY_LEVEL_DEFAULT}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5575 _debug "_set_level" "$_set_level"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5576 export _ACME_IN_RENEWALL=1
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5577 for di in "${CERT_HOME}"/*.*/; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5578 _debug di "$di"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5579 if ! [ -d "$di" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5580 _debug "Not a directory, skipping: $di"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5581 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5582 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5583 d=$(basename "$di")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5584 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5585 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5586 if _endswith "$d" "$ECC_SUFFIX"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5587 _isEcc=$(echo "$d" | cut -d "$ECC_SEP" -f 2)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5588 d=$(echo "$d" | cut -d "$ECC_SEP" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5589 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5590 renew "$d" "$_isEcc" "$_server"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5591 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5592 rc="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5593 _debug "Return code: $rc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5594 if [ "$rc" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5595 if [ $_error_level -gt $NOTIFY_LEVEL_RENEW ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5596 _error_level="$NOTIFY_LEVEL_RENEW"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5597 _notify_code=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5598 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5599
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5600 if [ $_set_level -ge $NOTIFY_LEVEL_RENEW ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5601 if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5602 _send_notify "Renew $d success" "Good, the cert is renewed." "$NOTIFY_HOOK" 0
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5603 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5604 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5605
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5606 _success_msg="${_success_msg} $d
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5607 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5608 elif [ "$rc" = "$RENEW_SKIP" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5609 if [ $_error_level -gt $NOTIFY_LEVEL_SKIP ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5610 _error_level="$NOTIFY_LEVEL_SKIP"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5611 _notify_code=$RENEW_SKIP
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5612 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5613
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5614 if [ $_set_level -ge $NOTIFY_LEVEL_SKIP ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5615 if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5616 _send_notify "Renew $d skipped" "Good, the cert is skipped." "$NOTIFY_HOOK" "$RENEW_SKIP"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5617 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5618 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5619
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5620 _info "Skipped $d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5621 _skipped_msg="${_skipped_msg} $d
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5622 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5623 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5624 if [ $_error_level -gt $NOTIFY_LEVEL_ERROR ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5625 _error_level="$NOTIFY_LEVEL_ERROR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5626 _notify_code=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5627 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5628
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5629 if [ $_set_level -ge $NOTIFY_LEVEL_ERROR ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5630 if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5631 _send_notify "Renew $d error" "There is an error." "$NOTIFY_HOOK" 1
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5632 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5633 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5634
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5635 _error_msg="${_error_msg} $d
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5636 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5637 if [ "$_stopRenewOnError" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5638 _err "Error renewing $d, stopping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5639 _ret="$rc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5640 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5641 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5642 _ret="$rc"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5643 _err "Error renewing $d."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5644 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5645 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5646 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5647 _debug _error_level "$_error_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5648 _debug _set_level "$_set_level"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5649 if [ $_error_level -le $_set_level ]; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5650 if [ -z "$NOTIFY_MODE" ] || [ "$NOTIFY_MODE" = "$NOTIFY_MODE_BULK" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5651 _msg_subject="Renew"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5652 if [ "$_error_msg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5653 _msg_subject="${_msg_subject} Error"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5654 _msg_data="Errored certs:
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5655 ${_error_msg}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5656 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5657 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5658 if [ "$_success_msg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5659 _msg_subject="${_msg_subject} Success"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5660 _msg_data="${_msg_data}Successful certs:
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5661 ${_success_msg}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5662 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5663 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5664 if [ "$_skipped_msg" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5665 _msg_subject="${_msg_subject} Skipped"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5666 _msg_data="${_msg_data}Skipped certs:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5667 ${_skipped_msg}
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5668 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5669 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5670
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5671 _send_notify "$_msg_subject" "$_msg_data" "$NOTIFY_HOOK" "$_notify_code"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5672 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5673 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5674
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5675 return "$_ret"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5676 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5677
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5678 #csr webroot
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5679 signcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5680 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5681 _csrW="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5682 if [ -z "$_csrfile" ] || [ -z "$_csrW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5683 _usage "Usage: $PROJECT_ENTRY --sign-csr --csr <csr-file> --webroot <directory>"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5684 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5685 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5686
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5687 _real_cert="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5688 _real_key="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5689 _real_ca="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5690 _reload_cmd="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5691 _real_fullchain="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5692 _pre_hook="${8}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5693 _post_hook="${9}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5694 _renew_hook="${10}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5695 _local_addr="${11}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5696 _challenge_alias="${12}"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5697 _preferred_chain="${13}"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5698
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5699 _csrsubj=$(_readSubjectFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5700 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5701 _err "Cannot read subject from CSR: $_csrfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5702 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5703 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5704 _debug _csrsubj "$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5705 if _contains "$_csrsubj" ' ' || ! _contains "$_csrsubj" '.'; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5706 _info "It seems that the subject $_csrsubj is not a valid domain name. Dropping it."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5707 _csrsubj=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5708 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5709
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5710 _csrdomainlist=$(_readSubjectAltNamesFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5711 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5712 _err "Cannot read domain list from CSR: $_csrfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5713 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5714 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5715 _debug "_csrdomainlist" "$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5716
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5717 if [ -z "$_csrsubj" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5718 _csrsubj="$(_getfield "$_csrdomainlist" 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5719 _debug _csrsubj "$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5720 _csrdomainlist="$(echo "$_csrdomainlist" | cut -d , -f 2-)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5721 _debug "_csrdomainlist" "$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5722 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5723
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5724 if [ -z "$_csrsubj" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5725 _err "Cannot read subject from CSR: $_csrfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5726 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5727 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5728
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5729 _csrkeylength=$(_readKeyLengthFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5730 if [ "$?" != "0" ] || [ -z "$_csrkeylength" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5731 _err "Cannot read key length from CSR: $_csrfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5732 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5733 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5734
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5735 _initpath "$_csrsubj" "$_csrkeylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5736 mkdir -p "$DOMAIN_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5737
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5738 _info "Copying CSR to: $CSR_PATH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5739 cp "$_csrfile" "$CSR_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5740
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5741 issue "$_csrW" "$_csrsubj" "$_csrdomainlist" "$_csrkeylength" "$_real_cert" "$_real_key" "$_real_ca" "$_reload_cmd" "$_real_fullchain" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_addr" "$_challenge_alias" "$_preferred_chain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5742
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5743 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5744
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5745 showcsr() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5746 _csrfile="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5747 _csrd="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5748 if [ -z "$_csrfile" ] && [ -z "$_csrd" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5749 _usage "Usage: $PROJECT_ENTRY --show-csr --csr <csr-file>"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5750 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5751 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5752
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5753 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5754
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5755 _csrsubj=$(_readSubjectFromCSR "$_csrfile")
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5756 if [ "$?" != "0" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5757 _err "Cannot read subject from CSR: $_csrfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5758 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5759 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5760 if [ -z "$_csrsubj" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5761 _info "The subject is empty"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5762 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5763
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5764 _info "Subject=$_csrsubj"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5765
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5766 _csrdomainlist=$(_readSubjectAltNamesFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5767 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5768 _err "Cannot read domain list from CSR: $_csrfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5769 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5770 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5771 _debug "_csrdomainlist" "$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5772
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5773 _info "SubjectAltNames=$_csrdomainlist"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5774
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5775 _csrkeylength=$(_readKeyLengthFromCSR "$_csrfile")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5776 if [ "$?" != "0" ] || [ -z "$_csrkeylength" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5777 _err "Cannot read key length from CSR: $_csrfile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5778 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5779 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5780 _info "KeyLength=$_csrkeylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5781 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5782
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5783 #listraw domain
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5784 list() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5785 _raw="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5786 _domain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5787 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5788
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5789 _sep="|"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5790 if [ "$_raw" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5791 if [ -z "$_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5792 printf "%s\n" "Main_Domain${_sep}KeyLength${_sep}SAN_Domains${_sep}CA${_sep}Created${_sep}Renew"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5793 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5794 for di in "${CERT_HOME}"/*.*/; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5795 d=$(basename "$di")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5796 _debug d "$d"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5797 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5798 if _endswith "$d" "$ECC_SUFFIX"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5799 _isEcc="ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5800 d=$(echo "$d" | cut -d "$ECC_SEP" -f 1)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5801 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5802 DOMAIN_CONF="$di/$d.conf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5803 if [ -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5804 . "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5805 _ca="$(_getCAShortName "$Le_API")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5806 if [ -z "$_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5807 printf "%s\n" "$Le_Domain${_sep}\"$Le_Keylength\"${_sep}$Le_Alt${_sep}$_ca${_sep}$Le_CertCreateTimeStr${_sep}$Le_NextRenewTimeStr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5808 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5809 if [ "$_domain" = "$d" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5810 cat "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5811 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5812 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5813 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5814 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5815 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5816 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5817 if _exists column; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5818 list "raw" "$_domain" | column -t -s "$_sep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5819 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5820 list "raw" "$_domain" | tr "$_sep" '\t'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5821 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5822 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5823
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5824 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5825
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5826 _deploy() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5827 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5828 _hooks="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5829
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5830 for _d_api in $(echo "$_hooks" | tr ',' " "); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5831 _deployApi="$(_findHook "$_d" $_SUB_FOLDER_DEPLOY "$_d_api")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5832 if [ -z "$_deployApi" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5833 _err "The deploy hook $_d_api was not found."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5834 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5835 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5836 _debug _deployApi "$_deployApi"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5837
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5838 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5839 if ! . "$_deployApi"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5840 _err "Error loading file $_deployApi. Please check your API file and try again."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5841 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5842 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5843
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5844 d_command="${_d_api}_deploy"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5845 if ! _exists "$d_command"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5846 _err "It seems that your API file is not correct. Make sure it has a function named: $d_command"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5847 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5848 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5849
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5850 if ! $d_command "$_d" "$CERT_KEY_PATH" "$CERT_PATH" "$CA_CERT_PATH" "$CERT_FULLCHAIN_PATH" "$CERT_PFX_PATH"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5851 _err "Error deploying for domain: $_d"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5852 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5853 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5854 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5855 _err "Error encountered while deploying."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5856 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5857 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5858 _info "$(__green Success)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5859 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5860 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5861 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5862
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5863 #domain hooks
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5864 deploy() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5865 _d="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5866 _hooks="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5867 _isEcc="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5868 if [ -z "$_hooks" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5869 _usage "Usage: $PROJECT_ENTRY --deploy --domain <domain.tld> --deploy-hook <hookname> [--ecc] "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5870 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5871 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5872
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5873 _initpath "$_d" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5874 if [ ! -d "$DOMAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5875 _err "The domain '$_d' is not a cert name. You must use the cert name to specify the cert to install."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5876 _err "Cannot find path: '$DOMAIN_PATH'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5877 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5878 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5879
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5880 _debug2 DOMAIN_CONF "$DOMAIN_CONF"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5881 . "$DOMAIN_CONF"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5882
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5883 _savedomainconf Le_DeployHook "$_hooks"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5884
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5885 _deploy "$_d" "$_hooks"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5886 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5887
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5888 installcert() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5889 _main_domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5890 if [ -z "$_main_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5891 _usage "Usage: $PROJECT_ENTRY --install-cert --domain <domain.tld> [--ecc] [--cert-file <file>] [--key-file <file>] [--ca-file <file>] [ --reloadcmd <command>] [--fullchain-file <file>]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5892 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5893 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5894
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5895 _real_cert="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5896 _real_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5897 _real_ca="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5898 _reload_cmd="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5899 _real_fullchain="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5900 _isEcc="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5901
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5902 _initpath "$_main_domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5903 if [ ! -d "$DOMAIN_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5904 _err "The domain '$_main_domain' is not a cert name. You must use the cert name to specify the cert to install."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5905 _err "Cannot find path: '$DOMAIN_PATH'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5906 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5907 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5908
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5909 _savedomainconf "Le_RealCertPath" "$_real_cert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5910 _savedomainconf "Le_RealCACertPath" "$_real_ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5911 _savedomainconf "Le_RealKeyPath" "$_real_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5912 _savedomainconf "Le_ReloadCmd" "$_reload_cmd" "base64"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5913 _savedomainconf "Le_RealFullChainPath" "$_real_fullchain"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5914 export Le_ForceNewDomainKey="$(_readdomainconf Le_ForceNewDomainKey)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5915 export Le_Next_Domain_Key
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5916 _installcert "$_main_domain" "$_real_cert" "$_real_key" "$_real_ca" "$_real_fullchain" "$_reload_cmd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5917 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5918
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5919 #domain cert key ca fullchain reloadcmd backup-prefix
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5920 _installcert() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5921 _main_domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5922 _real_cert="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5923 _real_key="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5924 _real_ca="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5925 _real_fullchain="$5"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5926 _reload_cmd="$6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5927 _backup_prefix="$7"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5928
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5929 if [ "$_real_cert" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5930 _real_cert=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5931 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5932 if [ "$_real_key" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5933 _real_key=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5934 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5935 if [ "$_real_ca" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5936 _real_ca=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5937 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5938 if [ "$_reload_cmd" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5939 _reload_cmd=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5940 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5941 if [ "$_real_fullchain" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5942 _real_fullchain=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5943 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5944
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5945 _backup_path="$DOMAIN_BACKUP_PATH/$_backup_prefix"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5946 mkdir -p "$_backup_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5947
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5948 if [ "$_real_cert" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5949 _info "Installing cert to: $_real_cert"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5950 if [ -f "$_real_cert" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5951 cp "$_real_cert" "$_backup_path/cert.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5952 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5953 if [ "$CERT_PATH" != "$_real_cert" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5954 cat "$CERT_PATH" >"$_real_cert" || return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5955 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5956 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5957
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5958 if [ "$_real_ca" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5959 _info "Installing CA to: $_real_ca"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5960 if [ "$_real_ca" = "$_real_cert" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5961 echo "" >>"$_real_ca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5962 cat "$CA_CERT_PATH" >>"$_real_ca" || return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5963 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5964 if [ -f "$_real_ca" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5965 cp "$_real_ca" "$_backup_path/ca.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5966 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5967 if [ "$CA_CERT_PATH" != "$_real_ca" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5968 cat "$CA_CERT_PATH" >"$_real_ca" || return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5969 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5970 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5971 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5972
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5973 if [ "$_real_key" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5974 _info "Installing key to: $_real_key"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5975 if [ -f "$_real_key" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5976 cp "$_real_key" "$_backup_path/key.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5977 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5978 if [ "$CERT_KEY_PATH" != "$_real_key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5979 if [ -f "$_real_key" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5980 cat "$CERT_KEY_PATH" >"$_real_key" || return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5981 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5982 touch "$_real_key" || return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5983 chmod 600 "$_real_key"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5984 cat "$CERT_KEY_PATH" >"$_real_key" || return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5985 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5986 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5987 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5988
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5989 if [ "$_real_fullchain" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5990 _info "Installing full chain to: $_real_fullchain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5991 if [ -f "$_real_fullchain" ] && [ ! "$_ACME_IS_RENEW" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5992 cp "$_real_fullchain" "$_backup_path/fullchain.bak"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5993 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5994 if [ "$_real_fullchain" != "$CERT_FULLCHAIN_PATH" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5995 cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
5996 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5997 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5998
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
5999 if [ "$_reload_cmd" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6000 _info "Running reload cmd: $_reload_cmd"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6001 if (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6002 export CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6003 export CERT_KEY_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6004 export CA_CERT_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6005 export CERT_FULLCHAIN_PATH
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6006 export Le_Domain="$_main_domain"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6007 export Le_ForceNewDomainKey
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6008 export Le_Next_Domain_Key
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6009 cd "$DOMAIN_PATH" && eval "$_reload_cmd"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6010 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6011 _info "$(__green "Reload successful")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6012 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6013 _err "Reload error for: $_main_domain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6014 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6015 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6016
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6017 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6018
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6019 __read_password() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6020 unset _pp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6021 prompt="Enter Password:"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6022 while IFS= read -p "$prompt" -r -s -n 1 char; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6023 if [ "$char" = $'\0' ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6024 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6025 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6026 prompt='*'
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6027 _pp="$_pp$char"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6028 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6029 echo "$_pp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6030 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6031
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6032 _install_win_taskscheduler() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6033 _lesh="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6034 _centry="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6035 _randomminute="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6036 if ! _exists cygpath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6037 _err "cygpath not found"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6038 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6039 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6040 if ! _exists schtasks; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6041 _err "schtasks.exe was not found, are you on Windows?"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6042 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6043 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6044 _winbash="$(cygpath -w $(which bash))"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6045 _debug _winbash "$_winbash"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6046 if [ -z "$_winbash" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6047 _err "Cannot find bash path"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6048 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6049 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6050 _myname="$(whoami)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6051 _debug "_myname" "$_myname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6052 if [ -z "$_myname" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6053 _err "Can not find own username"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6054 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6055 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6056 _debug "_lesh" "$_lesh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6057
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6058 _info "To install the scheduler task to your Windows account, you must input your Windows password."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6059 _info "$PROJECT_NAME will not save your password."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6060 _info "Please input your Windows password for: $(__green "$_myname")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6061 _password="$(__read_password)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6062 #SCHTASKS.exe '/create' '/SC' 'DAILY' '/TN' "$_WINDOWS_SCHEDULER_NAME" '/F' '/ST' "00:$_randomminute" '/RU' "$_myname" '/RP' "$_password" '/TR' "$_winbash -l -c '$_lesh --cron --home \"$LE_WORKING_DIR\" $_centry'" >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6063 echo SCHTASKS.exe '/create' '/SC' 'DAILY' '/TN' "$_WINDOWS_SCHEDULER_NAME" '/F' '/ST' "00:$_randomminute" '/RU' "$_myname" '/RP' "$_password" '/TR' "\"$_winbash -l -c '$_lesh --cron --home \"$LE_WORKING_DIR\" $_centry'\"" | cmd.exe >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6064 echo
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6065
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6066 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6067
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6068 _uninstall_win_taskscheduler() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6069 if ! _exists schtasks; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6070 _err "schtasks.exe was not found, are you on Windows?"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6071 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6072 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6073 if ! echo SCHTASKS /query /tn "$_WINDOWS_SCHEDULER_NAME" | cmd.exe >/dev/null; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6074 _debug "scheduler $_WINDOWS_SCHEDULER_NAME was not found."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6075 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6076 _info "Removing $_WINDOWS_SCHEDULER_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6077 echo SCHTASKS /delete /f /tn "$_WINDOWS_SCHEDULER_NAME" | cmd.exe >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6078 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6079 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6080
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6081 #confighome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6082 installcronjob() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6083 _c_home="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6084 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6085 _CRONTAB="crontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6086 if [ -f "$LE_WORKING_DIR/$PROJECT_ENTRY" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6087 lesh="\"$LE_WORKING_DIR\"/$PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6088 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6089 _debug "_SCRIPT_" "$_SCRIPT_"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6090 _script="$(_readlink "$_SCRIPT_")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6091 _debug _script "$_script"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6092 if [ -f "$_script" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6093 _info "Using the current script from: $_script"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6094 lesh="$_script"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6095 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6096 _err "Cannot install cronjob, $PROJECT_ENTRY not found."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6097 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6098 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6099 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6100 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6101 _c_entry="--config-home \"$_c_home\" "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6102 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6103 _t=$(_time)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6104 random_minute=$(_math $_t % 60)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6105 random_hour=$(_math $_t / 60 % 24)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6106
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6107 if ! _exists "$_CRONTAB" && _exists "fcrontab"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6108 _CRONTAB="fcrontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6109 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6110
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6111 if ! _exists "$_CRONTAB"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6112 if _exists cygpath && _exists schtasks.exe; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6113 _info "It seems you are on Windows, let's install the Windows scheduler task."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6114 if _install_win_taskscheduler "$lesh" "$_c_entry" "$random_minute"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6115 _info "Successfully installed Windows scheduler task."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6116 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6117 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6118 _err "Failed to install Windows scheduler task."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6119 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6120 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6121 fi
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6122 _err "crontab/fcrontab doesn't exist, so we cannot install cron jobs."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6123 _err "Your certs will not be renewed automatically."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6124 _err "You must add your own cron job to call '$PROJECT_ENTRY --cron' every day."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6125 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6126 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6127 _info "Installing cron job"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6128 if ! $_CRONTAB -l | grep "$PROJECT_ENTRY --cron"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6129 if _exists uname && uname -a | grep SunOS >/dev/null; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6130 _CRONTAB_STDIN="$_CRONTAB --"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6131 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6132 _CRONTAB_STDIN="$_CRONTAB -"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6133 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6134 $_CRONTAB -l | {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6135 cat
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6136 echo "$random_minute $random_hour * * * $lesh --cron --home \"$LE_WORKING_DIR\" $_c_entry> /dev/null"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6137 } | $_CRONTAB_STDIN
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6138 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6139 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6140 _err "Failed to install cron job. You need to manually renew your certs."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6141 _err "Alternatively, you can add a cron job by yourself:"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6142 _err "$lesh --cron --home \"$LE_WORKING_DIR\" > /dev/null"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6143 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6144 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6145 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6146
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6147 uninstallcronjob() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6148 _CRONTAB="crontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6149 if ! _exists "$_CRONTAB" && _exists "fcrontab"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6150 _CRONTAB="fcrontab"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6151 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6152
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6153 if ! _exists "$_CRONTAB"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6154 if _exists cygpath && _exists schtasks.exe; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6155 _info "It seems you are on Windows, let's uninstall the Windows scheduler task."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6156 if _uninstall_win_taskscheduler; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6157 _info "Successfully uninstalled Windows scheduler task."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6158 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6159 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6160 _err "Failed to uninstall Windows scheduler task."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6161 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6162 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6163 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6164 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6165 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6166 _info "Removing cron job"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6167 cr="$($_CRONTAB -l | grep "$PROJECT_ENTRY --cron")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6168 if [ "$cr" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6169 if _exists uname && uname -a | grep SunOS >/dev/null; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6170 $_CRONTAB -l | sed "/$PROJECT_ENTRY --cron/d" | $_CRONTAB --
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6171 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6172 $_CRONTAB -l | sed "/$PROJECT_ENTRY --cron/d" | $_CRONTAB -
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6173 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6174 LE_WORKING_DIR="$(echo "$cr" | cut -d ' ' -f 9 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6175 _info LE_WORKING_DIR "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6176 if _contains "$cr" "--config-home"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6177 LE_CONFIG_HOME="$(echo "$cr" | cut -d ' ' -f 11 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6178 _debug LE_CONFIG_HOME "$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6179 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6180 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6181 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6182
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6183 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6184
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6185 #domain isECC revokeReason
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6186 revoke() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6187 Le_Domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6188 if [ -z "$Le_Domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6189 _usage "Usage: $PROJECT_ENTRY --revoke --domain <domain.tld> [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6190 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6191 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6192
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6193 _isEcc="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6194 _reason="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6195 if [ -z "$_reason" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6196 _reason="0"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6197 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6198 _initpath "$Le_Domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6199 if [ ! -f "$DOMAIN_CONF" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6200 _err "$Le_Domain is not an issued domain, skipping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6201 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6202 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6203
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6204 if [ ! -f "$CERT_PATH" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6205 _err "Cert for $Le_Domain $CERT_PATH was not found, skipping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6206 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6207 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6208
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6209 . "$DOMAIN_CONF"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6210 _debug Le_API "$Le_API"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6211
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6212 if [ "$Le_API" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6213 if [ "$Le_API" != "$ACME_DIRECTORY" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6214 _clearAPI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6215 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6216 export ACME_DIRECTORY="$Le_API"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6217 #reload ca configs
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6218 ACCOUNT_KEY_PATH=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6219 ACCOUNT_JSON_PATH=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6220 CA_CONF=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6221 _debug3 "initpath again."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6222 _initpath "$Le_Domain" "$_isEcc"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6223 _initAPI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6224 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6225
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6226 cert="$(_getfile "${CERT_PATH}" "${BEGIN_CERT}" "${END_CERT}" | tr -d "\r\n" | _url_replace)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6227
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6228 if [ -z "$cert" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6229 _err "Cert for $Le_Domain is empty, skipping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6230 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6231 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6232
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6233 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6234
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6235 data="{\"certificate\": \"$cert\",\"reason\":$_reason}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6236
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6237 uri="${ACME_REVOKE_CERT}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6238
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6239 _info "Trying account key first."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6240 if _send_signed_request "$uri" "$data" "" "$ACCOUNT_KEY_PATH"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6241 if [ -z "$response" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6242 _info "Successfully revoked."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6243 rm -f "$CERT_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6244 cat "$CERT_KEY_PATH" >"$CERT_KEY_PATH.revoked"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6245 cat "$CSR_PATH" >"$CSR_PATH.revoked"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6246 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6247 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6248 _err "Error revoking."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6249 _debug "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6250 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6251 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6252
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6253 if [ -f "$CERT_KEY_PATH" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6254 _info "Trying domain key."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6255 if _send_signed_request "$uri" "$data" "" "$CERT_KEY_PATH"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6256 if [ -z "$response" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6257 _info "Successfully revoked."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6258 rm -f "$CERT_PATH"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6259 cat "$CERT_KEY_PATH" >"$CERT_KEY_PATH.revoked"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6260 cat "$CSR_PATH" >"$CSR_PATH.revoked"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6261 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6262 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6263 _err "Error revoking using domain key."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6264 _err "$response"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6265 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6266 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6267 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6268 _info "Domain key file doesn't exist."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6269 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6270 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6271 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6272
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6273 #domain ecc
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6274 remove() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6275 Le_Domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6276 if [ -z "$Le_Domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6277 _usage "Usage: $PROJECT_ENTRY --remove --domain <domain.tld> [--ecc]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6278 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6279 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6280
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6281 _isEcc="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6282
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6283 _initpath "$Le_Domain" "$_isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6284 _removed_conf="$DOMAIN_CONF.removed"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6285 if [ ! -f "$DOMAIN_CONF" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6286 if [ -f "$_removed_conf" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6287 _err "$Le_Domain has already been removed. You can remove the folder by yourself: $DOMAIN_PATH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6288 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6289 _err "$Le_Domain is not an issued domain, skipping."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6290 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6291 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6292 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6293
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6294 if mv "$DOMAIN_CONF" "$_removed_conf"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6295 _info "$Le_Domain has been removed. The key and cert files are in $(__green $DOMAIN_PATH)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6296 _info "You can remove them by yourself."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6297 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6298 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6299 _err "Failed to remove $Le_Domain."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6300 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6301 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6302 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6303
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6304 #domain vtype
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6305 _deactivate() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6306 _d_domain="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6307 _d_type="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6308 _initpath "$_d_domain" "$_d_type"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6309
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6310 . "$DOMAIN_CONF"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6311 _debug Le_API "$Le_API"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6312
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6313 if [ "$Le_API" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6314 if [ "$Le_API" != "$ACME_DIRECTORY" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6315 _clearAPI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6316 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6317 export ACME_DIRECTORY="$Le_API"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6318 #reload ca configs
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6319 ACCOUNT_KEY_PATH=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6320 ACCOUNT_JSON_PATH=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6321 CA_CONF=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6322 _debug3 "initpath again."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6323 _initpath "$Le_Domain" "$_d_type"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6324 _initAPI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6325 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6326
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6327 _identifiers="{\"type\":\"$(_getIdType "$_d_domain")\",\"value\":\"$_d_domain\"}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6328 if ! _send_signed_request "$ACME_NEW_ORDER" "{\"identifiers\": [$_identifiers]}"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6329 _err "Cannot get new order for domain."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6330 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6331 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6332 _authorizations_seg="$(echo "$response" | _egrep_o '"authorizations" *: *\[[^\]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6333 _debug2 _authorizations_seg "$_authorizations_seg"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6334 if [ -z "$_authorizations_seg" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6335 _err "_authorizations_seg not found."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6336 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6337 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6338 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6339 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6340
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6341 authzUri="$_authorizations_seg"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6342 _debug2 "authzUri" "$authzUri"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6343 if ! _send_signed_request "$authzUri"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6344 _err "Error making GET request for authz."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6345 _err "_authorizations_seg" "$_authorizations_seg"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6346 _err "authzUri" "$authzUri"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6347 _clearup
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6348 _on_issue_err "$_post_hook"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6349 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6350 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6351
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6352 response="$(echo "$response" | _normalizeJson)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6353 _debug2 response "$response"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6354 _URL_NAME="url"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6355
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6356 entries="$(echo "$response" | tr '][' '==' | _egrep_o "challenges\": *=[^=]*=" | tr '}{' '\n\n' | grep "\"status\": *\"valid\"")"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6357 if [ -z "$entries" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6358 _info "No valid entries found."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6359 if [ -z "$thumbprint" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6360 thumbprint="$(__calc_account_thumbprint)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6361 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6362 _debug "Trigger validation."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6363 vtype="$(_getIdType "$_d_domain")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6364 # Fix for empty error objects in response which mess up the original code, adapted from fix suggested here: https://github.com/acmesh-official/acme.sh/issues/4933#issuecomment-1870499018
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6365 entry="$(echo "$response" | sed s/'"error":{}'/'"error":null'/ | _egrep_o '[^\{]*"type":"'$vtype'"[^\}]*')"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6366 _debug entry "$entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6367 if [ -z "$entry" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6368 _err "$d: Cannot get domain token"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6369 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6370 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6371 token="$(echo "$entry" | _egrep_o '"token":"[^"]*' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6372 _debug token "$token"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6373
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6374 uri="$(echo "$entry" | _egrep_o "\"$_URL_NAME\":\"[^\"]*" | cut -d : -f 2,3 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6375 _debug uri "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6376
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6377 keyauthorization="$token.$thumbprint"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6378 _debug keyauthorization "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6379 __trigger_validation "$uri" "$keyauthorization"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6380
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6381 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6382
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6383 _d_i=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6384 _d_max_retry=$(echo "$entries" | wc -l)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6385 while [ "$_d_i" -lt "$_d_max_retry" ]; do
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6386 _info "Deactivating $_d_domain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6387 _d_i="$(_math $_d_i + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6388 entry="$(echo "$entries" | sed -n "${_d_i}p")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6389 _debug entry "$entry"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6390
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6391 if [ -z "$entry" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6392 _info "No more valid entries found."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6393 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6394 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6395
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6396 _vtype="$(echo "$entry" | _egrep_o '"type": *"[^"]*"' | cut -d : -f 2 | tr -d '"')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6397 _debug _vtype "$_vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6398 _info "Found $_vtype"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6399
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6400 uri="$(echo "$entry" | _egrep_o "\"$_URL_NAME\":\"[^\"]*\"" | tr -d '" ' | cut -d : -f 2-)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6401 _debug uri "$uri"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6402
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6403 if [ "$_d_type" ] && [ "$_d_type" != "$_vtype" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6404 _info "Skipping $_vtype"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6405 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6406 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6407
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6408 _info "Deactivating $_vtype"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6409
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6410 _djson="{\"status\":\"deactivated\"}"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6411
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6412 if _send_signed_request "$authzUri" "$_djson" && _contains "$response" '"deactivated"'; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6413 _info "Successfully deactivated $_vtype."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6414 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6415 _err "Could not deactivate $_vtype."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6416 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6417 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6418
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6419 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6420 _debug "$_d_i"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6421 if [ "$_d_i" -eq "$_d_max_retry" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6422 _info "Successfully deactivated!"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6423 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6424 _err "Deactivation failed."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6425 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6426
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6427 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6428
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6429 deactivate() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6430 _d_domain_list="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6431 _d_type="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6432 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6433 _initAPI
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6434 _debug _d_domain_list "$_d_domain_list"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6435 if [ -z "$(echo $_d_domain_list | cut -d , -f 1)" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6436 _usage "Usage: $PROJECT_ENTRY --deactivate --domain <domain.tld> [--domain <domain2.tld> ...]"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6437 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6438 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6439 for _d_dm in $(echo "$_d_domain_list" | tr ',' ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6440 if [ -z "$_d_dm" ] || [ "$_d_dm" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6441 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6442 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6443 if ! _deactivate "$_d_dm" "$_d_type"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6444 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6445 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6446 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6447 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6448
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6449 # Detect profile file if not specified as environment variable
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6450 _detect_profile() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6451 if [ -n "$PROFILE" -a -f "$PROFILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6452 echo "$PROFILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6453 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6454 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6455
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6456 DETECTED_PROFILE=''
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6457 SHELLTYPE="$(basename "/$SHELL")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6458
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6459 if [ "$SHELLTYPE" = "bash" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6460 if [ -f "$HOME/.bashrc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6461 DETECTED_PROFILE="$HOME/.bashrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6462 elif [ -f "$HOME/.bash_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6463 DETECTED_PROFILE="$HOME/.bash_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6464 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6465 elif [ "$SHELLTYPE" = "zsh" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6466 DETECTED_PROFILE="$HOME/.zshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6467 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6468
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6469 if [ -z "$DETECTED_PROFILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6470 if [ -f "$HOME/.profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6471 DETECTED_PROFILE="$HOME/.profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6472 elif [ -f "$HOME/.bashrc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6473 DETECTED_PROFILE="$HOME/.bashrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6474 elif [ -f "$HOME/.bash_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6475 DETECTED_PROFILE="$HOME/.bash_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6476 elif [ -f "$HOME/.zshrc" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6477 DETECTED_PROFILE="$HOME/.zshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6478 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6479 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6480
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6481 echo "$DETECTED_PROFILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6482 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6483
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6484 _initconf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6485 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6486 if [ ! -f "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6487 echo "
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6488
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6489 #LOG_FILE=\"$DEFAULT_LOG_FILE\"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6490 #LOG_LEVEL=1
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6491
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6492 #AUTO_UPGRADE=\"1\"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6493
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6494 #NO_TIMESTAMP=1
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6495
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6496 " >"$ACCOUNT_CONF_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6497 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6498 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6499
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6500 # nocron
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6501 _precheck() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6502 _nocron="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6503
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6504 if ! _exists "curl" && ! _exists "wget"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6505 _err "Please install curl or wget first to enable access to HTTP resources."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6506 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6507 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6508
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6509 if [ -z "$_nocron" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6510 if ! _exists "crontab" && ! _exists "fcrontab"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6511 if _exists cygpath && _exists schtasks.exe; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6512 _info "It seems you are on Windows, we will install the Windows scheduler task."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6513 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6514 _err "It is recommended to install crontab first. Try to install 'cron', 'crontab', 'crontabs' or 'vixie-cron'."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6515 _err "We need to set a cron job to renew the certs automatically."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6516 _err "Otherwise, your certs will not be able to be renewed automatically."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6517 if [ -z "$FORCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6518 _err "Please add '--force' and try install again to go without crontab."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6519 _err "./$PROJECT_ENTRY --install --force"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6520 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6521 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6522 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6523 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6524 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6525
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6526 if ! _exists "${ACME_OPENSSL_BIN:-openssl}"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6527 _err "Please install openssl first. ACME_OPENSSL_BIN=$ACME_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6528 _err "We need openssl to generate keys."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6529 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6530 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6531
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6532 if ! _exists "socat"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6533 _err "It is recommended to install socat first."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6534 _err "We use socat for the standalone server, which is used for standalone mode."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6535 _err "If you don't want to use standalone mode, you may ignore this warning."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6536 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6537
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6538 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6539 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6540
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6541 _setShebang() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6542 _file="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6543 _shebang="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6544 if [ -z "$_shebang" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6545 _usage "Usage: file shebang"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6546 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6547 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6548 cp "$_file" "$_file.tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6549 echo "$_shebang" >"$_file"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6550 sed -n 2,99999p "$_file.tmp" >>"$_file"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6551 rm -f "$_file.tmp"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6552 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6553
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6554 #confighome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6555 _installalias() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6556 _c_home="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6557 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6558
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6559 _envfile="$LE_WORKING_DIR/$PROJECT_ENTRY.env"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6560 if [ "$_upgrading" ] && [ "$_upgrading" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6561 echo "$(cat "$_envfile")" | sed "s|^LE_WORKING_DIR.*$||" >"$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6562 echo "$(cat "$_envfile")" | sed "s|^alias le.*$||" >"$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6563 echo "$(cat "$_envfile")" | sed "s|^alias le.sh.*$||" >"$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6564 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6565
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6566 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6567 _c_entry=" --config-home '$_c_home'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6568 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6569
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6570 _setopt "$_envfile" "export LE_WORKING_DIR" "=" "\"$LE_WORKING_DIR\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6571 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6572 _setopt "$_envfile" "export LE_CONFIG_HOME" "=" "\"$LE_CONFIG_HOME\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6573 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6574 _sed_i "/^export LE_CONFIG_HOME/d" "$_envfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6575 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6576 _setopt "$_envfile" "alias $PROJECT_ENTRY" "=" "\"$LE_WORKING_DIR/$PROJECT_ENTRY$_c_entry\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6577
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6578 _profile="$(_detect_profile)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6579 if [ "$_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6580 _debug "Found profile: $_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6581 _info "Installing alias to '$_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6582 _setopt "$_profile" ". \"$_envfile\""
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6583 _info "Close and reopen your terminal to start using $PROJECT_NAME"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6584 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6585 _info "No profile has been found, you will need to change your working directory to $LE_WORKING_DIR to use $PROJECT_NAME"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6586 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6587
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6588 #for csh
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6589 _cshfile="$LE_WORKING_DIR/$PROJECT_ENTRY.csh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6590 _csh_profile="$HOME/.cshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6591 if [ -f "$_csh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6592 _info "Installing alias to '$_csh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6593 _setopt "$_cshfile" "setenv LE_WORKING_DIR" " " "\"$LE_WORKING_DIR\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6594 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6595 _setopt "$_cshfile" "setenv LE_CONFIG_HOME" " " "\"$LE_CONFIG_HOME\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6596 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6597 _sed_i "/^setenv LE_CONFIG_HOME/d" "$_cshfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6598 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6599 _setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY$_c_entry\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6600 _setopt "$_csh_profile" "source \"$_cshfile\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6601 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6602
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6603 #for tcsh
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6604 _tcsh_profile="$HOME/.tcshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6605 if [ -f "$_tcsh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6606 _info "Installing alias to '$_tcsh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6607 _setopt "$_cshfile" "setenv LE_WORKING_DIR" " " "\"$LE_WORKING_DIR\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6608 if [ "$_c_home" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6609 _setopt "$_cshfile" "setenv LE_CONFIG_HOME" " " "\"$LE_CONFIG_HOME\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6610 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6611 _setopt "$_cshfile" "alias $PROJECT_ENTRY" " " "\"$LE_WORKING_DIR/$PROJECT_ENTRY$_c_entry\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6612 _setopt "$_tcsh_profile" "source \"$_cshfile\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6613 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6614
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6615 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6616
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6617 # nocron confighome noprofile accountemail
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6618 install() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6619
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6620 if [ -z "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6621 LE_WORKING_DIR="$DEFAULT_INSTALL_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6622 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6623
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6624 _nocron="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6625 _c_home="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6626 _noprofile="$3"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6627 _accountemail="$4"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6628
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6629 if ! _initpath; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6630 _err "Install failed."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6631 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6632 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6633 if [ "$_nocron" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6634 _debug "Skipping cron job installation"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6635 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6636
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6637 if [ "$_ACME_IN_CRON" != "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6638 if ! _precheck "$_nocron"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6639 _err "Pre-check failed, cannot install."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6640 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6641 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6642 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6643
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6644 if [ -z "$_c_home" ] && [ "$LE_CONFIG_HOME" != "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6645 _info "Using config home: $LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6646 _c_home="$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6647 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6648
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6649 #convert from le
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6650 if [ -d "$HOME/.le" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6651 for envfile in "le.env" "le.sh.env"; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6652 if [ -f "$HOME/.le/$envfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6653 if grep "le.sh" "$HOME/.le/$envfile" >/dev/null; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6654 _upgrading="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6655 _info "You are upgrading from le.sh"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6656 _info "Renaming \"$HOME/.le\" to $LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6657 mv "$HOME/.le" "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6658 mv "$LE_WORKING_DIR/$envfile" "$LE_WORKING_DIR/$PROJECT_ENTRY.env"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6659 break
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6660 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6661 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6662 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6663 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6664
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6665 _info "Installing to $LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6666
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6667 if [ ! -d "$LE_WORKING_DIR" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6668 if ! mkdir -p "$LE_WORKING_DIR"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6669 _err "Cannot create working dir: $LE_WORKING_DIR"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6670 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6671 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6672
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6673 chmod 700 "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6674 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6675
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6676 if [ ! -d "$LE_CONFIG_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6677 if ! mkdir -p "$LE_CONFIG_HOME"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6678 _err "Cannot create config dir: $LE_CONFIG_HOME"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6679 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6680 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6681
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6682 chmod 700 "$LE_CONFIG_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6683 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6684
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6685 cp "$PROJECT_ENTRY" "$LE_WORKING_DIR/" && chmod +x "$LE_WORKING_DIR/$PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6686
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6687 if [ "$?" != "0" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6688 _err "Installation failed, cannot copy $PROJECT_ENTRY"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6689 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6690 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6691
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6692 _info "Installed to $LE_WORKING_DIR/$PROJECT_ENTRY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6693
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6694 if [ "$_ACME_IN_CRON" != "1" ] && [ -z "$_noprofile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6695 _installalias "$_c_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6696 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6697
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6698 for subf in $_SUB_FOLDERS; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6699 if [ -d "$subf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6700 mkdir -p "$LE_WORKING_DIR/$subf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6701 cp "$subf"/* "$LE_WORKING_DIR"/"$subf"/
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6702 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6703 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6704
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6705 if [ ! -f "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6706 _initconf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6707 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6708
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6709 if [ "$_DEFAULT_ACCOUNT_CONF_PATH" != "$ACCOUNT_CONF_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6710 _setopt "$_DEFAULT_ACCOUNT_CONF_PATH" "ACCOUNT_CONF_PATH" "=" "\"$ACCOUNT_CONF_PATH\""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6711 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6712
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6713 if [ "$_DEFAULT_CERT_HOME" != "$CERT_HOME" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6714 _saveaccountconf "CERT_HOME" "$CERT_HOME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6715 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6716
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6717 if [ "$_DEFAULT_ACCOUNT_KEY_PATH" != "$ACCOUNT_KEY_PATH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6718 _saveaccountconf "ACCOUNT_KEY_PATH" "$ACCOUNT_KEY_PATH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6719 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6720
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6721 if [ -z "$_nocron" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6722 installcronjob "$_c_home"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6723 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6724
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6725 if [ -z "$NO_DETECT_SH" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6726 #Modify shebang
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6727 if _exists bash; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6728 _bash_path="$(bash -c "command -v bash 2>/dev/null")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6729 if [ -z "$_bash_path" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6730 _bash_path="$(bash -c 'echo $SHELL')"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6731 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6732 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6733 if [ "$_bash_path" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6734 _info "bash has been found. Changing the shebang to use bash as preferred."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6735 _shebang='#!'"$_bash_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6736 _setShebang "$LE_WORKING_DIR/$PROJECT_ENTRY" "$_shebang"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6737 for subf in $_SUB_FOLDERS; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6738 if [ -d "$LE_WORKING_DIR/$subf" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6739 for _apifile in "$LE_WORKING_DIR/$subf/"*.sh; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6740 _setShebang "$_apifile" "$_shebang"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6741 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6742 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6743 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6744 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6745 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6746
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6747 if [ "$_accountemail" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6748 _saveaccountconf "ACCOUNT_EMAIL" "$_accountemail"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6749 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6750 _saveaccountconf "UPGRADE_HASH" "$(_getUpgradeHash)"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6751 _info OK
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6752 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6753
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6754 # nocron
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6755 uninstall() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6756 _nocron="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6757 if [ -z "$_nocron" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6758 uninstallcronjob
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6759 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6760 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6761
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6762 _uninstallalias
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6763
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6764 rm -f "$LE_WORKING_DIR/$PROJECT_ENTRY"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6765 _info "The keys and certs are in \"$(__green "$LE_CONFIG_HOME")\". You can remove them by yourself."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6766
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6767 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6768
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6769 _uninstallalias() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6770 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6771
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6772 _profile="$(_detect_profile)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6773 if [ "$_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6774 _info "Uninstalling alias from: '$_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6775 text="$(cat "$_profile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6776 echo "$text" | sed "s|^.*\"$LE_WORKING_DIR/$PROJECT_NAME.env\"$||" >"$_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6777 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6778
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6779 _csh_profile="$HOME/.cshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6780 if [ -f "$_csh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6781 _info "Uninstalling alias from: '$_csh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6782 text="$(cat "$_csh_profile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6783 echo "$text" | sed "s|^.*\"$LE_WORKING_DIR/$PROJECT_NAME.csh\"$||" >"$_csh_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6784 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6785
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6786 _tcsh_profile="$HOME/.tcshrc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6787 if [ -f "$_tcsh_profile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6788 _info "Uninstalling alias from: '$_csh_profile'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6789 text="$(cat "$_tcsh_profile")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6790 echo "$text" | sed "s|^.*\"$LE_WORKING_DIR/$PROJECT_NAME.csh\"$||" >"$_tcsh_profile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6791 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6792
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6793 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6794
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6795 cron() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6796 export _ACME_IN_CRON=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6797 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6798 _info "$(__green "===Starting cron===")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6799 if [ "$AUTO_UPGRADE" = "1" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6800 export LE_WORKING_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6801 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6802 if ! upgrade; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6803 _err "Cron: Upgrade failed!"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6804 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6805 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6806 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6807 . "$LE_WORKING_DIR/$PROJECT_ENTRY" >/dev/null
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6808
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6809 if [ -t 1 ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6810 __INTERACTIVE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6811 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6812
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6813 _info "Automatically upgraded to: $VER"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6814 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6815 renewAll
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6816 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6817 _ACME_IN_CRON=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6818 _info "$(__green "===End cron===")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6819 exit $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6820 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6821
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6822 version() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6823 echo "$PROJECT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6824 echo "v$VER"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6825 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6826
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6827 # subject content hooks code
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6828 _send_notify() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6829 _nsubject="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6830 _ncontent="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6831 _nhooks="$3"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6832 _nerror="$4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6833
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6834 if [ "$NOTIFY_LEVEL" = "$NOTIFY_LEVEL_DISABLE" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6835 _debug "The NOTIFY_LEVEL is $NOTIFY_LEVEL, which means it's disabled, so will just return."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6836 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6837 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6838
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6839 if [ -z "$_nhooks" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6840 _debug "The NOTIFY_HOOK is empty, will just return."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6841 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6842 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6843
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6844 _nsource="$NOTIFY_SOURCE"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6845 if [ -z "$_nsource" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6846 _nsource="$(uname -n)"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6847 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6848
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6849 _nsubject="$_nsubject by $_nsource"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6850
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6851 _send_err=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6852 for _n_hook in $(echo "$_nhooks" | tr ',' " "); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6853 _n_hook_file="$(_findHook "" $_SUB_FOLDER_NOTIFY "$_n_hook")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6854 _info "Sending via: $_n_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6855 _debug "Found $_n_hook_file for $_n_hook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6856 if [ -z "$_n_hook_file" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6857 _err "Cannot find the hook file for $_n_hook"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6858 continue
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6859 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6860 if ! (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6861 if ! . "$_n_hook_file"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6862 _err "Error loading file $_n_hook_file. Please check your API file and try again."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6863 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6864 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6865
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6866 d_command="${_n_hook}_send"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6867 if ! _exists "$d_command"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6868 _err "It seems that your API file is not correct. Make sure it has a function named: $d_command"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6869 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6870 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6871
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6872 if ! $d_command "$_nsubject" "$_ncontent" "$_nerror"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6873 _err "Error sending message using $d_command"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6874 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6875 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6876
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6877 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6878 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6879 _err "Error setting $_n_hook_file."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6880 _send_err=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6881 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6882 _info "$_n_hook $(__green Success)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6883 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6884 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6885 return $_send_err
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6886
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6887 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6888
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6889 # hook
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6890 _set_notify_hook() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6891 _nhooks="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6892
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6893 _test_subject="Hello, this is a notification from $PROJECT_NAME"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6894 _test_content="If you receive this message, your notification works."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6895
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6896 _send_notify "$_test_subject" "$_test_content" "$_nhooks" 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6897
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6898 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6899
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6900 #[hook] [level] [mode]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6901 setnotify() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6902 _nhook="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6903 _nlevel="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6904 _nmode="$3"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6905 _nsource="$4"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6906
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6907 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6908
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6909 if [ -z "$_nhook$_nlevel$_nmode$_nsource" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6910 _usage "Usage: $PROJECT_ENTRY --set-notify [--notify-hook <hookname>] [--notify-level <0|1|2|3>] [--notify-mode <0|1>] [--notify-source <hostname>]"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6911 _usage "$_NOTIFY_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6912 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6913 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6914
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6915 if [ "$_nlevel" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6916 _info "Set notify level to: $_nlevel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6917 export "NOTIFY_LEVEL=$_nlevel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6918 _saveaccountconf "NOTIFY_LEVEL" "$NOTIFY_LEVEL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6919 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6920
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6921 if [ "$_nmode" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6922 _info "Set notify mode to: $_nmode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6923 export "NOTIFY_MODE=$_nmode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6924 _saveaccountconf "NOTIFY_MODE" "$NOTIFY_MODE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6925 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6926
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6927 if [ "$_nsource" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6928 _info "Set notify source to: $_nsource"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6929 export "NOTIFY_SOURCE=$_nsource"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6930 _saveaccountconf "NOTIFY_SOURCE" "$NOTIFY_SOURCE"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6931 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6932
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6933 if [ "$_nhook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6934 _info "Set notify hook to: $_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6935 if [ "$_nhook" = "$NO_VALUE" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6936 _info "Clearing notify hook"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6937 _clearaccountconf "NOTIFY_HOOK"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6938 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6939 if _set_notify_hook "$_nhook"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6940 export NOTIFY_HOOK="$_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6941 _saveaccountconf "NOTIFY_HOOK" "$NOTIFY_HOOK"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6942 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6943 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6944 _err "Cannot set notify hook to: $_nhook"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6945 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6946 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6947 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6948 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6949
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6950 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6951
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6952 showhelp() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6953 _initpath
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6954 version
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6955 echo "Usage: $PROJECT_ENTRY <command> ... [parameters ...]
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6956 Commands:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6957 -h, --help Show this help message.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6958 -v, --version Show version info.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6959 --install Install $PROJECT_NAME to your system.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6960 --uninstall Uninstall $PROJECT_NAME, and uninstall the cron job.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6961 --upgrade Upgrade $PROJECT_NAME to the latest code from $PROJECT.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6962 --issue Issue a cert.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6963 --deploy Deploy the cert to your server.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6964 -i, --install-cert Install the issued cert to Apache/nginx or any other server.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6965 -r, --renew Renew a cert.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6966 --renew-all Renew all the certs.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6967 --revoke Revoke a cert.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6968 --remove Remove the cert from list of certs known to $PROJECT_NAME.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6969 --list List all the certs.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6970 --info Show the $PROJECT_NAME configs, or the configs for a domain with [-d domain] parameter.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6971 --to-pkcs12 Export the certificate and key to a pfx file.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6972 --to-pkcs8 Convert to pkcs8 format.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6973 --sign-csr Issue a cert from an existing csr.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6974 --show-csr Show the content of a csr.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6975 -ccr, --create-csr Create CSR, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6976 --create-domain-key Create an domain private key, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6977 --update-account Update account info.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6978 --register-account Register account key.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6979 --deactivate-account Deactivate the account.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6980 --create-account-key Create an account private key, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6981 --install-cronjob Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6982 --uninstall-cronjob Uninstall the cron job. The 'uninstall' command can do this automatically.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6983 --cron Run cron job to renew all the certs.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6984 --set-notify Set the cron notification hook, level or mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6985 --deactivate Deactivate the domain authz, professional use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6986 --set-default-ca Used with '--server', Set the default CA to use.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6987 See: $_SERVER_WIKI
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6988 --set-default-chain Set the default preferred chain for a CA.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6989 See: $_PREFERRED_CHAIN_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6990
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6991
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6992 Parameters:
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6993 -d, --domain <domain.tld> Specifies a domain, used to issue, renew or revoke etc.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6994 --challenge-alias <domain.tld> The challenge domain alias for DNS alias mode.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6995 See: $_DNS_ALIAS_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6996
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
6997 --domain-alias <domain.tld> The domain alias for DNS alias mode.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6998 See: $_DNS_ALIAS_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
6999
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7000 --preferred-chain <chain> If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7001 If no match, the default offered chain will be used. (default: empty)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7002 See: $_PREFERRED_CHAIN_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7003
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7004 --valid-to <date-time> Request the NotAfter field of the cert.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7005 See: $_VALIDITY_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7006 --valid-from <date-time> Request the NotBefore field of the cert.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7007 See: $_VALIDITY_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7008
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7009 -f, --force Force install, force cert renewal or override sudo restrictions.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7010 --staging, --test Use staging server, for testing.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7011 --debug [0|1|2|3] Output debug info. Defaults to $DEBUG_LEVEL_DEFAULT if argument is omitted.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7012 --output-insecure Output all the sensitive messages.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7013 By default all the credentials/sensitive messages are hidden from the output/debug/log for security.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7014 -w, --webroot <directory> Specifies the web root folder for web root mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7015 --standalone Use standalone mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7016 --alpn Use standalone alpn mode.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7017 --stateless Use stateless mode.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7018 See: $_STATELESS_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7019
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7020 --apache Use Apache mode.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7021 --dns [dns_hook] Use dns manual mode or dns api. Defaults to manual mode when argument is omitted.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7022 See: $_DNS_API_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7023
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7024 --dnssleep <seconds> The time in seconds to wait for all the txt records to propagate in dns api mode.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7025 It's not necessary to use this by default, $PROJECT_NAME polls dns status by DOH automatically.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7026 -k, --keylength <bits> Specifies the domain key length: 2048, 3072, 4096, 8192 or ec-256, ec-384, ec-521.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7027 -ak, --accountkeylength <bits> Specifies the account key length: 2048, 3072, 4096
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7028 --log [file] Specifies the log file. Defaults to \"$DEFAULT_LOG_FILE\" if argument is omitted.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7029 --log-level <1|2> Specifies the log level, default is $DEFAULT_LOG_LEVEL.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7030 --syslog <0|3|6|7> Syslog level, 0: disable syslog, 3: error, 6: info, 7: debug.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7031 --eab-kid <eab_key_id> Key Identifier for External Account Binding.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7032 --eab-hmac-key <eab_hmac_key> HMAC key for External Account Binding.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7033
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7034
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7035 These parameters are to install the cert to nginx/Apache or any other server after issue/renew a cert:
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7036
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7037 --cert-file <file> Path to copy the cert file to after issue/renew.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7038 --key-file <file> Path to copy the key file to after issue/renew.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7039 --ca-file <file> Path to copy the intermediate cert file to after issue/renew.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7040 --fullchain-file <file> Path to copy the fullchain cert file to after issue/renew.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7041 --reloadcmd <command> Command to execute after issue/renew to reload the server.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7042
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7043 --server <server_uri> ACME Directory Resource URI. (default: $DEFAULT_CA)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7044 See: $_SERVER_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7045
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7046 --accountconf <file> Specifies a customized account config file.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7047 --home <directory> Specifies the home dir for $PROJECT_NAME.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7048 --cert-home <directory> Specifies the home dir to save all the certs.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7049 --config-home <directory> Specifies the home dir to save all the configurations.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7050 --useragent <string> Specifies the user agent string. it will be saved for future use too.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7051 -m, --email <email> Specifies the account email, only valid for the '--install' and '--update-account' command.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7052 --accountkey <file> Specifies the account key path, only valid for the '--install' command.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7053 --days <ndays> Specifies the days to renew the cert when using '--issue' command. The default value is $DEFAULT_RENEW days.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7054 --httpport <port> Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7055 --tlsport <port> Specifies the standalone tls listening port. Only valid if the server is behind a reverse proxy or load balancer.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7056 --local-address <ip> Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7057 --listraw Only used for '--list' command, list the certs in raw format.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7058 -se, --stop-renew-on-error Only valid for '--renew-all' command. Stop if one cert has error in renewal.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7059 --insecure Do not check the server certificate, in some devices, the api server's certificate may not be trusted.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7060 --ca-bundle <file> Specifies the path to the CA certificate bundle to verify api server's certificate.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7061 --ca-path <directory> Specifies directory containing CA certificates in PEM format, used by wget or curl.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7062 --no-cron Only valid for '--install' command, which means: do not install the default cron job.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7063 In this case, the certs will not be renewed automatically.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7064 --no-profile Only valid for '--install' command, which means: do not install aliases to user profile.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7065 --no-color Do not output color text.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7066 --force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7067 --ecc Specifies use of the ECC cert. Only valid for '--install-cert', '--renew', '--remove ', '--revoke',
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7068 '--deploy', '--to-pkcs8', '--to-pkcs12' and '--create-csr'.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7069 --csr <file> Specifies the input csr.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7070 --pre-hook <command> Command to be run before obtaining any certificates.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7071 --post-hook <command> Command to be run after attempting to obtain/renew certificates. Runs regardless of whether obtain/renew succeeded or failed.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7072 --renew-hook <command> Command to be run after each successfully renewed certificate.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7073 --deploy-hook <hookname> The hook file to deploy cert
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7074 --extended-key-usage <string> Manually define the CSR extended key usage value. The default is serverAuth,clientAuth.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7075 --ocsp, --ocsp-must-staple Generate OCSP-Must-Staple extension.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7076 --always-force-new-domain-key Generate new domain key on renewal. Otherwise, the domain key is not changed by default.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7077 --auto-upgrade [0|1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future. Defaults to 1 if argument is omitted.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7078 --listen-v4 Force standalone/tls server to listen at ipv4.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7079 --listen-v6 Force standalone/tls server to listen at ipv6.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7080 --openssl-bin <file> Specifies a custom openssl bin location.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7081 --use-wget Force to use wget, if you have both curl and wget installed.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7082 --yes-I-know-dns-manual-mode-enough-go-ahead-please Force use of dns manual mode.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7083 See: $_DNS_MANUAL_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7084
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7085 -b, --branch <branch> Only valid for '--upgrade' command, specifies the branch name to upgrade to.
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7086 --notify-level <0|1|2|3> Set the notification level: Default value is $NOTIFY_LEVEL_DEFAULT.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7087 0: disabled, no notification will be sent.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7088 1: send notifications only when there is an error.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7089 2: send notifications when a cert is successfully renewed, or there is an error.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7090 3: send notifications when a cert is skipped, renewed, or error.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7091 --notify-mode <0|1> Set notification mode. Default value is $NOTIFY_MODE_DEFAULT.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7092 0: Bulk mode. Send all the domain's notifications in one message(mail).
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7093 1: Cert mode. Send a message for every single cert.
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7094 --notify-hook <hookname> Set the notify hook
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7095 --notify-source <server name> Set the server name in the notification message
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7096 --revoke-reason <0-10> The reason for revocation, can be used in conjunction with the '--revoke' command.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7097 See: $_REVOKE_WIKI
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7098
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7099 --password <password> Add a password to exported pfx file. Use with --to-pkcs12.
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7100
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7101
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7102 "
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7103 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7104
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7105 installOnline() {
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7106 _info "Installing from online archive."
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7107
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7108 _branch="$BRANCH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7109 if [ -z "$_branch" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7110 _branch="master"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7111 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7112
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7113 target="$PROJECT/archive/$_branch.tar.gz"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7114 _info "Downloading $target"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7115 localname="$_branch.tar.gz"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7116 if ! _get "$target" >$localname; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7117 _err "Download error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7118 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7119 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7120 (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7121 _info "Extracting $localname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7122 if ! (tar xzf $localname || gtar xzf $localname); then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7123 _err "Extraction error."
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7124 exit 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7125 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7126
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7127 cd "$PROJECT_NAME-$_branch"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7128 chmod +x $PROJECT_ENTRY
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7129 if ./$PROJECT_ENTRY --install "$@"; then
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7130 _info "Install success!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7131 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7132
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7133 cd ..
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7134
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7135 rm -rf "$PROJECT_NAME-$_branch"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7136 rm -f "$localname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7137 )
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7138 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7139
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7140 _getRepoHash() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7141 _hash_path=$1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7142 shift
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7143 _hash_url="${PROJECT_API:-https://api.github.com/repos/acmesh-official}/$PROJECT_NAME/git/refs/$_hash_path"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7144 _get "$_hash_url" "" 30 | tr -d "\r\n" | tr '{},' '\n\n\n' | grep '"sha":' | cut -d '"' -f 4
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7145 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7146
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7147 _getUpgradeHash() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7148 _b="$BRANCH"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7149 if [ -z "$_b" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7150 _b="master"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7151 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7152 _hash=$(_getRepoHash "heads/$_b")
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7153 if [ -z "$_hash" ]; then _hash=$(_getRepoHash "tags/$_b"); fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7154 echo $_hash
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7155 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7156
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7157 upgrade() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7158 if (
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7159 _initpath
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7160 [ -z "$FORCE" ] && [ "$(_getUpgradeHash)" = "$(_readaccountconf "UPGRADE_HASH")" ] && _info "Already up to date!" && exit 0
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7161 export LE_WORKING_DIR
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7162 cd "$LE_WORKING_DIR"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7163 installOnline "--nocron" "--noprofile"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7164 ); then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7165 _info "Upgrade successful!"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7166 exit 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7167 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7168 _err "Upgrade failed!"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7169 exit 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7170 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7171 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7172
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7173 _processAccountConf() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7174 if [ "$_useragent" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7175 _saveaccountconf "USER_AGENT" "$_useragent"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7176 elif [ "$USER_AGENT" ] && [ "$USER_AGENT" != "$DEFAULT_USER_AGENT" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7177 _saveaccountconf "USER_AGENT" "$USER_AGENT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7178 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7179
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7180 if [ "$_openssl_bin" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7181 _saveaccountconf "ACME_OPENSSL_BIN" "$_openssl_bin"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7182 elif [ "$ACME_OPENSSL_BIN" ] && [ "$ACME_OPENSSL_BIN" != "$DEFAULT_OPENSSL_BIN" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7183 _saveaccountconf "ACME_OPENSSL_BIN" "$ACME_OPENSSL_BIN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7184 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7185
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7186 if [ "$_auto_upgrade" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7187 _saveaccountconf "AUTO_UPGRADE" "$_auto_upgrade"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7188 elif [ "$AUTO_UPGRADE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7189 _saveaccountconf "AUTO_UPGRADE" "$AUTO_UPGRADE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7190 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7191
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7192 if [ "$_use_wget" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7193 _saveaccountconf "ACME_USE_WGET" "$_use_wget"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7194 elif [ "$ACME_USE_WGET" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7195 _saveaccountconf "ACME_USE_WGET" "$ACME_USE_WGET"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7196 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7197
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7198 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7199
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7200 _checkSudo() {
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7201 if [ -z "$__INTERACTIVE" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7202 #don't check if it's not in an interactive shell
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7203 return 0
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7204 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7205 if [ "$SUDO_GID" ] && [ "$SUDO_COMMAND" ] && [ "$SUDO_USER" ] && [ "$SUDO_UID" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7206 if [ "$SUDO_USER" = "root" ] && [ "$SUDO_UID" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7207 #it's root using sudo, no matter it's using sudo or not, just fine
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7208 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7209 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7210 if [ -n "$SUDO_COMMAND" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7211 #it's a normal user doing "sudo su", or `sudo -i` or `sudo -s`, or `sudo su acmeuser1`
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7212 _endswith "$SUDO_COMMAND" /bin/su || _contains "$SUDO_COMMAND" "/bin/su " || grep "^$SUDO_COMMAND\$" /etc/shells >/dev/null 2>&1
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7213 return $?
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7214 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7215 #otherwise
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7216 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7217 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7218 return 0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7219 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7220
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7221 #server #keylength
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7222 _selectServer() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7223 _server="$1"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7224 _skeylength="$2"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7225 _server_lower="$(echo "$_server" | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7226 _sindex=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7227 for snames in $CA_NAMES; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7228 snames="$(echo "$snames" | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7229 _sindex="$(_math $_sindex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7230 _debug2 "_selectServer try snames" "$snames"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7231 for sname in $(echo "$snames" | tr ',' ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7232 if [ "$_server_lower" = "$sname" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7233 _debug2 "_selectServer match $sname"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7234 _serverdir="$(_getfield "$CA_SERVERS" $_sindex)"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7235 if [ "$_serverdir" = "$CA_SSLCOM_RSA" ] && _isEccKey "$_skeylength"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7236 _serverdir="$CA_SSLCOM_ECC"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7237 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7238 _debug "Selected server: $_serverdir"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7239 ACME_DIRECTORY="$_serverdir"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7240 export ACME_DIRECTORY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7241 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7242 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7243 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7244 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7245 ACME_DIRECTORY="$_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7246 export ACME_DIRECTORY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7247 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7248
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7249 #url
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7250 _getCAShortName() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7251 caurl="$1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7252 if [ -z "$caurl" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7253 #use letsencrypt as default value if the Le_API is empty
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7254 #this case can only come from the old upgrading.
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7255 caurl="$CA_LETSENCRYPT_V2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7256 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7257 if [ "$CA_SSLCOM_ECC" = "$caurl" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7258 caurl="$CA_SSLCOM_RSA" #just hack to get the short name
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7259 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7260 caurl_lower="$(echo $caurl | _lower_case)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7261 _sindex=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7262 for surl in $(echo "$CA_SERVERS" | _lower_case | tr , ' '); do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7263 _sindex="$(_math $_sindex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7264 if [ "$caurl_lower" = "$surl" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7265 _nindex=0
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7266 for snames in $CA_NAMES; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7267 _nindex="$(_math $_nindex + 1)"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7268 if [ $_nindex -ge $_sindex ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7269 _getfield "$snames" 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7270 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7271 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7272 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7273 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7274 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7275 echo "$caurl"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7276 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7277
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7278 #set default ca to $ACME_DIRECTORY
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7279 setdefaultca() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7280 if [ -z "$ACME_DIRECTORY" ]; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7281 _err "Please provide a --server parameter."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7282 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7283 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7284 _saveaccountconf "DEFAULT_ACME_SERVER" "$ACME_DIRECTORY"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7285 _info "Changed default CA to: $(__green "$ACME_DIRECTORY")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7286 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7287
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7288 #preferred-chain
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7289 setdefaultchain() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7290 _initpath
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7291 _preferred_chain="$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7292 if [ -z "$_preferred_chain" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7293 _err "Please provide a value for '--preferred-chain'."
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7294 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7295 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7296 mkdir -p "$CA_DIR"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7297 _savecaconf "DEFAULT_PREFERRED_CHAIN" "$_preferred_chain"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7298 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7299
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7300 #domain ecc
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7301 info() {
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7302 _domain="$1"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7303 _ecc="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7304 _initpath
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7305 if [ -z "$_domain" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7306 _debug "Show global configs"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7307 echo "LE_WORKING_DIR=$LE_WORKING_DIR"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7308 echo "LE_CONFIG_HOME=$LE_CONFIG_HOME"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7309 cat "$ACCOUNT_CONF_PATH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7310 else
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7311 _debug "Show domain configs"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7312 (
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7313 _initpath "$_domain" "$_ecc"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7314 echo "DOMAIN_CONF=$DOMAIN_CONF"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7315 for seg in $(cat $DOMAIN_CONF | cut -d = -f 1); do
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7316 echo "$seg=$(_readdomainconf "$seg")"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7317 done
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7318 )
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7319 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7320 }
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7321
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7322 _process() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7323 _CMD=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7324 _domain=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7325 _altdomains="$NO_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7326 _webroot=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7327 _challenge_alias=""
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7328 _keylength="$DEFAULT_DOMAIN_KEY_LENGTH"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7329 _accountkeylength="$DEFAULT_ACCOUNT_KEY_LENGTH"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7330 _cert_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7331 _key_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7332 _ca_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7333 _fullchain_file=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7334 _reloadcmd=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7335 _password=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7336 _accountconf=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7337 _useragent=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7338 _accountemail=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7339 _accountkey=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7340 _certhome=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7341 _confighome=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7342 _httpport=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7343 _tlsport=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7344 _dnssleep=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7345 _listraw=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7346 _stopRenewOnError=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7347 #_insecure=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7348 _ca_bundle=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7349 _ca_path=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7350 _nocron=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7351 _noprofile=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7352 _ecc=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7353 _csr=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7354 _pre_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7355 _post_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7356 _renew_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7357 _deploy_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7358 _logfile=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7359 _log=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7360 _local_address=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7361 _log_level=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7362 _auto_upgrade=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7363 _listen_v4=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7364 _listen_v6=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7365 _openssl_bin=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7366 _syslog=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7367 _use_wget=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7368 _server=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7369 _notify_hook=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7370 _notify_level=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7371 _notify_mode=""
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7372 _notify_source=""
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7373 _revoke_reason=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7374 _eab_kid=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7375 _eab_hmac_key=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7376 _preferred_chain=""
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7377 _valid_from=""
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7378 _valid_to=""
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7379 while [ ${#} -gt 0 ]; do
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7380 case "${1}" in
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7381
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7382 --help | -h)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7383 showhelp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7384 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7385 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7386 --version | -v)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7387 version
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7388 return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7389 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7390 --install)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7391 _CMD="install"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7392 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7393 --install-online)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7394 shift
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7395 installOnline "$@"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7396 return
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7397 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7398 --uninstall)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7399 _CMD="uninstall"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7400 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7401 --upgrade)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7402 _CMD="upgrade"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7403 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7404 --issue)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7405 _CMD="issue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7406 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7407 --deploy)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7408 _CMD="deploy"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7409 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7410 --sign-csr | --signcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7411 _CMD="signcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7412 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7413 --show-csr | --showcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7414 _CMD="showcsr"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7415 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7416 -i | --install-cert | --installcert)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7417 _CMD="installcert"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7418 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7419 --renew | -r)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7420 _CMD="renew"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7421 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7422 --renew-all | --renewAll | --renewall)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7423 _CMD="renewAll"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7424 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7425 --revoke)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7426 _CMD="revoke"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7427 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7428 --remove)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7429 _CMD="remove"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7430 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7431 --list)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7432 _CMD="list"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7433 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7434 --info)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7435 _CMD="info"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7436 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7437 --install-cronjob | --installcronjob)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7438 _CMD="installcronjob"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7439 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7440 --uninstall-cronjob | --uninstallcronjob)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7441 _CMD="uninstallcronjob"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7442 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7443 --cron)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7444 _CMD="cron"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7445 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7446 --to-pkcs12 | --to-pkcs | --toPkcs)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7447 _CMD="toPkcs"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7448 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7449 --to-pkcs8 | --toPkcs8)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7450 _CMD="toPkcs8"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7451 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7452 --create-account-key | --createAccountKey | --createaccountkey | -cak)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7453 _CMD="createAccountKey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7454 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7455 --create-domain-key | --createDomainKey | --createdomainkey | -cdk)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7456 _CMD="createDomainKey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7457 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7458 -ccr | --create-csr | --createCSR | --createcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7459 _CMD="createCSR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7460 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7461 --deactivate)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7462 _CMD="deactivate"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7463 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7464 --update-account | --updateaccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7465 _CMD="updateaccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7466 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7467 --register-account | --registeraccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7468 _CMD="registeraccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7469 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7470 --deactivate-account)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7471 _CMD="deactivateaccount"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7472 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7473 --set-notify)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7474 _CMD="setnotify"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7475 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7476 --set-default-ca)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7477 _CMD="setdefaultca"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7478 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7479 --set-default-chain)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7480 _CMD="setdefaultchain"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7481 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7482 -d | --domain)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7483 _dvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7484
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7485 if [ "$_dvalue" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7486 if _startswith "$_dvalue" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7487 _err "'$_dvalue' is not a valid domain for parameter '$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7488 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7489 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7490 if _is_idn "$_dvalue" && ! _exists idn; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7491 _err "It seems that $_dvalue is an IDN (Internationalized Domain Names), please install the 'idn' command first."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7492 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7493 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7494
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7495 if [ -z "$_domain" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7496 _domain="$_dvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7497 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7498 if [ "$_altdomains" = "$NO_VALUE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7499 _altdomains="$_dvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7500 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7501 _altdomains="$_altdomains,$_dvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7502 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7503 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7504 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7505
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7506 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7507 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7508
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7509 -f | --force)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7510 FORCE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7511 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7512 --staging | --test)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7513 STAGE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7514 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7515 --server)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7516 _server="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7517 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7518 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7519 --debug)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7520 if [ -z "$2" ] || _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7521 DEBUG="$DEBUG_LEVEL_DEFAULT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7522 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7523 DEBUG="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7524 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7525 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7526 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7527 --output-insecure)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7528 export OUTPUT_INSECURE=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7529 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7530 -w | --webroot)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7531 wvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7532 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7533 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7534 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7535 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7536 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7537 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7538 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7539 --challenge-alias)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7540 cvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7541 _challenge_alias="$_challenge_alias$cvalue,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7542 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7543 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7544 --domain-alias)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7545 cvalue="$DNS_ALIAS_PREFIX$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7546 _challenge_alias="$_challenge_alias$cvalue,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7547 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7548 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7549 --standalone)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7550 wvalue="$NO_VALUE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7551 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7552 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7553 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7554 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7555 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7556 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7557 --alpn)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7558 wvalue="$W_ALPN"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7559 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7560 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7561 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7562 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7563 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7564 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7565 --stateless)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7566 wvalue="$MODE_STATELESS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7567 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7568 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7569 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7570 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7571 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7572 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7573 --local-address)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7574 lvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7575 _local_address="$_local_address$lvalue,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7576 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7577 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7578 --apache)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7579 wvalue="apache"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7580 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7581 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7582 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7583 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7584 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7585 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7586 --nginx)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7587 wvalue="$NGINX"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7588 if [ "$2" ] && ! _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7589 wvalue="$NGINX$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7590 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7591 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7592 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7593 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7594 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7595 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7596 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7597 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7598 --dns)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7599 wvalue="$W_DNS"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7600 if [ "$2" ] && ! _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7601 wvalue="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7602 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7603 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7604 if [ -z "$_webroot" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7605 _webroot="$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7606 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7607 _webroot="$_webroot,$wvalue"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7608 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7609 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7610 --dnssleep)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7611 _dnssleep="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7612 Le_DNSSleep="$_dnssleep"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7613 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7614 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7615 --keylength | -k)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7616 _keylength="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7617 shift
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7618 if [ "$_keylength" ] && ! _isEccKey "$_keylength"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7619 export __SELECTED_RSA_KEY=1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7620 fi
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7621 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7622 -ak | --accountkeylength)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7623 _accountkeylength="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7624 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7625 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7626 --cert-file | --certpath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7627 _cert_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7628 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7629 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7630 --key-file | --keypath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7631 _key_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7632 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7633 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7634 --ca-file | --capath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7635 _ca_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7636 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7637 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7638 --fullchain-file | --fullchainpath)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7639 _fullchain_file="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7640 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7641 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7642 --reloadcmd | --reloadCmd)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7643 _reloadcmd="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7644 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7645 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7646 --password)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7647 _password="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7648 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7649 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7650 --accountconf)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7651 _accountconf="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7652 ACCOUNT_CONF_PATH="$_accountconf"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7653 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7654 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7655 --home)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7656 export LE_WORKING_DIR="$(echo "$2" | sed 's|/$||')"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7657 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7658 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7659 --cert-home | --certhome)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7660 _certhome="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7661 export CERT_HOME="$_certhome"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7662 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7663 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7664 --config-home)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7665 _confighome="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7666 export LE_CONFIG_HOME="$_confighome"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7667 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7668 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7669 --useragent)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7670 _useragent="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7671 USER_AGENT="$_useragent"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7672 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7673 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7674 -m | --email | --accountemail)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7675 _accountemail="$2"
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7676 export ACCOUNT_EMAIL="$_accountemail"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7677 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7678 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7679 --accountkey)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7680 _accountkey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7681 ACCOUNT_KEY_PATH="$_accountkey"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7682 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7683 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7684 --days)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7685 _days="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7686 Le_RenewalDays="$_days"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7687 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7688 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7689 --valid-from)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7690 _valid_from="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7691 shift
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7692 ;;
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7693 --valid-to)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7694 _valid_to="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7695 shift
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7696 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7697 --httpport)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7698 _httpport="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7699 Le_HTTPPort="$_httpport"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7700 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7701 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7702 --tlsport)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7703 _tlsport="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7704 Le_TLSPort="$_tlsport"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7705 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7706 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7707 --listraw)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7708 _listraw="raw"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7709 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7710 -se | --stop-renew-on-error | --stopRenewOnError | --stoprenewonerror)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7711 _stopRenewOnError="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7712 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7713 --insecure)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7714 #_insecure="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7715 HTTPS_INSECURE="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7716 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7717 --ca-bundle)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7718 _ca_bundle="$(_readlink "$2")"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7719 CA_BUNDLE="$_ca_bundle"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7720 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7721 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7722 --ca-path)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7723 _ca_path="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7724 CA_PATH="$_ca_path"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7725 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7726 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7727 --no-cron | --nocron)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7728 _nocron="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7729 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7730 --no-profile | --noprofile)
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7731 _noprofile="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7732 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7733 --no-color)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7734 export ACME_NO_COLOR=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7735 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7736 --force-color)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7737 export ACME_FORCE_COLOR=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7738 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7739 --ecc)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7740 _ecc="isEcc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7741 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7742 --csr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7743 _csr="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7744 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7745 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7746 --pre-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7747 _pre_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7748 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7749 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7750 --post-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7751 _post_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7752 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7753 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7754 --renew-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7755 _renew_hook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7756 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7757 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7758 --deploy-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7759 if [ -z "$2" ] || _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7760 _usage "Please specify a value for '--deploy-hook'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7761 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7762 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7763 _deploy_hook="$_deploy_hook$2,"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7764 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7765 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7766 --extended-key-usage)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7767 Le_ExtKeyUse="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7768 shift
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7769 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7770 --ocsp-must-staple | --ocsp)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7771 Le_OCSP_Staple="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7772 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7773 --always-force-new-domain-key)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7774 if [ -z "$2" ] || _startswith "$2" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7775 Le_ForceNewDomainKey=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7776 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7777 Le_ForceNewDomainKey="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7778 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7779 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7780 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7781 --yes-I-know-dns-manual-mode-enough-go-ahead-please)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7782 export FORCE_DNS_MANUAL=1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7783 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7784 --log | --logfile)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7785 _log="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7786 _logfile="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7787 if _startswith "$_logfile" '-'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7788 _logfile=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7789 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7790 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7791 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7792 LOG_FILE="$_logfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7793 if [ -z "$LOG_LEVEL" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7794 LOG_LEVEL="$DEFAULT_LOG_LEVEL"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7795 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7796 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7797 --log-level)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7798 _log_level="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7799 LOG_LEVEL="$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7800 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7801 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7802 --syslog)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7803 if ! _startswith "$2" '-'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7804 _syslog="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7805 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7806 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7807 if [ -z "$_syslog" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7808 _syslog="$SYSLOG_LEVEL_DEFAULT"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7809 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7810 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7811 --auto-upgrade)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7812 _auto_upgrade="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7813 if [ -z "$_auto_upgrade" ] || _startswith "$_auto_upgrade" '-'; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7814 _auto_upgrade="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7815 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7816 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7817 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7818 AUTO_UPGRADE="$_auto_upgrade"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7819 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7820 --listen-v4)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7821 _listen_v4="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7822 Le_Listen_V4="$_listen_v4"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7823 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7824 --listen-v6)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7825 _listen_v6="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7826 Le_Listen_V6="$_listen_v6"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7827 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7828 --openssl-bin)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7829 _openssl_bin="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7830 ACME_OPENSSL_BIN="$_openssl_bin"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7831 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7832 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7833 --use-wget)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7834 _use_wget="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7835 ACME_USE_WGET="1"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7836 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7837 --branch | -b)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7838 export BRANCH="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7839 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7840 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7841 --notify-hook)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7842 _nhook="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7843 if _startswith "$_nhook" "-"; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7844 _err "'$_nhook' is not a hook name for '$1'"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7845 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7846 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7847 if [ "$_notify_hook" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7848 _notify_hook="$_notify_hook,$_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7849 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7850 _notify_hook="$_nhook"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7851 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7852 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7853 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7854 --notify-level)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7855 _nlevel="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7856 if _startswith "$_nlevel" "-"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7857 _err "'$_nlevel' is not an integer for '$1'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7858 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7859 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7860 _notify_level="$_nlevel"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7861 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7862 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7863 --notify-mode)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7864 _nmode="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7865 if _startswith "$_nmode" "-"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7866 _err "'$_nmode' is not an integer for '$1'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7867 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7868 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7869 _notify_mode="$_nmode"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7870 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7871 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7872 --notify-source)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7873 _nsource="$2"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7874 if _startswith "$_nsource" "-"; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7875 _err "'$_nsource' is not a valid host name for '$1'"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7876 return 1
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7877 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7878 _notify_source="$_nsource"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7879 shift
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7880 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7881 --revoke-reason)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7882 _revoke_reason="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7883 if _startswith "$_revoke_reason" "-"; then
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7884 _err "'$_revoke_reason' is not an integer for '$1'"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7885 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7886 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7887 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7888 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7889 --eab-kid)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7890 _eab_kid="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7891 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7892 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7893 --eab-hmac-key)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7894 _eab_hmac_key="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7895 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7896 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7897 --preferred-chain)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7898 _preferred_chain="$2"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7899 shift
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7900 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7901 *)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7902 _err "Unknown parameter: $1"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7903 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7904 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7905 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7906
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7907 shift 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7908 done
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7909
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7910 if [ "$_server" ]; then
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7911 _selectServer "$_server" "${_ecc:-$_keylength}"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7912 _server="$ACME_DIRECTORY"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7913 fi
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7914
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7915 if [ "${_CMD}" != "install" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7916 if [ "$__INTERACTIVE" ] && ! _checkSudo; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7917 if [ -z "$FORCE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7918 #Use "echo" here, instead of _info. it's too early
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7919 echo "It seems that you are using sudo, please read this page first:"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7920 echo "$_SUDO_WIKI"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7921 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7922 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7923 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7924 __initHome
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7925 if [ "$_log" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7926 if [ -z "$_logfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7927 _logfile="$DEFAULT_LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7928 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7929 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7930 if [ "$_logfile" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7931 _saveaccountconf "LOG_FILE" "$_logfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7932 LOG_FILE="$_logfile"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7933 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7934
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7935 if [ "$_log_level" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7936 _saveaccountconf "LOG_LEVEL" "$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7937 LOG_LEVEL="$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7938 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7939
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7940 if [ "$_syslog" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7941 if _exists logger; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7942 if [ "$_syslog" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7943 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7944 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7945 _saveaccountconf "SYS_LOG" "$_syslog"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7946 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7947 SYS_LOG="$_syslog"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7948 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7949 _err "The 'logger' command was not found, cannot enable syslog."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7950 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7951 SYS_LOG=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7952 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7953 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7954
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7955 _processAccountConf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7956 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7957
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7958 _debug2 LE_WORKING_DIR "$LE_WORKING_DIR"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7959
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7960 if [ "$DEBUG" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7961 version
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7962 if [ "$_server" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7963 _debug "Using server: $_server"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7964 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7965 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7966 _debug "Running cmd: ${_CMD}"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7967 case "${_CMD}" in
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7968 install) install "$_nocron" "$_confighome" "$_noprofile" "$_accountemail" ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7969 uninstall) uninstall "$_nocron" ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7970 upgrade) upgrade ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7971 issue)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7972 issue "$_webroot" "$_domain" "$_altdomains" "$_keylength" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address" "$_challenge_alias" "$_preferred_chain" "$_valid_from" "$_valid_to"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7973 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7974 deploy)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7975 deploy "$_domain" "$_deploy_hook" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7976 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7977 signcsr)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7978 signcsr "$_csr" "$_webroot" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address" "$_challenge_alias" "$_preferred_chain"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7979 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7980 showcsr)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7981 showcsr "$_csr" "$_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7982 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7983 installcert)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7984 installcert "$_domain" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7985 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7986 renew)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7987 renew "$_domain" "$_ecc" "$_server"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7988 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7989 renewAll)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
7990 renewAll "$_stopRenewOnError" "$_server"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7991 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7992 revoke)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7993 revoke "$_domain" "$_ecc" "$_revoke_reason"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7994 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7995 remove)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7996 remove "$_domain" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7997 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7998 deactivate)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
7999 deactivate "$_domain,$_altdomains"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8000 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8001 registeraccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8002 registeraccount "$_accountkeylength" "$_eab_kid" "$_eab_hmac_key"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8003 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8004 updateaccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8005 updateaccount
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8006 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8007 deactivateaccount)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8008 deactivateaccount
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8009 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8010 list)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8011 list "$_listraw" "$_domain"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8012 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8013 info)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8014 info "$_domain" "$_ecc"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8015 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8016 installcronjob) installcronjob "$_confighome" ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8017 uninstallcronjob) uninstallcronjob ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8018 cron) cron ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8019 toPkcs)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8020 toPkcs "$_domain" "$_password" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8021 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8022 toPkcs8)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8023 toPkcs8 "$_domain" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8024 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8025 createAccountKey)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8026 createAccountKey "$_accountkeylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8027 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8028 createDomainKey)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8029 createDomainKey "$_domain" "$_keylength"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8030 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8031 createCSR)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8032 createCSR "$_domain" "$_altdomains" "$_ecc"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8033 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8034 setnotify)
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8035 setnotify "$_notify_hook" "$_notify_level" "$_notify_mode" "$_notify_source"
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8036 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8037 setdefaultca)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8038 setdefaultca
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8039 ;;
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8040 setdefaultchain)
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8041 setdefaultchain "$_preferred_chain"
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8042 ;;
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8043 *)
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8044 if [ "$_CMD" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8045 _err "Invalid command: $_CMD"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8046 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8047 showhelp
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8048 return 1
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8049 ;;
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8050 esac
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8051 _ret="$?"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8052 if [ "$_ret" != "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8053 return $_ret
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8054 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8055
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8056 if [ "${_CMD}" = "install" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8057 if [ "$_log" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8058 if [ -z "$LOG_FILE" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8059 LOG_FILE="$DEFAULT_LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8060 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8061 _saveaccountconf "LOG_FILE" "$LOG_FILE"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8062 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8063
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8064 if [ "$_log_level" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8065 _saveaccountconf "LOG_LEVEL" "$_log_level"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8066 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8067
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8068 if [ "$_syslog" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8069 if _exists logger; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8070 if [ "$_syslog" = "0" ]; then
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8071 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8072 else
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8073 _saveaccountconf "SYS_LOG" "$_syslog"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8074 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8075 else
2015
61b0cc7db09c Manually specify letsencrypt server due to acme default server change (to zerossl)
Violet7
parents: 1630
diff changeset
8076 _err "The 'logger' command was not found, cannot enable syslog."
1630
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8077 _clearaccountconf "SYS_LOG"
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8078 SYS_LOG=""
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8079 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8080 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8081
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8082 _processAccountConf
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8083 fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8084
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8085 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8086
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8087 main() {
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8088 [ -z "$1" ] && showhelp && return
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8089 if _startswith "$1" '-'; then _process "$@"; else "$@"; fi
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8090 }
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8091
b735ed134662 add nginx and ssl for host
fffilimonov
parents:
diff changeset
8092 main "$@"