Merge branch 'master' into edgedns
This commit is contained in:
commit
a0bf29e600
27
.github/workflows/PebbleStrict.yml
vendored
Normal file
27
.github/workflows/PebbleStrict.yml
vendored
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
name: PebbleStrict
|
||||||
|
on: [push, pull_request]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
PebbleStrict:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
env:
|
||||||
|
TestingDomain: example.com
|
||||||
|
TestingAltDomains: www.example.com
|
||||||
|
ACME_DIRECTORY: https://localhost:14000/dir
|
||||||
|
HTTPS_INSECURE: 1
|
||||||
|
Le_HTTPPort: 5002
|
||||||
|
TEST_LOCAL: 1
|
||||||
|
TEST_CA: "Pebble Intermediate CA"
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v2
|
||||||
|
- name: Install tools
|
||||||
|
run: sudo apt-get install -y socat
|
||||||
|
- name: Run Pebble
|
||||||
|
run: cd .. && curl https://raw.githubusercontent.com/letsencrypt/pebble/master/docker-compose.yml >docker-compose.yml && docker-compose up -d
|
||||||
|
- name: Set up Pebble
|
||||||
|
run: curl --request POST --data '{"ip":"10.30.50.1"}' http://localhost:8055/set-default-ipv4
|
||||||
|
- name: Clone acmetest
|
||||||
|
run: cd .. && git clone https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/
|
||||||
|
- name: Run acmetest
|
||||||
|
run: cd ../acmetest && ./letest.sh
|
40
.github/workflows/dockerhub.yml
vendored
40
.github/workflows/dockerhub.yml
vendored
@ -2,15 +2,45 @@
|
|||||||
name: Build DockerHub
|
name: Build DockerHub
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: [ master, dev ]
|
branches:
|
||||||
|
- '*'
|
||||||
|
tags:
|
||||||
|
- '*'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: trigger
|
- name: checkout code
|
||||||
run: curl -X POST https://hub.docker.com/api/build/v1/source/1813a660-2ee5-4583-a238-dd54e9a6ebac/trigger/c8cd9f1f-f269-45bc-9750-a08327257f62/call/
|
uses: actions/checkout@v2
|
||||||
|
- name: install buildx
|
||||||
|
id: buildx
|
||||||
|
uses: crazy-max/ghaction-docker-buildx@v3
|
||||||
|
with:
|
||||||
|
buildx-version: latest
|
||||||
|
qemu-version: latest
|
||||||
|
- name: login to docker hub
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
|
||||||
|
- name: build and push the image
|
||||||
|
run: |
|
||||||
|
DOCKER_IMAGE=neilpang/acme.sh
|
||||||
|
|
||||||
|
if [[ $GITHUB_REF == refs/tags/* ]]; then
|
||||||
|
DOCKER_IMAGE_TAG=${GITHUB_REF#refs/tags/}
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ $GITHUB_REF == refs/heads/* ]]; then
|
||||||
|
DOCKER_IMAGE_TAG=${GITHUB_REF#refs/heads/}
|
||||||
|
|
||||||
|
if [[ $DOCKER_IMAGE_TAG == master ]]; then
|
||||||
|
DOCKER_IMAGE_TAG=latest
|
||||||
|
AUTO_UPGRADE=1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
docker buildx build \
|
||||||
|
--tag ${DOCKER_IMAGE}:${DOCKER_IMAGE_TAG} \
|
||||||
|
--output "type=image,push=true" \
|
||||||
|
--build-arg AUTO_UPGRADE=${AUTO_UPGRADE} \
|
||||||
|
--platform linux/arm64/v8,linux/amd64,linux/arm/v6,linux/arm/v7,linux/386 .
|
||||||
|
2
.github/workflows/shellcheck.yml
vendored
2
.github/workflows/shellcheck.yml
vendored
@ -1,4 +1,4 @@
|
|||||||
name: shellcheck
|
name: Shellcheck
|
||||||
on: [push, pull_request]
|
on: [push, pull_request]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
|
@ -15,7 +15,9 @@ RUN apk update -f \
|
|||||||
|
|
||||||
ENV LE_CONFIG_HOME /acme.sh
|
ENV LE_CONFIG_HOME /acme.sh
|
||||||
|
|
||||||
ENV AUTO_UPGRADE 1
|
ARG AUTO_UPGRADE=1
|
||||||
|
|
||||||
|
ENV AUTO_UPGRADE $AUTO_UPGRADE
|
||||||
|
|
||||||
#Install
|
#Install
|
||||||
ADD ./ /install_acme.sh/
|
ADD ./ /install_acme.sh/
|
||||||
|
@ -1,10 +1,15 @@
|
|||||||
# An ACME Shell script: acme.sh [![Build Status](https://travis-ci.org/acmesh-official/acme.sh.svg?branch=master)](https://travis-ci.org/acmesh-official/acme.sh)
|
# An ACME Shell script: acme.sh
|
||||||
|
[![Build Status](https://travis-ci.org/acmesh-official/acme.sh.svg?branch=master)](https://travis-ci.org/acmesh-official/acme.sh)
|
||||||
|
![shellcheck](https://github.com/acmesh-official/acme.sh/workflows/Shellcheck/badge.svg)
|
||||||
|
![shellcheck](https://github.com/acmesh-official/acme.sh/workflows/PebbleStrict/badge.svg)
|
||||||
|
![shellcheck](https://github.com/acmesh-official/acme.sh/workflows/Build%20DockerHub/badge.svg)
|
||||||
|
|
||||||
|
|
||||||
<a href="https://opencollective.com/acmesh" alt="Financial Contributors on Open Collective"><img src="https://opencollective.com/acmesh/all/badge.svg?label=financial+contributors" /></a>
|
<a href="https://opencollective.com/acmesh" alt="Financial Contributors on Open Collective"><img src="https://opencollective.com/acmesh/all/badge.svg?label=financial+contributors" /></a>
|
||||||
[![Join the chat at https://gitter.im/acme-sh/Lobby](https://badges.gitter.im/acme-sh/Lobby.svg)](https://gitter.im/acme-sh/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
[![Join the chat at https://gitter.im/acme-sh/Lobby](https://badges.gitter.im/acme-sh/Lobby.svg)](https://gitter.im/acme-sh/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
||||||
[![Docker stars](https://img.shields.io/docker/stars/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
|
[![Docker stars](https://img.shields.io/docker/stars/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
|
||||||
[![Docker pulls](https://img.shields.io/docker/pulls/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
|
[![Docker pulls](https://img.shields.io/docker/pulls/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
|
||||||
![shellcheck](https://github.com/acmesh-official/acme.sh/workflows/shellcheck/badge.svg)
|
|
||||||
|
|
||||||
acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
|
acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
|
||||||
|
|
||||||
|
241
acme.sh
241
acme.sh
@ -36,8 +36,8 @@ DEFAULT_CA=$CA_LETSENCRYPT_V2
|
|||||||
DEFAULT_STAGING_CA=$CA_LETSENCRYPT_V2_TEST
|
DEFAULT_STAGING_CA=$CA_LETSENCRYPT_V2_TEST
|
||||||
|
|
||||||
CA_NAMES="
|
CA_NAMES="
|
||||||
Letsencrypt.org,letsencrypt
|
LetsEncrypt.org,letsencrypt
|
||||||
Letsencrypt.org_test,letsencrypt_test,letsencrypttest
|
LetsEncrypt.org_test,letsencrypt_test,letsencrypttest
|
||||||
BuyPass.com,buypass
|
BuyPass.com,buypass
|
||||||
BuyPass.com_test,buypass_test,buypasstest
|
BuyPass.com_test,buypass_test,buypasstest
|
||||||
ZeroSSL.com,zerossl
|
ZeroSSL.com,zerossl
|
||||||
@ -1375,7 +1375,7 @@ toPkcs() {
|
|||||||
domain="$1"
|
domain="$1"
|
||||||
pfxPassword="$2"
|
pfxPassword="$2"
|
||||||
if [ -z "$domain" ]; then
|
if [ -z "$domain" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --toPkcs -d domain [--password pfx-password]"
|
_usage "Usage: $PROJECT_ENTRY --to-pkcs12 --domain <domain.tld> [--password <password>] [--ecc]"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -1396,7 +1396,7 @@ toPkcs8() {
|
|||||||
domain="$1"
|
domain="$1"
|
||||||
|
|
||||||
if [ -z "$domain" ]; then
|
if [ -z "$domain" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --toPkcs8 -d domain [--ecc]"
|
_usage "Usage: $PROJECT_ENTRY --to-pkcs8 --domain <domain.tld> [--ecc]"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -1416,7 +1416,7 @@ toPkcs8() {
|
|||||||
createAccountKey() {
|
createAccountKey() {
|
||||||
_info "Creating account key"
|
_info "Creating account key"
|
||||||
if [ -z "$1" ]; then
|
if [ -z "$1" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --createAccountKey --accountkeylength 2048"
|
_usage "Usage: $PROJECT_ENTRY --create-account-key [--accountkeylength <bits>]"
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -1459,7 +1459,7 @@ _create_account_key() {
|
|||||||
createDomainKey() {
|
createDomainKey() {
|
||||||
_info "Creating domain key"
|
_info "Creating domain key"
|
||||||
if [ -z "$1" ]; then
|
if [ -z "$1" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --createDomainKey -d domain.com [ --keylength 2048 ]"
|
_usage "Usage: $PROJECT_ENTRY --create-domain-key --domain <domain.tld> [--keylength <bits>]"
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -1499,7 +1499,7 @@ createDomainKey() {
|
|||||||
createCSR() {
|
createCSR() {
|
||||||
_info "Creating csr"
|
_info "Creating csr"
|
||||||
if [ -z "$1" ]; then
|
if [ -z "$1" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --createCSR -d domain1.com [-d domain2.com -d domain3.com ... ]"
|
_usage "Usage: $PROJECT_ENTRY --create-csr --domain <domain.tld> [--domain <domain2.tld> ...]"
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -2888,7 +2888,7 @@ Allow from all
|
|||||||
if _restoreApache; then
|
if _restoreApache; then
|
||||||
_err "The apache config file is restored."
|
_err "The apache config file is restored."
|
||||||
else
|
else
|
||||||
_err "Sorry, The apache config file can not be restored, please report bug."
|
_err "Sorry, the apache config file can not be restored, please report bug."
|
||||||
fi
|
fi
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
@ -4012,7 +4012,7 @@ _match_issuer() {
|
|||||||
#webroot, domain domainlist keylength
|
#webroot, domain domainlist keylength
|
||||||
issue() {
|
issue() {
|
||||||
if [ -z "$2" ]; then
|
if [ -z "$2" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --issue -d a.com -w /path/to/webroot/a.com/ "
|
_usage "Usage: $PROJECT_ENTRY --issue --domain <domain.tld> --webroot <directory>"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
if [ -z "$1" ]; then
|
if [ -z "$1" ]; then
|
||||||
@ -4993,7 +4993,7 @@ _split_cert_chain() {
|
|||||||
renew() {
|
renew() {
|
||||||
Le_Domain="$1"
|
Le_Domain="$1"
|
||||||
if [ -z "$Le_Domain" ]; then
|
if [ -z "$Le_Domain" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --renew -d domain.com [--ecc]"
|
_usage "Usage: $PROJECT_ENTRY --renew --domain <domain.tld> [--ecc]"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5003,7 +5003,7 @@ renew() {
|
|||||||
|
|
||||||
_info "$(__green "Renew: '$Le_Domain'")"
|
_info "$(__green "Renew: '$Le_Domain'")"
|
||||||
if [ ! -f "$DOMAIN_CONF" ]; then
|
if [ ! -f "$DOMAIN_CONF" ]; then
|
||||||
_info "'$Le_Domain' is not a issued domain, skip."
|
_info "'$Le_Domain' is not an issued domain, skip."
|
||||||
return $RENEW_SKIP
|
return $RENEW_SKIP
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5049,6 +5049,7 @@ renew() {
|
|||||||
Le_PreHook="$(_readdomainconf Le_PreHook)"
|
Le_PreHook="$(_readdomainconf Le_PreHook)"
|
||||||
Le_PostHook="$(_readdomainconf Le_PostHook)"
|
Le_PostHook="$(_readdomainconf Le_PostHook)"
|
||||||
Le_RenewHook="$(_readdomainconf Le_RenewHook)"
|
Le_RenewHook="$(_readdomainconf Le_RenewHook)"
|
||||||
|
Le_Preferred_Chain="$(_readdomainconf Le_Preferred_Chain)"
|
||||||
issue "$Le_Webroot" "$Le_Domain" "$Le_Alt" "$Le_Keylength" "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath" "$Le_PreHook" "$Le_PostHook" "$Le_RenewHook" "$Le_LocalAddress" "$Le_ChallengeAlias" "$Le_Preferred_Chain"
|
issue "$Le_Webroot" "$Le_Domain" "$Le_Alt" "$Le_Keylength" "$Le_RealCertPath" "$Le_RealKeyPath" "$Le_RealCACertPath" "$Le_ReloadCmd" "$Le_RealFullChainPath" "$Le_PreHook" "$Le_PostHook" "$Le_RenewHook" "$Le_LocalAddress" "$Le_ChallengeAlias" "$Le_Preferred_Chain"
|
||||||
res="$?"
|
res="$?"
|
||||||
if [ "$res" != "0" ]; then
|
if [ "$res" != "0" ]; then
|
||||||
@ -5081,7 +5082,7 @@ renewAll() {
|
|||||||
for di in "${CERT_HOME}"/*.*/; do
|
for di in "${CERT_HOME}"/*.*/; do
|
||||||
_debug di "$di"
|
_debug di "$di"
|
||||||
if ! [ -d "$di" ]; then
|
if ! [ -d "$di" ]; then
|
||||||
_debug "Not directory, skip: $di"
|
_debug "Not a directory, skip: $di"
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
d=$(basename "$di")
|
d=$(basename "$di")
|
||||||
@ -5184,7 +5185,7 @@ signcsr() {
|
|||||||
_csrfile="$1"
|
_csrfile="$1"
|
||||||
_csrW="$2"
|
_csrW="$2"
|
||||||
if [ -z "$_csrfile" ] || [ -z "$_csrW" ]; then
|
if [ -z "$_csrfile" ] || [ -z "$_csrW" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --signcsr --csr mycsr.csr -w /path/to/webroot/a.com/ "
|
_usage "Usage: $PROJECT_ENTRY --sign-csr --csr <csr-file> --webroot <directory>"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5252,7 +5253,7 @@ showcsr() {
|
|||||||
_csrfile="$1"
|
_csrfile="$1"
|
||||||
_csrd="$2"
|
_csrd="$2"
|
||||||
if [ -z "$_csrfile" ] && [ -z "$_csrd" ]; then
|
if [ -z "$_csrfile" ] && [ -z "$_csrd" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --showcsr --csr mycsr.csr"
|
_usage "Usage: $PROJECT_ENTRY --show-csr --csr <csr-file>"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5369,7 +5370,7 @@ deploy() {
|
|||||||
_hooks="$2"
|
_hooks="$2"
|
||||||
_isEcc="$3"
|
_isEcc="$3"
|
||||||
if [ -z "$_hooks" ]; then
|
if [ -z "$_hooks" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --deploy -d domain.com --deploy-hook cpanel [--ecc] "
|
_usage "Usage: $PROJECT_ENTRY --deploy --domain <domain.tld> --deploy-hook <hookname> [--ecc] "
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5390,7 +5391,7 @@ deploy() {
|
|||||||
installcert() {
|
installcert() {
|
||||||
_main_domain="$1"
|
_main_domain="$1"
|
||||||
if [ -z "$_main_domain" ]; then
|
if [ -z "$_main_domain" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --installcert -d domain.com [--ecc] [--cert-file cert-file-path] [--key-file key-file-path] [--ca-file ca-cert-file-path] [ --reloadCmd reloadCmd] [--fullchain-file fullchain-path]"
|
_usage "Usage: $PROJECT_ENTRY --install-cert --domain <domain.tld> [--ecc] [--cert-file <file>] [--key-file <file>] [--ca-file <file>] [ --reloadcmd <command>] [--fullchain-file <file>]"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5669,7 +5670,7 @@ uninstallcronjob() {
|
|||||||
revoke() {
|
revoke() {
|
||||||
Le_Domain="$1"
|
Le_Domain="$1"
|
||||||
if [ -z "$Le_Domain" ]; then
|
if [ -z "$Le_Domain" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --revoke -d domain.com [--ecc]"
|
_usage "Usage: $PROJECT_ENTRY --revoke --domain <domain.tld> [--ecc]"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5740,7 +5741,7 @@ revoke() {
|
|||||||
remove() {
|
remove() {
|
||||||
Le_Domain="$1"
|
Le_Domain="$1"
|
||||||
if [ -z "$Le_Domain" ]; then
|
if [ -z "$Le_Domain" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --remove -d domain.com [--ecc]"
|
_usage "Usage: $PROJECT_ENTRY --remove --domain <domain.tld> [--ecc]"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -5900,7 +5901,7 @@ deactivate() {
|
|||||||
_initAPI
|
_initAPI
|
||||||
_debug _d_domain_list "$_d_domain_list"
|
_debug _d_domain_list "$_d_domain_list"
|
||||||
if [ -z "$(echo $_d_domain_list | cut -d , -f 1)" ]; then
|
if [ -z "$(echo $_d_domain_list | cut -d , -f 1)" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --deactivate -d domain.com [-d domain.com]"
|
_usage "Usage: $PROJECT_ENTRY --deactivate --domain <domain.tld> [--domain <domain2.tld> ...]"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
for _d_dm in $(echo "$_d_domain_list" | tr ',' ' '); do
|
for _d_dm in $(echo "$_d_domain_list" | tr ',' ' '); do
|
||||||
@ -6360,7 +6361,7 @@ setnotify() {
|
|||||||
_initpath
|
_initpath
|
||||||
|
|
||||||
if [ -z "$_nhook$_nlevel$_nmode" ]; then
|
if [ -z "$_nhook$_nlevel$_nmode" ]; then
|
||||||
_usage "Usage: $PROJECT_ENTRY --set-notify [--notify-hook mailgun] [--notify-level $NOTIFY_LEVEL_DEFAULT] [--notify-mode $NOTIFY_MODE_DEFAULT]"
|
_usage "Usage: $PROJECT_ENTRY --set-notify [--notify-hook <hookname>] [--notify-level <0|1|2|3>] [--notify-mode <0|1>]"
|
||||||
_usage "$_NOTIFY_WIKI"
|
_usage "$_NOTIFY_WIKI"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
@ -6399,146 +6400,140 @@ setnotify() {
|
|||||||
showhelp() {
|
showhelp() {
|
||||||
_initpath
|
_initpath
|
||||||
version
|
version
|
||||||
echo "Usage: $PROJECT_ENTRY command ...[parameters]....
|
echo "Usage: $PROJECT_ENTRY <command> ... [parameters ...]
|
||||||
Commands:
|
Commands:
|
||||||
--help, -h Show this help message.
|
-h, --help Show this help message.
|
||||||
--version, -v Show version info.
|
-v, --version Show version info.
|
||||||
--install Install $PROJECT_NAME to your system.
|
--install Install $PROJECT_NAME to your system.
|
||||||
--uninstall Uninstall $PROJECT_NAME, and uninstall the cron job.
|
--uninstall Uninstall $PROJECT_NAME, and uninstall the cron job.
|
||||||
--upgrade Upgrade $PROJECT_NAME to the latest code from $PROJECT.
|
--upgrade Upgrade $PROJECT_NAME to the latest code from $PROJECT.
|
||||||
--issue Issue a cert.
|
--issue Issue a cert.
|
||||||
--signcsr Issue a cert from an existing csr.
|
|
||||||
--deploy Deploy the cert to your server.
|
--deploy Deploy the cert to your server.
|
||||||
--install-cert Install the issued cert to apache/nginx or any other server.
|
-i, --install-cert Install the issued cert to apache/nginx or any other server.
|
||||||
--renew, -r Renew a cert.
|
-r, --renew Renew a cert.
|
||||||
--renew-all Renew all the certs.
|
--renew-all Renew all the certs.
|
||||||
--revoke Revoke a cert.
|
--revoke Revoke a cert.
|
||||||
--remove Remove the cert from list of certs known to $PROJECT_NAME.
|
--remove Remove the cert from list of certs known to $PROJECT_NAME.
|
||||||
--list List all the certs.
|
--list List all the certs.
|
||||||
--showcsr Show the content of a csr.
|
--to-pkcs12 Export the certificate and key to a pfx file.
|
||||||
--install-cronjob Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
|
--to-pkcs8 Convert to pkcs8 format.
|
||||||
--uninstall-cronjob Uninstall the cron job. The 'uninstall' command can do this automatically.
|
--sign-csr Issue a cert from an existing csr.
|
||||||
--cron Run cron job to renew all the certs.
|
--show-csr Show the content of a csr.
|
||||||
--toPkcs Export the certificate and key to a pfx file.
|
-ccr, --create-csr Create CSR, professional use.
|
||||||
--toPkcs8 Convert to pkcs8 format.
|
--create-domain-key Create an domain private key, professional use.
|
||||||
--update-account Update account info.
|
--update-account Update account info.
|
||||||
--register-account Register account key.
|
--register-account Register account key.
|
||||||
--deactivate-account Deactivate the account.
|
--deactivate-account Deactivate the account.
|
||||||
--create-account-key Create an account private key, professional use.
|
--create-account-key Create an account private key, professional use.
|
||||||
--create-domain-key Create an domain private key, professional use.
|
--install-cronjob Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
|
||||||
--createCSR, -ccsr Create CSR , professional use.
|
--uninstall-cronjob Uninstall the cron job. The 'uninstall' command can do this automatically.
|
||||||
--deactivate Deactivate the domain authz, professional use.
|
--cron Run cron job to renew all the certs.
|
||||||
--set-notify Set the cron notification hook, level or mode.
|
--set-notify Set the cron notification hook, level or mode.
|
||||||
--set-default-ca Used with '--server' , to set the default CA to use to use.
|
--deactivate Deactivate the domain authz, professional use.
|
||||||
|
--set-default-ca Used with '--server', to set the default CA to use to use.
|
||||||
|
|
||||||
|
|
||||||
Parameters:
|
Parameters:
|
||||||
--domain, -d domain.tld Specifies a domain, used to issue, renew or revoke etc.
|
-d, --domain <domain.tld> Specifies a domain, used to issue, renew or revoke etc.
|
||||||
--challenge-alias domain.tld The challenge domain alias for DNS alias mode.
|
--challenge-alias <domain.tld> The challenge domain alias for DNS alias mode.
|
||||||
See: $_DNS_ALIAS_WIKI
|
See: $_DNS_ALIAS_WIKI
|
||||||
|
|
||||||
--domain-alias domain.tld The domain alias for DNS alias mode.
|
--domain-alias <domain.tld> The domain alias for DNS alias mode.
|
||||||
See: $_DNS_ALIAS_WIKI
|
See: $_DNS_ALIAS_WIKI
|
||||||
|
|
||||||
--preferred-chain CHAIN If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name.
|
--preferred-chain <chain> If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name.
|
||||||
If no match, the default offered chain will be used. (default: empty)
|
If no match, the default offered chain will be used. (default: empty)
|
||||||
See: $_PREFERRED_CHAIN_WIKI
|
See: $_PREFERRED_CHAIN_WIKI
|
||||||
|
|
||||||
--force, -f Used to force to install or force to renew a cert immediately.
|
-f, --force Force install, force cert renewal or override sudo restrictions.
|
||||||
--staging, --test Use staging server, just for test.
|
--staging, --test Use staging server, for testing.
|
||||||
--debug Output debug info.
|
--debug [0|1|2|3] Output debug info. Defaults to 1 if argument is omitted.
|
||||||
--output-insecure Output all the sensitive messages.
|
--output-insecure Output all the sensitive messages.
|
||||||
By default all the credentials/sensitive messages are hidden from the output/debug/log for security.
|
By default all the credentials/sensitive messages are hidden from the output/debug/log for security.
|
||||||
|
-w, --webroot <directory> Specifies the web root folder for web root mode.
|
||||||
--webroot, -w /path/to/webroot Specifies the web root folder for web root mode.
|
|
||||||
--standalone Use standalone mode.
|
--standalone Use standalone mode.
|
||||||
--alpn Use standalone alpn mode.
|
--alpn Use standalone alpn mode.
|
||||||
--stateless Use stateless mode.
|
--stateless Use stateless mode.
|
||||||
See: $_STATELESS_WIKI
|
See: $_STATELESS_WIKI
|
||||||
|
|
||||||
--apache Use apache mode.
|
--apache Use apache mode.
|
||||||
--dns [dns_hook] Use dns mode or dns api.
|
--dns [dns_hook] Use dns manual mode or dns api. Defaults to manual mode when argument is omitted.
|
||||||
See: $_DNS_API_WIKI
|
See: $_DNS_API_WIKI
|
||||||
|
|
||||||
--dnssleep 300 The time in seconds to wait for all the txt records to propagate in dns api mode.
|
--dnssleep <seconds> The time in seconds to wait for all the txt records to propagate in dns api mode.
|
||||||
It's not necessary to use this by default, $PROJECT_NAME polls dns status by DOH automatically.
|
It's not necessary to use this by default, $PROJECT_NAME polls dns status by DOH automatically.
|
||||||
|
-k, --keylength <bits> Specifies the domain key length: 2048, 3072, 4096, 8192 or ec-256, ec-384, ec-521.
|
||||||
--keylength, -k [2048] Specifies the domain key length: 2048, 3072, 4096, 8192 or ec-256, ec-384, ec-521.
|
-ak, --accountkeylength <bits> Specifies the account key length: 2048, 3072, 4096
|
||||||
--accountkeylength, -ak [2048] Specifies the account key length: 2048, 3072, 4096
|
--log [file] Specifies the log file. Defaults to \"$DEFAULT_LOG_FILE\" if argument is omitted.
|
||||||
--log [/path/to/logfile] Specifies the log file. The default is: \"$DEFAULT_LOG_FILE\" if you don't give a file path here.
|
--log-level <1|2> Specifies the log level, default is 1.
|
||||||
--log-level 1|2 Specifies the log level, default is 1.
|
--syslog <0|3|6|7> Syslog level, 0: disable syslog, 3: error, 6: info, 7: debug.
|
||||||
--syslog [0|3|6|7] Syslog level, 0: disable syslog, 3: error, 6: info, 7: debug.
|
--eab-kid <eab_key_id> Key Identifier for External Account Binding.
|
||||||
|
--eab-hmac-key <eab_hmac_key> HMAC key for External Account Binding.
|
||||||
--eab-kid EAB_KID Key Identifier for External Account Binding.
|
|
||||||
--eab-hmac-key EAB_HMAC_KEY HMAC key for External Account Binding.
|
|
||||||
|
|
||||||
|
|
||||||
These parameters are to install the cert to nginx/apache or any other server after issue/renew a cert:
|
These parameters are to install the cert to nginx/apache or any other server after issue/renew a cert:
|
||||||
|
|
||||||
--cert-file After issue/renew, the cert will be copied to this path.
|
--cert-file <file> Path to copy the cert file to after issue/renew..
|
||||||
--key-file After issue/renew, the key will be copied to this path.
|
--key-file <file> Path to copy the key file to after issue/renew.
|
||||||
--ca-file After issue/renew, the intermediate cert will be copied to this path.
|
--ca-file <file> Path to copy the intermediate cert file to after issue/renew.
|
||||||
--fullchain-file After issue/renew, the fullchain cert will be copied to this path.
|
--fullchain-file <file> Path to copy the fullchain cert file to after issue/renew.
|
||||||
|
--reloadcmd <command> Command to execute after issue/renew to reload the server.
|
||||||
|
|
||||||
--reloadcmd \"service nginx reload\" After issue/renew, it's used to reload the server.
|
--server <server_uri> ACME Directory Resource URI. (default: $DEFAULT_CA)
|
||||||
|
|
||||||
--server SERVER ACME Directory Resource URI. (default: $DEFAULT_CA)
|
|
||||||
See: $_SERVER_WIKI
|
See: $_SERVER_WIKI
|
||||||
|
|
||||||
--accountconf Specifies a customized account config file.
|
--accountconf <file> Specifies a customized account config file.
|
||||||
--home Specifies the home dir for $PROJECT_NAME.
|
--home <directory> Specifies the home dir for $PROJECT_NAME.
|
||||||
--cert-home Specifies the home dir to save all the certs, only valid for '--install' command.
|
--cert-home <directory> Specifies the home dir to save all the certs, only valid for '--install' command.
|
||||||
--config-home Specifies the home dir to save all the configurations.
|
--config-home <directory> Specifies the home dir to save all the configurations.
|
||||||
--useragent Specifies the user agent string. it will be saved for future use too.
|
--useragent <string> Specifies the user agent string. it will be saved for future use too.
|
||||||
--accountemail, -m Specifies the account email, only valid for the '--install' and '--update-account' command.
|
-m, --accountemail <email> Specifies the account email, only valid for the '--install' and '--update-account' command.
|
||||||
--accountkey Specifies the account key path, only valid for the '--install' command.
|
--accountkey <file> Specifies the account key path, only valid for the '--install' command.
|
||||||
--days Specifies the days to renew the cert when using '--issue' command. The default value is $DEFAULT_RENEW days.
|
--days <ndays> Specifies the days to renew the cert when using '--issue' command. The default value is $DEFAULT_RENEW days.
|
||||||
--httpport Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
|
--httpport <port> Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
|
||||||
--tlsport Specifies the standalone tls listening port. Only valid if the server is behind a reverse proxy or load balancer.
|
--tlsport <port> Specifies the standalone tls listening port. Only valid if the server is behind a reverse proxy or load balancer.
|
||||||
--local-address Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
|
--local-address <ip> Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
|
||||||
--listraw Only used for '--list' command, list the certs in raw format.
|
--listraw Only used for '--list' command, list the certs in raw format.
|
||||||
--stopRenewOnError, -se Only valid for '--renew-all' command. Stop if one cert has error in renewal.
|
-se, --stop-renew-on-error Only valid for '--renew-all' command. Stop if one cert has error in renewal.
|
||||||
--insecure Do not check the server certificate, in some devices, the api server's certificate may not be trusted.
|
--insecure Do not check the server certificate, in some devices, the api server's certificate may not be trusted.
|
||||||
--ca-bundle Specifies the path to the CA certificate bundle to verify api server's certificate.
|
--ca-bundle <file> Specifies the path to the CA certificate bundle to verify api server's certificate.
|
||||||
--ca-path Specifies directory containing CA certificates in PEM format, used by wget or curl.
|
--ca-path <directory> Specifies directory containing CA certificates in PEM format, used by wget or curl.
|
||||||
--nocron Only valid for '--install' command, which means: do not install the default cron job.
|
--nocron Only valid for '--install' command, which means: do not install the default cron job.
|
||||||
In this case, the certs will not be renewed automatically.
|
In this case, the certs will not be renewed automatically.
|
||||||
|
|
||||||
--noprofile Only valid for '--install' command, which means: do not install aliases to user profile.
|
--noprofile Only valid for '--install' command, which means: do not install aliases to user profile.
|
||||||
--no-color Do not output color text.
|
--no-color Do not output color text.
|
||||||
--force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
|
--force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
|
||||||
--ecc Specifies to use the ECC cert. Valid for '--install-cert', '--renew', '--revoke', '--toPkcs' and '--createCSR'
|
--ecc Specifies to use the ECC cert. Valid for '--install-cert', '--renew', '--revoke', '--to-pkcs12' and '--create-csr'
|
||||||
--csr Specifies the input csr.
|
--csr <file> Specifies the input csr.
|
||||||
--pre-hook Command to be run before obtaining any certificates.
|
--pre-hook <command> Command to be run before obtaining any certificates.
|
||||||
--post-hook Command to be run after attempting to obtain/renew certificates. No matter the obtain/renew is success or failed.
|
--post-hook <command> Command to be run after attempting to obtain/renew certificates. Runs regardless of whether obtain/renew succeeded or failed.
|
||||||
--renew-hook Command to be run once for each successfully renewed certificate.
|
--renew-hook <command> Command to be run after each successfully renewed certificate.
|
||||||
--deploy-hook The hook file to deploy cert
|
--deploy-hook <hookname> The hook file to deploy cert
|
||||||
--ocsp-must-staple, --ocsp Generate ocsp must Staple extension.
|
--ocsp, --ocsp-must-staple Generate OCSP-Must-Staple extension.
|
||||||
--always-force-new-domain-key Generate new domain key when renewal. Otherwise, the domain key is not changed by default.
|
--always-force-new-domain-key Generate new domain key on renewal. Otherwise, the domain key is not changed by default.
|
||||||
--auto-upgrade [0|1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future.
|
--auto-upgrade [0|1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future. Defaults to 1 if argument is omitted.
|
||||||
--listen-v4 Force standalone/tls server to listen at ipv4.
|
--listen-v4 Force standalone/tls server to listen at ipv4.
|
||||||
--listen-v6 Force standalone/tls server to listen at ipv6.
|
--listen-v6 Force standalone/tls server to listen at ipv6.
|
||||||
--openssl-bin Specifies a custom openssl bin location.
|
--openssl-bin <file> Specifies a custom openssl bin location.
|
||||||
--use-wget Force to use wget, if you have both curl and wget installed.
|
--use-wget Force to use wget, if you have both curl and wget installed.
|
||||||
--yes-I-know-dns-manual-mode-enough-go-ahead-please Force to use dns manual mode.
|
--yes-I-know-dns-manual-mode-enough-go-ahead-please Force use of dns manual mode.
|
||||||
See: $_DNS_MANUAL_WIKI
|
See: $_DNS_MANUAL_WIKI
|
||||||
|
|
||||||
--branch, -b Only valid for '--upgrade' command, specifies the branch name to upgrade to.
|
-b, --branch <branch> Only valid for '--upgrade' command, specifies the branch name to upgrade to.
|
||||||
|
--notify-level <0|1|2|3> Set the notification level: Default value is $NOTIFY_LEVEL_DEFAULT.
|
||||||
--notify-level 0|1|2|3 Set the notification level: Default value is $NOTIFY_LEVEL_DEFAULT.
|
0: disabled, no notification will be sent.
|
||||||
0: disabled, no notification will be sent.
|
1: send notifications only when there is an error.
|
||||||
1: send notifications only when there is an error.
|
2: send notifications when a cert is successfully renewed, or there is an error.
|
||||||
2: send notifications when a cert is successfully renewed, or there is an error.
|
3: send notifications when a cert is skipped, renewed, or error.
|
||||||
3: send notifications when a cert is skipped, renewed, or error.
|
--notify-mode <0|1> Set notification mode. Default value is $NOTIFY_MODE_DEFAULT.
|
||||||
|
0: Bulk mode. Send all the domain's notifications in one message(mail).
|
||||||
--notify-mode 0|1 Set notification mode. Default value is $NOTIFY_MODE_DEFAULT.
|
1: Cert mode. Send a message for every single cert.
|
||||||
0: Bulk mode. Send all the domain's notifications in one message(mail).
|
--notify-hook <hookname> Set the notify hook
|
||||||
1: Cert mode. Send a message for every single cert.
|
--revoke-reason <0-10> The reason for revocation, can be used in conjunction with the '--revoke' command.
|
||||||
|
|
||||||
--notify-hook [hookname] Set the notify hook
|
|
||||||
--revoke-reason [0-10] The reason for '--revoke' command.
|
|
||||||
See: $_REVOKE_WIKI
|
See: $_REVOKE_WIKI
|
||||||
|
|
||||||
|
--password <password> Add a password to exported pfx file. Use with --to-pkcs12.
|
||||||
|
|
||||||
|
|
||||||
"
|
"
|
||||||
}
|
}
|
||||||
@ -6796,19 +6791,19 @@ _process() {
|
|||||||
--deploy)
|
--deploy)
|
||||||
_CMD="deploy"
|
_CMD="deploy"
|
||||||
;;
|
;;
|
||||||
--signcsr)
|
--sign-csr | --signcsr)
|
||||||
_CMD="signcsr"
|
_CMD="signcsr"
|
||||||
;;
|
;;
|
||||||
--showcsr)
|
--show-csr | --showcsr)
|
||||||
_CMD="showcsr"
|
_CMD="showcsr"
|
||||||
;;
|
;;
|
||||||
--installcert | -i | --install-cert)
|
-i | --install-cert | --installcert)
|
||||||
_CMD="installcert"
|
_CMD="installcert"
|
||||||
;;
|
;;
|
||||||
--renew | -r)
|
--renew | -r)
|
||||||
_CMD="renew"
|
_CMD="renew"
|
||||||
;;
|
;;
|
||||||
--renewAll | --renewall | --renew-all)
|
--renew-all | --renewAll | --renewall)
|
||||||
_CMD="renewAll"
|
_CMD="renewAll"
|
||||||
;;
|
;;
|
||||||
--revoke)
|
--revoke)
|
||||||
@ -6820,37 +6815,37 @@ _process() {
|
|||||||
--list)
|
--list)
|
||||||
_CMD="list"
|
_CMD="list"
|
||||||
;;
|
;;
|
||||||
--installcronjob | --install-cronjob)
|
--install-cronjob | --installcronjob)
|
||||||
_CMD="installcronjob"
|
_CMD="installcronjob"
|
||||||
;;
|
;;
|
||||||
--uninstallcronjob | --uninstall-cronjob)
|
--uninstall-cronjob | --uninstallcronjob)
|
||||||
_CMD="uninstallcronjob"
|
_CMD="uninstallcronjob"
|
||||||
;;
|
;;
|
||||||
--cron)
|
--cron)
|
||||||
_CMD="cron"
|
_CMD="cron"
|
||||||
;;
|
;;
|
||||||
--toPkcs)
|
--to-pkcs12 | --to-pkcs | --toPkcs)
|
||||||
_CMD="toPkcs"
|
_CMD="toPkcs"
|
||||||
;;
|
;;
|
||||||
--toPkcs8)
|
--to-pkcs8 | --toPkcs8)
|
||||||
_CMD="toPkcs8"
|
_CMD="toPkcs8"
|
||||||
;;
|
;;
|
||||||
--createAccountKey | --createaccountkey | -cak | --create-account-key)
|
--create-account-key | --createAccountKey | --createaccountkey | -cak)
|
||||||
_CMD="createAccountKey"
|
_CMD="createAccountKey"
|
||||||
;;
|
;;
|
||||||
--createDomainKey | --createdomainkey | -cdk | --create-domain-key)
|
--create-domain-key | --createDomainKey | --createdomainkey | -cdk)
|
||||||
_CMD="createDomainKey"
|
_CMD="createDomainKey"
|
||||||
;;
|
;;
|
||||||
--createCSR | --createcsr | -ccr)
|
-ccr | --create-csr | --createCSR | --createcsr)
|
||||||
_CMD="createCSR"
|
_CMD="createCSR"
|
||||||
;;
|
;;
|
||||||
--deactivate)
|
--deactivate)
|
||||||
_CMD="deactivate"
|
_CMD="deactivate"
|
||||||
;;
|
;;
|
||||||
--updateaccount | --update-account)
|
--update-account | --updateaccount)
|
||||||
_CMD="updateaccount"
|
_CMD="updateaccount"
|
||||||
;;
|
;;
|
||||||
--registeraccount | --register-account)
|
--register-account | --registeraccount)
|
||||||
_CMD="registeraccount"
|
_CMD="registeraccount"
|
||||||
;;
|
;;
|
||||||
--deactivate-account)
|
--deactivate-account)
|
||||||
@ -6862,7 +6857,7 @@ _process() {
|
|||||||
--set-default-ca)
|
--set-default-ca)
|
||||||
_CMD="setdefaultca"
|
_CMD="setdefaultca"
|
||||||
;;
|
;;
|
||||||
--domain | -d)
|
-d | --domain)
|
||||||
_dvalue="$2"
|
_dvalue="$2"
|
||||||
|
|
||||||
if [ "$_dvalue" ]; then
|
if [ "$_dvalue" ]; then
|
||||||
@ -6893,7 +6888,7 @@ _process() {
|
|||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
|
||||||
--force | -f)
|
-f | --force)
|
||||||
FORCE="1"
|
FORCE="1"
|
||||||
;;
|
;;
|
||||||
--staging | --test)
|
--staging | --test)
|
||||||
@ -6915,7 +6910,7 @@ _process() {
|
|||||||
--output-insecure)
|
--output-insecure)
|
||||||
export OUTPUT_INSECURE=1
|
export OUTPUT_INSECURE=1
|
||||||
;;
|
;;
|
||||||
--webroot | -w)
|
-w | --webroot)
|
||||||
wvalue="$2"
|
wvalue="$2"
|
||||||
if [ -z "$_webroot" ]; then
|
if [ -z "$_webroot" ]; then
|
||||||
_webroot="$wvalue"
|
_webroot="$wvalue"
|
||||||
@ -7005,7 +7000,7 @@ _process() {
|
|||||||
_keylength="$2"
|
_keylength="$2"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
--accountkeylength | -ak)
|
-ak | --accountkeylength)
|
||||||
_accountkeylength="$2"
|
_accountkeylength="$2"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
@ -7043,7 +7038,7 @@ _process() {
|
|||||||
LE_WORKING_DIR="$2"
|
LE_WORKING_DIR="$2"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
--certhome | --cert-home)
|
--cert-home | --certhome)
|
||||||
_certhome="$2"
|
_certhome="$2"
|
||||||
CERT_HOME="$_certhome"
|
CERT_HOME="$_certhome"
|
||||||
shift
|
shift
|
||||||
@ -7058,7 +7053,7 @@ _process() {
|
|||||||
USER_AGENT="$_useragent"
|
USER_AGENT="$_useragent"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
--accountemail | -m)
|
-m | --accountemail)
|
||||||
_accountemail="$2"
|
_accountemail="$2"
|
||||||
ACCOUNT_EMAIL="$_accountemail"
|
ACCOUNT_EMAIL="$_accountemail"
|
||||||
shift
|
shift
|
||||||
@ -7086,7 +7081,7 @@ _process() {
|
|||||||
--listraw)
|
--listraw)
|
||||||
_listraw="raw"
|
_listraw="raw"
|
||||||
;;
|
;;
|
||||||
--stopRenewOnError | --stoprenewonerror | -se)
|
-se | --stop-renew-on-error | --stopRenewOnError | --stoprenewonerror)
|
||||||
_stopRenewOnError="1"
|
_stopRenewOnError="1"
|
||||||
;;
|
;;
|
||||||
--insecure)
|
--insecure)
|
||||||
|
@ -166,7 +166,7 @@ _get_root() {
|
|||||||
if _contains "$_all_domains" "^$h$"; then
|
if _contains "$_all_domains" "^$h$"; then
|
||||||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
_domain=$h
|
_domain=$h
|
||||||
_service=$(printf "%s" "$response" | grep "idn-name=\"$_domain\"" | sed -r "s/.*service=\"(.*)\".*$/\1/")
|
_service=$(printf "%s" "$response" | grep -m 1 "idn-name=\"$_domain\"" | sed -r "s/.*service=\"(.*)\".*$/\1/")
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
p="$i"
|
p="$i"
|
||||||
|
@ -33,8 +33,11 @@ dns_regru_add() {
|
|||||||
fi
|
fi
|
||||||
_debug _domain "$_domain"
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_subdomain=$(echo "$fulldomain" | sed -r "s/.$_domain//")
|
||||||
|
_debug _subdomain "$_subdomain"
|
||||||
|
|
||||||
_info "Adding TXT record to ${fulldomain}"
|
_info "Adding TXT record to ${fulldomain}"
|
||||||
_regru_rest POST "zone/add_txt" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22_acme-challenge%22,%22text%22:%22${txtvalue}%22,%22output_content_type%22:%22plain%22}&input_format=json"
|
_regru_rest POST "zone/add_txt" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22${_subdomain}%22,%22text%22:%22${txtvalue}%22,%22output_content_type%22:%22plain%22}&input_format=json"
|
||||||
|
|
||||||
if ! _contains "${response}" 'error'; then
|
if ! _contains "${response}" 'error'; then
|
||||||
return 0
|
return 0
|
||||||
@ -64,8 +67,11 @@ dns_regru_rm() {
|
|||||||
fi
|
fi
|
||||||
_debug _domain "$_domain"
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_subdomain=$(echo "$fulldomain" | sed -r "s/.$_domain//")
|
||||||
|
_debug _subdomain "$_subdomain"
|
||||||
|
|
||||||
_info "Deleting resource record $fulldomain"
|
_info "Deleting resource record $fulldomain"
|
||||||
_regru_rest POST "zone/remove_record" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22_acme-challenge%22,%22content%22:%22${txtvalue}%22,%22record_type%22:%22TXT%22,%22output_content_type%22:%22plain%22}&input_format=json"
|
_regru_rest POST "zone/remove_record" "input_data={%22username%22:%22${REGRU_API_Username}%22,%22password%22:%22${REGRU_API_Password}%22,%22domains%22:[{%22dname%22:%22${_domain}%22}],%22subdomain%22:%22${_subdomain}%22,%22content%22:%22${txtvalue}%22,%22record_type%22:%22TXT%22,%22output_content_type%22:%22plain%22}&input_format=json"
|
||||||
|
|
||||||
if ! _contains "${response}" 'error'; then
|
if ! _contains "${response}" 'error'; then
|
||||||
return 0
|
return 0
|
||||||
|
Loading…
Reference in New Issue
Block a user