ervin/acme.sh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge 113332684e into aa8cf76fb1

Browse Source
This commit is contained in:
acooler15 2024-02-15 15:25:16 +08:00 committed by GitHub
commit 5d0c803912
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 338 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

338
deploy/alicdn.sh Normal file
View File

@ -0,0 +1,338 @@
#!/usr/bin/env sh
# Script to create certificate to Aliyun CDN
#
# This deployment required following variables
# export ALI_CDN_KEY="LTqIA87hOKdjevsf5"
# export ALI_CDN_SECRET="0p5EYueFNq501xnCPzKNbx6K51qPH2"
# export Ali_CDN_DOMAIN="cdn.example.com"
# If you have more than one domain, just
# export Ali_CDN_DOMAIN="cdn1.example.com,cdn2.example.com"
#
# If ALI_CDN_KEY and ALI_CDN_SECRET are not set,
# Ali_key and Ali_Secret will be used. (see dns/dns_ali.sh)
#
# AliYun Authentication must have "AliyunCDNFullAccess" permission,
# May also need to "AliyunYundunCertFullAccess" permissions.
#
# Thanks:
# This script references dns/dns_ali.sh and pull request #2772
######## Public functions #####################
Ali_CDN_API="https://cdn.aliyuncs.com/"
alicdn_deploy() {
_cdomain="$1"
_ckey="$2"
_ccert="$3"
_cca="$4"
_cfullchain="$5"
_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
_debug _ccert "$_ccert"
_debug _cca "$_cca"
_debug _cfullchain "$_cfullchain"
_info "$(__green "===Starting alicdn deploy===")"
_getdeployconf ALI_CDN_KEY
_getdeployconf ALI_CDN_SECRET
_getdeployconf Ali_CDN_DOMAIN
if [ -z "${ALI_CDN_KEY}" ] || [ -z "${ALI_CDN_SECRET}" ]; then
_info "Not set variables ALI_CDN_KEY and ALI_CDN_SECRET"
_info "Will use Ali_Key and Ali_Secret"
ALI_CDN_KEY="$(_readaccountconf_mutable Ali_Key)"
ALI_CDN_SECRET="$(_readaccountconf_mutable Ali_Secret)"
if [ -z "${ALI_CDN_KEY}" ] || [ -z "${ALI_CDN_SECRET}" ]; then
_err "You don't specify aliyun api key and secret yet."
return 1
fi
else
#save ALI_CDN_KEY and ALI_CDN_SECRET.
_savedeployconf ALI_CDN_KEY "$ALI_CDN_KEY"
_savedeployconf ALI_CDN_SECRET "$ALI_CDN_SECRET"
fi
if [ -z "${Ali_CDN_DOMAIN}" ]; then
Ali_CDN_DOMAIN=""
_err "You don't specify Ali_CDN_DOMAIN yet."
return 1
fi
#save Ali_CDN_DOMAIN.
_savedeployconf Ali_CDN_DOMAIN "$Ali_CDN_DOMAIN"
_debug ALI_CDN_KEY "${ALI_CDN_KEY}"
_debug ALI_CDN_SECRET "$ALI_CDN_SECRET"
_debug Ali_CDN_DOMAIN "$Ali_CDN_DOMAIN"
## upload certificate
_Ali_SSLPub=$(grep -Ev '^$' "$_cfullchain" | _ali_url_encode)
_Ali_SSLPri=$(_ali_url_encode <"$_ckey")
query=''
query=$query'AccessKeyId='${ALI_CDN_KEY}
query=$query'&Action=BatchSetCdnDomainServerCertificate'
query=$query'&CertName='$(_ali_urlencode "$_cdomain")
query=$query'&CertType=upload'
query=$query'&DomainName='$(_ali_urlencode "$Ali_CDN_DOMAIN")
query=$query'&ForceSet=1'
query=$query'&Format=json'
query=$query'&SSLPri='${_Ali_SSLPri}
query=$query'&SSLProtocol=on'
query=$query'&SSLPub='${_Ali_SSLPub}
query=$query'&SignatureMethod=HMAC-SHA1'
query=$query'&SignatureNonce='$(_ali_nonce)
query=$query'&SignatureVersion=1.0'
query=$query'&Timestamp='$(_timestamp)
query=$query'&Version=2018-05-10'
_debug2 signature_source "$(printf "%s" "GET&%2F&$(_ali_urlencode "$query")")"
signature=$(printf "%s" "GET&%2F&$(_ali_urlencode "$query")" | _hmac "sha1" "$(printf "%s" "$ALI_CDN_SECRET&" | _hex_dump | tr -d " ")" | _base64)
signature=$(_ali_urlencode "$signature")
url="$Ali_CDN_API?$query&Signature=$signature"
if ! response="$(_get "$url")"; then
_err "Error <$1>"
return 1
fi
_debug response "$response"
message="$(echo "$response" | _egrep_o "\"Message\":\"[^\"]*\"" | cut -d : -f 2- | tr -d \")"
if [ "$message" ]; then
_err "$message"
return 1
fi
_info "Domain $_cdomain certificate has been deployed successfully"
_info "$(__green "===End alicdn deploy===")"
return 0
}
#################### Private functions below ##################################
_ali_url_encode() {
_hex_str=$(_hex_dump)
_debug3 "_url_encode"
_debug3 "_hex_str" "$_hex_str"
for _hex_code in $_hex_str; do
#upper case
case "${_hex_code}" in
"41")
printf "%s" "A"
;;
"42")
printf "%s" "B"
;;
"43")
printf "%s" "C"
;;
"44")
printf "%s" "D"
;;
"45")
printf "%s" "E"
;;
"46")
printf "%s" "F"
;;
"47")
printf "%s" "G"
;;
"48")
printf "%s" "H"
;;
"49")
printf "%s" "I"
;;
"4a")
printf "%s" "J"
;;
"4b")
printf "%s" "K"
;;
"4c")
printf "%s" "L"
;;
"4d")
printf "%s" "M"
;;
"4e")
printf "%s" "N"
;;
"4f")
printf "%s" "O"
;;
"50")
printf "%s" "P"
;;
"51")
printf "%s" "Q"
;;
"52")
printf "%s" "R"
;;
"53")
printf "%s" "S"
;;
"54")
printf "%s" "T"
;;
"55")
printf "%s" "U"
;;
"56")
printf "%s" "V"
;;
"57")
printf "%s" "W"
;;
"58")
printf "%s" "X"
;;
"59")
printf "%s" "Y"
;;
"5a")
printf "%s" "Z"
;;
#lower case
"61")
printf "%s" "a"
;;
"62")
printf "%s" "b"
;;
"63")
printf "%s" "c"
;;
"64")
printf "%s" "d"
;;
"65")
printf "%s" "e"
;;
"66")
printf "%s" "f"
;;
"67")
printf "%s" "g"
;;
"68")
printf "%s" "h"
;;
"69")
printf "%s" "i"
;;
"6a")
printf "%s" "j"
;;
"6b")
printf "%s" "k"
;;
"6c")
printf "%s" "l"
;;
"6d")
printf "%s" "m"
;;
"6e")
printf "%s" "n"
;;
"6f")
printf "%s" "o"
;;
"70")
printf "%s" "p"
;;
"71")
printf "%s" "q"
;;
"72")
printf "%s" "r"
;;
"73")
printf "%s" "s"
;;
"74")
printf "%s" "t"
;;
"75")
printf "%s" "u"
;;
"76")
printf "%s" "v"
;;
"77")
printf "%s" "w"
;;
"78")
printf "%s" "x"
;;
"79")
printf "%s" "y"
;;
"7a")
printf "%s" "z"
;;
#numbers
"30")
printf "%s" "0"
;;
"31")
printf "%s" "1"
;;
"32")
printf "%s" "2"
;;
"33")
printf "%s" "3"
;;
"34")
printf "%s" "4"
;;
"35")
printf "%s" "5"
;;
"36")
printf "%s" "6"
;;
"37")
printf "%s" "7"
;;
"38")
printf "%s" "8"
;;
"39")
printf "%s" "9"
;;
"2d")
printf "%s" "-"
;;
"5f")
printf "%s" "_"
;;
"2e")
printf "%s" "."
;;
"7e")
printf "%s" "~"
;;
#other hex
*)
printf '%%%s' "$_hex_code" | tr '[:lower:]' '[:upper:]'
;;
esac
done
}
_ali_urlencode() {
_str=$(printf "%s" "$1" | _ali_url_encode)
printf "%s" "$_str"
}
_ali_nonce() {
date +"%s%N"
}
_timestamp() {
date -u +"%Y-%m-%dT%H%%3A%M%%3A%SZ"
}