linuxtool/Config/Web/acme.sh

150 lines
3.9 KiB
Bash
Raw Normal View History

#!/bin/bash
2024-09-25 15:23:05 +08:00
declare pick_mode=$1
2024-09-25 15:10:40 +08:00
declare domain_str=$2
2024-09-25 15:23:05 +08:00
if ! [[ $pick_mode == "nginx" ]]; then
pick_mode=""
domain_str=""
fi
if ! command -v socat &> /dev/null; then
if [[ -f "/usr/bin/apt-get" ]];then
apt-get update -y
apt-get install socat -y
elif [[ -f "/usr/bin/apt" ]];then
apt update -y
apt install socat -y
elif [[ -f "/usr/bin/pacman" ]];then
pacman -Syu --noconfirm
pacman -Sy --noconfirm socat
else
echo "socat未安装"
exit
fi
fi
2024-09-23 01:55:26 +08:00
if [[ ! -f "${HOME}/.acme.sh/acme.sh" ]];then
rm -rf ${HOME}/.acme.sh
2024-09-23 01:23:05 +08:00
declare mail
declare domain
read -p "请输入用来申请域名的邮箱:" mail
2024-09-23 02:02:37 +08:00
if [[ ! $mail =~ .*@.* ]];then
2024-09-23 01:23:05 +08:00
echo "邮箱不合法"
exit
fi
curl https://get.acme.sh | sh -s "email=$mail"
fi
2024-09-25 15:10:40 +08:00
2024-09-25 18:05:24 +08:00
if [[ ! $domain_str ]];then
2024-09-25 15:10:40 +08:00
echo "请输入需要申请SSL证书的域名"
while(true);do
read -p "不输入退出添加:" domain
if [[ -z $domain ]];then
break
elif [[ ! $domain =~ [\w+\.]+ ]];then
echo "域名不合法"
exit
else
domain_str="$domain_str -d $domain"
fi
done
if [[ -z $domain_str ]]; then
echo "需要添加的域名不能为空"
exit
2024-09-23 01:23:56 +08:00
fi
fi
2024-09-25 15:23:05 +08:00
2024-09-23 01:41:11 +08:00
echo "1.http验证"
echo "2.dns验证"
2024-09-23 01:52:03 +08:00
read -p "请选择验证模式:" pick_mode
case $pick_mode in
'1')
declare mode
2024-09-25 01:17:03 +08:00
if command -v nginx &> /dev/null; then
mode="nginx"
2024-09-25 18:05:24 +08:00
cat > "/etc/nginx/conf.d/test.conf" << EOF
2024-09-25 15:10:40 +08:00
server {
listen 80; # 监听80端口
server_name ${domain}; # 服务器名称(本地)
location / {
root /usr/share/nginx/html; # 指定根目录
index index.html index.htm; # 默认页面
}
}
EOF
2024-09-25 01:17:03 +08:00
elif command -v apache &> /dev/null; then
mode="apache"
else
mode="standalone"
fi
echo "请到服务器将80和443端口开启,将域名解析到本机"
2024-09-25 01:15:50 +08:00
read -p "解析完成请回车:"
eval "${HOME}/.acme.sh/acme.sh --issue ${domain_str} --${mode}"
2024-09-25 18:05:24 +08:00
for (( i = 0; i < 6; i++ )); do
sleep 15
if [[ -d "${HOME}/.acme.sh/$(echo "${domain_str}" | awk '{print $2}')_ecc/fullchain.cer" ]]; then
break
fi
done
rm /etc/nginx/conf.d/test.conf
;;
'2')
declare pick=0
declare -a mode_arr
mode_arr[1]="TXT记录"
mode_arr[2]='cloudflare'
2024-09-23 01:52:03 +08:00
for i in "${!mode_arr[@]}"; do
((pick++))
echo "${pick}. ${mode_arr[$i]}"
done
2024-09-23 01:52:03 +08:00
read -p "请选择验证模式:" pick_mode
2024-09-23 01:29:04 +08:00
if [[ ! $pick_mode =~ [1-${pick}] ]]; then
exit
fi
case ${mode_arr[$pick_mode]} in
'TXT记录')
2024-09-23 01:23:05 +08:00
declare domain
2024-09-23 01:53:07 +08:00
declare log_output=$(${HOME}/.acme.sh/acme.sh --issue --dns $domain_str --yes-I-know-dns-manual-mode-enough-go-ahead-please)
2024-09-24 17:59:47 +08:00
declare -a domain=($( echo "$log_output" | grep "Domain:" | awk -F ": " '{print $2}'))
declare -a txt_value=($(echo "$log_output" | grep "TXT value:" | awk -F ": " '{print $2}'))
echo "请到dns系统解析TXT记录"
2024-09-24 12:23:39 +08:00
for (( i = 0; i < ${#domain[@]}; i++ )); do
echo "需要解析的第$((i+1))"
echo "名称: ${domain[$i]}"
echo "文本记录:${txt_value[$i]}"
done
read -p "解析完成请输入 y" pick
if [[ $pick =~ [Yy] ]]; then
eval "${HOME}/.acme.sh/acme.sh --renew $domain_str --yes-I-know-dns-manual-mode-enough-go-ahead-please"
else
echo "解析完成后请输入下面的命令完成验证"
echo "${HOME}/.acme.sh/acme.sh --renew $domain_str --yes-I-know-dns-manual-mode-enough-go-ahead-please"
fi
;;
'cloudflare')
declare CF_Key
declare CF_Email
read -p "请输入cloudflare的邮箱" CF_Email
2024-09-23 02:02:37 +08:00
if [[ ! $CF_Email =~ .*@.* ]];then
echo "邮箱不合法"
exit
fi
read -p "请输入cloudflare的密钥" CF_Key
export CF_Key=$CF_Key
export CF_Email=$CF_Email
eval "${HOME}/.acme.sh/acme.sh --issue $domain_str --dns dns_cf"
esac
;;
esac