mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2025-08-28 11:40:04 +00:00
Work on acme.sh hander
and dns providers
This commit is contained in:
Jamie Curnow
@@ -1768,7 +1768,7 @@ _inithttp() {
|
||||
if [ -z "$ACME_HTTP_NO_REDIRECTS" ]; then
|
||||
_ACME_CURL="$_ACME_CURL -L "
|
||||
fi
|
||||
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
|
||||
if [ "$DEBUG" ] && [ "$DEBUG" -ge 2 ]; then
|
||||
_CURL_DUMP="$(_mktemp)"
|
||||
_ACME_CURL="$_ACME_CURL --trace-ascii $_CURL_DUMP "
|
||||
fi
|
||||
@@ -1808,6 +1808,8 @@ _inithttp() {
|
||||
|
||||
}
|
||||
|
||||
_HTTP_MAX_RETRY=8
|
||||
|
||||
# body url [needbase64] [POST|PUT|DELETE] [ContentType]
|
||||
_post() {
|
||||
body="$1"
|
||||
@@ -1815,6 +1817,33 @@ _post() {
|
||||
needbase64="$3"
|
||||
httpmethod="$4"
|
||||
_postContentType="$5"
|
||||
_sleep_retry_sec=1
|
||||
_http_retry_times=0
|
||||
_hcode=0
|
||||
while [ "${_http_retry_times}" -le "$_HTTP_MAX_RETRY" ]; do
|
||||
[ "$_http_retry_times" = "$_HTTP_MAX_RETRY" ]
|
||||
_lastHCode="$?"
|
||||
_debug "Retrying post"
|
||||
_post_impl "$body" "$_post_url" "$needbase64" "$httpmethod" "$_postContentType" "$_lastHCode"
|
||||
_hcode="$?"
|
||||
_debug _hcode "$_hcode"
|
||||
if [ "$_hcode" = "0" ]; then
|
||||
break
|
||||
fi
|
||||
_http_retry_times=$(_math $_http_retry_times + 1)
|
||||
_sleep $_sleep_retry_sec
|
||||
done
|
||||
return $_hcode
|
||||
}
|
||||
|
||||
# body url [needbase64] [POST|PUT|DELETE] [ContentType] [displayError]
|
||||
_post_impl() {
|
||||
body="$1"
|
||||
_post_url="$2"
|
||||
needbase64="$3"
|
||||
httpmethod="$4"
|
||||
_postContentType="$5"
|
||||
displayError="$6"
|
||||
|
||||
if [ -z "$httpmethod" ]; then
|
||||
httpmethod="POST"
|
||||
@@ -1866,7 +1895,9 @@ _post() {
|
||||
fi
|
||||
_ret="$?"
|
||||
if [ "$_ret" != "0" ]; then
|
||||
_err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $_ret"
|
||||
if [ -z "$displayError" ] || [ "$displayError" = "0" ]; then
|
||||
_err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $_ret"
|
||||
fi
|
||||
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
|
||||
_err "Here is the curl dump log:"
|
||||
_err "$(cat "$_CURL_DUMP")"
|
||||
@@ -1922,7 +1953,9 @@ _post() {
|
||||
_debug "wget returns 8, the server returns a 'Bad request' response, lets process the response later."
|
||||
fi
|
||||
if [ "$_ret" != "0" ]; then
|
||||
_err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $_ret"
|
||||
if [ -z "$displayError" ] || [ "$displayError" = "0" ]; then
|
||||
_err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $_ret"
|
||||
fi
|
||||
fi
|
||||
_sed_i "s/^ *//g" "$HTTP_HEADER"
|
||||
else
|
||||
@@ -1936,13 +1969,38 @@ _post() {
|
||||
|
||||
# url getheader timeout
|
||||
_get() {
|
||||
url="$1"
|
||||
onlyheader="$2"
|
||||
t="$3"
|
||||
_sleep_retry_sec=1
|
||||
_http_retry_times=0
|
||||
_hcode=0
|
||||
while [ "${_http_retry_times}" -le "$_HTTP_MAX_RETRY" ]; do
|
||||
[ "$_http_retry_times" = "$_HTTP_MAX_RETRY" ]
|
||||
_lastHCode="$?"
|
||||
_debug "Retrying GET"
|
||||
_get_impl "$url" "$onlyheader" "$t" "$_lastHCode"
|
||||
_hcode="$?"
|
||||
_debug _hcode "$_hcode"
|
||||
if [ "$_hcode" = "0" ]; then
|
||||
break
|
||||
fi
|
||||
_http_retry_times=$(_math $_http_retry_times + 1)
|
||||
_sleep $_sleep_retry_sec
|
||||
done
|
||||
return $_hcode
|
||||
}
|
||||
|
||||
# url getheader timeout displayError
|
||||
_get_impl() {
|
||||
_debug GET
|
||||
url="$1"
|
||||
onlyheader="$2"
|
||||
t="$3"
|
||||
displayError="$4"
|
||||
_debug url "$url"
|
||||
_debug "timeout=$t"
|
||||
|
||||
_debug "displayError" "$displayError"
|
||||
_inithttp
|
||||
|
||||
if [ "$_ACME_CURL" ] && [ "${ACME_USE_WGET:-0}" = "0" ]; then
|
||||
@@ -1961,7 +2019,9 @@ _get() {
|
||||
fi
|
||||
ret=$?
|
||||
if [ "$ret" != "0" ]; then
|
||||
_err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $ret"
|
||||
if [ -z "$displayError" ] || [ "$displayError" = "0" ]; then
|
||||
_err "Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: $ret"
|
||||
fi
|
||||
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
|
||||
_err "Here is the curl dump log:"
|
||||
_err "$(cat "$_CURL_DUMP")"
|
||||
@@ -1987,7 +2047,9 @@ _get() {
|
||||
_debug "wget returns 8, the server returns a 'Bad request' response, lets process the response later."
|
||||
fi
|
||||
if [ "$ret" != "0" ]; then
|
||||
_err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $ret"
|
||||
if [ -z "$displayError" ] || [ "$displayError" = "0" ]; then
|
||||
_err "Please refer to https://www.gnu.org/software/wget/manual/html_node/Exit-Status.html for error code: $ret"
|
||||
fi
|
||||
fi
|
||||
else
|
||||
ret=$?
|
||||
@@ -3925,7 +3987,7 @@ _ns_lookup_ali() {
|
||||
}
|
||||
|
||||
_ns_is_available_dp() {
|
||||
if _get "https://dns.alidns.com" "" 1 >/dev/null 2>&1; then
|
||||
if _get "https://doh.pub" "" 1 >/dev/null 2>&1; then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
@@ -4145,6 +4207,10 @@ issue() {
|
||||
if [ -z "$_ACME_IS_RENEW" ]; then
|
||||
_initpath "$_main_domain" "$_key_length"
|
||||
mkdir -p "$DOMAIN_PATH"
|
||||
else
|
||||
Le_OrderFinalize=""
|
||||
Le_LinkOrder=""
|
||||
Le_LinkCert=""
|
||||
fi
|
||||
|
||||
if _hasfield "$_web_roots" "$W_DNS" && [ -z "$FORCE_DNS_MANUAL" ]; then
|
||||
@@ -4712,26 +4778,13 @@ $_authorizations_map"
|
||||
return 1
|
||||
fi
|
||||
|
||||
_debug "sleep 2 secs to verify"
|
||||
sleep 2
|
||||
_debug "checking"
|
||||
|
||||
_send_signed_request "$uri"
|
||||
|
||||
if [ "$?" != "0" ]; then
|
||||
_err "$d:Verify error:$response"
|
||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||
_clearup
|
||||
_on_issue_err "$_post_hook" "$vlist"
|
||||
return 1
|
||||
fi
|
||||
_debug2 original "$response"
|
||||
|
||||
response="$(echo "$response" | _normalizeJson)"
|
||||
_debug2 response "$response"
|
||||
|
||||
status=$(echo "$response" | _egrep_o '"status":"[^"]*' | cut -d : -f 2 | tr -d '"')
|
||||
|
||||
_debug2 status "$status"
|
||||
if _contains "$status" "invalid"; then
|
||||
error="$(echo "$response" | _egrep_o '"error":\{[^\}]*')"
|
||||
_debug2 error "$error"
|
||||
@@ -4763,9 +4816,9 @@ $_authorizations_map"
|
||||
fi
|
||||
|
||||
if [ "$status" = "pending" ]; then
|
||||
_info "Pending"
|
||||
_info "Pending, The CA is processing your order, please just wait. ($waittimes/$MAX_RETRY_TIMES)"
|
||||
elif [ "$status" = "processing" ]; then
|
||||
_info "Processing"
|
||||
_info "Processing, The CA is processing your order, please just wait. ($waittimes/$MAX_RETRY_TIMES)"
|
||||
else
|
||||
_err "$d:Verify error:$response"
|
||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||
@@ -4773,7 +4826,19 @@ $_authorizations_map"
|
||||
_on_issue_err "$_post_hook" "$vlist"
|
||||
return 1
|
||||
fi
|
||||
_debug "sleep 2 secs to verify again"
|
||||
sleep 2
|
||||
_debug "checking"
|
||||
|
||||
_send_signed_request "$uri"
|
||||
|
||||
if [ "$?" != "0" ]; then
|
||||
_err "$d:Verify error:$response"
|
||||
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
|
||||
_clearup
|
||||
_on_issue_err "$_post_hook" "$vlist"
|
||||
return 1
|
||||
fi
|
||||
done
|
||||
|
||||
done
|
||||
|
||||
@@ -7,8 +7,8 @@
|
||||
"created_on",
|
||||
"modified_on",
|
||||
"user_id",
|
||||
"provider_key",
|
||||
"name",
|
||||
"acme_sh_name",
|
||||
"meta"
|
||||
],
|
||||
"properties": {
|
||||
@@ -28,16 +28,16 @@
|
||||
"type": "integer",
|
||||
"minimum": 1
|
||||
},
|
||||
"provider_key": {
|
||||
"type": "string",
|
||||
"minLength": 1,
|
||||
"maxLength": 100
|
||||
},
|
||||
"name": {
|
||||
"type": "string",
|
||||
"minLength": 1,
|
||||
"maxLength": 100
|
||||
},
|
||||
"acme_sh_name": {
|
||||
"type": "string",
|
||||
"minLength": 4,
|
||||
"maxLength": 50
|
||||
},
|
||||
"meta": {
|
||||
"type": "object"
|
||||
}
|
||||
|
||||
@@ -67,12 +67,11 @@
|
||||
"created_on": 1602593653,
|
||||
"modified_on": 1602593653,
|
||||
"user_id": 1,
|
||||
"provider_key": "route53",
|
||||
"name": "Route53",
|
||||
"acme_sh_name": "dns_aws",
|
||||
"meta": {
|
||||
"access_key": "abc123",
|
||||
"access_secret": "def098",
|
||||
"zone_id": "ABC123"
|
||||
"AWS_ACCESS_KEY_ID": "abc123",
|
||||
"AWS_SECRET_ACCESS_KEY": "def098"
|
||||
}
|
||||
}
|
||||
]
|
||||
|
||||
@@ -36,12 +36,11 @@
|
||||
"created_on": 1602593653,
|
||||
"modified_on": 1602593653,
|
||||
"user_id": 1,
|
||||
"provider_key": "route53",
|
||||
"name": "Route53",
|
||||
"acme_sh_name": "dns_aws",
|
||||
"meta": {
|
||||
"access_key": "abc123",
|
||||
"access_secret": "def098",
|
||||
"zone_id": "ABC123"
|
||||
"AWS_ACCESS_KEY_ID": "abc123",
|
||||
"AWS_SECRET_ACCESS_KEY": "def098"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -40,12 +40,11 @@
|
||||
"created_on": 1602593653,
|
||||
"modified_on": 1602593653,
|
||||
"user_id": 1,
|
||||
"provider_key": "route53",
|
||||
"name": "Route53",
|
||||
"acme_sh_name": "dns_aws",
|
||||
"meta": {
|
||||
"access_key": "abc123",
|
||||
"access_secret": "def098",
|
||||
"zone_id": "ABC123"
|
||||
"AWS_ACCESS_KEY_ID": "abc123",
|
||||
"AWS_SECRET_ACCESS_KEY": "def098"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -50,12 +50,11 @@
|
||||
"created_on": 1602593653,
|
||||
"modified_on": 1602593653,
|
||||
"user_id": 1,
|
||||
"provider_key": "route53",
|
||||
"name": "Route53",
|
||||
"acme_sh_name": "dns_aws",
|
||||
"meta": {
|
||||
"access_key": "abc123",
|
||||
"access_secret": "def098",
|
||||
"zone_id": "ABC123"
|
||||
"AWS_ACCESS_KEY_ID": "abc123",
|
||||
"AWS_SECRET_ACCESS_KEY": "def098"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -70,8 +70,8 @@ CREATE TABLE IF NOT EXISTS `dns_provider`
|
||||
created_on INTEGER NOT NULL DEFAULT 0,
|
||||
modified_on INTEGER NOT NULL DEFAULT 0,
|
||||
user_id INTEGER NOT NULL,
|
||||
provider_key TEXT NOT NULL,
|
||||
name TEXT NOT NULL,
|
||||
acme_sh_name TEXT NOT NULL,
|
||||
meta TEXT NOT NULL,
|
||||
is_deleted INTEGER NOT NULL DEFAULT 0,
|
||||
FOREIGN KEY (user_id) REFERENCES user (id)
|
||||
@@ -92,6 +92,7 @@ CREATE TABLE IF NOT EXISTS `certificate`
|
||||
status TEXT NOT NULL, -- ready,requesting,failed,provided
|
||||
error_message text NOT NULL DEFAULT "",
|
||||
meta TEXT NOT NULL,
|
||||
is_ecc INTEGER NOT NULL DEFAULT 0,
|
||||
is_deleted INTEGER NOT NULL DEFAULT 0,
|
||||
FOREIGN KEY (user_id) REFERENCES user (id),
|
||||
FOREIGN KEY (certificate_authority_id) REFERENCES certificate_authority (id),
|
||||
|
||||
Reference in New Issue
Block a user