15308555518/ certbot-letencrypt-wildcardcertificates-alydns-au
1
0
Fork 0
mirror of https://github.com/ywdblog/certbot-letencrypt-wildcardcertificates-alydns-au.git synced 2025-12-25 20:32:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add domain.ini

This commit is contained in:
ywdblog 2019-07-22 11:45:14 +08:00
parent 5d9f448177
commit c96b4bc5c0
8 changed files with 259 additions and 232 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
README.md
View File

@ -26,7 +26,11 @@ $ chmod 0777 au.sh
2配置
1DNS API 密钥:
1domain.ini
如果domain.ini文件没有你的根域名请自行添加。
2DNS API 密钥:
这个 API 密钥什么意思呢?由于需要通过 API 操作阿里云 DNS 或腾讯云 DNS 的记录,所以需要去域名服务商哪儿获取 API 密钥,然后配置在 au.sh 文件中:
@ -34,7 +38,7 @@ $ chmod 0777 au.sh
- TXY_KEY 和 TXY_TOKEN腾讯云 [API 密钥官方申请文档](https://console.cloud.tencent.com/cam/capi)。
- GODADDY_KEY 和 GODADDY_TOKENGoDaddy [API 密钥官方申请文档](https://developer.godaddy.com/getstarted)。
2)选择运行环境
3)选择运行环境
目前该工具支持五种运行环境和场景,通过 hook 文件和参数来调用:
@ -152,11 +156,4 @@ $ ./certbot-auto renew --cert-name simplehttps.com --manual-auth-hook "/脚本
《深入浅出HTTPS从原理到实战》二维码
![深入浅出HTTPS从原理到实战](https://notes.newyingyong.cn/static/image/httpsbook/httpsbook-small-jd.jpg)
大家如果觉得这工程还行,欢迎金钱鼓励我哈,支付宝扫码就可以了,谢谢:
![深入浅出HTTPS从原理到实战](https://notes.newyingyong.cn/static/image/httpsbook/zfb.jpg)
![深入浅出HTTPS从原理到实战](https://notes.newyingyong.cn/static/image/httpsbook/httpsbook-small-jd.jpg)

18
domain.ini Normal file
View File

@ -0,0 +1,18 @@
net
com
com.cn
cn
org
co.jp
com.tw
gov
net.cn
io
top
me
int
edu
link
uk
hk
shop

355
php-version/alydns.php
View File

@ -1,6 +1,10 @@
<?php
date_default_timezone_set("GMT");
$dir = dirname(dirname(__FILE__));
#根域名列表文件,如果自己的根域名不存在该文件中,可自行添加
$domainfile = $dir . DIRECTORY_SEPARATOR . "domain.ini";
/*
$obj = new AliDns("LTAIkLV6coSSKklZ", "YEGDVHQV4oBC6AGQM9BWaHStUtNE5M", "simplehttps.com1");
$data = $obj->DescribeDomainRecords();
@ -35,9 +39,9 @@ date_default_timezone_set("GMT");
php alydns.php add "simplehttps.com" "dnsv" "dnsk" APPKEY APPTOKEN
*/
########## 配合 cerbot 运行
# 第一个参数是 action代表 (add/clean)
# 第二个参数是域名
########## 配合 cerbot 运行
# 第一个参数是 action代表 (add/clean)
# 第二个参数是域名
# 第三个参数是主机名(第三个参数+第二个参数组合起来就是要添加的 TXT 记录)
# 第四个参数是 TXT 记录值
# 第五个参数是 APPKEY
@ -47,8 +51,8 @@ echo "域名 API 调用开始\n";
print_r($argv);
if (count($argv) < 7) {
echo "参数有误\n";
exit;
echo "参数有误\n";
exit;
}
echo $argv[1]."-".$argv[2]."-".$argv[3]."-".$argv[4]."-".$argv[5]."-".$argv[6]."\n";
@ -58,30 +62,30 @@ $selfdomain = ($domainarray[0] == "") ? $argv[3] : $argv[3].".".$domainarray[0]
$obj = new AliDns($argv[5], $argv[6], $domainarray[1]);
switch ($argv[1]) {
case "clean":
$data = $obj->DescribeDomainRecords();
$data = $data["DomainRecords"]["Record"];
if (is_array($data)) {
foreach ($data as $v) {
if ($v["RR"] == $selfdomain) {
$data = $obj->DeleteDomainRecord($v["RecordId"]);
if ($data["httpcode"] != 200) {
echo "aly dns 域名删除失败-".$data["Code"].":".$data["Message"];
exit;
}
}
}
}
break;
case "clean":
$data = $obj->DescribeDomainRecords();
$data = $data["DomainRecords"]["Record"];
if (is_array($data)) {
foreach ($data as $v) {
if ($v["RR"] == $selfdomain) {
$data = $obj->DeleteDomainRecord($v["RecordId"]);
if ($data["httpcode"] != 200) {
echo "aly dns 域名删除失败-".$data["Code"].":".$data["Message"];
exit;
}
}
}
}
break;
case "add":
$data = $obj->AddDomainRecord("TXT", $selfdomain, $argv[4]);
case "add":
$data = $obj->AddDomainRecord("TXT", $selfdomain, $argv[4]);
if ($data["httpcode"] != 200) {
echo "aly dns 域名增加失败-".$data["Code"].":".$data["Message"];
exit;
}
break;
if ($data["httpcode"] != 200) {
echo "aly dns 域名增加失败-".$data["Code"].":".$data["Message"];
exit;
}
break;
}
echo "域名 API 调用结束\n";
@ -90,180 +94,171 @@ echo "域名 API 调用结束\n";
class AliDns
{
private $accessKeyId = null;
private $accessSecrec = null;
private $DomainName = null;
private $accessKeyId = null;
private $accessSecrec = null;
private $DomainName = null;
public function __construct($accessKeyId, $accessSecrec, $domain)
{
$this->accessKeyId = $accessKeyId;
$this->accessSecrec = $accessSecrec;
$this->DomainName = $domain;
}
public function __construct($accessKeyId, $accessSecrec, $domain)
{
$this->accessKeyId = $accessKeyId;
$this->accessSecrec = $accessSecrec;
$this->DomainName = $domain;
}
/*
根据域名返回主机名和二级域名
*/
public static function getDomain($domain)
{
public static function getDomain($domain)
{
//https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains
//常见根域名
$arr[] = ".co.jp";
$arr[] = ".com.tw";
$arr[] = ".net";
$arr[] = ".com";
$arr[] = ".com.cn";
$arr[] = ".org";
$arr[] = ".cn";
$arr[] = ".gov";
$arr[] = ".net.cn";
$arr[] = ".io";
$arr[] = ".top";
$arr[] = ".me";
$arr[] = ".int";
$arr[] = ".edu";
$arr[] = ".link";
$arr[] = ".uk";
$arr[] = ".hk";
//https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains
//常见根域名
global $domainfile;
$tmp = file($domainfile);
$arr = array();
foreach ($tmp as $k=>$v) {
$v = trim($v);
if ($v!="")
$arr[]= "." . $v;
}
//二级域名
$seconddomain = "";
//子域名
$selfdomain = "";
//根域名
$rootdomain = "";
foreach ($arr as $k => $v) {
$pos = stripos($domain, $v);
if ($pos) {
$rootdomain = substr($domain, $pos);
$s = explode(".", substr($domain, 0, $pos));
$seconddomain = $s[count($s) - 1].$rootdomain;
for ($i = 0; $i < count($s) - 1; $i++)
$selfdomain .= $s[$i] . ".";
$selfdomain = substr($selfdomain,0,strlen($selfdomain)-1);
break;
}
}
//echo $seconddomain ;exit;
if ($rootdomain == "") {
$seconddomain = $domain;
$selfdomain = "";
}
return array($selfdomain, $seconddomain);
}
//二级域名
$seconddomain = "";
//子域名
$selfdomain = "";
//根域名
$rootdomain = "";
foreach ($arr as $k => $v) {
$pos = stripos($domain, $v);
if ($pos) {
$rootdomain = substr($domain, $pos);
$s = explode(".", substr($domain, 0, $pos));
$seconddomain = $s[count($s) - 1].$rootdomain;
for ($i = 0; $i < count($s) - 1; $i++)
$selfdomain .= $s[$i] . ".";
$selfdomain = substr($selfdomain,0,strlen($selfdomain)-1);
break;
}
}
//echo $seconddomain ;exit;
if ($rootdomain == "") {
$seconddomain = $domain;
$selfdomain = "";
}
return array($selfdomain, $seconddomain);
}
public function DescribeDomainRecords()
{
$requestParams = array(
"Action" => "DescribeDomainRecords"
);
$val = $this->send($requestParams);
public function DescribeDomainRecords()
{
$requestParams = array(
"Action" => "DescribeDomainRecords"
);
$val = $this->send($requestParams);
return $this->out($val);
}
return $this->out($val);
}
public function UpdateDomainRecord($id, $type, $rr, $value)
{
$requestParams = array(
"Action" => "UpdateDomainRecord",
"RecordId" => $id,
"RR" => $rr,
"Type" => $type,
"Value" => $value,
);
$val = $this->send($requestParams);
return $this->out($val);
}
public function UpdateDomainRecord($id, $type, $rr, $value)
{
$requestParams = array(
"Action" => "UpdateDomainRecord",
"RecordId" => $id,
"RR" => $rr,
"Type" => $type,
"Value" => $value,
);
$val = $this->send($requestParams);
return $this->out($val);
}
public function DeleteDomainRecord($id)
{
$requestParams = array(
"Action" => "DeleteDomainRecord",
"RecordId" => $id,
);
$val = $this->send($requestParams);
return $this->out($val);
}
public function DeleteDomainRecord($id)
{
$requestParams = array(
"Action" => "DeleteDomainRecord",
"RecordId" => $id,
);
$val = $this->send($requestParams);
return $this->out($val);
}
public function AddDomainRecord($type, $rr, $value)
{
public function AddDomainRecord($type, $rr, $value)
{
$requestParams = array(
"Action" => "AddDomainRecord",
"RR" => $rr,
"Type" => $type,
"Value" => $value,
);
$val = $this->send($requestParams);
return $this->out($val);
}
$requestParams = array(
"Action" => "AddDomainRecord",
"RR" => $rr,
"Type" => $type,
"Value" => $value,
);
$val = $this->send($requestParams);
return $this->out($val);
}
private function send($requestParams)
{
$publicParams = array(
"DomainName" => $this->DomainName,
"Format" => "JSON",
"Version" => "2015-01-09",
"AccessKeyId" => $this->accessKeyId,
"Timestamp" => date("Y-m-d\TH:i:s\Z"),
"SignatureMethod" => "HMAC-SHA1",
"SignatureVersion" => "1.0",
"SignatureNonce" => substr(md5(rand(1, 99999999)), rand(1, 9), 14),
);
private function send($requestParams)
{
$publicParams = array(
"DomainName" => $this->DomainName,
"Format" => "JSON",
"Version" => "2015-01-09",
"AccessKeyId" => $this->accessKeyId,
"Timestamp" => date("Y-m-d\TH:i:s\Z"),
"SignatureMethod" => "HMAC-SHA1",
"SignatureVersion" => "1.0",
"SignatureNonce" => substr(md5(rand(1, 99999999)), rand(1, 9), 14),
);
$params = array_merge($publicParams, $requestParams);
$params['Signature'] = $this->sign($params, $this->accessSecrec);
$uri = http_build_query($params);
$url = 'http://alidns.aliyuncs.com/?'.$uri;
return $this->curl($url);
}
$params = array_merge($publicParams, $requestParams);
$params['Signature'] = $this->sign($params, $this->accessSecrec);
$uri = http_build_query($params);
$url = 'http://alidns.aliyuncs.com/?'.$uri;
return $this->curl($url);
}
private function sign($params, $accessSecrec, $method = "GET")
{
ksort($params);
$stringToSign = strtoupper($method).'&'.$this->percentEncode('/').'&';
private function sign($params, $accessSecrec, $method = "GET")
{
ksort($params);
$stringToSign = strtoupper($method).'&'.$this->percentEncode('/').'&';
$tmp = "";
foreach ($params as $key => $val) {
$tmp .= '&'.$this->percentEncode($key).'='.$this->percentEncode($val);
}
$tmp = trim($tmp, '&');
$stringToSign = $stringToSign.$this->percentEncode($tmp);
$tmp = "";
foreach ($params as $key => $val) {
$tmp .= '&'.$this->percentEncode($key).'='.$this->percentEncode($val);
}
$tmp = trim($tmp, '&');
$stringToSign = $stringToSign.$this->percentEncode($tmp);
$key = $accessSecrec.'&';
$hmac = hash_hmac("sha1", $stringToSign, $key, true);
$key = $accessSecrec.'&';
$hmac = hash_hmac("sha1", $stringToSign, $key, true);
return base64_encode($hmac);
}
return base64_encode($hmac);
}
private function percentEncode($value = null)
{
$en = urlencode($value);
$en = str_replace("+", "%20", $en);
$en = str_replace("*", "%2A", $en);
$en = str_replace("%7E", "~", $en);
return $en;
}
private function percentEncode($value = null)
{
$en = urlencode($value);
$en = str_replace("+", "%20", $en);
$en = str_replace("*", "%2A", $en);
$en = str_replace("%7E", "~", $en);
return $en;
}
private function curl($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//curl_setopt($ch, CURLOPT_HEADER, 1);
//curl_setopt($ch, CURLINFO_HEADER_OUT, true);
$result = curl_exec($ch);
$info = curl_getinfo($ch);
private function curl($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//curl_setopt($ch, CURLOPT_HEADER, 1);
//curl_setopt($ch, CURLINFO_HEADER_OUT, true);
$result = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
return array($info["http_code"], $result);
}
curl_close($ch);
return array($info["http_code"], $result);
}
private function out($arr)
{
$t = json_decode($arr[1], true);
$t["httpcode"] = $arr[0];
return $t;
}
private function out($arr)
{
$t = json_decode($arr[1], true);
$t["httpcode"] = $arr[0];
return $t;
}
}

29
php-version/godaddydns.php
View File

@ -1,6 +1,10 @@
<?php
date_default_timezone_set("GMT");
$dir = dirname(dirname(__FILE__));
#根域名列表文件,如果自己的根域名不存在该文件中,可自行添加
$domainfile = $dir . DIRECTORY_SEPARATOR . "domain.ini";
# 第一个参数是 action代表 (add/clean)
# 第二个参数是域名
# 第三个参数是主机名(第三个参数+第二个参数组合起来就是要添加的 TXT 记录)
@ -81,23 +85,14 @@ class GodaddyDns
//常见根域名 【https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains】
// 【http://www.seobythesea.com/2006/01/googles-most-popular-and-least-popular-top-level-domains/】
$arr[] = ".co.jp";
$arr[] = ".com.tw";
$arr[] = ".net";
$arr[] = ".com";
$arr[] = ".com.cn";
$arr[] = ".org";
$arr[] = ".cn";
$arr[] = ".gov";
$arr[] = ".net.cn";
$arr[] = ".io";
$arr[] = ".top";
$arr[] = ".me";
$arr[] = ".int";
$arr[] = ".edu";
$arr[] = ".link";
$arr[] = ".uk";
$arr[] = ".hk";
global $domainfile;
$tmp = file($domainfile);
$arr = array();
foreach ($tmp as $k=>$v) {
$v = trim($v);
if ($v!="")
$arr[]= "." . $v;
}
//二级域名
$seconddomain = "";

32
php-version/txydns.php
View File

@ -1,7 +1,9 @@
<?php
date_default_timezone_set("GMT");
$dir = dirname(dirname(__FILE__));
#根域名列表文件,如果自己的根域名不存在该文件中,可自行添加
$domainfile = $dir . DIRECTORY_SEPARATOR . "domain.ini";
/*
$obj = new TxyDns(txyaccessKeyId, APPKEY, APPTOKEN);
@ -110,27 +112,15 @@ class TxyDns {
//常见根域名 【https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains】
// 【http://www.seobythesea.com/2006/01/googles-most-popular-and-least-popular-top-level-domains/】
global $domainfile;
$tmp = file($domainfile);
$arr = array();
foreach ($tmp as $k=>$v) {
$v = trim($v);
if ($v!="")
$arr[]= "." . $v;
}
$arr[] = ".uk";
$arr[] = ".hk";
$arr[] = ".net";
$arr[] = ".com";
$arr[] = ".edu";
$arr[] = ".mil";
$arr[] = ".com.cn";
$arr[] = ".org";
$arr[] = ".cn";
$arr[] = ".gov";
$arr[] = ".net.cn";
$arr[] = ".io";
$arr[] = ".co.jp";
$arr[] = ".com.tw";
$arr[] = ".info";
$arr[] = ".io";
$arr[] = ".top";
$arr[] = ".me";
$arr[] = ".int";
$arr[] = ".edu";
//二级域名
$seconddomain = "";
//子域名

17
python-version/alydns.py
View File

@ -8,6 +8,7 @@ import random
import string
import json
import sys
import os
pv = "python2"
#python2
@ -31,8 +32,20 @@ class AliDns:
@staticmethod
def getDomain(domain):
domain_parts = domain.split('.')
if len(domain_parts) > 2:
rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3):])
dirpath = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
domainfile = dirpath + "/domain.ini"
domainarr = []
with open(domainfile) as f:
for line in f:
val = line.strip()
domainarr.append(val)
#rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3):])
rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in
domainarr else 3):])
selfdomain = domain.split(rootdomain)[0]
return (selfdomain[0:len(selfdomain)-1], rootdomain)
return ("", domain)
@ -210,7 +223,7 @@ if __name__ == '__main__':
file_name, cmd, certbot_domain, acme_challenge, certbot_validation, ACCESS_KEY_ID, ACCESS_KEY_SECRET = sys.argv
certbot_domain = AliDns.getDomain(certbot_domain)
# print (certbot_domain)
#print (certbot_domain)
if certbot_domain[0] == "":
selfdomain = acme_challenge
else:

11
python-version/godaddydns.py
View File

@ -2,6 +2,7 @@
import json
import sys
import os
class GodaddyDns:
def __init__(self, access_key_id, access_key_secret, domain_name):
@ -13,7 +14,15 @@ class GodaddyDns:
def getDomain(domain):
domain_parts = domain.split('.')
if len(domain_parts) > 2:
rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3): ])
dirpath = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
domainfile = dirpath + "/domain.ini"
domainarr = []
with open(domainfile) as f:
for line in f:
val = line.strip()
domainarr.append(val)
rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in domainarr else 3): ])
selfdomain = domain.split(rootdomain)[0]
return (selfdomain[0:len(selfdomain)-1], rootdomain)
return ("", domain)

12
python-version/txydns.py
View File

@ -7,6 +7,7 @@ import hashlib
import json
import urllib
import base64
import os
pv = "python2"
if sys.version_info[0] < 3:
@ -96,8 +97,17 @@ class Cns:
@staticmethod
def getDomain(domain):
domain_parts = domain.split('.')
if len(domain_parts) > 2:
rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3): ])
dirpath = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
domainfile = dirpath + "/domain.ini"
domainarr = []
with open(domainfile) as f:
for line in f:
val = line.strip()
domainarr.append(val)
rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in domainarr else 3): ])
selfdomain = domain.split(rootdomain)[0]
return (selfdomain[0:len(selfdomain)-1], rootdomain)
return ("", domain)