diff --git a/README.md b/README.md index 4c108ae..b51ed74 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,11 @@ $ chmod 0777 au.sh 2:配置 -(1)DNS API 密钥: +(1)domain.ini + +如果domain.ini文件没有你的根域名,请自行添加。 + +(2)DNS API 密钥: 这个 API 密钥什么意思呢?由于需要通过 API 操作阿里云 DNS 或腾讯云 DNS 的记录,所以需要去域名服务商哪儿获取 API 密钥,然后配置在 au.sh 文件中: @@ -34,7 +38,7 @@ $ chmod 0777 au.sh - TXY_KEY 和 TXY_TOKEN:腾讯云 [API 密钥官方申请文档](https://console.cloud.tencent.com/cam/capi)。 - GODADDY_KEY 和 GODADDY_TOKEN:GoDaddy [API 密钥官方申请文档](https://developer.godaddy.com/getstarted)。 -(2)选择运行环境 +(3)选择运行环境 目前该工具支持五种运行环境和场景,通过 hook 文件和参数来调用: @@ -152,11 +156,4 @@ $ ./certbot-auto renew --cert-name simplehttps.com --manual-auth-hook "/脚本 《深入浅出HTTPS:从原理到实战》二维码: -![深入浅出HTTPS:从原理到实战](https://notes.newyingyong.cn/static/image/httpsbook/httpsbook-small-jd.jpg) - -大家如果觉得这工程还行,欢迎金钱鼓励我哈,支付宝扫码就可以了,谢谢: - -![深入浅出HTTPS:从原理到实战](https://notes.newyingyong.cn/static/image/httpsbook/zfb.jpg) - - - +![深入浅出HTTPS:从原理到实战](https://notes.newyingyong.cn/static/image/httpsbook/httpsbook-small-jd.jpg) diff --git a/domain.ini b/domain.ini new file mode 100644 index 0000000..5214613 --- /dev/null +++ b/domain.ini @@ -0,0 +1,18 @@ +net +com +com.cn +cn +org +co.jp +com.tw +gov +net.cn +io +top +me +int +edu +link +uk +hk +shop diff --git a/php-version/alydns.php b/php-version/alydns.php index 1ad5814..d09b642 100644 --- a/php-version/alydns.php +++ b/php-version/alydns.php @@ -1,6 +1,10 @@ DescribeDomainRecords(); @@ -35,9 +39,9 @@ date_default_timezone_set("GMT"); php alydns.php add "simplehttps.com" "dnsv" "dnsk" APPKEY APPTOKEN */ -########## 配合 cerbot 运行 -# 第一个参数是 action,代表 (add/clean) -# 第二个参数是域名 +########## 配合 cerbot 运行 +# 第一个参数是 action,代表 (add/clean) +# 第二个参数是域名 # 第三个参数是主机名(第三个参数+第二个参数组合起来就是要添加的 TXT 记录) # 第四个参数是 TXT 记录值 # 第五个参数是 APPKEY @@ -47,8 +51,8 @@ echo "域名 API 调用开始\n"; print_r($argv); if (count($argv) < 7) { - echo "参数有误\n"; - exit; + echo "参数有误\n"; + exit; } echo $argv[1]."-".$argv[2]."-".$argv[3]."-".$argv[4]."-".$argv[5]."-".$argv[6]."\n"; @@ -58,30 +62,30 @@ $selfdomain = ($domainarray[0] == "") ? $argv[3] : $argv[3].".".$domainarray[0] $obj = new AliDns($argv[5], $argv[6], $domainarray[1]); switch ($argv[1]) { - case "clean": - $data = $obj->DescribeDomainRecords(); - $data = $data["DomainRecords"]["Record"]; - if (is_array($data)) { - foreach ($data as $v) { - if ($v["RR"] == $selfdomain) { - $data = $obj->DeleteDomainRecord($v["RecordId"]); - if ($data["httpcode"] != 200) { - echo "aly dns 域名删除失败-".$data["Code"].":".$data["Message"]; - exit; - } - } - } - } - break; +case "clean": + $data = $obj->DescribeDomainRecords(); + $data = $data["DomainRecords"]["Record"]; + if (is_array($data)) { + foreach ($data as $v) { + if ($v["RR"] == $selfdomain) { + $data = $obj->DeleteDomainRecord($v["RecordId"]); + if ($data["httpcode"] != 200) { + echo "aly dns 域名删除失败-".$data["Code"].":".$data["Message"]; + exit; + } + } + } + } + break; - case "add": - $data = $obj->AddDomainRecord("TXT", $selfdomain, $argv[4]); +case "add": + $data = $obj->AddDomainRecord("TXT", $selfdomain, $argv[4]); - if ($data["httpcode"] != 200) { - echo "aly dns 域名增加失败-".$data["Code"].":".$data["Message"]; - exit; - } - break; + if ($data["httpcode"] != 200) { + echo "aly dns 域名增加失败-".$data["Code"].":".$data["Message"]; + exit; + } + break; } echo "域名 API 调用结束\n"; @@ -90,180 +94,171 @@ echo "域名 API 调用结束\n"; class AliDns { - private $accessKeyId = null; - private $accessSecrec = null; - private $DomainName = null; + private $accessKeyId = null; + private $accessSecrec = null; + private $DomainName = null; - public function __construct($accessKeyId, $accessSecrec, $domain) - { - $this->accessKeyId = $accessKeyId; - $this->accessSecrec = $accessSecrec; - $this->DomainName = $domain; - } + public function __construct($accessKeyId, $accessSecrec, $domain) + { + $this->accessKeyId = $accessKeyId; + $this->accessSecrec = $accessSecrec; + $this->DomainName = $domain; + } /* 根据域名返回主机名和二级域名 */ - public static function getDomain($domain) - { + public static function getDomain($domain) + { - //https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains - //常见根域名 - $arr[] = ".co.jp"; - $arr[] = ".com.tw"; - $arr[] = ".net"; - $arr[] = ".com"; - $arr[] = ".com.cn"; - $arr[] = ".org"; - $arr[] = ".cn"; - $arr[] = ".gov"; - $arr[] = ".net.cn"; - $arr[] = ".io"; - $arr[] = ".top"; - $arr[] = ".me"; - $arr[] = ".int"; - $arr[] = ".edu"; - $arr[] = ".link"; - $arr[] = ".uk"; - $arr[] = ".hk"; + //https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains + //常见根域名 + global $domainfile; + $tmp = file($domainfile); + $arr = array(); + foreach ($tmp as $k=>$v) { + $v = trim($v); + if ($v!="") + $arr[]= "." . $v; + } - //二级域名 - $seconddomain = ""; - //子域名 - $selfdomain = ""; - //根域名 - $rootdomain = ""; - foreach ($arr as $k => $v) { - $pos = stripos($domain, $v); - if ($pos) { - $rootdomain = substr($domain, $pos); - $s = explode(".", substr($domain, 0, $pos)); - $seconddomain = $s[count($s) - 1].$rootdomain; - for ($i = 0; $i < count($s) - 1; $i++) - $selfdomain .= $s[$i] . "."; - $selfdomain = substr($selfdomain,0,strlen($selfdomain)-1); - break; - } - } - //echo $seconddomain ;exit; - if ($rootdomain == "") { - $seconddomain = $domain; - $selfdomain = ""; - } - return array($selfdomain, $seconddomain); - } + //二级域名 + $seconddomain = ""; + //子域名 + $selfdomain = ""; + //根域名 + $rootdomain = ""; + foreach ($arr as $k => $v) { + $pos = stripos($domain, $v); + if ($pos) { + $rootdomain = substr($domain, $pos); + $s = explode(".", substr($domain, 0, $pos)); + $seconddomain = $s[count($s) - 1].$rootdomain; + for ($i = 0; $i < count($s) - 1; $i++) + $selfdomain .= $s[$i] . "."; + $selfdomain = substr($selfdomain,0,strlen($selfdomain)-1); + break; + } + } + //echo $seconddomain ;exit; + if ($rootdomain == "") { + $seconddomain = $domain; + $selfdomain = ""; + } + return array($selfdomain, $seconddomain); + } - public function DescribeDomainRecords() - { - $requestParams = array( - "Action" => "DescribeDomainRecords" - ); - $val = $this->send($requestParams); + public function DescribeDomainRecords() + { + $requestParams = array( + "Action" => "DescribeDomainRecords" + ); + $val = $this->send($requestParams); - return $this->out($val); - } + return $this->out($val); + } - public function UpdateDomainRecord($id, $type, $rr, $value) - { - $requestParams = array( - "Action" => "UpdateDomainRecord", - "RecordId" => $id, - "RR" => $rr, - "Type" => $type, - "Value" => $value, - ); - $val = $this->send($requestParams); - return $this->out($val); - } + public function UpdateDomainRecord($id, $type, $rr, $value) + { + $requestParams = array( + "Action" => "UpdateDomainRecord", + "RecordId" => $id, + "RR" => $rr, + "Type" => $type, + "Value" => $value, + ); + $val = $this->send($requestParams); + return $this->out($val); + } - public function DeleteDomainRecord($id) - { - $requestParams = array( - "Action" => "DeleteDomainRecord", - "RecordId" => $id, - ); - $val = $this->send($requestParams); - return $this->out($val); - } + public function DeleteDomainRecord($id) + { + $requestParams = array( + "Action" => "DeleteDomainRecord", + "RecordId" => $id, + ); + $val = $this->send($requestParams); + return $this->out($val); + } - public function AddDomainRecord($type, $rr, $value) - { + public function AddDomainRecord($type, $rr, $value) + { - $requestParams = array( - "Action" => "AddDomainRecord", - "RR" => $rr, - "Type" => $type, - "Value" => $value, - ); - $val = $this->send($requestParams); - return $this->out($val); - } + $requestParams = array( + "Action" => "AddDomainRecord", + "RR" => $rr, + "Type" => $type, + "Value" => $value, + ); + $val = $this->send($requestParams); + return $this->out($val); + } - private function send($requestParams) - { - $publicParams = array( - "DomainName" => $this->DomainName, - "Format" => "JSON", - "Version" => "2015-01-09", - "AccessKeyId" => $this->accessKeyId, - "Timestamp" => date("Y-m-d\TH:i:s\Z"), - "SignatureMethod" => "HMAC-SHA1", - "SignatureVersion" => "1.0", - "SignatureNonce" => substr(md5(rand(1, 99999999)), rand(1, 9), 14), - ); + private function send($requestParams) + { + $publicParams = array( + "DomainName" => $this->DomainName, + "Format" => "JSON", + "Version" => "2015-01-09", + "AccessKeyId" => $this->accessKeyId, + "Timestamp" => date("Y-m-d\TH:i:s\Z"), + "SignatureMethod" => "HMAC-SHA1", + "SignatureVersion" => "1.0", + "SignatureNonce" => substr(md5(rand(1, 99999999)), rand(1, 9), 14), + ); - $params = array_merge($publicParams, $requestParams); - $params['Signature'] = $this->sign($params, $this->accessSecrec); - $uri = http_build_query($params); - $url = 'http://alidns.aliyuncs.com/?'.$uri; - return $this->curl($url); - } + $params = array_merge($publicParams, $requestParams); + $params['Signature'] = $this->sign($params, $this->accessSecrec); + $uri = http_build_query($params); + $url = 'http://alidns.aliyuncs.com/?'.$uri; + return $this->curl($url); + } - private function sign($params, $accessSecrec, $method = "GET") - { - ksort($params); - $stringToSign = strtoupper($method).'&'.$this->percentEncode('/').'&'; + private function sign($params, $accessSecrec, $method = "GET") + { + ksort($params); + $stringToSign = strtoupper($method).'&'.$this->percentEncode('/').'&'; - $tmp = ""; - foreach ($params as $key => $val) { - $tmp .= '&'.$this->percentEncode($key).'='.$this->percentEncode($val); - } - $tmp = trim($tmp, '&'); - $stringToSign = $stringToSign.$this->percentEncode($tmp); + $tmp = ""; + foreach ($params as $key => $val) { + $tmp .= '&'.$this->percentEncode($key).'='.$this->percentEncode($val); + } + $tmp = trim($tmp, '&'); + $stringToSign = $stringToSign.$this->percentEncode($tmp); - $key = $accessSecrec.'&'; - $hmac = hash_hmac("sha1", $stringToSign, $key, true); + $key = $accessSecrec.'&'; + $hmac = hash_hmac("sha1", $stringToSign, $key, true); - return base64_encode($hmac); - } + return base64_encode($hmac); + } - private function percentEncode($value = null) - { - $en = urlencode($value); - $en = str_replace("+", "%20", $en); - $en = str_replace("*", "%2A", $en); - $en = str_replace("%7E", "~", $en); - return $en; - } + private function percentEncode($value = null) + { + $en = urlencode($value); + $en = str_replace("+", "%20", $en); + $en = str_replace("*", "%2A", $en); + $en = str_replace("%7E", "~", $en); + return $en; + } - private function curl($url) - { - $ch = curl_init(); - curl_setopt($ch, CURLOPT_URL, $url); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); - //curl_setopt($ch, CURLOPT_HEADER, 1); -//curl_setopt($ch, CURLINFO_HEADER_OUT, true); - $result = curl_exec($ch); - $info = curl_getinfo($ch); + private function curl($url) + { + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + //curl_setopt($ch, CURLOPT_HEADER, 1); + //curl_setopt($ch, CURLINFO_HEADER_OUT, true); + $result = curl_exec($ch); + $info = curl_getinfo($ch); - curl_close($ch); - return array($info["http_code"], $result); - } + curl_close($ch); + return array($info["http_code"], $result); + } - private function out($arr) - { - $t = json_decode($arr[1], true); - $t["httpcode"] = $arr[0]; - return $t; - } + private function out($arr) + { + $t = json_decode($arr[1], true); + $t["httpcode"] = $arr[0]; + return $t; + } } diff --git a/php-version/godaddydns.php b/php-version/godaddydns.php index c62fb7b..5ae03cf 100644 --- a/php-version/godaddydns.php +++ b/php-version/godaddydns.php @@ -1,6 +1,10 @@ $v) { + $v = trim($v); + if ($v!="") + $arr[]= "." . $v; + } //二级域名 $seconddomain = ""; diff --git a/php-version/txydns.php b/php-version/txydns.php index 1a7f620..b62a0cd 100644 --- a/php-version/txydns.php +++ b/php-version/txydns.php @@ -1,7 +1,9 @@ $v) { + $v = trim($v); + if ($v!="") + $arr[]= "." . $v; + } - $arr[] = ".uk"; - $arr[] = ".hk"; - $arr[] = ".net"; - $arr[] = ".com"; - $arr[] = ".edu"; - $arr[] = ".mil"; - $arr[] = ".com.cn"; - $arr[] = ".org"; - $arr[] = ".cn"; - $arr[] = ".gov"; - $arr[] = ".net.cn"; - $arr[] = ".io"; - $arr[] = ".co.jp"; - $arr[] = ".com.tw"; - $arr[] = ".info"; - $arr[] = ".io"; - $arr[] = ".top"; - $arr[] = ".me"; - $arr[] = ".int"; - $arr[] = ".edu"; //二级域名 $seconddomain = ""; //子域名 diff --git a/python-version/alydns.py b/python-version/alydns.py index e57f1e6..bff0e24 100644 --- a/python-version/alydns.py +++ b/python-version/alydns.py @@ -8,6 +8,7 @@ import random import string import json import sys +import os pv = "python2" #python2 @@ -31,8 +32,20 @@ class AliDns: @staticmethod def getDomain(domain): domain_parts = domain.split('.') + + if len(domain_parts) > 2: - rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3):]) + dirpath = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) + domainfile = dirpath + "/domain.ini" + domainarr = [] + with open(domainfile) as f: + for line in f: + val = line.strip() + domainarr.append(val) + + #rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3):]) + rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in + domainarr else 3):]) selfdomain = domain.split(rootdomain)[0] return (selfdomain[0:len(selfdomain)-1], rootdomain) return ("", domain) @@ -210,7 +223,7 @@ if __name__ == '__main__': file_name, cmd, certbot_domain, acme_challenge, certbot_validation, ACCESS_KEY_ID, ACCESS_KEY_SECRET = sys.argv certbot_domain = AliDns.getDomain(certbot_domain) - # print (certbot_domain) + #print (certbot_domain) if certbot_domain[0] == "": selfdomain = acme_challenge else: diff --git a/python-version/godaddydns.py b/python-version/godaddydns.py index a5573db..8bb5cbd 100644 --- a/python-version/godaddydns.py +++ b/python-version/godaddydns.py @@ -2,6 +2,7 @@ import json import sys +import os class GodaddyDns: def __init__(self, access_key_id, access_key_secret, domain_name): @@ -13,7 +14,15 @@ class GodaddyDns: def getDomain(domain): domain_parts = domain.split('.') if len(domain_parts) > 2: - rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3): ]) + dirpath = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) + domainfile = dirpath + "/domain.ini" + domainarr = [] + with open(domainfile) as f: + for line in f: + val = line.strip() + domainarr.append(val) + + rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in domainarr else 3): ]) selfdomain = domain.split(rootdomain)[0] return (selfdomain[0:len(selfdomain)-1], rootdomain) return ("", domain) diff --git a/python-version/txydns.py b/python-version/txydns.py index 59adbf2..e21feaf 100644 --- a/python-version/txydns.py +++ b/python-version/txydns.py @@ -7,6 +7,7 @@ import hashlib import json import urllib import base64 +import os pv = "python2" if sys.version_info[0] < 3: @@ -96,8 +97,17 @@ class Cns: @staticmethod def getDomain(domain): domain_parts = domain.split('.') + if len(domain_parts) > 2: - rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in {"co.jp", "com.tw", "net", "com", "com.cn", "org", "cn", "gov", "net.cn", "io", "top", "me", "int", "edu", "link"} else 3): ]) + dirpath = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) + domainfile = dirpath + "/domain.ini" + domainarr = [] + with open(domainfile) as f: + for line in f: + val = line.strip() + domainarr.append(val) + + rootdomain = '.'.join(domain_parts[-(2 if domain_parts[-1] in domainarr else 3): ]) selfdomain = domain.split(rootdomain)[0] return (selfdomain[0:len(selfdomain)-1], rootdomain) return ("", domain)