godaddy域名自动签发 letsencrypt 证书并设置到 nginx

最新推荐文章于 2024-07-20 14:42:34 发布

天占

最新推荐文章于 2024-07-20 14:42:34 发布

阅读量1k

点赞数

分类专栏： nodejs nginx

本文链接：https://blog.csdn.net/qhexin/article/details/105036361

版权

nodejs 同时被 2 个专栏收录

7 篇文章 0 订阅

订阅专栏

nginx

2 篇文章 0 订阅

订阅专栏

免费的https证书生成很消耗时间，godaddy 又很慢。所以做一个自动化脚本，就省力啦。

// 创建 https 证书

class makeHttpsConfig {

    //阻塞延时
    static sleep(ms) {
        return new Promise((resolve, reject) => {
            setTimeout(resolve, ms);
        })
    }

    static invokeCmd(cmd){
        var exec = require('child_process').exec;
        var cmdStr = cmd;
        exec(cmdStr, function(err,stdout,stderr){
            if(err) {
                console.log('error:'+stderr);
            } else {
                console.log('invoke',cmd,'success')
            }
        });
    }


    //执行 https 证书的生成
    static async make(domain_name) {
        let spawn = require('child_process').spawn;
        // /root/letsencrypt/certbot-auto certonly  -d *.galaxy-in.pw --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory
        let create_cmd = spawn('/root/letsencrypt/certbot-auto', ['certonly',`-d *.${domain_name}`,'--manual','--preferred-challenges','dns','--server','https://acme-v02.api.letsencrypt.org/directory']);

        //配置域名
        let myip = 'xxxxxx';//自己的IP
        let gdapikey = "key:scert";//自己配置哦
        makeHttpsConfig.invokeCmd(`curl -s -X PUT "https://api.godaddy.com/v1/domains/${domain_name}/records/A/*" -H "Authorization: sso-key ${gdapikey}" -H "Content-Type: application/json" -d "[{\\"data\\": \\"${myip}\\"}]"`)

        //配置 nginx 文件。把 template_domain.conf 文件作为模板，生成 nginx 配置文件
        makeHttpsConfig.invokeCmd(`sed "s/template_domain/${domain_name}/g" /www/server/panel/vhost/nginx/template_domain.conf > /www/server/panel/vhost/nginx/${domain_name}.conf`);

        // await makeHttpsConfig.sleep(60*1000);

        let step = 0;
        // 捕获标准输出并将其打印到控制台
        create_cmd.stdout.on('data', async function (data) {
            console.log('standard output:\n' + data);
            let str = '' + data
            if (step == 0){
                if (str.indexOf("(Y)es/(N)o:") >= 0) {
                    console.log('检测到输入的要求');
                    await makeHttpsConfig.sleep(3*1000);
                    create_cmd.stdin.write('y\n');
                    console.log('已发送 y')
                }
                else if(str.indexOf('Renew & replace the cert') >= 0){
                    await makeHttpsConfig.sleep(3*1000);
                    create_cmd.stdin.write('2\n');
                    console.log('已发送 2')
                }

                step = step + 1
            }else if(step == 1){
                if(str.indexOf("_acme-challenge") >= 0){
                    let setValue = str.match("(acme-challenge.*)\n\n(.*)\n\n")[2]
                    console.log('find need set is:',setValue)
                    makeHttpsConfig.invokeCmd(`curl -s -X PUT "https://api.godaddy.com/v1/domains/${domain_name}/records/TXT/_acme-challenge" -H "Authorization: sso-key ${gdapikey}" -H "Content-Type: application/json" -d "[{\\"data\\": \\"${setValue}\\"}]"`)

                    await makeHttpsConfig.sleep(5*60*1000);

                    create_cmd.stdin.write('\n');

                    await makeHttpsConfig.sleep(10*1000);
                    makeHttpsConfig.invokeCmd('nginx -s reload');
                }
                step = step + 1
            }

        });

// 捕获标准错误输出并将其打印到控制台
        create_cmd.stderr.on('data', function (data) {
            console.log('standard error output:\n' + data);
        });

// 注册子进程关闭事件
        create_cmd.on('exit', function (code, signal) {
            console.log('child process eixt ,exit:' + code);
        });


    }

}

var arguments = require('process').argv.splice(1);
console.log(arguments)
makeHttpsConfig.make(arguments[1])

module.exports = makeHttpsConfig;