261 lines
5.7 KiB
Go
261 lines
5.7 KiB
Go
package cmd
|
||
|
||
import (
|
||
"agent-wdd/log"
|
||
"agent-wdd/op"
|
||
"agent-wdd/utils"
|
||
"os"
|
||
"strings"
|
||
"time"
|
||
|
||
"github.com/spf13/cobra"
|
||
)
|
||
|
||
const (
|
||
acmeShUrl = "https://raw.githubusercontent.com/acmesh-official/acme.sh/master/acme.sh"
|
||
CF_Token = "oXJRP5XI8Zhipa_PtYtB_jy6qWL0I9BosrJEYE8p"
|
||
CF_Account_ID = "dfaadeb83406ef5ad35da02617af9191"
|
||
CF_Zone_ID = "511894a4f1357feb905e974e16241ebb"
|
||
)
|
||
|
||
// addAcmeSubcommands acme的相关任务
|
||
func addAcmeSubcommands(cmd *cobra.Command) {
|
||
|
||
// install
|
||
installCmd := &cobra.Command{
|
||
Use: "install",
|
||
Short: "安装acme",
|
||
Run: func(cmd *cobra.Command, args []string) {
|
||
log.Info("安装acme")
|
||
|
||
// 检查是否安装acme
|
||
if utils.FileExistAndNotNull("/usr/local/bin/acme.sh") {
|
||
log.Info("acme已安装")
|
||
return
|
||
}
|
||
|
||
// 下载 这个文件到 /usr/local/bin/acme.sh
|
||
ok, err := utils.DownloadFile(
|
||
acmeShUrl,
|
||
"/usr/local/bin/acme.sh",
|
||
)
|
||
if !ok {
|
||
log.Error("下载acme.sh失败", err)
|
||
return
|
||
}
|
||
|
||
// 设置权限
|
||
utils.PermissionFileExecute("/usr/local/bin/acme.sh")
|
||
|
||
// 执行安装命令
|
||
op.RealTimeCommandExecutor([]string{
|
||
"/usr/local/bin/acme.sh",
|
||
"--install-online",
|
||
"ice@gmail.com",
|
||
})
|
||
|
||
log.Info("acme安装成功")
|
||
},
|
||
}
|
||
|
||
// renew
|
||
renewCmd := &cobra.Command{
|
||
Use: "renew",
|
||
Short: "acme续期",
|
||
Args: cobra.ExactArgs(1),
|
||
Run: func(cmd *cobra.Command, args []string) {
|
||
log.Info("acme续期")
|
||
|
||
domain_name := args[0]
|
||
// 检查domain_name是否是有效的域名
|
||
if !strings.HasSuffix(domain_name, "107421.xyz") {
|
||
log.Error("只支持续期107421.xyz的域名")
|
||
return
|
||
}
|
||
|
||
// 注入环境变量
|
||
os.Setenv("CF_Token", CF_Token)
|
||
os.Setenv("CF_Account_ID", CF_Account_ID)
|
||
os.Setenv("CF_Zone_ID", CF_Zone_ID)
|
||
|
||
// 执行命令
|
||
op.RealTimeCommandExecutor([]string{
|
||
"/root/.acme.sh/acme.sh",
|
||
"--renew",
|
||
"-d",
|
||
domain_name,
|
||
})
|
||
|
||
// 删除环境变量
|
||
os.Unsetenv("CF_Token")
|
||
os.Unsetenv("CF_Account_ID")
|
||
os.Unsetenv("CF_Zone_ID")
|
||
|
||
log.Info("续期acme成功")
|
||
},
|
||
}
|
||
|
||
// list
|
||
listCmd := &cobra.Command{
|
||
Use: "list",
|
||
Short: "列出acme全部的证书",
|
||
Run: func(cmd *cobra.Command, args []string) {
|
||
log.Info("列出acme全部的证书")
|
||
|
||
// 执行命令
|
||
ok, output := op.SingleLineCommandExecutor([]string{"/root/.acme.sh/acme.sh", "--list"})
|
||
if !ok {
|
||
log.Error("列出acme全部的证书失败", output)
|
||
return
|
||
}
|
||
|
||
utils.BeautifulPrintListWithTitle(output, "列出acme全部的证书")
|
||
|
||
// 获取当前时间
|
||
now := time.Now()
|
||
// 设置30天的期限
|
||
expiryLimit := now.AddDate(0, 0, 30)
|
||
|
||
log.Info("以下证书将在30天内过期:")
|
||
foundExpiring := false
|
||
|
||
// 跳过标题行
|
||
for i := 1; i < len(output); i++ {
|
||
line := strings.TrimSpace(output[i])
|
||
if line == "" {
|
||
continue
|
||
}
|
||
|
||
// 分割行内容
|
||
fields := strings.Fields(line)
|
||
if len(fields) < 6 {
|
||
continue
|
||
}
|
||
|
||
// 获取域名和更新时间
|
||
domainName := fields[0]
|
||
renewDateStr := fields[len(fields)-1]
|
||
|
||
// 解析更新时间
|
||
renewDate, err := time.Parse(time.RFC3339, renewDateStr)
|
||
if err != nil {
|
||
log.Error("解析时间失败: %s", err.Error())
|
||
continue
|
||
}
|
||
|
||
// 检查是否在30天内过期
|
||
if renewDate.Before(expiryLimit) {
|
||
log.Info("域名: %s, 更新时间: %s", domainName, renewDate.Format("2006-01-02"))
|
||
foundExpiring = true
|
||
}
|
||
}
|
||
|
||
if !foundExpiring {
|
||
log.Info("没有找到30天内即将过期的证书")
|
||
}
|
||
},
|
||
}
|
||
|
||
// revoke
|
||
revokeCmd := &cobra.Command{
|
||
Use: "revoke",
|
||
Short: "撤销acme",
|
||
Run: func(cmd *cobra.Command, args []string) {
|
||
log.Info("撤销acme")
|
||
|
||
// 执行命令
|
||
op.RealTimeCommandExecutor([]string{"acme.sh", "revoke"})
|
||
},
|
||
}
|
||
|
||
// 申请一个证书
|
||
applyCmd := &cobra.Command{
|
||
Use: "apply",
|
||
Short: "申请一个证书",
|
||
Args: cobra.ExactArgs(1),
|
||
Run: func(cmd *cobra.Command, args []string) {
|
||
log.Info("申请一个证书")
|
||
|
||
domain_name := args[0]
|
||
// 检查domain_name是否是有效的域名
|
||
if !strings.HasSuffix(domain_name, "107421.xyz") {
|
||
log.Error("只支持申请107421.xyz的域名")
|
||
return
|
||
}
|
||
|
||
// 注入环境变量
|
||
os.Setenv("CF_Token", CF_Token)
|
||
os.Setenv("CF_Account_ID", CF_Account_ID)
|
||
os.Setenv("CF_Zone_ID", CF_Zone_ID)
|
||
|
||
// 执行命令
|
||
op.RealTimeCommandExecutor([]string{
|
||
"/root/.acme.sh/acme.sh",
|
||
"--issue",
|
||
"--dns",
|
||
"dns_cf",
|
||
"-d",
|
||
domain_name,
|
||
"--keylength",
|
||
"ec-256",
|
||
})
|
||
|
||
// 删除环境变量
|
||
os.Unsetenv("CF_Token")
|
||
os.Unsetenv("CF_Account_ID")
|
||
os.Unsetenv("CF_Zone_ID")
|
||
|
||
log.Info("申请证书成功")
|
||
},
|
||
}
|
||
|
||
// 安装证书
|
||
installNginxCmd := &cobra.Command{
|
||
Use: "nginx",
|
||
Short: "安装nginx证书",
|
||
Args: cobra.ExactArgs(1),
|
||
Run: func(cmd *cobra.Command, args []string) {
|
||
log.Info("安装nginx证书")
|
||
|
||
domain_name := args[0]
|
||
// 检查domain_name是否是有效的域名
|
||
if !strings.HasSuffix(domain_name, "107421.xyz") {
|
||
log.Error("只支持安装107421.xyz的域名")
|
||
return
|
||
}
|
||
|
||
nginx_conf_dir := "/etc/nginx/conf.d/ssl_key/"
|
||
nginx_ssl_key_full_path := nginx_conf_dir + domain_name + ".key.pem"
|
||
nginx_ssl_cert_full_path := nginx_conf_dir + domain_name + ".cert.pem"
|
||
|
||
// 检查nginx_conf_dir_full_path是否存在
|
||
utils.CreateFolder(nginx_conf_dir)
|
||
|
||
// 执行命令
|
||
op.RealTimeCommandExecutor([]string{
|
||
"/root/.acme.sh/acme.sh",
|
||
"--install-cert",
|
||
"-d",
|
||
domain_name,
|
||
"--key-file",
|
||
nginx_ssl_key_full_path,
|
||
"--fullchain-file",
|
||
nginx_ssl_cert_full_path,
|
||
"--reloadcmd",
|
||
"systemctl restart nginx --force",
|
||
})
|
||
|
||
log.Info("安装nginx证书成功")
|
||
},
|
||
}
|
||
|
||
cmd.AddCommand(
|
||
installCmd,
|
||
renewCmd,
|
||
listCmd,
|
||
revokeCmd,
|
||
applyCmd,
|
||
installNginxCmd,
|
||
)
|
||
}
|