mirror of
https://github.com/netcccyun/dnsmgr.git
synced 2026-02-21 15:31:12 +08:00
fix
This commit is contained in:
net909
parent
17af597022
commit
dcfc545608
@ -251,6 +251,7 @@ class Cert extends BaseController
|
||||
'keytype' => input('post.keytype'),
|
||||
'keysize' => input('post.keysize'),
|
||||
'addtime' => date('Y-m-d H:i:s'),
|
||||
'issuer' => '',
|
||||
'status' => 0,
|
||||
];
|
||||
$domains = array_map('trim', $domains);
|
||||
|
||||
@ -21,7 +21,7 @@ class aws implements DeployInterface
|
||||
public function check()
|
||||
{
|
||||
if (empty($this->AccessKeyId) || empty($this->SecretAccessKey)) throw new Exception('必填参数不能为空');
|
||||
$client = new AWSClient($this->AccessKeyId, $this->SecretAccessKey, 'iam.amazonaws.com', 'iam','2010-05-08', 'us-east-1');
|
||||
$client = new AWSClient($this->AccessKeyId, $this->SecretAccessKey, 'iam.amazonaws.com', 'iam', '2010-05-08', 'us-east-1');
|
||||
$client->requestXml('GET', 'GetUser');
|
||||
return true;
|
||||
}
|
||||
@ -33,28 +33,28 @@ class aws implements DeployInterface
|
||||
if (!$certInfo) throw new Exception('证书解析失败');
|
||||
$config['cert_name'] = str_replace('*.', '', $certInfo['subject']['CN']) . '-' . $certInfo['validFrom_time_t'];
|
||||
|
||||
if(isset($info['cert_id']) && isset($info['cert_name']) && $info['cert_name'] == $config['cert_name']){
|
||||
if (isset($info['cert_id']) && isset($info['cert_name']) && $info['cert_name'] == $config['cert_name']) {
|
||||
$cert_id = $info['cert_id'];
|
||||
$this->log('证书已上传:' . $cert_id);
|
||||
}else{
|
||||
} else {
|
||||
$cert_id = $this->get_cert_id($fullchain, $privatekey);
|
||||
$this->log('证书上传成功:' . $cert_id);
|
||||
$info['cert_id'] = $cert_id;
|
||||
$info['cert_name'] = $config['cert_name'];
|
||||
usleep(500000);
|
||||
}
|
||||
|
||||
|
||||
$client = new \app\lib\client\AWS($this->AccessKeyId, $this->SecretAccessKey, 'cloudfront.amazonaws.com', 'cloudfront', '2020-05-31', 'us-east-1');
|
||||
try{
|
||||
$data = $client->requestXmlN('GET', '/distribution/'.$config['distribution_id'].'/config', [], null, true);
|
||||
}catch(Exception $e){
|
||||
throw new Exception('获取分配信息失败:'.$e->getMessage());
|
||||
try {
|
||||
$data = $client->requestXmlN('GET', '/distribution/' . $config['distribution_id'] . '/config', [], null, true);
|
||||
} catch (Exception $e) {
|
||||
throw new Exception('获取分配信息失败:' . $e->getMessage());
|
||||
}
|
||||
|
||||
|
||||
$data['ViewerCertificate']['ACMCertificateArn'] = $cert_id;
|
||||
$data['ViewerCertificate']['CloudFrontDefaultCertificate'] = false;
|
||||
$xml = new \SimpleXMLElement('<?xml version="1.0" encoding="utf-8"?><DistributionConfig></DistributionConfig>');
|
||||
$client->requestXmlN('PUT', '/distribution/'.$config['distribution_id'].'/config', $data, $xml);
|
||||
$client->requestXmlN('PUT', '/distribution/' . $config['distribution_id'] . '/config', $data, $xml);
|
||||
$this->log('分配ID: ' . $config['distribution_id'] . ' 证书部署成功!');
|
||||
}
|
||||
|
||||
@ -65,13 +65,13 @@ class aws implements DeployInterface
|
||||
'Certificate' => base64_encode($cert),
|
||||
'PrivateKey' => base64_encode($privatekey),
|
||||
];
|
||||
|
||||
|
||||
$client = new \app\lib\client\AWS($this->AccessKeyId, $this->SecretAccessKey, 'acm.us-east-1.amazonaws.com', 'acm', '', 'us-east-1');
|
||||
try{
|
||||
try {
|
||||
$data = $client->request('POST', 'CertificateManager.ImportCertificate', $param);
|
||||
$cert_id = $data['CertificateArn'];
|
||||
}catch(Exception $e){
|
||||
throw new Exception('上传证书失败:'.$e->getMessage());
|
||||
} catch (Exception $e) {
|
||||
throw new Exception('上传证书失败:' . $e->getMessage());
|
||||
}
|
||||
return $cert_id;
|
||||
}
|
||||
|
||||
@ -32,18 +32,18 @@ class baidu implements DeployInterface
|
||||
$certInfo = openssl_x509_parse($fullchain, true);
|
||||
if (!$certInfo) throw new Exception('证书解析失败');
|
||||
$config['cert_name'] = str_replace('*.', '', $certInfo['subject']['CN']) . '-' . $certInfo['validFrom_time_t'];
|
||||
|
||||
|
||||
$client = new BaiduCloud($this->AccessKeyId, $this->SecretAccessKey, 'cdn.baidubce.com');
|
||||
try{
|
||||
$data = $client->request('GET', '/v2/'.$config['domain'].'/certificates');
|
||||
if(isset($data['certName']) && $data['certName'] == $config['cert_name']){
|
||||
try {
|
||||
$data = $client->request('GET', '/v2/' . $config['domain'] . '/certificates');
|
||||
if (isset($data['certName']) && $data['certName'] == $config['cert_name']) {
|
||||
$this->log('CDN域名 ' . $config['domain'] . ' 证书已存在,无需重复部署');
|
||||
return;
|
||||
}
|
||||
}catch(Exception $e){
|
||||
} catch (Exception $e) {
|
||||
$this->log($e->getMessage());
|
||||
}
|
||||
|
||||
|
||||
$param = [
|
||||
'httpsEnable' => 'ON',
|
||||
'certificate' => [
|
||||
@ -52,7 +52,7 @@ class baidu implements DeployInterface
|
||||
'certPrivateData' => $privatekey,
|
||||
],
|
||||
];
|
||||
$data = $client->request('PUT', '/v2/'.$config['domain'].'/certificates', null, $param);
|
||||
$data = $client->request('PUT', '/v2/' . $config['domain'] . '/certificates', null, $param);
|
||||
$info['cert_id'] = $data['certId'];
|
||||
$this->log('CDN域名 ' . $config['domain'] . ' 证书部署成功!');
|
||||
}
|
||||
|
||||
@ -81,12 +81,12 @@ class ftp implements DeployInterface
|
||||
throw new Exception('端口不合法');
|
||||
}
|
||||
|
||||
if($this->config['secure'] == '1'){
|
||||
if ($this->config['secure'] == '1') {
|
||||
$conn_id = ftp_ssl_connect($this->config['host'], intval($this->config['port']), 10);
|
||||
if (!$conn_id) {
|
||||
throw new Exception('FTP服务器无法连接(SSL)');
|
||||
}
|
||||
}else{
|
||||
} else {
|
||||
$conn_id = ftp_connect($this->config['host'], intval($this->config['port']), 10);
|
||||
if (!$conn_id) {
|
||||
throw new Exception('FTP服务器无法连接');
|
||||
|
||||
@ -31,11 +31,11 @@ class huawei implements DeployInterface
|
||||
$certInfo = openssl_x509_parse($fullchain, true);
|
||||
if (!$certInfo) throw new Exception('证书解析失败');
|
||||
$config['cert_name'] = str_replace('*.', '', $certInfo['subject']['CN']) . '-' . $certInfo['validFrom_time_t'];
|
||||
if($config['product'] == 'cdn'){
|
||||
if ($config['product'] == 'cdn') {
|
||||
$this->deploy_cdn($fullchain, $privatekey, $config);
|
||||
}elseif($config['product'] == 'elb'){
|
||||
} elseif ($config['product'] == 'elb') {
|
||||
$this->deploy_elb($fullchain, $privatekey, $config);
|
||||
}elseif($config['product'] == 'waf'){
|
||||
} elseif ($config['product'] == 'waf') {
|
||||
$this->deploy_waf($fullchain, $privatekey, $config);
|
||||
}
|
||||
}
|
||||
@ -56,7 +56,7 @@ class huawei implements DeployInterface
|
||||
],
|
||||
],
|
||||
];
|
||||
$client->request('PUT', '/v1.1/cdn/configuration/domains/'.$config['domain'].'/configs', null, $param);
|
||||
$client->request('PUT', '/v1.1/cdn/configuration/domains/' . $config['domain'] . '/configs', null, $param);
|
||||
$this->log('CDN域名 ' . $config['domain'] . ' 部署证书成功!');
|
||||
}
|
||||
|
||||
@ -65,15 +65,15 @@ class huawei implements DeployInterface
|
||||
if (empty($config['project_id'])) throw new Exception('项目ID不能为空');
|
||||
if (empty($config['region_id'])) throw new Exception('区域ID不能为空');
|
||||
if (empty($config['cert_id'])) throw new Exception('证书ID不能为空');
|
||||
$endpoint = 'elb.'.$config['region_id'].'.myhuaweicloud.com';
|
||||
$endpoint = 'elb.' . $config['region_id'] . '.myhuaweicloud.com';
|
||||
$client = new HuaweiCloud($this->AccessKeyId, $this->SecretAccessKey, $endpoint);
|
||||
try{
|
||||
$data = $client->request('GET', '/v3/'.$config['project_id'].'/elb/certificates/'.$config['cert_id']);
|
||||
}catch(Exception $e){
|
||||
throw new Exception('证书详情查询失败:'.$e->getMessage());
|
||||
try {
|
||||
$data = $client->request('GET', '/v3/' . $config['project_id'] . '/elb/certificates/' . $config['cert_id']);
|
||||
} catch (Exception $e) {
|
||||
throw new Exception('证书详情查询失败:' . $e->getMessage());
|
||||
}
|
||||
if(isset($data['certificate']['certificate']) && trim($data['certificate']['certificate']) == trim($fullchain)){
|
||||
$this->log('ELB证书ID '.$config['cert_id'].' 已存在,无需重复部署');
|
||||
if (isset($data['certificate']['certificate']) && trim($data['certificate']['certificate']) == trim($fullchain)) {
|
||||
$this->log('ELB证书ID ' . $config['cert_id'] . ' 已存在,无需重复部署');
|
||||
return;
|
||||
}
|
||||
$param = [
|
||||
@ -83,7 +83,7 @@ class huawei implements DeployInterface
|
||||
'domain' => implode(',', $config['domainList']),
|
||||
],
|
||||
];
|
||||
$client->request('PUT', '/v3/'.$config['project_id'].'/elb/certificates/'.$config['cert_id'], null, $param);
|
||||
$client->request('PUT', '/v3/' . $config['project_id'] . '/elb/certificates/' . $config['cert_id'], null, $param);
|
||||
$this->log('ELB证书ID ' . $config['cert_id'] . ' 更新证书成功!');
|
||||
}
|
||||
|
||||
@ -92,15 +92,15 @@ class huawei implements DeployInterface
|
||||
if (empty($config['project_id'])) throw new Exception('项目ID不能为空');
|
||||
if (empty($config['region_id'])) throw new Exception('区域ID不能为空');
|
||||
if (empty($config['cert_id'])) throw new Exception('证书ID不能为空');
|
||||
$endpoint = 'waf.'.$config['region_id'].'.myhuaweicloud.com';
|
||||
$endpoint = 'waf.' . $config['region_id'] . '.myhuaweicloud.com';
|
||||
$client = new HuaweiCloud($this->AccessKeyId, $this->SecretAccessKey, $endpoint);
|
||||
try{
|
||||
$data = $client->request('GET', '/v1/'.$config['project_id'].'/waf/certificates/'.$config['cert_id']);
|
||||
}catch(Exception $e){
|
||||
throw new Exception('证书详情查询失败:'.$e->getMessage());
|
||||
try {
|
||||
$data = $client->request('GET', '/v1/' . $config['project_id'] . '/waf/certificates/' . $config['cert_id']);
|
||||
} catch (Exception $e) {
|
||||
throw new Exception('证书详情查询失败:' . $e->getMessage());
|
||||
}
|
||||
if(isset($data['content']) && trim($data['content']) == trim($fullchain)){
|
||||
$this->log('WAF证书ID '.$config['cert_id'].' 已存在,无需重复部署');
|
||||
if (isset($data['content']) && trim($data['content']) == trim($fullchain)) {
|
||||
$this->log('WAF证书ID ' . $config['cert_id'] . ' 已存在,无需重复部署');
|
||||
return;
|
||||
}
|
||||
$param = [
|
||||
@ -108,7 +108,7 @@ class huawei implements DeployInterface
|
||||
'content' => $fullchain,
|
||||
'key' => $privatekey,
|
||||
];
|
||||
$client->request('PUT', '/v1/'.$config['project_id'].'/waf/certificates/'.$config['cert_id'], null, $param);
|
||||
$client->request('PUT', '/v1/' . $config['project_id'] . '/waf/certificates/' . $config['cert_id'], null, $param);
|
||||
$this->log('WAF证书ID ' . $config['cert_id'] . ' 更新证书成功!');
|
||||
}
|
||||
|
||||
|
||||
@ -71,7 +71,7 @@ class huoshan implements DeployInterface
|
||||
try {
|
||||
$data = $client->request('POST', 'AddCertificate', $param);
|
||||
} catch (Exception $e) {
|
||||
if(strpos($e->getMessage(), '证书已存在,ID为')!==false){
|
||||
if (strpos($e->getMessage(), '证书已存在,ID为') !== false) {
|
||||
$cert_id = trim(getSubstr($e->getMessage(), '证书已存在,ID为', '。'));
|
||||
$this->log('证书已存在 CertId=' . $cert_id);
|
||||
return $cert_id;
|
||||
|
||||
@ -20,8 +20,8 @@ class local implements DeployInterface
|
||||
}
|
||||
if ($config['format'] == 'pem') {
|
||||
$dir = dirname($config['pem_cert_file']);
|
||||
if (!is_dir($dir)) throw new Exception($dir.' 目录不存在');
|
||||
if (!is_writable($dir)) throw new Exception($dir.' 目录不可写');
|
||||
if (!is_dir($dir)) throw new Exception($dir . ' 目录不存在');
|
||||
if (!is_writable($dir)) throw new Exception($dir . ' 目录不可写');
|
||||
|
||||
if (file_put_contents($config['pem_cert_file'], $fullchain)) {
|
||||
$this->log('证书已保存到:' . $config['pem_cert_file']);
|
||||
@ -35,8 +35,8 @@ class local implements DeployInterface
|
||||
}
|
||||
} elseif ($config['format'] == 'pfx') {
|
||||
$dir = dirname($config['pfx_file']);
|
||||
if (!is_dir($dir)) throw new Exception($dir.' 目录不存在');
|
||||
if (!is_writable($dir)) throw new Exception($dir.' 目录不可写');
|
||||
if (!is_dir($dir)) throw new Exception($dir . ' 目录不存在');
|
||||
if (!is_writable($dir)) throw new Exception($dir . ' 目录不可写');
|
||||
|
||||
$pfx = \app\lib\CertHelper::getPfx($fullchain, $privatekey, $config['pfx_pass'] ? $config['pfx_pass'] : null);
|
||||
if (file_put_contents($config['pfx_file'], $pfx)) {
|
||||
@ -47,10 +47,10 @@ class local implements DeployInterface
|
||||
}
|
||||
if (!empty($config['cmd'])) {
|
||||
$cmds = explode("\n", $config['cmd']);
|
||||
foreach($cmds as $cmd){
|
||||
foreach ($cmds as $cmd) {
|
||||
$cmd = trim($cmd);
|
||||
if(empty($cmd)) continue;
|
||||
$this->log('执行命令:'.$cmd);
|
||||
if (empty($cmd)) continue;
|
||||
$this->log('执行命令:' . $cmd);
|
||||
$output = [];
|
||||
$ret = 0;
|
||||
exec($cmd, $output, $ret);
|
||||
|
||||
@ -38,11 +38,11 @@ class qiniu implements DeployInterface
|
||||
|
||||
$cert_id = $this->get_cert_id($fullchain, $privatekey, $certInfo['subject']['CN'], $cert_name);
|
||||
|
||||
if($config['product'] == 'cdn'){
|
||||
if ($config['product'] == 'cdn') {
|
||||
$this->deploy_cdn($domain, $cert_id);
|
||||
}elseif($config['product'] == 'oss'){
|
||||
} elseif ($config['product'] == 'oss') {
|
||||
$this->deploy_oss($domain, $cert_id);
|
||||
}else{
|
||||
} else {
|
||||
throw new Exception('未知的产品类型');
|
||||
}
|
||||
$info['cert_id'] = $cert_id;
|
||||
|
||||
@ -58,7 +58,7 @@ class tencent implements DeployInterface
|
||||
if (empty($config['domain'])) throw new Exception('绑定的域名不能为空');
|
||||
if ($config['product'] == 'waf') {
|
||||
$this->client = new TencentCloud($this->SecretId, $this->SecretKey, 'ssl.tencentcloudapi.com', 'ssl', '2019-12-05', $config['region']);
|
||||
} elseif (in_array($config['product'], ['tse','scf'])) {
|
||||
} elseif (in_array($config['product'], ['tse', 'scf'])) {
|
||||
if (empty($config['regionid'])) throw new Exception('所属地域ID不能为空');
|
||||
$this->client = new TencentCloud($this->SecretId, $this->SecretKey, 'ssl.tencentcloudapi.com', 'ssl', '2019-12-05', $config['regionid']);
|
||||
}
|
||||
@ -219,12 +219,12 @@ class tencent implements DeployInterface
|
||||
throw new Exception('获取云函数自定义域名失败:' . $e->getMessage());
|
||||
}
|
||||
|
||||
if(isset($data['CertConfig']['CertificateId']) && $data['CertConfig']['CertificateId'] == $cert_id){
|
||||
if (isset($data['CertConfig']['CertificateId']) && $data['CertConfig']['CertificateId'] == $cert_id) {
|
||||
$this->log('云函数自定义域名 ' . $config['domain'] . ' 已部署证书,无需重复部署');
|
||||
return;
|
||||
}
|
||||
$data['CertConfig']['CertificateId'] = $cert_id;
|
||||
if($data['Protocol'] == 'HTTP') $data['Protocol'] = 'HTTP&HTTPS';
|
||||
if ($data['Protocol'] == 'HTTP') $data['Protocol'] = 'HTTP&HTTPS';
|
||||
|
||||
$param = [
|
||||
'Domain' => $config['domain'],
|
||||
|
||||
Loading…
Reference in New Issue
Block a user