update

2025-11-01 21:18:29 +08:00
parent 35478d43d6
commit a607719b46
119 changed files with 815 additions and 1221 deletions
--- a/letsencrypt/Demo/SingleNode/docker-compose.yml
+++ b/letsencrypt/Demo/SingleNode/docker-compose.yml
@@ -1,8 +1,6 @@
-version: "3.7"
-
 services:
  letsencrypt:
-    image: harbor.colben.cn/general/letsencrypt
+    image: harbor.boyachain.cn:20443/general/letsencrypt:latest
    container_name: letsencrypt
    restart: "no"
    stop_grace_period: 1m
@@ -18,7 +16,7 @@ services:
      target: /var/log/letsencrypt

  letsencrypt-wildcard:
-    image: harbor.colben.cn/general/letsencrypt
+    image: harbor.boyachain.cn:20443/general/letsencrypt:latest
    container_name: letsencrypt-wildcard
    restart: "no"
    stop_grace_period: 1m
--- a/letsencrypt/Demo/SingleNode/tencent-api.sh
+++ b/letsencrypt/Demo/SingleNode/tencent-api.sh
@@ -1,30 +1,31 @@
-i#!/bin/bash
+#!/bin/bash
 #=========================================
-# Author   : colben
-# Create   : 2022-04-04 10:12
+# Author   : Colben
+# Create   : 2025-11-01 20:10
 #=========================================

 set -euo pipefail
+umask 022
 export LANG=en_US.UTF-8
-trap Quit EXIT
+export TENCENTCLOUD_SECRET_ID='tencent secret id'
+export TENCENTCLOUD_SECRET_KEY='tencent secret key'

-SECRET_ID='tencent secret id'
-SECRET_KEY='tencent secret key'
 DOMAIN=$CERTBOT_DOMAIN
 SUB_DOMAIN=_acme-challenge
 RECORD_ID=
 RECORD_VA=$CERTBOT_VALIDATION
-PID_FILE=/tmp/$(basename ${0%.sh}).pid

 if [ -t 0 ]; then
-    function Print { echo -e "\033[32;1m$(date +'[%F %T]') $*\033[0m"; }
-    function Warn { echo -e "\033[33;1m$(date +'[%F %T]') $*\033[0m"; }
-    function Error { echo -e "\033[31;1m$(date +'[%F %T]') $*\033[0m"; exit 1; }
+    function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
+    function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
+    function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
+    function ErrorOnly { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; }
 else
-    #exec &> ${0%.sh}.out
-    function Print { echo -e "$(date +'[%F %T] INFO') $*"; }
-    function Warn { echo -e "$(date +'[%F %T] WARN') $*"; }
-    function Error { echo -e "$(date +'[%F %T] ERROR') $*"; exit 1; }
+    #exec &> /var/log/$(basename ${0%.sh}).out
+    function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
+    function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
+    function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
+    function ErrorOnly { echo -e "$(date +'[%F %T ERROR]') $*"; }
 fi

 function Quit {
@@ -35,107 +36,70 @@ function Quit {
    sleep 30
 }

-function GetSignature {
-    local sha1Str=$(echo -n "GET$1" | openssl dgst -sha1 -hmac "$SECRET_KEY" -binary)
-    echo -n "$sha1Str" | base64 | sed -e 's/=/%3D/g' -e 's/+/%2B/g'
+function GetTxtRecord {
+    local record="txt record: $SUB_DOMAIN.$DOMAIN"
+    local err=
+    local resp=
+    Warn Getting $record ...
+    resp=$(tccli dnspod DescribeRecordList \
+        --Domain $DOMAIN \
+        --Subdomain $SUB_DOMAIN \
+        --RecordType TXT) || err=$?
+    [ '255' == "$err" ] \
+        && Warn Not found $record! \
+        && return 0
+    [ -n "$err" ] \
+        && echo "$resp" \
+        && ErrorOnly Failed to get $record! \
+        && return $err
+    RECORD_ID=$(echo $resp | jq -rM ".RecordList[0].RecordId")
 }

-function ListRecord {
-    Warn Get request url ...
-    local sign=
-    local resp=
-    local url='cns.api.qcloud.com/v2/index.php'
-    url="${url}?Action=RecordList"
-    url="${url}&Nonce=$RANDOM"
-    url="${url}&SecretId=$SECRET_ID"
-    url="${url}&Timestamp=$(date +%s)"
-    url="${url}&Version=2018-08-08"
-    url="${url}&domain=$DOMAIN"
-    sign=$(GetSignature "$url")
-    Warn List record ...
-    resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
-    [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
-    RECORD_ID=$(echo $resp | jq -crM ".data.records[] | select(.name == \"$SUB_DOMAIN\") | .id")
+function CreateTxtRecord {
+    local record="txt record: $SUB_DOMAIN.$DOMAIN"
+    Warn Creating $record ...
+    tccli dnspod CreateTXTRecord \
+        --Domain $DOMAIN \
+        --SubDomain $SUB_DOMAIN \
+        --RecordLine '默认' \
+        --Value $RECORD_VA \
+        && Print Succeeded to create $record. \
+        && return 0
+    ErrorOnly Failed to create $record!
 }

-function CreateRecord {
-    Warn Get request url ...
-    local sign=
-    local resp=
-    local url='cns.api.qcloud.com/v2/index.php'
-    url="${url}?Action=RecordCreate"
-    url="${url}&Nonce=$RANDOM"
-    url="${url}&SecretId=$SECRET_ID"
-    url="${url}&Timestamp=$(date +%s)"
-    url="${url}&Version=2018-08-08"
-    url="${url}&domain=$DOMAIN"
-    url="${url}&recordLine=默认"
-    url="${url}&recordType=TXT"
-    url="${url}&subDomain=$SUB_DOMAIN"
-    url="${url}&value=$RECORD_VA"
-    sign=$(GetSignature "$url")
-    Warn Create sub_domain: $SUB_DOMAIN with value: $RECORD_VA ...
-    resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
-    [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
-    return 0
-}
-
-function ModifyRecord {
-    Warn Get request url ...
-    local sign=
-    local resp=
-    local url='cns.api.qcloud.com/v2/index.php'
-    url="${url}?Action=RecordModify"
-    url="${url}&Nonce=$RANDOM"
-    url="${url}&SecretId=$SECRET_ID"
-    url="${url}&Timestamp=$(date +%s)"
-    url="${url}&Version=2018-08-08"
-    url="${url}&domain=$CERTBOT_DOMAIN"
-    url="${url}&recordId=$RECORD_ID"
-    url="${url}&recordLine=默认"
-    url="${url}&recordType=TXT"
-    url="${url}&subDomain=$SUB_DOMAIN"
-    url="${url}&value=$RECORD_VA"
-    sign=$(GetSignature "$url")
-    Warn Modify record: $RECORD_ID with value: $RECORD_VA ...
-    resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
-    [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
-    return 0
+function ModifyTxtRecord {
+    local record="txt record: $SUB_DOMAIN.$DOMAIN"
+    Warn Modifying $record ...
+    tccli dnspod ModifyTXTRecord \
+        --Domain $DOMAIN \
+        --SubDomain $SUB_DOMAIN \
+        --RecordId $RECORD_ID \
+        --RecordLine '默认' \
+        --Value $RECORD_VA \
+        && Print Succeeded to modify $record. \
+        && return 0
+    ErrorOnly Failed to modify $record!
 }

 function DeleteRecord {
-    Warn Get request url ...
-    local sign=
-    local resp=
-    local url='cns.api.qcloud.com/v2/index.php'
-    url="${url}?Action=RecordDelete"
-    url="${url}&Nonce=$RANDOM"
-    url="${url}&SecretId=$SECRET_ID"
-    url="${url}&Timestamp=$(date +%s)"
-    url="${url}&Version=2018-08-08"
-    url="${url}&domain=$DOMAIN"
-    url="${url}&recordId=$RECORD_ID"
-    sign=$(GetSignature "$url")
-    Warn Delete record $RECORD_ID ...
-    resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
-    [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
-    return 0
+    local record="record: $SUB_DOMAIN.$DOMAIN"
+    Warn Deleting $record ...
+    tccli dnspod DeleteRecord \
+        --Domain $DOMAIN \
+        --RecordId $RECORD_ID \
+        && Print Succeeded to delete $record. \
+        && return 0
+    ErrorOnly Failed to delete $record!
 }

 function Main {
-    [ -e "$PID_FILE" ] && Error Pid file $PID_FILE already exists, quit!
-    echo $$ > $PID_FILE
-    for _ in {1..5}; do
-        ListRecord || continue
-        if [ -z "$RECORD_ID" ]; then
-            CreateRecord || continue
-        else
-            ModifyRecord || continue
-        fi
-        END=1
-        return 0
-    done
-    return 1
+    trap Quit EXIT
+    GetTxtRecord
+    [ -z "$RECORD_ID" ] && CreateTxtRecord
+    [ -z "$RECORD_ID" ] || ModifyTxtRecord
+    END=1
+    return 0
 }

 # Start here