colben/docker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
colben
2025-11-06 18:44:27 +08:00
parent a607719b46
commit f6eb48fc91
3 changed files with 78 additions and 134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

152
letsencrypt/Demo/SingleNode/aliyun-api.sh
View File

@@ -1,20 +1,21 @@
#!/bin/bash
#=========================================
# Author : Colben
# Create : 2022-04-11 19:48
# Create : 2025-11-06 15:43
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
REGION=cn-beijing
ACCESS_KEY_ID='aliyun access key id'
ACCESS_KEY_SECRET='aliyun access key secret'
DOMAIN=$CERTBOT_DOMAIN
SUB_DOMAIN=_acme-challenge
RECORD_ID=
RECORD_VA=$CERTBOT_VALIDATION
PID_FILE=/tmp/$(basename ${0%.sh}).pid
RECORD="txt record: $SUB_DOMAIN.$DOMAIN"
if [ -t 0 ]; then
function Print { echo -e "\033[32;1m$(date +'[%F %T]') $*\033[0m"; }
@@ -35,118 +36,69 @@ function Quit {
sleep 30
}
function GetSignature {
local uriEncoded="GET&%2F&$(echo "$1" | sed -e 's/=/%3D/g' -e 's/:/%253A/g' -e 's/&/%26/g')"
local sha1Str=$(echo -n "$uriEncoded" | openssl dgst -sha1 -hmac "$ACCESS_KEY_SECRET&" -binary)
echo -n "$sha1Str" | base64 | sed -e 's/=/%3D/g' -e 's/+/%2B/g' -e 's,/,%2F,g'
function SetAK {
Warn Setting AK with regin: $REGION ...
aliyun configure set \
--mode AK \
--access-key-id $ACCESS_KEY_ID \
--access-key-secret $ACCESS_KEY_SECRET \
--region $REGION
}
function ListRecord {
Warn Get request uri ...
local sign=
function GetTxtRecord {
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=DescribeDomainRecords"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&KeyWord=$SUB_DOMAIN"
uri="${uri}&SearchMode=EXACT"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Type=TXT"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn List record ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
RECORD_ID=$(echo $resp | jq -crM .DomainRecords.Record[].RecordId)
[ 'null' == "$RECORD_ID" ] && echo "$resp" && exit 1
return 0
Warn Getting $RECORD ...
if resp=$(aliyun alidns DescribeSubDomainRecords \
--SubDomain $SUB_DOMAIN.$DOMAIN \
--Type TXT); then
[ '1' != "$(jq -rM .TotalCount)" ] && warn Not found $RECORD! && return 0
RECORD_ID=$(echo $resp | jq -rM .DomainRecords.Record[0].RecordId)
else
echo "$resp"
Error Failed to get $RECORD!
fi
}
function CreateRecord {
Warn Get request uri ...
local sign=
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=AddDomainRecord"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&RR=$SUB_DOMAIN"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Type=TXT"
uri="${uri}&Value=$RECORD_VA"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn Create sub_domain: $SUB_DOMAIN with value: $RECORD_VA ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
[ 'null' != "$(echo $resp | jq -crM .Message)" ] && echo "$resp" && exit 1
return 0
function CreateTxtRecord {
Warn Creating $RECORD ...
aliyun alidns AddDomainRecord \
--DomainName $DOMAIN \
--RR $SUB_DOMAIN \
--Type TXT \
--Value $RECORD_VA \
&& Print Succeeded to create $RECORD. \
&& return 0
Error Failed to create $RECORD!
}
function ModifyRecord {
Warn Get request uri ...
local sign=
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=UpdateDomainRecord"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&RR=$SUB_DOMAIN"
uri="${uri}&RecordId=$RECORD_ID"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Type=TXT"
uri="${uri}&Value=$RECORD_VA"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn Modify record: $RECORD_ID with value: $RECORD_VA ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
[ 'null' != "$(echo $resp | jq -crM .Message)" ] && echo "$resp" && exit 1
return 0
Warn Modifying $RECORD ...
aliyun alidns UpdateDomainRecord \
--RecordId $RECORD_ID \
--RR $SUB_DOMAIN \
--Type TXT \
--Value $RECORD_VA \
&& Print Succeeded to modify $RECORD. \
&& return 0
Error Failed to modify $RECORD!
}
function DeleteRecord {
Warn Get request uri ...
local sign=
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=DeleteDomainRecord"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&RecordId=$RECORD_ID"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn Delete record $RECORD_ID ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
[ 'null' != "$(echo $resp | jq -crM .Message)" ] && echo "$resp" && exit 1
return 0
Warn Deleting $RECORD ...
aliyun alidns DeleteDomainRecord \
--RecordId $RECORD_ID \
&& Print Succeeded to delete $RECORD. \
&& return 0
Error Failed to delete $RECORD!
}
function Main {
[ -e "$PID_FILE" ] && Error Pid file $PID_FILE already exists, quit!
echo $$ > $PID_FILE
for _ in {1..5}; do
ListRecord || continue
if [ -z "$RECORD_ID" ]; then
CreateRecord || continue
else
ModifyRecord || continue
fi
END=1
return 0
done
return 1
trap Quit EXIT
SetAK
GetTxtRecord
[ -z "$RECORD_ID" ] && CreateTxtRecord
[ -z "$RECORD_ID" ] || ModifyTxtRecord
END=1
}
# Start here