7x31
/
scripts-github-mirror
mirror of https://github.com/xdtianyu/scripts.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix cloudflare dns update

This commit is contained in:
tianyu 2017-10-21 14:55:49 +08:00
parent 950316c221
commit 600f1ddc96
3 changed files with 46 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
le-dns/README.md
View File

@ -3,6 +3,49 @@
脚本基于 [letsencrypt.sh](https://github.com/lukas2511/letsencrypt.sh),通过调用 dns 服务商接口更新 TXT 记录用于认证,实现快速获取 lets-encrypt 证书。无需root权限无需指定网站目录及DNS解析 脚本基于 [letsencrypt.sh](https://github.com/lukas2511/letsencrypt.sh),通过调用 dns 服务商接口更新 TXT 记录用于认证,实现快速获取 lets-encrypt 证书。无需root权限无需指定网站目录及DNS解析
## cloudflare
**下载**
```
wget https://github.com/xdtianyu/scripts/raw/master/le-dns/le-cloudflare.sh
wget https://github.com/xdtianyu/scripts/raw/master/le-dns/cloudflare.conf
chmod +x le-cloudflare.sh
```
**配置**
`cloudflare.conf` 文件内容
```
CF_EMAIL="YOUR_API_KEY"
CF_EMAIL="YOUR_SECRET_KEY"
DOMAIN="example.com"
CERT_DOMAINS="example.com www.example.com im.example.com"
#ECC=TRUE
```
修改其中的 `CF_EMAIL``CF_EMAIL` 为您的邮箱和 [cloudflare api key](https://www.cloudflare.com/a/profile) ,修改 `DOMAIN` 为你的根域名,修改 `CERT_DOMAINS` 为您要签的域名列表,需要 `ECC` 证书时请取消 `#ECC=TRUE` 的注释。
**运行**
`./le-cloudflare.sh cloudflare.conf`
最后生成的文件在当前目录的 certs 目录下
**cron 定时任务**
如果证书过期时间不少于30天 [letsencrypt.sh](https://github.com/lukas2511/letsencrypt.sh) 脚本会自动忽略更新所以至少需要29天运行一次更新。
每隔20天(每个月的2号和22号)自动更新一次证书,可以在 `le-cloudflare.sh` 脚本最后加入 service nginx reload等重新加载服务。
`0 0 2/20 * * /etc/nginx/le-cloudflare.sh /etc/nginx/le-cloudflare.conf >> /var/log/le-cloudflare.log 2>&1`
**注意** `ubuntu 16.04` 不能定义 `day of month` 含有开始天数的 `step values`,可以替换命令中的 `2/20``2,22`
更详细的 crontab 参数请参考 [crontab.guru](http://crontab.guru/) 进行自定义
## cloudxns ## cloudxns
**下载** **下载**

2
le-dns/cloudflare.conf
View File

@ -1,6 +1,6 @@
CF_EMAIL="YOUR_EMAIL@gmail.com" CF_EMAIL="YOUR_EMAIL@gmail.com"
CF_TOKEN="YOUR_API_TOKEN" CF_TOKEN="YOUR_API_TOKEN"
DOMAIN_NAME="example.com" DOMAIN="example.com"
CERT_DOMAINS="example.com www.example.com" CERT_DOMAINS="example.com www.example.com"
#ECC=TRUE #ECC=TRUE

8
le-dns/cloudflare.sh
View File

@ -14,11 +14,7 @@ fi
SUB_DOMAIN=${DOMAIN_FULL%$DOMAIN} SUB_DOMAIN=${DOMAIN_FULL%$DOMAIN}
if [ -z "$SUB_DOMAIN" ];then HOST="_acme-challenge.${DOMAIN_FULL}"
HOST="_acme-challenge"
else
HOST="_acme-challenge.${SUB_DOMAIN%.}"
fi
# we get them automatically for you # we get them automatically for you
CF_ZONE_ID="" CF_ZONE_ID=""
@ -33,7 +29,7 @@ jsonValue() {
getZoneID() { getZoneID() {
CF_ZONE_ID=$(curl -s \ CF_ZONE_ID=$(curl -s \
-X GET "https://api.cloudflare.com/client/v4/zones?name=${DOMAIN_NAME}" \ -X GET "https://api.cloudflare.com/client/v4/zones?name=${DOMAIN}" \
-H "X-Auth-Email: ${CF_EMAIL}" \ -H "X-Auth-Email: ${CF_EMAIL}" \
-H "X-Auth-Key: ${CF_TOKEN}" \ -H "X-Auth-Key: ${CF_TOKEN}" \
-H "Content-Type: application/json"| \ -H "Content-Type: application/json"| \