mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-25 14:41:40 +00:00
make le more friendly to no-root user.
1. separate installcronjob/uninstallcronjob. no-root users can use cron job without installing le.sh 2. add cron command for cron only. 3. polish help messages. 4. move le from /bin/le to /usr/local/bin/le 5. only root can install to /usr/local/bin/le. non-root users can use ether /usr/local/bin/le or ~/.le/le.sh instead 6. WORKING_DIR can be specified when install/cronjob
This commit is contained in:
parent
ebcf30d02f
commit
9a66cdb6a0
132
le.sh
132
le.sh
@ -1,5 +1,5 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
VER=1.1.0
|
VER=1.1.1
|
||||||
PROJECT="https://github.com/Neilpang/le"
|
PROJECT="https://github.com/Neilpang/le"
|
||||||
|
|
||||||
DEFAULT_CA="https://acme-v01.api.letsencrypt.org"
|
DEFAULT_CA="https://acme-v01.api.letsencrypt.org"
|
||||||
@ -238,6 +238,12 @@ _stopserver() {
|
|||||||
|
|
||||||
_initpath() {
|
_initpath() {
|
||||||
|
|
||||||
|
if command -v sudo > /dev/null ; then
|
||||||
|
if [ "$(sudo -n uptime 2>&1|grep "load"|wc -l)" != "0" ] ; then
|
||||||
|
SUDO=sudo
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -z "$API" ] ; then
|
if [ -z "$API" ] ; then
|
||||||
if [ -z "$STAGE" ] ; then
|
if [ -z "$STAGE" ] ; then
|
||||||
API="$DEFAULT_CA"
|
API="$DEFAULT_CA"
|
||||||
@ -867,6 +873,35 @@ installcert() {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
installcronjob() {
|
||||||
|
_initpath
|
||||||
|
_info "Installing cron job"
|
||||||
|
if ! crontab -l | grep 'le.sh cron' ; then
|
||||||
|
if command -v "le.sh" > /dev/null ; then
|
||||||
|
lesh="$(which le.sh)"
|
||||||
|
elif [ -f "$WORKING_DIR/le.sh" ] ; then
|
||||||
|
lesh="\"$WORKING_DIR\"/le.sh"
|
||||||
|
else
|
||||||
|
_err "Can not install cronjob, le.sh not found."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
crontab -l | { cat; echo "0 0 * * * $SUDO WORKING_DIR=\"$WORKING_DIR\" $lesh cron > /dev/null"; } | crontab -
|
||||||
|
fi
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
uninstallcronjob() {
|
||||||
|
_info "Removing cron job"
|
||||||
|
cr="$(crontab -l | grep 'le.sh cron')"
|
||||||
|
if [ "$cr" ] ; then
|
||||||
|
crontab -l | sed "/le.sh cron/d" | crontab -
|
||||||
|
WORKING_DIR="$(echo "$cr" | cut -d ' ' -f 7 | cut -d '=' -f 2 | tr -d '"')"
|
||||||
|
_info WORKING_DIR "$WORKING_DIR"
|
||||||
|
fi
|
||||||
|
_initpath
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
install() {
|
install() {
|
||||||
_initpath
|
_initpath
|
||||||
if ! command -v "curl" > /dev/null ; then
|
if ! command -v "curl" > /dev/null ; then
|
||||||
@ -893,64 +928,87 @@ install() {
|
|||||||
_err "CentOs: yum install vim-common"
|
_err "CentOs: yum install vim-common"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
_info "Installing to $WORKING_DIR"
|
_info "Installing to $WORKING_DIR"
|
||||||
|
|
||||||
if [ ! -f /bin/le.sh ] ; then
|
#try install to /bin if is root
|
||||||
cp le.sh "/bin/"
|
if [ ! -f /usr/local/bin/le.sh ] ; then
|
||||||
chmod +x "/bin/le.sh"
|
#if root
|
||||||
ln -s "/bin/le.sh" /bin/le
|
if $SUDO cp le.sh /usr/local/bin/le.sh ; then
|
||||||
fi
|
$SUDO chmod 755 /usr/local/bin/le.sh
|
||||||
|
$SUDO ln -s "/usr/local/bin/le.sh" /usr/local/bin/le
|
||||||
_info "Installing cron job"
|
rm -f $WORKING_DIR/le.sh
|
||||||
if command -v sudo > /dev/null ; then
|
$SUDO ln -s /usr/local/bin/le.sh $WORKING_DIR/le.sh
|
||||||
if [ "$(sudo -n uptime 2>&1|grep "load"|wc -l)" != "0" ] ; then
|
_info "Installed to /usr/local/bin/le"
|
||||||
SUDO=sudo
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if ! crontab -l | grep 'le renewAll' ; then
|
|
||||||
crontab -l | { cat; echo "0 0 * * * $SUDO le renewAll > /dev/null"; } | crontab -
|
|
||||||
if command -v crond > /dev/null ; then
|
|
||||||
service crond reload >/dev/null
|
|
||||||
else
|
else
|
||||||
service cron reload >/dev/null
|
#install to home, for non root user
|
||||||
|
cp le.sh $WORKING_DIR/
|
||||||
|
chmod +x $WORKING_DIR/le.sh
|
||||||
|
_info "Installed to $WORKING_DIR/le"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
rm -f $WORKING_DIR/le
|
||||||
|
ln -s $WORKING_DIR/le.sh $WORKING_DIR/le
|
||||||
|
|
||||||
|
installcronjob
|
||||||
|
|
||||||
_info OK
|
_info OK
|
||||||
}
|
}
|
||||||
|
|
||||||
uninstall() {
|
uninstall() {
|
||||||
|
uninstallcronjob
|
||||||
_initpath
|
_initpath
|
||||||
_info "Removing cron job"
|
|
||||||
|
|
||||||
if crontab -l | grep 'le.*renewAll' ; then
|
if [ -f "/usr/local/bin/le.sh" ] ; then
|
||||||
crontab -l | sed "/le.*renewAll/d" | crontab -
|
_info "Removing /usr/local/bin/le.sh"
|
||||||
if command -v crond > /dev/null ; then
|
if $SUDO rm -f /usr/local/bin/le.sh ; then
|
||||||
service crond reload >/dev/null
|
$SUDO rm -f /usr/local/bin/le
|
||||||
else
|
|
||||||
service cron reload >/dev/null
|
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_info "Removing /bin/le.sh"
|
|
||||||
rm -f /bin/le
|
|
||||||
rm -f /bin/le.sh
|
|
||||||
|
|
||||||
_info "The keys and certs are in $WORKING_DIR, you can remove them by yourself."
|
_info "The keys and certs are in $WORKING_DIR, you can remove them by yourself."
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cron() {
|
||||||
|
renewAll
|
||||||
|
}
|
||||||
|
|
||||||
version() {
|
version() {
|
||||||
_info "$PROJECT"
|
_info "$PROJECT"
|
||||||
_info "v$VER"
|
_info "v$VER"
|
||||||
}
|
}
|
||||||
|
|
||||||
showhelp() {
|
showhelp() {
|
||||||
version
|
version
|
||||||
echo "Usage: issue|installcert|renew|renewAll|createAccountKey|createDomainKey|createCSR|install|uninstall|version"
|
echo "Usage: le.sh [command] ...[args]....
|
||||||
|
Avalible commands:
|
||||||
|
|
||||||
|
install:
|
||||||
|
Install le.sh to your system.
|
||||||
|
issue:
|
||||||
|
Issue a cert.
|
||||||
|
installcert:
|
||||||
|
Install the issued cert to apache/nginx or any other server.
|
||||||
|
renew:
|
||||||
|
Renew a cert.
|
||||||
|
renewAll:
|
||||||
|
Renew all the certs.
|
||||||
|
uninstall:
|
||||||
|
Uninstall le.sh, and uninstall the cron job.
|
||||||
|
version:
|
||||||
|
Show version info.
|
||||||
|
installcronjob:
|
||||||
|
Install the cron job to renew certs, you don't need to call this. The 'install' command can automatically install the cron job.
|
||||||
|
uninstallcronjob:
|
||||||
|
Uninstall the cron job. The 'uninstall' command can do this automatically.
|
||||||
|
createAccountKey:
|
||||||
|
Create an account private key, professional use.
|
||||||
|
createDomainKey:
|
||||||
|
Create an domain private key, professional use.
|
||||||
|
createCSR:
|
||||||
|
Create CSR , professional use.
|
||||||
|
"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user