Browse Source

add `QINIU_CDN_DOMAIN` for wildcard certificate

dnsconf
shonenada 6 years ago
parent
commit
3c6b707353
No known key found for this signature in database GPG Key ID: 76A1B4666B0495CB
  1. 14
      deploy/README.md
  2. 6
      deploy/qiniu.sh

14
deploy/README.md

@ -335,8 +335,9 @@ export FABIO="1"
## 13. Deploy your certificate to Qiniu.com ## 13. Deploy your certificate to Qiniu.com
You should create AccessKey/SecretKey pair in https://portal.qiniu.com/user/key before deploying
your certificate.
You should create AccessKey/SecretKey pair in https://portal.qiniu.com/user/key
before deploying your certificate, and please ensure you have enabled HTTPS for
your domain name. You can enable it in https://portal.qiniu.com/cdn/domain.
```sh ```sh
$ export QINIU_AK="foo" $ export QINIU_AK="foo"
@ -348,3 +349,12 @@ then you can deploy certificate by following command:
```sh ```sh
$ acme.sh --deploy -d example.com --deploy-hook qiniu $ acme.sh --deploy -d example.com --deploy-hook qiniu
``` ```
(Optional), If you are using wildcard certificate,
you may need export `QINIU_CDN_DOMAIN` to specify which domain
you want to update:
```sh
$ export QINIU_CDN_DOMAIN="cdn.example.com"
$ acme.sh --deploy -d example.com --deploy-hook qiniu
```

6
deploy/qiniu.sh

@ -5,6 +5,7 @@
# This deployment required following variables # This deployment required following variables
# export QINIU_AK="QINIUACCESSKEY" # export QINIU_AK="QINIUACCESSKEY"
# export QINIU_SK="QINIUSECRETKEY" # export QINIU_SK="QINIUSECRETKEY"
# export QINIU_CDN_DOMAIN="cdn.example.com"
QINIU_API_BASE="https://api.qiniu.com" QINIU_API_BASE="https://api.qiniu.com"
@ -14,6 +15,7 @@ qiniu_deploy() {
_ccert="$3" _ccert="$3"
_cca="$4" _cca="$4"
_cfullchain="$5" _cfullchain="$5"
_cdndomain="${QINIU_CDN_DOMAIN:-$_cdomain}"
_debug _cdomain "$_cdomain" _debug _cdomain "$_cdomain"
_debug _ckey "$_ckey" _debug _ckey "$_ckey"
@ -46,7 +48,7 @@ qiniu_deploy() {
string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n') string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n')
sslcert_path="/sslcert" sslcert_path="/sslcert"
sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$_cdomain\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}"
sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$_cdndomain\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}"
sslcert_access_token="$(_make_sslcreate_access_token "$sslcert_path")" sslcert_access_token="$(_make_sslcreate_access_token "$sslcert_path")"
_debug sslcert_access_token "$sslcert_access_token" _debug sslcert_access_token "$sslcert_access_token"
export _H1="Authorization: QBox $sslcert_access_token" export _H1="Authorization: QBox $sslcert_access_token"
@ -66,7 +68,7 @@ qiniu_deploy() {
_debug certId "$_certId" _debug certId "$_certId"
## update domain ssl config ## update domain ssl config
update_path="/domain/$_cdomain/httpsconf"
update_path="/domain/$_cdndomain/httpsconf"
update_body="{\"certid\":$_certId,\"forceHttps\":true}" update_body="{\"certid\":$_certId,\"forceHttps\":true}"
update_access_token="$(_make_sslcreate_access_token "$update_path")" update_access_token="$(_make_sslcreate_access_token "$update_path")"
_debug update_access_token "$update_access_token" _debug update_access_token "$update_access_token"

Loading…
Cancel
Save