七牛云证书自动续期

Lewis

Lewis

1 min read
七牛云证书自动续期

生成证书

Certbot Let's Encrypt 证书自动续期

安装七牛sdk

pip install qiniu

创建 certbot-qiniucdn.py

# -*- coding: utf-8 -*-
from qiniu import Auth
import os
import sys
import requests
import datetime

# 多域名配置
domains = [
    {'cert_domain': 'a.example.com', 'cert_domain_local': 'example.com'},
    {'cert_domain': 'b.example.com', 'cert_domain_local': 'example.com'},
    # 添加更多的域名
]

access_key = ''
secret_key = ''

print('QINIU_ACCESS_KEY: ' + access_key)
print('QINIU_SECRET_KEY: ' + secret_key)

# 构建七牛鉴权对象
auth = Auth(access_key, secret_key)

# 遍历处理每个域名
for domain in domains:
    cert_domain = domain['cert_domain']
    cert_domain_local = domain['cert_domain_local']

    print('处理域名: ' + cert_domain)

    # 上传证书
    sslcertUploadUrl = 'http://api.qiniu.com/sslcert'
    sslcert_accesstoken = auth.token_of_request(sslcertUploadUrl)
    print('上传证书 api accesstoken: ' + sslcert_accesstoken)

    sslcertFolder = '/etc/letsencrypt/live/' + cert_domain_local
    try:
        with open(sslcertFolder + '/privkey.pem') as sslcertPriFile:
            sslcertPriStr = sslcertPriFile.read()

        with open(sslcertFolder + '/fullchain.pem') as sslcertChainFile:
            sslcertChainStr = sslcertChainFile.read()
    except FileNotFoundError:
        print('证书文件未找到: {}'.format(sslcertFolder))
        continue

    nowDate = datetime.date.today().strftime("%Y%m%d")
    sslcertData = {
        'name': cert_domain + '-letsencrypt-' + nowDate,
        'common_name': cert_domain,
        'pri': sslcertPriStr,
        'ca': sslcertChainStr
    }
    sslcertHeaders = {
        'Authorization': 'QBox ' + sslcert_accesstoken,
        'Content-Type': 'application/json'
    }
    print('证书JSON数据如下:')
    print(sslcertData)

    sslcertUploadResponse = requests.post(sslcertUploadUrl, json=sslcertData, headers=sslcertHeaders).json()
    print(sslcertUploadResponse)
    
    certID = sslcertUploadResponse.get('certID')
    if certID is None:
        print('证书上传失败!')
        continue

    # 修改 cdn 证书
    cdnHttpsconfUrl = 'http://api.qiniu.com/domain/{}/httpsconf'.format(cert_domain)
    cdn_httpsconf_accesstoken = auth.token_of_request(cdnHttpsconfUrl)
    print('修改证书 api accesstoken: ' + cdn_httpsconf_accesstoken)

    httpsconfData = {
        'certId': certID,
        'forceHttps': False,
        'http2Enable': True
    }
    httpsconfHeaders = {
        'Authorization': 'QBox ' + cdn_httpsconf_accesstoken,
        'Content-Type': 'application/json'
    }
    httpsconfResponse = requests.put(cdnHttpsconfUrl, json=httpsconfData, headers=httpsconfHeaders).json()
    print(httpsconfResponse)
    print('修改 {} 的七牛 CDN SSL 证书完成~'.format(cert_domain))

print('所有域名的 SSL 证书处理完成~')

添加勾子

创建 certbot-qiniucdn.sh

python /usr/certbot-qiniucdn.py

添加到/etc/letsencrypt/renewal/example.com.conf

...
post_hook = /path/certbot-qiniucdn.sh
...

Read more

Flutter入门指南

Flutter入门指南

Flutter 是一个由 Google 开发的开源移动应用开发框架。它允许开发者使用一套代码同时构建 iOS 和 Android 应用,并且提供了丰富的 UI 组件和高效的开发工具,使得开发者能够快速构建出高性能的跨平台应用。 一、Flutter 的实现原理 Flutter 的核心在于其自带的高性能渲染引擎 Skia。不同于其他框架依赖于原生的 UI 组件,Flutter 直接通过 Skia 渲染引擎将所有组件绘制到屏幕上。这种方式保证了跨平台应用在 iOS 和 Android 上的表现完全一致。 1.1 结构概览 Flutter 的架构分为三层: 1. Framework(框架层): 这部分主要由 Dart 编写,提供了 Flutter 的各种 UI 组件(Widget)、手势检测、渲染层以及动画等。

By Lewis
Certbot Let's Encrypt 证书自动续期

Certbot Let's Encrypt 证书自动续期

安装 Certbot yum install epel-release -y yum install certbot -y certbot certonly //生成证书 certbot renew //续期 certbot certificates //查看证书 域名验证插件 https://github.com/ywdblog/certbot-letencrypt-wildcardcertificates-alydns-au 下载 $ git clone https://github.com/ywdblog/certbot-letencrypt-wildcardcertificates-alydns-au $ cd certbot-letencrypt-wildcardcertificates-alydns-au $ chmod 0777 au.sh 配置 DNS API 密钥: 这个 API 密钥什么意思呢?由于需要通过 API 操作阿里云 DNS,

By Lewis