From 1baa3d37df790f3f0cf38345c875a4d451e2ba31 Mon Sep 17 00:00:00 2001 From: Bean Date: Fri, 8 Jan 2021 21:23:52 +0800 Subject: [PATCH 1/9] =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=A4=9A=E5=9F=9F?= =?UTF-8?q?=E5=90=8D=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cert-up.sh | 8 ++++++-- config | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/cert-up.sh b/cert-up.sh index 00cbf64..cbef043 100644 --- a/cert-up.sh +++ b/cert-up.sh @@ -48,8 +48,12 @@ generateCrt () { source config echo 'begin updating default cert by acme.sh tool' source ${ACME_BIN_PATH}/acme.sh.env - ${ACME_BIN_PATH}/acme.sh --force --log --issue --dns ${DNS} --dnssleep ${DNS_SLEEP} -d "${DOMAIN}" -d "*.${DOMAIN}" - ${ACME_BIN_PATH}/acme.sh --force --installcert -d ${DOMAIN} -d *.${DOMAIN} \ + for d in ${DOMAIN//,/ } + do + domain_params="${domain_params} -d ${d}" + done + ${ACME_BIN_PATH}/acme.sh --force --log --issue --dns ${DNS} --dnssleep ${DNS_SLEEP} ${domain_params} + ${ACME_BIN_PATH}/acme.sh --force --installcert ${domain_params} \ --certpath ${CRT_PATH}/cert.pem \ --key-file ${CRT_PATH}/privkey.pem \ --fullchain-file ${CRT_PATH}/fullchain.pem diff --git a/config b/config index 47c2346..ecc445b 100644 --- a/config +++ b/config @@ -1,5 +1,5 @@ -# 你主域名,如 baidu.com sina.com.cn 等 -export DOMAIN=your_domain +# 你域名,如 baidu.com sina.com.cn 等,多个域名之间逗号分隔,支持泛域名 +export DOMAIN=your_domain1,*.your_domain1,your_domain2,*.your_domain2 # DNS类型,根据域名服务商而定 export DNS=dns_xxx From 21bdd41b69c0765c200823860d4efb97f6aa89a0 Mon Sep 17 00:00:00 2001 From: HerbertGao Date: Sun, 11 Jul 2021 01:17:36 +0800 Subject: [PATCH 2/9] Update cert-up.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 解决 DSM 7.0 下脚本无法重启 Nginx 更新证书的问题 --- cert-up.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/cert-up.sh b/cert-up.sh index 00cbf64..f177603 100644 --- a/cert-up.sh +++ b/cert-up.sh @@ -12,6 +12,8 @@ ACME_BIN_PATH=${BASE_ROOT}/acme.sh TEMP_PATH=${BASE_ROOT}/temp CRT_PATH_NAME=`cat ${CRT_BASE_PATH}/_archive/DEFAULT` CRT_PATH=${CRT_BASE_PATH}/_archive/${CRT_PATH_NAME} +FIND_MAJORVERSION_FILE="/etc/VERSION" +FIND_MAJORVERSION_STR="majorversion=\"7\"" backupCrt () { echo 'begin backupCrt' @@ -49,7 +51,7 @@ generateCrt () { echo 'begin updating default cert by acme.sh tool' source ${ACME_BIN_PATH}/acme.sh.env ${ACME_BIN_PATH}/acme.sh --force --log --issue --dns ${DNS} --dnssleep ${DNS_SLEEP} -d "${DOMAIN}" -d "*.${DOMAIN}" - ${ACME_BIN_PATH}/acme.sh --force --installcert -d ${DOMAIN} -d *.${DOMAIN} \ + ${ACME_BIN_PATH}/acme.sh --installcert -d ${DOMAIN} -d *.${DOMAIN} \ --certpath ${CRT_PATH}/cert.pem \ --key-file ${CRT_PATH}/privkey.pem \ --fullchain-file ${CRT_PATH}/fullchain.pem @@ -75,7 +77,13 @@ updateService () { reloadWebService () { echo 'begin reloadWebService' echo 'reloading new cert...' - /usr/syno/etc/rc.sysv/nginx.sh reload + if [ `grep -c "$FIND_MAJORVERSION_STR" $FIND_MAJORVERSION_FILE` -ne '0' ];then + echo "MajorVersion = 7" + synosystemctl restart nginx + else + echo "MajorVersion < 7" + /usr/syno/etc/rc.sysv/nginx.sh reload + fi echo 'relading Apache 2.2' stop pkg-apache22 start pkg-apache22 From 26c123ebc0617e0deb408b40888d6d38c614be20 Mon Sep 17 00:00:00 2001 From: HerbertGao Date: Sun, 11 Jul 2021 01:18:54 +0800 Subject: [PATCH 3/9] Update cert-up.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 解决 DSM 7.0 下脚本无法重启 Nginx 更新证书的问题 --- cert-up.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cert-up.sh b/cert-up.sh index f177603..833317b 100644 --- a/cert-up.sh +++ b/cert-up.sh @@ -51,7 +51,7 @@ generateCrt () { echo 'begin updating default cert by acme.sh tool' source ${ACME_BIN_PATH}/acme.sh.env ${ACME_BIN_PATH}/acme.sh --force --log --issue --dns ${DNS} --dnssleep ${DNS_SLEEP} -d "${DOMAIN}" -d "*.${DOMAIN}" - ${ACME_BIN_PATH}/acme.sh --installcert -d ${DOMAIN} -d *.${DOMAIN} \ + ${ACME_BIN_PATH}/acme.sh --force --installcert -d ${DOMAIN} -d *.${DOMAIN} \ --certpath ${CRT_PATH}/cert.pem \ --key-file ${CRT_PATH}/privkey.pem \ --fullchain-file ${CRT_PATH}/fullchain.pem From 526b44389c90f244e81668c2dac4fc93d1638b22 Mon Sep 17 00:00:00 2001 From: andyzhshg Date: Wed, 28 Jul 2021 15:18:09 +0800 Subject: [PATCH 4/9] Update cert-up.sh --- cert-up.sh | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/cert-up.sh b/cert-up.sh index 833317b..9428916 100644 --- a/cert-up.sh +++ b/cert-up.sh @@ -70,7 +70,13 @@ generateCrt () { updateService () { echo 'begin updateService' echo 'cp cert path to des' - /bin/python2 ${BASE_ROOT}/crt_cp.py ${CRT_PATH_NAME} + if [ `grep -c "$FIND_MAJORVERSION_STR" $FIND_MAJORVERSION_FILE` -ne '0' ];then + echo "MajorVersion = 7, use system default python2" + python2 ${BASE_ROOT}/crt_cp.py ${CRT_PATH_NAME} + else + echo "MajorVersion < 7" + /bin/python2 ${BASE_ROOT}/crt_cp.py ${CRT_PATH_NAME} + fi echo 'done updateService' } @@ -79,15 +85,15 @@ reloadWebService () { echo 'reloading new cert...' if [ `grep -c "$FIND_MAJORVERSION_STR" $FIND_MAJORVERSION_FILE` -ne '0' ];then echo "MajorVersion = 7" - synosystemctl restart nginx + synow3tool --gen-all && systemctl reload nginx else echo "MajorVersion < 7" /usr/syno/etc/rc.sysv/nginx.sh reload fi - echo 'relading Apache 2.2' - stop pkg-apache22 - start pkg-apache22 - reload pkg-apache22 + #echo 'relading Apache 2.2' + #stop pkg-apache22 + #start pkg-apache22 + #reload pkg-apache22 echo 'done reloadWebService' } From 34015391eab675c5e3c52c55c7a8730c1ee892b9 Mon Sep 17 00:00:00 2001 From: andyzhshg Date: Wed, 28 Jul 2021 15:29:28 +0800 Subject: [PATCH 5/9] Update cert-up.sh --- cert-up.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/cert-up.sh b/cert-up.sh index 9428916..23dcff2 100644 --- a/cert-up.sh +++ b/cert-up.sh @@ -90,10 +90,14 @@ reloadWebService () { echo "MajorVersion < 7" /usr/syno/etc/rc.sysv/nginx.sh reload fi - #echo 'relading Apache 2.2' - #stop pkg-apache22 - #start pkg-apache22 - #reload pkg-apache22 + if [ `grep -c "$FIND_MAJORVERSION_STR" $FIND_MAJORVERSION_FILE` -ne '0' ];then + echo "MajorVersion = 7, no need to reload apache" + else + echo 'relading Apache on DSM 6.x' + stop pkg-apache22 + start pkg-apache22 + reload pkg-apache22 + fi echo 'done reloadWebService' } From 5d6849c206117c91f05624cd2967adba93808601 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bean=20Deng=20=E9=82=93=E6=96=8C?= Date: Wed, 29 Jun 2022 11:31:34 +0800 Subject: [PATCH 6/9] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8744970..b0d8eca 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ # syno-acme -通过acme协议更新群晖HTTPS泛域名证书的自动脚本 +通过 acme 协议更新群晖 HTTPS 泛域名证书的自动脚本,支持配置多个证书 -使用方法参见: [http://www.up4dev.com/2018/05/29/synology-ssl-wildcard-cert-update/](http://www.up4dev.com/2018/05/29/synology-ssl-wildcard-cert-update/) +使用方法参见: [https://hadb.me/synology-letsencrypt-multiple-domain-cert-configuration/](https://hadb.me/synology-letsencrypt-multiple-domain-cert-configuration/) From b54d8908c814e3d6e2e6b90196d8a1ff1203aac4 Mon Sep 17 00:00:00 2001 From: Bean Date: Mon, 29 Aug 2022 10:03:38 +0800 Subject: [PATCH 7/9] Revert "Update README.md" This reverts commit 5d6849c206117c91f05624cd2967adba93808601. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b0d8eca..8744970 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ # syno-acme -通过 acme 协议更新群晖 HTTPS 泛域名证书的自动脚本,支持配置多个证书 +通过acme协议更新群晖HTTPS泛域名证书的自动脚本 -使用方法参见: [https://hadb.me/synology-letsencrypt-multiple-domain-cert-configuration/](https://hadb.me/synology-letsencrypt-multiple-domain-cert-configuration/) +使用方法参见: [http://www.up4dev.com/2018/05/29/synology-ssl-wildcard-cert-update/](http://www.up4dev.com/2018/05/29/synology-ssl-wildcard-cert-update/) From 881356b1a68ac136e7af4a5474d477f42698aed3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bean=20Deng=20=E9=82=93=E6=96=8C?= Date: Tue, 25 Apr 2023 10:23:55 +0800 Subject: [PATCH 8/9] Update README.md --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 8744970..7cdcc80 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,7 @@ # syno-acme + +> Deprecated:已弃用,可直接使用 [acme.sh](https://github.com/acmesh-official/acme.sh),已支持直接部署至群晖,详见[deploy/synology_dsm.sh](https://github.com/acmesh-official/acme.sh/blob/master/deploy/synology_dsm.sh) + 通过acme协议更新群晖HTTPS泛域名证书的自动脚本 使用方法参见: [http://www.up4dev.com/2018/05/29/synology-ssl-wildcard-cert-update/](http://www.up4dev.com/2018/05/29/synology-ssl-wildcard-cert-update/) From a609fe32c2023cd22c15944a7ebf192133c8217f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bean=20Deng=20=E9=82=93=E6=96=8C?= Date: Tue, 25 Apr 2023 10:26:00 +0800 Subject: [PATCH 9/9] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7cdcc80..f55558d 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # syno-acme -> Deprecated:已弃用,可直接使用 [acme.sh](https://github.com/acmesh-official/acme.sh),已支持直接部署至群晖,详见[deploy/synology_dsm.sh](https://github.com/acmesh-official/acme.sh/blob/master/deploy/synology_dsm.sh) +> Deprecated:已弃用,可直接使用 [acme.sh](https://github.com/acmesh-official/acme.sh),已支持直接部署至群晖,详见 [Synology-NAS-Guide](https://github.com/acmesh-official/acme.sh/wiki/Synology-NAS-Guide) 通过acme协议更新群晖HTTPS泛域名证书的自动脚本