-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathpost-renew-hook.php
80 lines (62 loc) · 2.41 KB
/
post-renew-hook.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
/**
* ACME Hook Post Renew
*
* This script accepts one argument as a domain name. And installs a certificate for the domain and all its subdomains.
*
* @author Ignat Awwit <[email protected]>
* @license MIT https://github.com/awwit/godaddy-free-https-guide/blob/main/LICENSE
*
* @link https://github.com/awwit/godaddy-free-https-guide
*/
class AcmeHookPostRenew {
private static function endsWith(string $haystack, string $needle): bool {
return substr_compare($haystack, $needle, -strlen($needle)) === 0;
}
private static function updateCert(string $domain, string $cert, string $key): void {
$output = json_decode(shell_exec("uapi SSL install_ssl domain=\"{$domain}\" cert=\"{$cert}\" key=\"{$key}\" --output=jsonpretty"), true);
if ($output['result']['errors']) {
throw new Exception(json_encode($output, JSON_PRETTY_PRINT));
}
}
public static function execute(string $domain, bool $verbose = FALSE): void {
$dir = "{$_SERVER['HOME']}/.acme.sh/{$domain}";
if (!is_dir($dir)) {
throw new Exception("Data files for \"{$domain}\" domain not found.");
}
if ($verbose) { echo 'Deploying certs...', "\n"; }
$output = json_decode(shell_exec('uapi DomainInfo list_domains --output=jsonpretty'), true);
if ($output['result']['errors']) {
throw new Exception(json_encode($output, JSON_PRETTY_PRINT));
}
$data = $output['result']['data'];
$subdomains = $data['sub_domains'];
if ($verbose) { echo "Update cert for {$domain}\n"; }
$cert = urlencode(file_get_contents("{$dir}/{$domain}.cer"));
$key = urlencode(file_get_contents("{$dir}/{$domain}.key"));
self::updateCert($domain, $cert, $key);
foreach ($subdomains as $subdomain) {
if (self::endsWith($subdomain, $domain)) {
if ($verbose) { echo "Update cert for {$subdomain}\n"; }
self::updateCert($subdomain, $cert, $key);
}
}
}
}
/**
* Execute this script only if it is specified as initial and called from the command line.
*
* You can include this file in your script and manually call the `AcmeHookPostRenew::execute` function.
*/
if (php_sapi_name() === 'cli' && $argc >= 1 && realpath($argv[0]) === __FILE__) {
if ($argc < 2) {
echo 'Please enter a domain.', "\n";
exit(1);
}
try {
AcmeHookPostRenew::execute($argv[1], TRUE);
echo 'Done!', "\n";
} catch (Exception $exc) {
echo $exc->getMessage(), "\n";
}
}