From 130b309f7e22ba2e24e57140a2c590416cead385 Mon Sep 17 00:00:00 2001 From: Mr Chen Date: Tue, 12 Feb 2019 18:43:28 +0800 Subject: [PATCH] update --- class/core/site_api.py | 140 ++++++++++++++++++++++++++++++++++++++- route/static/app/site.js | 28 ++++---- 2 files changed, 154 insertions(+), 14 deletions(-) diff --git a/class/core/site_api.py b/class/core/site_api.py index a6b276278..f8dd7acab 100755 --- a/class/core/site_api.py +++ b/class/core/site_api.py @@ -82,6 +82,133 @@ class site_api: data['email'] = '' return public.returnJson(True, 'OK', data) + def getSslApi(self): + siteName = request.form.get('siteName', '').encode('utf-8') + path = '/etc/letsencrypt/live/' + siteName + csrpath = path + "/fullchain.pem" # 生成证书路径 + keypath = path + "/privkey.pem" # 密钥文件路径 + key = public.readFile(keypath) + csr = public.readFile(csrpath) + + file = self.getHostConf(siteName) + conf = public.readFile(file) + + keyText = 'ssl_certificate' + status = True + if(conf.find(keyText) == -1): + status = False + type = -1 + + toHttps = self.isToHttps(siteName) + id = public.M('sites').where("name=?", (siteName,)).getField('id') + domains = public.M('domain').where( + "pid=?", (id,)).field('name').select() + data = {'status': status, 'domain': domains, 'key': key, + 'csr': csr, 'type': type, 'httpTohttps': toHttps} + return public.returnJson(True, 'OK', data) + + def createLetApi(self): + siteName = request.form.get('siteName', '').encode('utf-8') + updateOf = request.form.get('updateOf', '') + domains = request.form.get('domains', '').encode('utf-8') + force = request.form.get('force', '').encode('utf-8') + renew = request.form.get('renew', '').encode('utf-8') + email_args = request.form.get('email', '').encode('utf-8') + + domains = json.loads(domains) + email = public.M('users').getField('email') + if email_args.strip() != '': + public.M('users').setField('email', email_args) + email = email_args + + if not len(domains): + return public.returnJson(False, '请选择域名') + + file = self.getHostConf(siteName) + if os.path.exists(file): + siteConf = public.readFile(file) + if siteConf.find('301-START') != -1: + return public.returnJson(False, '检测到您的站点做了301重定向设置,请先关闭重定向!') + + path = '/etc/letsencrypt/live/' + siteName + csrpath = path + "/fullchain.pem" # 生成证书路径 + keypath = path + "/privkey.pem" # 密钥文件路径 + + actionstr = updateOf + siteInfo = public.M('sites').where( + 'name=?', (siteName,)).field('id,name,path').find() + # runPath = self.getRunPath(get) + srcPath = siteInfo['path'] + # if runPath != False and runPath != '/': + # siteInfo['path'] += runPath + # path = siteInfo['path'] + + # 检测acem是否安装 + if public.isAppleSystem(): + user = public.execShell( + "who | sed -n '2, 1p' |awk '{print $1}'")[0].strip() + acem = '/Users/' + user + '/.acme.sh/acme.sh' + else: + acem = '/root/.acme.sh/acme.sh' + if not os.path.exists(acem): + acem = '/.acme.sh/acme.sh' + if not os.path.exists(acem): + try: + public.execShell("curl -sS curl https://get.acme.sh | sh") + except: + return public.returnJson(False, '尝试自动安装ACME失败,请通过以下命令尝试手动安装

安装命令: curl https://get.acme.sh | sh

' + acem) + if not os.path.exists(acem): + return public.returnJson(False, '尝试自动安装ACME失败,请通过以下命令尝试手动安装

安装命令: curl https://get.acme.sh | sh

' + acem) + + force_bool = False + if force == 'true': + force_bool = True + + if renew == 'true': + execStr = acem + " --renew --yes-I-know-dns-manual-mode-enough-go-ahead-please" + else: + execStr = acem + " --issue --force" + + # 确定主域名顺序 + domainsTmp = [] + if siteName in domains: + domainsTmp.append(siteName) + for domainTmp in domains: + if domainTmp == siteName: + continue + domainsTmp.append(domainTmp) + domains = domainsTmp + + home_path = public.getServerDir() + '/openresty/nginx/conf/cert/' + \ + domains[0] + home_cert = home_path + '/fullchain.cer' + home_key = home_path + '/' + domains[0] + '.key' + + domainCount = 0 + for domain in domains: + if public.checkIp(domain): + continue + if domain.find('*.') != -1: + return public.returnJson(False, '泛域名不能使用【文件验证】的方式申请证书!') + if public.M('domain').where('name=?', (domain,)).count(): + p = siteInfo['path'] + else: + p = public.M('binding').where( + 'domain=?', (domain,)).getField('path') + path = p + execStr += ' -w ' + path + execStr += ' -d ' + domain + domainCount += 1 + if domainCount == 0: + return public.returnJson(False, '请选择域名(不包括IP地址与泛域名)!') + print execStr + + cmd = 'export ACCOUNT_EMAIL=' + email + ' && ' + execStr + # result = public.execShell(cmd) + print domains + print file + return public.returnJson(True, 'OK') + def getIndexApi(self): sid = request.form.get('id', '').encode('utf-8') data = {} @@ -239,7 +366,7 @@ class site_api: if domain_count == 1: return public.returnJson(False, '最后一个域名不能删除!') - file = self.setupPath + '/openresty/nginx/conf/vhost/' + webname + '.conf' + file = getHostConf(webname) conf = public.readFile(file) if conf: # 删除域名 @@ -541,6 +668,17 @@ class site_api: return public.getJson(data) + # 是否跳转到https + def isToHttps(self, siteName): + file = self.getHostConf(siteName) + conf = public.readFile(file) + if conf: + if conf.find('HTTP_TO_HTTPS_START') != -1: + return True + if conf.find('$server_port !~ 443') != -1: + return True + return False + def getRewriteList(self): rewriteList = {} rewriteList['rewrite'] = [] diff --git a/route/static/app/site.js b/route/static/app/site.js index 838996a1b..a4e71c165 100755 --- a/route/static/app/site.js +++ b/route/static/app/site.js @@ -1551,7 +1551,7 @@ function setSSL(id,siteName){ // + '' // + '' // $(".tab-con").html(lets); - // $(".help-info-text").after("
"); + // $(".help-info-text").after("
"); // break; // case 0: // $(".tab-nav span").eq(2).addClass("on").siblings().removeClass("on"); @@ -1609,7 +1609,7 @@ function httpToHttps(siteName){ //关闭SSL内容 function closeSSLHTML(txt,siteName){ - $(".tab-con").html("
"+lan.get('ssl_enable',[txt])+"
"); + $(".tab-con").html("
"+lan.get('ssl_enable',[txt])+"
"); } //SSL @@ -1745,7 +1745,7 @@ function opSSL(type,id,siteName){ + '' + ''; $(".tab-con").html(lets); - $(".help-info-text").after("
"); + $(".help-info-text").after("
"); }); return; } @@ -1794,16 +1794,18 @@ function opSSL(type,id,siteName){ var key = ''; var csr = ''; var loadT = layer.msg(lan.site.the_msg,{icon:16,time:0,shade: [0.3, '#000']}); - $.post('site?action=GetSSL','siteName='+siteName,function(rdata){ + $.post('site/get_ssl','siteName='+siteName,function(data){ + // console.log(data); layer.close(loadT); + var rdata = data['data']; if(rdata.status){ - $(".ssl-btn").append(""); + $(".ssl-btn").append(""); } if(rdata.key == false) rdata.key = ''; if(rdata.csr == false) rdata.csr = ''; $("#key").val(rdata.key); $("#csr").val(rdata.csr); - }); + },'json'); break; } // table_fixed("btssl_table_list") @@ -1827,7 +1829,7 @@ function getSSLlist(siteName){ //icoask = '?'; } if(rdata.data[i].setup){ - txt = lan.site.deployed+' | '+lan.public.close+''; + txt = lan.site.deployed+' | '+lan.public.close+''; } tr += ''+rdata.data[i].commonName+''+getLocalTime(rdata.data[i].endtime).split(" ")[0]+''+rdata.data[i].stateName+icoask+''+txt+'' @@ -1867,7 +1869,7 @@ function VerifyDomain(partnerOrderId,siteName){ } //开启与关闭SSL -function OcSSL(action,siteName){ +function ocSSL(action,siteName){ var loadT = layer.msg(lan.site.get_ssl_list,{icon:16,time:0,shade: [0.3, '#000']}); $.post("site?action="+action,'siteName='+siteName+'&updateOf=1',function(rdata){ layer.close(loadT) @@ -1910,7 +1912,7 @@ function newSSL(siteName,domains){ var force = ''; if($("#checkDomain").prop("checked")) force = '&force=true'; var email = $("input[name='admin_email']").val(); - $.post('site?action=CreateLet','siteName='+siteName+'&domains='+domains+'&updateOf=1&email='+email + force,function(rdata){ + $.post('/site/create_let','siteName='+siteName+'&domains='+domains+'&updateOf=1&email='+email + force,function(rdata){ layer.close(loadT) if(rdata.status){ var mykeyhtml = '
'+lan.site.ssl_key+'
' @@ -1919,7 +1921,7 @@ function newSSL(siteName,domains){ + ''; $(".btssl").html(mykeyhtml); layer.msg(rdata.msg,{icon:rdata.status?1:2}); - setCookie('letssl',1); + // setCookie('letssl',1); return; } @@ -1932,10 +1934,10 @@ function newSSL(siteName,domains){ data = "

"+rdata.msg+"

" if(rdata.err[0].length > 10) data += '

' + rdata.err[0].replace(/\n/g,'
') + '

'; if(rdata.err[1].length > 10) data += '

' + rdata.err[1].replace(/\n/g,'
') + '

'; - setCookie('letssl',0); + // setCookie('letssl',0); layer.msg(data,{icon:2,area:'500px',time:0,shade:0.3,shadeClose:true}); - }); + },'json'); } //保存SSL @@ -1947,7 +1949,7 @@ function SaveSSL(siteName){ if(rdata.status){ layer.msg(rdata.msg,{icon:1}); $(".ssl-btn").find(".btn-default").remove(); - $(".ssl-btn").append(""); + $(".ssl-btn").append(""); }else{ layer.msg(rdata.msg,{icon:2,time:0,shade:0.3,shadeClose:true}); }