acme证书选择

3 months ago · 25f4a815fd
parent 74f774bc3b
commit 25f4a815fd
3 changed files with 48 additions and 9 deletions
--- a/web/admin/site/ssl_acme.py
+++ b/web/admin/site/ssl_acme.py
@ -45,9 +45,12 @@ def create_acme():
    email = request.form.get('email', '')
    wildcard_domain = request.form.get('wildcard_domain','')
    apply_type = request.form.get('apply_type', 'file')
+    apply_ca = request.form.get('apply_ca', 'default')
+
+    
    dnspai = request.form.get('dnspai','')
    dns_alias = request.form.get('dns_alias','')
-    return MwSites.instance().createAcme(site_name, domains, force, renew, apply_type, dnspai, email, wildcard_domain,dns_alias)
+    return MwSites.instance().createAcme(site_name, domains, force, renew, apply_type, apply_ca, dnspai, email, wildcard_domain,dns_alias)



--- a/web/static/app/site.js
+++ b/web/static/app/site.js
@ -2283,7 +2283,7 @@ function opSSLNow(type, id, siteName, callback){
 function opSSLAcme(type, id, siteName, callback){
 	var acme =  '<div class="apply_ssl">\
 		<div class="label-input-group">\
-			<div class="line mtb10">\
+			<div class="line">\
 				<span class="tname text-center">验证方式</span>\
 				<div style="margin-top:7px;display:inline-block">\
 					<input type="radio" name="apply_type" value="file" id="check_file" checked="checked"/>\
@ -2292,6 +2292,19 @@ function opSSLAcme(type, id, siteName, callback){
  					<label class="mr20" for="check_dns" style="font-weight:normal">DNS验证</label></label>\
  				</div>\
 	  		</div>\
+	  		<div class="line">\
+				<span class="tname text-center">证书</span>\
+				<div style="margin-top:7px;display:inline-block">\
+					<input type="radio" name="apply_ca" value="default" id="ca_default" checked="checked"/>\
+  					<label class="mr20" for="ca_default" style="font-weight:normal">默认</label></label>\
+  					<input type="radio" name="apply_ca" value="let" id="ca_letsencrypt"/>\
+  					<label class="mr20" for="ca_letsencrypt" style="font-weight:normal">letsencrypt</label></label>\
+  					<input type="radio" name="apply_ca" value="zerossl" id="ca_zerossl/>\
+  					<label class="mr20" for="ca_zerossl" style="font-weight:normal">zerossl</label></label>\
+  					<input type="radio" name="apply_ca" value="buypass" id="ca_buypass/>\
+  					<label class="mr20" for="ca_buypass" style="font-weight:normal">buypass</label></label>\
+  				</div>\
+	  		</div>\
 	  		<div class="line mtb10" id="dnsapi_option" style="display:none;">\
 				<span class="tname text-center" style="line-height: 42px;">选择DNS接口</span>\
 				<div style="margin-top:7px;display:inline-block">\
@ -2308,7 +2321,7 @@ function opSSLAcme(type, id, siteName, callback){
  				</div>\
  			</div>\
  			<div class="check_message line">\
-  				<div style="margin-left:100px">\
+  				<div style="margin-left:100px; margin-top:8px;">\
  					<input type="checkbox" name="checkDomain" id="checkDomain" checked="">\
  					<label class="mr20" for="checkDomain" style="font-weight:normal">提前校验域名(提前发现问题,减少失败率)</label>\
  				</div>\
@ -2731,6 +2744,10 @@ function newAcmeHandApplyNotice(siteName, id, domains, data){

 				var apply_type = $('input[name="apply_type"]:checked').val();
 				pdata['apply_type'] = apply_type;
+
+				var apply_ca = $('input[name="apply_ca"]:checked').val();
+				pdata['apply_ca'] = apply_ca;
+
 				if (apply_type == 'dns'){
 					pdata['dnspai'] = $('#dnsapi_option option:selected').val();
 				}
@ -2767,9 +2784,13 @@ function newAcmeSSL(siteName, id, domains){

 		var apply_type = $('input[name="apply_type"]:checked').val();
 		pdata['apply_type'] = apply_type;
+
+		var apply_ca = $('input[name="apply_ca"]:checked').val();
+		pdata['apply_ca'] = apply_ca;
+
 		if (apply_type == 'dns'){
 			pdata['dnspai'] = $('#dnsapi_option option:selected').val();
-		}
+		}		

 		pdata['dns_alias'] = $("input[name='dns_alias']").val();
 		$.post('/site/create_acme',pdata,function(rdata){
--- a/web/utils/site.py
+++ b/web/utils/site.py
@ -2153,7 +2153,7 @@ location ^~ {from} {\n\
        mw.restartWeb()
        return mw.returnData(True, '删除成功')

-    def createAcmeFile(self, site_name, domains, email, force, renew):
+    def createAcmeFile(self, site_name, apply_ca, domains, email, force, renew):
        site_conf = self.getHostConf(site_name)
        if not os.path.exists(site_conf):
            return mw.returnData(False, '配置异常!')
@ -2204,6 +2204,13 @@ location ^~ {from} {\n\
        self.writeAcmeLog('开始ACME申请...')
        log_file = self.acmeLogFile()

+        if apply_ca == "let": 
+            cmd = cmd + " --server letsencrypt "
+        else if apply_ca == "let":
+            cmd = cmd + " --server zerossl "
+        else if apply_ca == "let":
+            cmd = cmd + " --server buypass "
+
        cmd = 'export ACCOUNT_EMAIL=' + email + ' && ' + cmd + ' >> ' + log_file
        # print(cmd)
        result = mw.execShell(cmd)
@ -2362,7 +2369,7 @@ export PATH
        mw.restartWeb()
        return mw.returnData(True, '证书已更新!', result)

-    def createAcmeDns(self, site_name, domains, email, dnspai, wildcard_domain, force, renew, dns_alias):
+    def createAcmeDns(self, site_name, apply_ca, domains, email, dnspai, wildcard_domain, force, renew, dns_alias):
        dnsapi_option = thisdb.getOptionByJson('dnsapi', default={})
        log_file = self.acmeLogFile()
        cmd = 'echo "..." > '+ log_file
@ -2399,6 +2406,14 @@ export PATH

            if dns_alias != '':
                cmd += ' --domain-alias '+str(dns_alias)
+
+
+            if apply_ca == "let": 
+                cmd = cmd + " --server letsencrypt "
+            else if apply_ca == "let":
+                cmd = cmd + " --server zerossl "
+            else if apply_ca == "let":
+                cmd = cmd + " --server buypass "
                
            cmd +=  ' > ' + log_file
            # print(cmd)
@ -2448,7 +2463,7 @@ export PATH
        mw.restartWeb()
        return mw.returnData(True, '证书已更新!', result)

-    def createAcme(self, site_name, domains, force, renew, apply_type, dnspai, email, wildcard_domain, dns_alias):
+    def createAcme(self, site_name, domains, force, renew, apply_type, apply_ca, dnspai, email, wildcard_domain, dns_alias):
        domains = json.loads(domains)
        if len(domains) < 1:
            return mw.returnData(False, '请选择域名')
@ -2474,9 +2489,9 @@ export PATH
            return mw.returnData(False, '正在申请或更新SSL中...')

        if apply_type == 'file':
-            return self.createAcmeFile(site_name, domains, email,force,renew)
+            return self.createAcmeFile(site_name, apply_ca, domains, email,force,renew)
        elif apply_type == 'dns':
-            return self.createAcmeDns(site_name, domains, email, dnspai, wildcard_domain,force, renew, dns_alias)
+            return self.createAcmeDns(site_name, apply_ca,domains, email, dnspai, wildcard_domain,force, renew, dns_alias)
        return mw.returnData(False, '异常请求')

    def createLet(self, site_name, domains, force, renew, apply_type, dnspai, email, wildcard_domain):