135 lines
		
	
	
		
			4.3 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
		
		
			
		
	
	
			135 lines
		
	
	
		
			4.3 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
|  | 'use strict'; | ||
|  | 
 | ||
|  | var args = process.argv.slice(3); | ||
|  | var cli = require('./cli.js'); | ||
|  | var path = require('path'); | ||
|  | //var pkgpath = path.join(__dirname, '..', 'package.json');
 | ||
|  | var pkgpath = path.join(process.cwd(), 'package.json'); | ||
|  | 
 | ||
|  | require('./greenlockrc')(pkgpath).then(async function(rc) { | ||
|  |     var Greenlock = require('../'); | ||
|  |     // this is a copy, so it's safe to modify
 | ||
|  |     rc._bin_mode = true; | ||
|  |     var greenlock = Greenlock.create(rc); | ||
|  |     var mconf = await greenlock.manager.defaults(); | ||
|  | 
 | ||
|  |     cli.parse({ | ||
|  |         subject: [ | ||
|  |             false, | ||
|  |             'the "subject" (primary domain) of the certificate', | ||
|  |             'string' | ||
|  |         ], | ||
|  |         altnames: [ | ||
|  |             false, | ||
|  |             'the "subject alternative names" (additional domains) on the certificate, the first of which MUST be the subject', | ||
|  |             'string' | ||
|  |         ], | ||
|  |         'renew-offset': [ | ||
|  |             false, | ||
|  |             "time to wait until renewing the cert such as '45d' (45 days after being issued) or '-3w' (3 weeks before expiration date)", | ||
|  |             'string', | ||
|  |             mconf.renewOffset | ||
|  |         ], | ||
|  |         'server-key-type': [ | ||
|  |             false, | ||
|  |             "either 'RSA-2048' or 'P-256' (ECDSA) - although other values are technically supported, they don't make sense and won't work with many services (More bits != More security)", | ||
|  |             'string', | ||
|  |             mconf.serverKeyType | ||
|  |         ], | ||
|  |         challenge: [ | ||
|  |             false, | ||
|  |             'the name name of file path of the HTTP-01, DNS-01, or TLS-ALPN-01 challenge module to use', | ||
|  |             'string', | ||
|  |             Object.keys(mconf.challenges) | ||
|  |                 .map(function(typ) { | ||
|  |                     return mconf.challenges[typ].module; | ||
|  |                 }) | ||
|  |                 .join(',') | ||
|  |         ], | ||
|  |         'challenge-xxxx': [ | ||
|  |             false, | ||
|  |             'an option for the chosen challenge module, such as --challenge-apikey or --challenge-bucket', | ||
|  |             'bag' | ||
|  |         ], | ||
|  |         'challenge-json': [ | ||
|  |             false, | ||
|  |             'a JSON string containing all option for the chosen challenge module (instead of --challenge-xxxx)', | ||
|  |             'json', | ||
|  |             '{}' | ||
|  |         ], | ||
|  |         'force-save': [ | ||
|  |             false, | ||
|  |             "save all options for this site, even if it's the same as the defaults", | ||
|  |             'boolean', | ||
|  |             false | ||
|  |         ] | ||
|  |     }); | ||
|  | 
 | ||
|  |     // ignore certonly and extraneous arguments
 | ||
|  |     async function main(_, options) { | ||
|  |         if (!options.subject || !options.altnames) { | ||
|  |             console.error( | ||
|  |                 '--subject and --altnames must be provided and should be valid domains' | ||
|  |             ); | ||
|  |             process.exit(1); | ||
|  |             return; | ||
|  |         } | ||
|  |         options.altnames = options.altnames.split(/[,\s]+/); | ||
|  | 
 | ||
|  |         Object.keys(options).forEach(function(k) { | ||
|  |             if (options[k] === mconf[k] && !options.forceSave) { | ||
|  |                 delete options[k]; | ||
|  |             } | ||
|  |         }); | ||
|  | 
 | ||
|  |         var typ; | ||
|  |         var challenge; | ||
|  |         if (options.challenge) { | ||
|  |             if (/http-01/.test(options.challenge)) { | ||
|  |                 typ = 'http-01'; | ||
|  |             } else if (/dns-01/.test(options.challenge)) { | ||
|  |                 typ = 'dns-01'; | ||
|  |             } else if (/tls-alpn-01/.test(options.challenge)) { | ||
|  |                 typ = 'tls-alpn-01'; | ||
|  |             } | ||
|  | 
 | ||
|  |             challenge = options.challengeOpts; | ||
|  |             challenge.module = options.challenge; | ||
|  |             options.challenges = {}; | ||
|  |             options.challenges[typ] = challenge; | ||
|  |             delete options.challengeOpts; | ||
|  |             delete options.challenge; | ||
|  | 
 | ||
|  |             var chall = mconf.challenges[typ]; | ||
|  |             if (challenge.module === chall.module) { | ||
|  |                 var keys = Object.keys(challenge); | ||
|  |                 var same = | ||
|  |                     !keys.length || | ||
|  |                     keys.every(function(k) { | ||
|  |                         return chall[k] === challenge[k]; | ||
|  |                     }); | ||
|  |                 if (same && !options.forceSave) { | ||
|  |                     delete options.challenges; | ||
|  |                 } | ||
|  |             } | ||
|  |         } | ||
|  | 
 | ||
|  |         delete options.forceSave; | ||
|  | 
 | ||
|  |         /* | ||
|  |         console.log('manager conf:'); | ||
|  |         console.log(mconf); | ||
|  |         console.log('cli options:'); | ||
|  |         console.log(options); | ||
|  |         */ | ||
|  | 
 | ||
|  |         greenlock.add(options).catch(function(err) { | ||
|  |             console.error(); | ||
|  |             console.error('error:', err.message); | ||
|  |             console.error(); | ||
|  |         }); | ||
|  |     } | ||
|  | 
 | ||
|  |     cli.main(main, process.argv.slice(3)); | ||
|  | }); |