|
...
|
...
|
@@ -53,33 +53,61 @@ public function checkDomainSsl() |
|
|
|
$site_id = $site_list['data'][0]['id'];
|
|
|
|
$host = $site_list['data'][0]['name'];
|
|
|
|
|
|
|
|
//获取站点可用于设置证书的域名
|
|
|
|
$site_domain_list = $this->bt->WebDoaminList($site_id);
|
|
|
|
$apply_ssl_domain_list = [];
|
|
|
|
foreach ($site_domain_list as $val) {
|
|
|
|
if (strpos($val['name'], '*') === false && $this->check_domain_record($val['name'], ['domain' => '', 'ip' => $site_ip])) {
|
|
|
|
$apply_ssl_domain_list[] = $val['name'];
|
|
|
|
if (env('IS_SSL', false)) {
|
|
|
|
//通配符证书
|
|
|
|
$transmitUrl = env("TRANSMIT_URL");
|
|
|
|
$resp = $this->httpPost($transmitUrl . "api/selfSiteSsl/", json_encode([]));
|
|
|
|
if (isset($resp['status']) && $resp['status'] == 200) {
|
|
|
|
$ssl_key = $resp['data']['ssl_key'] ?? '';
|
|
|
|
$ssl_cert = $resp['data']['ssl_cert'] ?? '';
|
|
|
|
if ($ssl_key && $ssl_cert) {
|
|
|
|
//申请证书之前,还原主站配置
|
|
|
|
$config_before = file_get_contents(public_path('main_site_default.txt'));
|
|
|
|
$re_config_before = $this->bt->SaveFileBody('/www/server/panel/vhost/nginx/' . $host . '.conf', $config_before, 'utf-8', 1);
|
|
|
|
if (!($re_config_before['status'] ?? false)) {
|
|
|
|
throw new \Exception($re_config_before['msg'] ?? '还原主站nginx配置失败');
|
|
|
|
}
|
|
|
|
|
|
|
|
//设置站点证书
|
|
|
|
$this->setDomainSsl($site_id, $host, [], $ssl_key, $ssl_cert);
|
|
|
|
|
|
|
|
//申请证书之后,更新主站配置
|
|
|
|
$config_after = file_get_contents(public_path('main_site_config.txt'));
|
|
|
|
$re_config_after = $this->bt->SaveFileBody('/www/server/panel/vhost/nginx/' . $host . '.conf', $config_after, 'utf-8', 1);
|
|
|
|
if (!($re_config_after['status'] ?? false)) {
|
|
|
|
throw new \Exception($re_config_after['msg'] ?? '更新主站nginx配置失败');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
//获取站点可用于设置证书的域名
|
|
|
|
$site_domain_list = $this->bt->WebDoaminList($site_id);
|
|
|
|
$apply_ssl_domain_list = [];
|
|
|
|
foreach ($site_domain_list as $val) {
|
|
|
|
if (strpos($val['name'], '*') === false && $this->check_domain_record($val['name'], ['domain' => '', 'ip' => $site_ip])) {
|
|
|
|
$apply_ssl_domain_list[] = $val['name'];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (empty($apply_ssl_domain_list)) {
|
|
|
|
throw new \Exception('主站所有域名都未解析在当前服务器');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (empty($apply_ssl_domain_list)) {
|
|
|
|
throw new \Exception('主站所有域名都未解析在当前服务器');
|
|
|
|
}
|
|
|
|
|
|
|
|
//申请证书之前,还原主站配置
|
|
|
|
$config_before = file_get_contents(public_path('main_site_default.txt'));
|
|
|
|
$re_config_before = $this->bt->SaveFileBody('/www/server/panel/vhost/nginx/' . $host . '.conf', $config_before, 'utf-8', 1);
|
|
|
|
if (!($re_config_before['status'] ?? false)) {
|
|
|
|
throw new \Exception($re_config_before['msg'] ?? '还原主站nginx配置失败');
|
|
|
|
}
|
|
|
|
//申请证书之前,还原主站配置
|
|
|
|
$config_before = file_get_contents(public_path('main_site_default.txt'));
|
|
|
|
$re_config_before = $this->bt->SaveFileBody('/www/server/panel/vhost/nginx/' . $host . '.conf', $config_before, 'utf-8', 1);
|
|
|
|
if (!($re_config_before['status'] ?? false)) {
|
|
|
|
throw new \Exception($re_config_before['msg'] ?? '还原主站nginx配置失败');
|
|
|
|
}
|
|
|
|
|
|
|
|
//设置站点证书
|
|
|
|
$this->setDomainSsl($site_id, $host, $apply_ssl_domain_list);
|
|
|
|
//设置站点证书
|
|
|
|
$this->setDomainSsl($site_id, $host, $apply_ssl_domain_list);
|
|
|
|
|
|
|
|
//申请证书之后,更新主站配置
|
|
|
|
$config_after = file_get_contents(public_path('main_site_config.txt'));
|
|
|
|
$re_config_after = $this->bt->SaveFileBody('/www/server/panel/vhost/nginx/' . $host . '.conf', $config_after, 'utf-8', 1);
|
|
|
|
if (!($re_config_after['status'] ?? false)) {
|
|
|
|
throw new \Exception($re_config_after['msg'] ?? '更新主站nginx配置失败');
|
|
|
|
//申请证书之后,更新主站配置
|
|
|
|
$config_after = file_get_contents(public_path('main_site_config.txt'));
|
|
|
|
$re_config_after = $this->bt->SaveFileBody('/www/server/panel/vhost/nginx/' . $host . '.conf', $config_after, 'utf-8', 1);
|
|
|
|
if (!($re_config_after['status'] ?? false)) {
|
|
|
|
throw new \Exception($re_config_after['msg'] ?? '更新主站nginx配置失败');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->output('主站证书更新成功');
|
|
...
|
...
|
@@ -232,6 +260,39 @@ public function getDomainSslTime($domain) |
|
|
|
return ['from' => $valid_from, 'to' => $valid_to];
|
|
|
|
}
|
|
|
|
|
|
|
|
public function httpPost($url, $data, $header = [], $is_json = true)
|
|
|
|
{
|
|
|
|
if (empty($header)) {
|
|
|
|
$header = array(
|
|
|
|
"Accept: application/json",
|
|
|
|
"Content-Type:application/json;charset=utf-8",
|
|
|
|
"token:" . env("SECRET_TOKEN"),
|
|
|
|
"pid:" . env("MERCHANT_NUMBER")
|
|
|
|
);
|
|
|
|
}
|
|
|
|
$ch = curl_init();
|
|
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
|
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
|
|
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
|
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
|
|
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
|
|
|
|
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)');
|
|
|
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
|
|
|
|
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
|
|
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
|
|
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
$res = curl_exec($ch);
|
|
|
|
if (curl_errno($ch)) {
|
|
|
|
$error_message = curl_error($ch);
|
|
|
|
@file_put_contents(storage_path('logs/error.log'), var_export($error_message, true) . PHP_EOL, FILE_APPEND);
|
|
|
|
}
|
|
|
|
curl_close($ch);
|
|
|
|
if ($is_json) {
|
|
|
|
return json_decode($res, true);
|
|
|
|
}
|
|
|
|
return trim($res);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 输出处理日志
|
|
|
|
* @param $message
|
...
|
...
|
|
