Skip to content

Instantly share code, notes, and snippets.

@lewangdev

lewangdev/qiniu_sslcert.py

Last active July 6, 2023 11:26
Show Gist options
  • Star 33 You must be signed in to star a gist
  • Fork 8 You must be signed in to fork a gist
  • Save lewangdev/620ede2156c8c4915d9031c9f4b6a339 to your computer and use it in GitHub Desktop.
Save lewangdev/620ede2156c8c4915d9031c9f4b6a339 to your computer and use it in GitHub Desktop.
Download ZIP
qiniu_sslcert
Raw
qiniu_sslcert.py
#!/usr/bin/env python
## Dependencies:
#
# pip install qiniu
#
## Tips for Deploy certs to Qiniu:
#
# export DOMAIN=lewangdev.com
# export QINIU_DOMAIN=images.${DOMAIN},staticfiles.${DOMAIN}
# export QINIU_ACCESS_KEY=
# export QINIU_SECRET_KEY=
#
## Use https://github.com/acmesh-official/acme.sh to issue a let's encrypt cert
## More info plz visit https://github.com/acmesh-official/acme.sh/wiki
# docker run --rm -v /data/var/lib/acme.sh:/acme.sh neilpang/acme.sh \
# --issue --dns dns_ali --log -k 4096 --force --dnssleep 300 \
# -d ${DOMAIN} \
# -d *.{DOMAIN}
#
# rm -rf ./${DOMAIN} | true
# cp -R /data/var/lib/acme.sh/${DOMAIN} ./
# python qiniu_sslcert.py
import qiniu
from qiniu import DomainManager
import os
import time
import logging
LOGGER = logging.getLogger(__name__)
def config_logger():
LOGGER.setLevel(logging.DEBUG)
ch = logging.StreamHandler()
ch.setLevel(logging.DEBUG)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
ch.setFormatter(formatter)
LOGGER.addHandler(ch)
if __name__ == "__main__":
config_logger()
domain_name = os.getenv('DOMAIN', '')
access_key = os.getenv('QINIU_ACCESS_KEY', '')
secret_key = os.getenv('QINIU_SECRET_KEY', '')
qiniu_domain_names_string = os.getenv('QINIU_DOMAIN', '')
auth = qiniu.Auth(access_key=access_key, secret_key=secret_key)
domain_manager = DomainManager(auth)
privatekey = "{}/{}.key".format(domain_name, domain_name)
ca = "{}/fullchain.cer".format(domain_name)
with open(privatekey, 'r') as f:
privatekey_str = f.read()
with open(ca, 'r') as f:
ca_str = f.read()
ret, info = domain_manager.create_sslcert("{}/{}".format(domain_name, time.strftime("%Y-%m-%d", time.localtime())),
domain_name, privatekey_str, ca_str)
LOGGER.info("CertId: %s", ret['certID'])
cert_id = ret['certID']
qiniu_domain_names = qiniu_domain_names_string.split(",")
for qiniu_domain_name in qiniu_domain_names:
LOGGER.info("Deploy ssl cert to domain=%s", qiniu_domain_name)
ret, info = domain_manager.put_httpsconf(qiniu_domain_name, cert_id, False)
LOGGER.info("Ret: %s", info)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment