vpt/qcloud-ssl-cdn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: 给update.sh里的 dns 配上环境变量

Browse Source
This commit is contained in:
yexinhao
2023-02-03 20:41:28 +08:00
commit 105333dd6f
25 changed files with 1539 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
api/__init__.py Normal file
View File

213
api/cdn.py Normal file
View File

@ -0,0 +1,213 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# author: 'zfb'
# time: 2020-12-02 15:42
import json
from datetime import datetime
from tencentcloud.common.exception.tencent_cloud_sdk_exception import TencentCloudSDKException
# 导入 cdn 产品模块的 models
from tencentcloud.cdn.v20180606 import models
from api.get_client_profile import get_client_instance
def get_cdn_client_instance(id, key):
'''获取cdn的实例用于后面对cdn的各种操作
'''
client = get_client_instance(id, key, "cdn")
return client
def get_cdn_detail_info(client):
'''获取所有CDN的详细信息返回列表
'''
try:
req = models.DescribeDomainsConfigRequest()
# 参数列表为空:表示获取所有信息
# 部分可选参数
# Filters: Array Of DomainFilter, 查询条件过滤器,复杂类型
# filter = DomainFilter()
# filter.Name = "domain"
# filter.Value = [domain]
# filter.Fuzzy = False
params = {}
req.from_json_string(json.dumps(params))
resp = client.DescribeDomainsConfig(req)
# print(resp.to_json_string())
print("获取所有cdn详细信息成功")
return resp.Domains
except TencentCloudSDKException as err:
print(err)
return []
def get_cdn_basic_info(client, domain_name):
'''获取指定CDN的基本信息
'''
try:
req = models.DescribeDomainsRequest()
params = {
"Limit": 1,
"Filters": [
{
"Name": "domain",
"Value": [ domain_name ],
"Fuzzy": False
}
]
}
req.from_json_string(json.dumps(params))
resp = client.DescribeDomains(req)
# print(resp.to_json_string())
print("获取指定cdn基本信息成功")
return resp.Domains
except TencentCloudSDKException as err:
print(err)
return []
def get_cdn_url_push_info(client):
'''查询CDN预热配额和每日可用量
'''
try:
req = models.DescribePushQuotaRequest()
params = {}
req.from_json_string(json.dumps(params))
resp = client.DescribePushQuota(req)
# print(resp.to_json_string())
print("获取CDN预热配额和每日可用量信息成功")
return resp.UrlPush
except TencentCloudSDKException as err:
print(err)
return []
def update_cdn_url_push(client, urls, region):
'''指定 URL 资源列表加载至 CDN 节点,支持指定加速区域预热
默认情况下境内、境外每日预热 URL 限额为各 1000 条,每次最多可提交 20 条
'''
try:
req = models.PushUrlsCacheRequest()
params = {
"Urls": urls,
"Area": region,
}
req.from_json_string(json.dumps(params))
resp = client.PushUrlsCache(req)
print(resp.to_json_string())
print("URL:{}预热成功".format(', '.join(urls)))
return True
except TencentCloudSDKException as err:
print(err)
return False
def get_cdn_purge_url_info(client):
'''查询CDN刷新URL配额和每日可用量
'''
try:
req = models.DescribePurgeQuotaRequest()
params = {}
req.from_json_string(json.dumps(params))
resp = client.DescribePurgeQuota(req)
# print(resp.to_json_string())
print("获取CDN刷新URL配额和每日可用量信息成功")
return resp.UrlPurge
except TencentCloudSDKException as err:
print(err)
return []
def update_cdn_purge_url(client, urls, region):
'''指定 URL 资源的刷新,支持指定加速区域刷新
默认情况下境内、境外每日刷新 URL 限额为各 10000 条,每次最多可提交 1000 条
'''
try:
req = models.PurgeUrlsCacheRequest()
params = {
"Urls": urls,
"Area": region,
"UrlEncode": True
}
req.from_json_string(json.dumps(params))
resp = client.PurgeUrlsCache(req)
print(resp.to_json_string())
print("URL:{}刷新成功".format(', '.join(urls)))
return True
except TencentCloudSDKException as err:
print(err)
return False
def update_cdn_ssl(client, domain, cert_id):
'''为指定域名的CDN更换SSL证书
'''
try:
req = models.UpdateDomainConfigRequest()
# 必选参数
# Domain: String, 域名
# 部分可选参数
# Https: Https, Https 加速配置
# 该类型详见 https://cloud.tencent.com/document/api/228/30987#Https
timestr = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
params = {
"Domain": domain,
"Https": {
"Switch": "on",
"CertInfo": {
"CertId": cert_id,
"Message": "Auto update by api at {}".format(timestr)
}
}
}
req.from_json_string(json.dumps(params))
resp = client.UpdateDomainConfig(req)
print(resp.to_json_string())
print("成功更新域名为{0}的CDN的ssl证书为{1}".format(domain, cert_id))
except TencentCloudSDKException as err:
print(err)
exit("为CDN设置SSL证书{}出错".format(cert_id))
def update_cdn_https_options(client, domain, http2, hsts, age, hsts_subdomain, ocsp):
'''为指定域名的CDN的HTTPS开启HTTP 2.0、HSTS、OCSP等多个可选项
'''
try:
req = models.UpdateDomainConfigRequest()
params = {
"Domain": domain,
"Https": {
"Switch": "on"
}
}
if http2:
params["Https"]["Http2"] = "on"
if hsts:
params["Https"]["Hsts"] = {
"Switch": "off",
"MaxAge": 0,
"IncludeSubDomains": "off"
}
params["Https"]["Hsts"]["Switch"] = "on"
params["Https"]["Hsts"]["MaxAge"] = age
if hsts_subdomain:
params["Https"]["Hsts"]["IncludeSubDomains"] = "on"
if ocsp:
params["Https"]["OcspStapling"] = "on"
req.from_json_string(json.dumps(params))
resp = client.UpdateDomainConfig(req)
print(resp.to_json_string())
print("成功开启域名为{0}的CDN的HTTPS选项".format(domain))
except TencentCloudSDKException as err:
print(err)
exit("{}的CDN开启HTTPS选项功能出错".format(domain))

79
api/ecdn.py Normal file
View File

@ -0,0 +1,79 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# author: 'zfb'
# time: 2020-12-02 15:50
import json
from tencentcloud.common.exception.tencent_cloud_sdk_exception import TencentCloudSDKException
# 导入 ecdn 产品模块的 models
from tencentcloud.ecdn.v20191012 import models
from api.get_client_profile import get_client_instance
def get_ecdn_client_instance(id, key):
'''获取ecdn的实例用于后面对ecdn的各种操作
'''
client = get_client_instance(id, key, "ecdn")
return client
def get_ecdn_basic_info(client):
'''获取所有ECDN的基本信息返回列表
'''
try:
req = models.DescribeDomainsRequest()
params = {}
req.from_json_string(json.dumps(params))
resp = client.DescribeDomains(req)
# print(resp.to_json_string())
print("获取所有ecdn基本信息成功")
return resp.Domains
except TencentCloudSDKException as err:
print(err)
return []
def get_ecdn_detail_info(client):
'''获取所有ECDN的详细信息返回列表
'''
try:
req = models.DescribeDomainsConfigRequest()
params = {}
req.from_json_string(json.dumps(params))
resp = client.DescribeDomainsConfig(req)
# print(resp.to_json_string())
print("获取所有ecdn详细信息成功")
return resp.Domains
except TencentCloudSDKException as err:
print(err)
return []
def update_ecdn_ssl(client, domain, cert_id):
'''为指定域名的CDN的更换SSL证书
'''
# 为ecdn更新证书使用ecdn相关接口
# https://console.cloud.tencent.com/api/explorer?Product=ecdn&Version=2019-10-12
try:
req = models.UpdateDomainConfigRequest()
# 必选参数
# Domain: String, 域名
# 部分可选参数
# Https: Https, Https 加速配置
# 该类型详见 https://cloud.tencent.com/document/api/228/30987#Https
params = {
"Domain": domain,
"Https": {
"CertInfo": {
"CertId": cert_id
}
}
}
req.from_json_string(json.dumps(params))
resp = client.UpdateDomainConfig(req)
print(resp.to_json_string())
print("成功更新域名为{0}的CDN的ssl证书为{1}".format(domain, cert_id))
except TencentCloudSDKException as err:
print(err)
exit("为CDN设置SSL证书{}出错".format(cert_id))

52
api/get_client_profile.py Normal file
View File

@ -0,0 +1,52 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# author: 'zfb'
# time: 2020-12-02 15:17
from tencentcloud.common import credential
# 导入可选配置类
from tencentcloud.common.profile.client_profile import ClientProfile
from tencentcloud.common.profile.http_profile import HttpProfile
from tencentcloud.common.exception.tencent_cloud_sdk_exception import TencentCloudSDKException
# 导入ssl产品模块的 client
from tencentcloud.ssl.v20191205 import ssl_client
# 导入cdn产品模块的 client
from tencentcloud.cdn.v20180606 import cdn_client
# 导入ecdn产品模块的 client
from tencentcloud.ecdn.v20191012 import ecdn_client
def get_client_instance(id, key, product):
'''获取指定endpoint的实例用于后面对其的各种操作
'''
try:
# 实例化一个认证对象,入参需要传入腾讯云账户 secretIdsecretKey, 此处还需注意密钥对的保密
cred = credential.Credential(id, key)
# 实例化一个 http 选项,可选
httpProfile = HttpProfile()
# post 请求 (默认为 post 请求)
httpProfile.reqMethod = "POST"
# 请求超时时间,单位为秒 (默认60秒)
httpProfile.reqTimeout = 30
# 不指定接入地域域名 (默认就近接入)
httpProfile.endpoint = "{}.tencentcloudapi.com".format(product)
# 实例化一个 client 选项,可选
clientProfile = ClientProfile()
clientProfile.httpProfile = httpProfile
# 实例化要请求产品的 client 对象clientProfile 是可选的
if product == "ssl":
client = ssl_client.SslClient(cred, "", clientProfile)
print("实例化一个ssl_client成功")
elif product == "cdn":
client = cdn_client.CdnClient(cred, "", clientProfile)
print("实例化cdn client成功")
elif product == "ecdn":
client = ecdn_client.EcdnClient(cred, "", clientProfile)
print("实例化ecdn client成功")
else:
exit("本程序仅支持ssl、cdn、ecdn")
return client
except TencentCloudSDKException as err:
print(err)
exit(-1)

145
api/ssl.py Normal file
View File

@ -0,0 +1,145 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# author: 'zfb'
# time: 2020-12-02 15:02
import json
from datetime import datetime
from tencentcloud.common.exception.tencent_cloud_sdk_exception import TencentCloudSDKException
# 导入 ssl 产品模块的 models
from tencentcloud.ssl.v20191205 import models
from api.get_client_profile import get_client_instance
def get_ssl_client_instance(id, key):
'''获取ssl的实例用于后面对ssl的各种操作
'''
client = get_client_instance(id, key, "ssl")
return client
def get_cert_list(client):
'''获取所有的SSL证书列表
'''
try:
# 实例化一个 ssl 实例信息查询请求对象,每个接口都会对应一个 request 对象
req = models.DescribeCertificatesRequest()
# 可选参数列表
# Offset: Integer, 分页偏移量从0开始
# Limit: Integer, 每页数量默认20
# SearchKey: String, 搜索关键词,可搜索证书 ID、备注名称、域名
# CertificateType: String, 证书类型CA = 客户端证书SVR = 服务器证书
# ProjectId: Integer, 项目 ID
# ExpirationSort: String, 按到期时间排序DESC = 降序, ASC = 升序
# CertificateStatus: Array Of Integer, 证书状态
# Deployable: Integer, 是否可部署可选值1 = 可部署0 = 不可部署
params = {}
req.from_json_string(json.dumps(params))
# 通过 client 对象调用 DescribeCertificatesRequest 方法发起请求,请求方法名与请求对象对应
# 返回的 resp 是一个 DescribeCertificatesResponse 类的实例,与请求对象对应
resp = client.DescribeCertificates(req)
# 输出 json 格式的字符串回包
# print(resp.to_json_string())
# 也可以取出单个值,通过官网接口文档或跳转到 response 对象的定义处查看返回字段的定义
# print(resp.TotalCount)
print("获取ssl证书列表成功")
return resp.Certificates
except TencentCloudSDKException as err:
print(err)
return []
def get_cert_info(client, cert_id):
'''根据id获取SSL证书的信息
'''
try:
req = models.DescribeCertificateRequest()
# 必选参数
# CertificateId: String, 证书 ID
params = {
"CertificateId": cert_id
}
req.from_json_string(json.dumps(params))
resp = client.DescribeCertificate(req)
# print(resp.to_json_string())
print("获取ssl证书{}的信息成功".format(cert_id))
return resp
except TencentCloudSDKException as err:
print(err)
exit("获取证书{}信息出错".format(cert_id))
def get_cert_detail(client, cert_id):
'''根据id获取SSL证书的详情
'''
try:
req = models.DescribeCertificateDetailRequest()
# 必选参数
# CertificateId: String, 证书 ID
params = {
"CertificateId": cert_id
}
req.from_json_string(json.dumps(params))
resp = client.DescribeCertificateDetail(req)
# print(resp.to_json_string())
print("获取ssl证书{}的详细信息成功".format(cert_id))
except TencentCloudSDKException as err:
print(err)
exit("获取证书{}详细信息出错".format(cert_id))
def delete_cert(client, cert_id):
'''删除指定id的SSL证书(删除不存在的id会出现警告)
'''
try:
req = models.DeleteCertificateRequest()
# 必选参数
# CertificateId: String, 证书 ID
params = {
"CertificateId": cert_id
}
req.from_json_string(json.dumps(params))
resp = client.DeleteCertificate(req)
# print(resp.to_json_string())
print("删除ssl证书{}成功".format(cert_id))
except TencentCloudSDKException as err:
print(err)
exit("删除证书{}出错".format(cert_id))
def upload_cert(client, local_cert_info):
'''把本地的SSL证书上传到腾讯云返回新证书的id
'''
try:
req = models.UploadCertificateRequest()
# 必选参数
# CertificatePublicKey: String, 证书公钥内容
# CertificatePrivateKey: String, 私钥内容,证书类型为 SVR 时必填,为 CA 时可不填
# 可选参数列表
# CertificateType: String, 证书类型,默认 SVR。CA = 客户端证书SVR = 服务器证书
# Alias: String, 备注名称
# ProjectId: Integer, 项目 ID
timestr = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
params = {
"CertificatePublicKey": local_cert_info["cer"],
"CertificatePrivateKey": local_cert_info["key"],
"CertificateType": local_cert_info["type"],
"Alias": "Auto upload by api at {}".format(timestr)
}
req.from_json_string(json.dumps(params))
resp = client.UploadCertificate(req)
# print(resp.to_json_string())
print("上传ssl证书成功")
return resp.CertificateId
except TencentCloudSDKException as err:
print(err)
return ""

85
api/tools.py Normal file
View File

@ -0,0 +1,85 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# author: 'zfb'
# time: 2020-12-02 15:45
def read_file(name):
'''读取文件内容
'''
with open(name, 'r') as file:
text = file.read()
return text
def chunks(l, n):
for i in range(0, len(l), n):
yield l[i:i + n]
def resize_url_list(url_list, group_size):
'''将一维列表按照指定长度分割
'''
url_chunks = list(chunks(url_list, group_size))
results = []
for i in range(len(url_chunks)):
results.append(url_chunks[i])
print("重置的URL列表个数{},每个列表包含文件数{}".format(len(results), group_size))
return results
def get_sitemap_urls(url):
'''从给定的sitemap.xml文件获取链接
'''
import requests
import re
text = requests.get(url).text
pattern = re.compile(r'<loc>(.*?)</loc>')
results = re.findall(pattern, text)
url_list = []
for res in results:
if not res.endswith("/"):
res = res + "/"
url_list.append(res)
return url_list
def get_urls_from_file(file_name):
'''从给定的文件获取链接
'''
with open(file_name, 'r') as file:
return [x.strip() for x in file.readlines()]
def generate_https(https):
'''由于Https无法序列化自己将其改为字典已弃用
'''
server_cert = {}
server_cert["CertId"] = https.CertInfo.CertId
server_cert["CertName"] = https.CertInfo.CertName
server_cert["Certificate"] = https.CertInfo.Certificate
server_cert["PrivateKey"] = https.CertInfo.PrivateKey
server_cert["ExpireTime"] = https.CertInfo.ExpireTime
server_cert["DeployTime"] = https.CertInfo.DeployTime
server_cert["Message"] = https.CertInfo.Message
client_cert = {}
client_cert["Certificate"] = https.ClientCertInfo.Certificate
client_cert["CertName"] = https.ClientCertInfo.CertName
client_cert["ExpireTime"] = https.ClientCertInfo.ExpireTime
client_cert["DeployTime"] = https.ClientCertInfo.DeployTime
hsts = {}
hsts["Switch"] = https.Hsts.Switch
hsts["MaxAge"] = https.Hsts.MaxAge
hsts["IncludeSubDomains"] = https.Hsts.IncludeSubDomains
res = {}
res["Switch"] = https.Switch
res["Http2"] = https.Http2
res["OcspStapling"] = https.OcspStapling
res["VerifyClient"] = https.VerifyClient
res["Spdy"] = https.Spdy
res["SslStatus"] = https.SslStatus
res["CertInfo"] = server_cert
res["ClientCertInfo"] = client_cert
res["Hsts"] = https.Hsts
return res