mirrors2/eiblog
1
0
Fork 0
mirror of https://github.com/eiblog/eiblog.git synced 2026-03-01 00:34:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

update Makefile

Browse Source
This commit is contained in:
deepzz0
2017-06-25 15:22:33 +08:00
parent c4bf59ce5d
commit 66811830b0
1 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Makefile
View File

@@ -1,3 +1,4 @@
.PHONY: test build deploy dist gencert dhparams ssticket makedir clean
# use aliyun dns api to auto renew cert. # use aliyun dns api to auto renew cert.
# env: # env:
# export Ali_Key="sdfsdfsdfljlbjkljlkjsdfoiwje" # export Ali_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
@@ -22,7 +23,7 @@ deploy:build
dist: dist:
@./dist.sh @./dist.sh
gencert: gencert:makedir
@echo $(Ali_Key) $(Ali_Secret) @echo $(Ali_Key) $(Ali_Secret)
@if [ ! -n "$(sans)" ]; then \ @if [ ! -n "$(sans)" ]; then \
printf "Need one argument [sans=params]\n"; \ printf "Need one argument [sans=params]\n"; \
@@ -40,23 +41,21 @@ gencert:
@echo "generate rsa cert..." @echo "generate rsa cert..."
@$(acme.sh) --force --issue --dns dns_ali \ @$(acme.sh) --force --issue --dns dns_ali \
$(sans) --log $(sans) --log --renew-hook "ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/venafi.sct && \
ct-submit ctlog.wosign.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/wosign.sct"
@$(acme.sh) --install-cert -d $(cn) \ @$(acme.sh) --install-cert -d $(cn) \
--key-file $(config)/ssl/domain.rsa.key \ --key-file $(config)/ssl/domain.rsa.key \
--fullchain-file $(config)/ssl/domain.rsa.pem \ --fullchain-file $(config)/ssl/domain.rsa.pem \
--reloadcmd "service nginx force-reload" --reloadcmd "service nginx force-reload"
@ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/venafi.sct && \
ct-submit ctlog-gen2.api.venafi.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/venafi2.sct
@echo "generate ecc cert..." @echo "generate ecc cert..."
@$(acme.sh) --force --issue --dns dns_ali \ @$(acme.sh) --force --issue --dns dns_ali \
$(sans) -k ec-256 --log $(sans) -k ec-256 --log --renew-hook "ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/venafi.sct && \
ct-submit ctlog.wosign.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/wosign.sct"
@$(acme.sh) --install-cert -d $(cn) --ecc \ @$(acme.sh) --install-cert -d $(cn) --ecc \
--key-file $(config)/ssl/domain.ecc.key \ --key-file $(config)/ssl/domain.ecc.key \
--fullchain-file $(config)/ssl/domain.ecc.pem \ --fullchain-file $(config)/ssl/domain.ecc.pem \
--reloadcmd "service nginx force-reload" --reloadcmd "service nginx force-reload"
@ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/venafi.sct && \
ct-submit ctlog-gen2.api.venafi.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/venafi2.sct
# fullchained: # fullchained:
# @if [ ! -n "$(cn)" ]; then \ # @if [ ! -n "$(cn)" ]; then \
@@ -73,5 +72,8 @@ dhparams:
ssticket: ssticket:
@openssl rand 48 > $(config)/ssl/session_ticket.key @openssl rand 48 > $(config)/ssl/session_ticket.key
makedir:
@mkdir -p $(config)/ssl $(config)/scts/rsa $(config)/scts/ecc
clean: clean: