From 25cb23fdb38613415caf46dad2959bddbbc4f9b3 Mon Sep 17 00:00:00 2001
From: Deepzz <deepzz.qi@gmail.com>
Date: Sun, 20 Aug 2017 17:48:44 +0800
Subject: [PATCH 1/4] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index dcad4ec..5e27c2c 100644
--- a/README.md
+++ b/README.md
@@ -85,5 +85,6 @@
 ### 成功搭建者博客
 
 * [https://razeencheng.com/](https://razeencheng.com/) - Razeen's Blog
+* [https://mxthd.me/](https://mxthd.me/) - 梦醒逃荒岛
 
 如果你的博客使用`Eiblog`搭建，你可以在 [这里](https://github.com/eiblog/eiblog/issues/1) 提交网址。

From 5ce806a7d7ae0f32c62cadbbfd1f2523326cb166 Mon Sep 17 00:00:00 2001
From: "henry.chen" <henry.chen@trustaisa.com>
Date: Fri, 25 Aug 2017 18:01:37 +0800
Subject: [PATCH 2/4] =?UTF-8?q?=E6=8C=91=E6=88=98=20acme.sh=20=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E9=AA=8C=E8=AF=81=E8=B7=AF=E5=BE=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Makefile                      | 54 ++++++++++++++---------------------
 conf/nginx/domain/eiblog.conf |  2 +-
 2 files changed, 23 insertions(+), 33 deletions(-)

diff --git a/Makefile b/Makefile
index 283f119..8dd338c 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,7 @@ test:
 build:
 	@echo "go build..."
 	@CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build && \
-	  docker build -t $(docker_registry)/deepzz/eiblog:latest .
+		docker build -t $(docker_registry)/deepzz/eiblog:latest .
 
 deploy:build
 	@docker push $(docker_registry)/deepzz/eiblog:latest
@@ -24,47 +24,37 @@ dist:
 	@./dist.sh
 
 gencert:makedir
-	@echo $(Ali_Key) $(Ali_Secret)
 	@if [ ! -n "$(sans)" ]; then \
-      printf "Need one argument [sans=params]\n"; \
-	  printf "example: sans=\"-d domain -d domain\"\n"; \
-      exit 1; \
-    fi; \
+		printf "Need one argument [sans=params]\n"; \
+		printf "example: sans=\"-d domain -d domain\"\n"; \
+		exit 1; \
+	fi; \
 	if [ ! -n "$(cn)" ]; then \
-      printf "Need one argument [cn=params]\n"; \
-	  printf "example: cn=domain\n"; \
-      exit 1; \
-    fi
+		printf "Need one argument [cn=params]\n"; \
+		printf "example: cn=domain\n"; \
+		exit 1; \
+	fi
 	@if [ ! -f $(acme.sh) ]; then \
-	  curl https://get.acme.sh | sh; \
+		curl https://get.acme.sh | sh; \
 	fi
 
 	@echo "generate rsa cert..."
-	@$(acme.sh) --force --issue --dns dns_ali \
-	  $(sans) --log --renew-hook "ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/venafi.sct && \
-	  ct-submit ctlog.wosign.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/wosign.sct"
+	@$(acme.sh) --force --issue --dns dns_ali $(sans) --log \
+		--renew-hook "ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/venafi.sct \
+		&& ct-submit ctlog.wosign.com < $(config)/ssl/domain.rsa.pem > $(config)/scts/rsa/wosign.sct"
 	@$(acme.sh) --install-cert -d $(cn) \
-      --key-file       $(config)/ssl/domain.rsa.key \
-      --fullchain-file $(config)/ssl/domain.rsa.pem \
-      --reloadcmd      "service nginx force-reload"
+		--key-file       $(config)/ssl/domain.rsa.key \
+		--fullchain-file $(config)/ssl/domain.rsa.pem \
+		--reloadcmd      "service nginx force-reload"
 
 	@echo "generate ecc cert..."
-	@$(acme.sh) --force --issue --dns dns_ali \
-	  $(sans) -k ec-256 --log --renew-hook "ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/venafi.sct && \
-	  ct-submit ctlog.wosign.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/wosign.sct"
+	@$(acme.sh) --force --issue --dns dns_ali $(sans) -k ec-256 --log \
+		--renew-hook "ct-submit ctlog.api.venafi.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/venafi.sct \
+		&& ct-submit ctlog.wosign.com < $(config)/ssl/domain.ecc.pem > $(config)/scts/ecc/wosign.sct"
 	@$(acme.sh) --install-cert -d $(cn) --ecc \
-      --key-file       $(config)/ssl/domain.ecc.key \
-      --fullchain-file $(config)/ssl/domain.ecc.pem \
-      --reloadcmd      "service nginx force-reload"
-
-# fullchained:
-# 	@if [ ! -n "$(cn)" ]; then \
-#       printf "Use acme.sh generated certs, Need one argument [cn=params]\n"; \
-# 	  printf "example: cn=domain\n"; \
-#       exit 1; \
-#     fi
-# 	@cp $(acme)/$(cn)/ca.cer $(config)/ssl/full_chained.pem && \
-# 	   echo $(X3) >> $(config)/ssl/full_chained.pem
+		--key-file       $(config)/ssl/domain.ecc.key \
+		--fullchain-file $(config)/ssl/domain.ecc.pem \
+		--reloadcmd      "service nginx force-reload"
 
 dhparams:
 	@openssl dhparam -out $(config)/ssl/dhparams.pem 2048
diff --git a/conf/nginx/domain/eiblog.conf b/conf/nginx/domain/eiblog.conf
index dca77b8..de35080 100644
--- a/conf/nginx/domain/eiblog.conf
+++ b/conf/nginx/domain/eiblog.conf
@@ -124,7 +124,7 @@ server {
 
     # letsencrypt file verify
     location ^~ /.well-known/acme-challenge/ {
-        alias                    /data/letsencrypt/challenges/;
+        alias                    /data/eiblog/challenges/;
         try_files                $uri =404;
     }
 

From 6fc5af1b0f8bab3a3b6c366b0e045f5bcd14e1aa Mon Sep 17 00:00:00 2001
From: Deepzz <deepzz.qi@gmail.com>
Date: Tue, 26 Sep 2017 22:42:49 -0500
Subject: [PATCH 3/4] Update eiblog.conf

---
 conf/nginx/domain/eiblog.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf/nginx/domain/eiblog.conf b/conf/nginx/domain/eiblog.conf
index de35080..89d140d 100644
--- a/conf/nginx/domain/eiblog.conf
+++ b/conf/nginx/domain/eiblog.conf
@@ -94,7 +94,7 @@ server {
         add_header               Content-Security-Policy "default-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: https:; img-src data: https: https://st.deepzz.com; media-src https://st.deepzz.com; style-src 'unsafe-inline' https:; child-src https:; connect-src 'self' https://translate.googleapis.com; frame-src https://disqus.com https://www.slideshare.net";
         # 中间证书证书指纹
         # https://imququ.com/post/http-public-key-pinning.html
-        add_header               Public-Key-Pins 'pin-sha256="IiSbZ4pMDEyXvtl7Lg8K3FNmJcTAhKUTrB2FQOaAO/s="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=2592000; includeSubDomains';
+        add_header               Public-Key-Pins 'pin-sha256="IiSbZ4pMDEyXvtl7Lg8K3FNmJcTAhKUTrB2FQOaAO/s="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=2592000;';
         add_header               Cache-Control no-cache;
         add_header               X-Via Aliyun.QingDao;
         add_header               X-XSS-Protection "1; mode=block";

From 894535fbe54d40f0866e4faf9e1f0c6636377a04 Mon Sep 17 00:00:00 2001
From: Deepzz <deepzz.qi@gmail.com>
Date: Tue, 10 Oct 2017 20:16:01 -0500
Subject: [PATCH 4/4] Update README.md

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5e27c2c..da4543d 100644
--- a/README.md
+++ b/README.md
@@ -84,7 +84,7 @@
 
 ### 成功搭建者博客
 
-* [https://razeencheng.com/](https://razeencheng.com/) - Razeen's Blog
-* [https://mxthd.me/](https://mxthd.me/) - 梦醒逃荒岛
+* [https://razeen.me](https://razeen.me) - Razeen's Blog
+* [https://mxthd.me](https://mxthd.me) - 梦醒逃荒岛
 
 如果你的博客使用`Eiblog`搭建，你可以在 [这里](https://github.com/eiblog/eiblog/issues/1) 提交网址。