sam/SafelineAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

changed file

Browse Source
This commit is contained in:
jonne
2026-02-22 21:47:44 +01:00
parent 8f450aa809
commit d42d0c7820
1 changed files with 65 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
pkg/services/ApplyCert.go
View File

@@ -24,9 +24,11 @@ type MyUser struct {
func (u *MyUser) GetEmail() string {
return u.Email
}
func (u *MyUser) GetRegistration() *registration.Resource {
return u.Registration
}
func (u *MyUser) GetPrivateKey() crypto.PrivateKey {
return u.key
}
@@ -34,50 +36,99 @@ func (u *MyUser) GetPrivateKey() crypto.PrivateKey {
func ApplyCert(domains []string, email, dir string, provider challenge.Provider) bool {
privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
logger.Error.Printf("Error requesting certificate for %s%s%s: %s%s%s", logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset)
logger.Error.Printf(
"Error requesting certificate for %s%s%s: %s%s%s",
logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset,
)
return true
}
myUser := MyUser{
Email: email,
key: privateKey,
}
config := lego.NewConfig(&myUser)
config.Certificate.KeyType = certcrypto.RSA2048
client, err := lego.NewClient(config)
if err != nil {
logger.Error.Printf("Error requesting certificate for %s%s%s: %s%s%s", logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset)
return true
}
err = client.Challenge.SetDNS01Provider(provider)
if err != nil {
logger.Error.Printf("Error requesting certificate for %s%s%s: %s%s%s", logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset)
logger.Error.Printf(
"Error requesting certificate for %s%s%s: %s%s%s",
logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset,
)
return true
}
reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
// =====================================================
// 🔒 FORCE DNS-01 ONLY — DISABLE ALL OTHER CHALLENGES
// =====================================================
client.Challenge.RemoveHTTP01Provider()
client.Challenge.RemoveTLSALPN01Provider()
err = client.Challenge.SetDNS01Provider(provider)
if err != nil {
logger.Error.Printf("Error requesting certificate for %s%s%s: %s%s%s", logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset)
logger.Error.Printf(
"Error requesting certificate for %s%s%s: %s%s%s",
logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset,
)
return true
}
// =====================================================
reg, err := client.Registration.Register(
registration.RegisterOptions{TermsOfServiceAgreed: true},
)
if err != nil {
logger.Error.Printf(
"Error requesting certificate for %s%s%s: %s%s%s",
logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset,
)
return true
}
myUser.Registration = reg
request := certificate.ObtainRequest{
Domains: domains,
Bundle: true,
}
certificates, err := client.Certificate.Obtain(request)
if err != nil {
logger.Error.Printf("Error requesting certificate for %s%s%s: %s%s%s", logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset)
logger.Error.Printf(
"Error requesting certificate for %s%s%s: %s%s%s",
logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset,
)
return true
}
err = os.WriteFile(filepath.Join(dir, domains[0]+".crt"), certificates.Certificate, os.ModePerm)
err = os.WriteFile(
filepath.Join(dir, domains[0]+".crt"),
certificates.Certificate,
os.ModePerm,
)
if err != nil {
logger.Error.Printf("Error saving certificate for %s%s%s: %s%s%s", logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset)
logger.Error.Printf(
"Error saving certificate for %s%s%s: %s%s%s",
logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset,
)
return true
}
err = os.WriteFile(filepath.Join(dir, domains[0]+".key"), certificates.PrivateKey, os.ModePerm)
err = os.WriteFile(
filepath.Join(dir, domains[0]+".key"),
certificates.PrivateKey,
os.ModePerm,
)
if err != nil {
logger.Error.Printf("Error saving certificate key for %s%s%s: %s%s%s", logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset)
logger.Error.Printf(
"Error saving certificate key for %s%s%s: %s%s%s",
logger.Cyan, domains, logger.Reset, logger.Red, err, logger.Reset,
)
return true
}
return false
}