elego

package module
v0.1.11 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 6, 2025 License: Apache-2.0 Imports: 34 Imported by: 0

README

elego

Use the simplest Lego to generate SSL

Install(go1.23.9 )

go install github.com/pkg6/elego/.cli/elego@latest

Install pkg (go1.23.9 )

go get github.com/pkg6/elego

Install(compressed file)

curl -sSL https://raw.githubusercontent.com/pkg6/elego/main/install.sh | bash
or
curl -sSL https://cdn.jsdelivr.net/gh/pkg6/elego@main/install.sh | bash

Installation in China

export GO_VERSION=1.23.9
export GO_PACKAGE="github.com/pkg6/elego/.cli/elego@latest"
export FORCE=1
bash -c "$(curl -fsSL https://gitee.com/zhiqiangwang/sh/raw/main/install/goinstall.sh)"

Help

# ./elego  --help
  -cache string
        When creating, a cache file will be generated and the path needs to be saved (default "/Users/mac/.elego")
  -cadirurl string
        Which supplier will we issue the certificate from (default "letsencrypt")
  -deploy string
        Where do you want to deploy your certificate (default "local")
  -dns string
        Enter your DNS name, please refer to https://go-acme.github.io/lego/dns/index.html
  -domain string
        Need to generate SSL domain names
  -email string
        email (default "elego@darwin.com")
  -in-few-day float
        Recharge will be done within a few days
  -path string
        Path for saving certificates (default "/etc/nginx/ssl/")
  -webroot string
        Directory for domain deployment

use webroot

elego --domain="test.example.com" --webroot="/data/wwwroot/test.example.com" --path="/etc/nginx/ssl/"

use dns

https://go-acme.github.io/lego/dns/index.html

export CLOUDFLARE_EMAIL=you@example.com
export CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733
elego --domain="test.example.com" --dns="cloudflare" --path="/etc/nginx/ssl/"

Reference Environment Variables and Names

dns Environment Link

use deploy

Reference Environment Variables and Names

deploy Environment Link

nginx Block Configuration

listen 443 ssl;
ssl_certificate /etc/nginx/ssl/test.example.com.pem;
ssl_certificate_key /etc/nginx/ssl/test.example.com.key;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

kids and hmacEncoded

https://cloud.google.com/certificate-manager/docs/public-ca-tutorial?hl=zh-cn

https://zerossl.com/documentation/acme/generate-eab-credentials/

Documentation

Index

Constants

View Source 
const (
	IssuerExt   = ".issuer.crt"
	CertExt     = ".crt"
	KeyExt      = ".key"
	PemExt      = ".pem"
	PfxExt      = ".pfx"
	ResourceExt = ".json"
)
View Source 
const (
	CADirURLLetsencrypt        = "letsencrypt"
	CADirURLLetsencryptStaging = "letsencrypt_staging"
	CADirURLZerossl            = "zerossl"
	CADirURLGts                = "gts"
)

Variables

View Source 
var CADirURLs = map[string]string{
	CADirURLLetsencrypt:        lego.LEDirectoryProduction,
	lego.LEDirectoryProduction: lego.LEDirectoryProduction,

	CADirURLLetsencryptStaging: lego.LEDirectoryStaging,
	lego.LEDirectoryStaging:    lego.LEDirectoryStaging,

	CADirURLZerossl: zeroSSLURL,

	CADirURLGts: gtsURL,
	// contains filtered or unexported fields
}

Functions

func CreateNonExistingFolder 

func CreateNonExistingFolder(path string) error

func Deploy added in v0.1.4 

func Deploy(name string, certificate *certificate.Resource) error

func DeployNginx added in v0.1.4 

func DeployNginx(s *CertificatesStorage, nginxPath, domain string) (certificate, privateKey string, err error)

func GetCADirURL added in v0.1.3 

func GetCADirURL(name string) string

func ObtainCertificate 

func ObtainCertificate(client *lego.Client, domains []string) (*certificate.Resource, error)

func SanitizedDomain added in v0.1.3 

func SanitizedDomain(domain string) (string, error)

func SetChallenge 

func SetChallenge(client *lego.Client, challenge IChallenge) error

Types

type Account 

type Account struct {
	Email        string                 `json:"email"`
	Registration *registration.Resource `json:"registration"`
	Key          crypto.PrivateKey      `json:"-"`
}

Account represents a users local saved credentials.

func NewLegoClient 

func NewLegoClient(accountStorage *AccountsStorage, register IRegister) (account *Account, client *lego.Client, err error)

func (*Account) GetEmail 

func (a *Account) GetEmail() string

GetEmail returns the email address for the account.

func (*Account) GetPrivateKey 

func (a *Account) GetPrivateKey() crypto.PrivateKey

GetPrivateKey returns the private RSA account key.

func (*Account) GetRegistration 

func (a *Account) GetRegistration() *registration.Resource

GetRegistration returns the server registration.

type AccountsStorage 

type AccountsStorage struct {
	Email    string
	CADirURL string
	// contains filtered or unexported fields
}

func NewAccountsStorage 

func NewAccountsStorage(savePath, email, CADirURLOrName string) (*AccountsStorage, error)

NewAccountsStorage Creates a new AccountsStorage.

func (*AccountsStorage) GetCADirURL added in v0.1.3 

func (s *AccountsStorage) GetCADirURL() string

func (*AccountsStorage) GetEmail 

func (s *AccountsStorage) GetEmail() string

func (*AccountsStorage) LoadAccount 

func (s *AccountsStorage) LoadAccount() (*Account, error)

func (*AccountsStorage) Remove 

func (s *AccountsStorage) Remove()

func (*AccountsStorage) Save 

func (s *AccountsStorage) Save(account *Account) error

type CertificatesStorage added in v0.1.3 

type CertificatesStorage struct {
	// contains filtered or unexported fields
}

func NewCertificatesStorage added in v0.1.3 

func NewCertificatesStorage(savePath, pfxFormat string) (s *CertificatesStorage, err error)

NewCertificatesStorage pfxFormat RC2

func (*CertificatesStorage) CheckExpire added in v0.1.3 

func (s *CertificatesStorage) CheckExpire(inputDomain string) (day float64, err error)

func (*CertificatesStorage) GetSavePath added in v0.1.4 

func (s *CertificatesStorage) GetSavePath(domain string) (string, error)

func (*CertificatesStorage) ReadCertificate added in v0.1.3 

func (s *CertificatesStorage) ReadCertificate(domain string) ([]*x509.Certificate, error)

func (*CertificatesStorage) ReadResource added in v0.1.3 

func (s *CertificatesStorage) ReadResource(domain string) (*certificate.Resource, error)

func (*CertificatesStorage) SanitizedDomainSavePath added in v0.1.4 

func (s *CertificatesStorage) SanitizedDomainSavePath(sanitizedDomain, extension string) string

func (*CertificatesStorage) SaveResource added in v0.1.3 

func (s *CertificatesStorage) SaveResource(certRes *certificate.Resource) error

type DNSChallenge 

type DNSChallenge struct {
	DNS                         string
	Servers                     []string
	PropagationWait             int
	Timeout                     int
	AuthoritativeNssPropagation bool
	RecursiveNssPropagation     bool
}

func (*DNSChallenge) Set 

func (w *DNSChallenge) Set(client *lego.Client) error

type EABRegister 

type EABRegister struct {
	TermsOfServiceAgreed bool
	Kid                  string
	HmacEncoded          string
}

func (*EABRegister) Register 

func (r *EABRegister) Register(lego *lego.Client) (*registration.Resource, error)

type HTTPChallenge 

type HTTPChallenge struct {
	HeaderName string
}

func (*HTTPChallenge) Set 

func (w *HTTPChallenge) Set(client *lego.Client) error

type HTTPMemcachedHostChallenge 

type HTTPMemcachedHostChallenge struct {
	Hosts []string
}

func (*HTTPMemcachedHostChallenge) Set 

func (w *HTTPMemcachedHostChallenge) Set(client *lego.Client) error

type HTTPPortChallenge 

type HTTPPortChallenge struct {
	HostPort   string
	HeaderName string
}

func (*HTTPPortChallenge) Set 

func (w *HTTPPortChallenge) Set(client *lego.Client) error

type HTTPS3BucketChallenge 

type HTTPS3BucketChallenge struct {
	Bucket string
}

func (*HTTPS3BucketChallenge) Set 

func (w *HTTPS3BucketChallenge) Set(client *lego.Client) error

type HTTPWebrootChallenge 

type HTTPWebrootChallenge struct {
	WebRoot string
}

func (*HTTPWebrootChallenge) Set 

func (w *HTTPWebrootChallenge) Set(client *lego.Client) error

type IChallenge 

type IChallenge interface {
	Set(client *lego.Client) error
}

type IRegister 

type IRegister interface {
	Register(lego *lego.Client) (*registration.Resource, error)
}

type Register 

type Register struct {
}

func (*Register) Register 

func (r *Register) Register(lego *lego.Client) (*registration.Resource, error)

type TLSChallenge 

type TLSChallenge struct {
}

func (*TLSChallenge) Set 

func (w *TLSChallenge) Set(client *lego.Client) error

type TLSPortChallenge 

type TLSPortChallenge struct {
	HostPort string
}

func (*TLSPortChallenge) Set 

func (w *TLSPortChallenge) Set(client *lego.Client) error

Source Files

View all Source files

Directories

Path Synopsis
aliyun/cdn
aliyun/dcdn
aliyun/fc
aliyun/live
aliyun/oss
aliyun/vod
local
ssh
tencentcloud/cdn
tencentcloud/clb
tencentcloud/cos
tencentcloud/ecdn
tencentcloud/scf
tencentcloud/ssl
tencentcloud/vod
aliyun
aws
baidu
baidu/lego
cloudflare
godaddy
huawei
jdcloud
jdcloud/lego
tencentcloud
westcn

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.