49 lines
1.8 KiB
Lua
49 lines
1.8 KiB
Lua
local _M = {}
|
|
_M.__index = _M
|
|
|
|
local logger = require "logger"
|
|
local cjson = require "cjson"
|
|
|
|
function _M.new()
|
|
local self = setmetatable({}, _M)
|
|
return self, nil
|
|
end
|
|
|
|
function _M:access()
|
|
if string.sub(ngx.var.uri, 1, string.len("/.well-known/acme-challenge/")) == "/.well-known/acme-challenge/" then
|
|
logger.log(ngx.NOTICE, "LETS-ENCRYPT", "Got a visit from Let's Encrypt, let's whitelist it.")
|
|
return true, "success", true, ngx.exit(ngx.OK)
|
|
end
|
|
return true, "success", false, nil
|
|
end
|
|
|
|
function _M:api()
|
|
if not string.match(ngx.var.uri, "^/lets%-encrypt/challenge$") or (ngx.var.request_method ~= "POST" and ngx.var.request_method ~= "DELETE") then
|
|
return false, nil, nil
|
|
end
|
|
local acme_folder = "/opt/bunkerweb/tmp/lets-encrypt/.well-known/acme-challenge/"
|
|
ngx.req.read_body()
|
|
local ret, data = pcall(cjson.decode, ngx.req.get_body_data())
|
|
if not ret then
|
|
return true, ngx.HTTP_BAD_REQUEST, {status = "error", msg = "json body decoding failed"}
|
|
end
|
|
os.execute("mkdir -p " .. acme_folder)
|
|
if ngx.var.request_method == "POST" then
|
|
local file, err = io.open(acme_folder .. data.token, "w+")
|
|
if not file then
|
|
return true, ngx.HTTP_INTERNAL_SERVER_ERROR, {status = "error", msg = "can't write validation token : " .. err}
|
|
end
|
|
file:write(data.validation)
|
|
file:close()
|
|
return true, ngx.HTTP_OK, {status = "success", msg = "validation token written"}
|
|
elseif ngx.var.request_method == "DELETE" then
|
|
local ok, err = os.remove(acme_folder .. data.token)
|
|
if not ok then
|
|
return true, ngx.HTTP_INTERNAL_SERVER_ERROR, {status = "error", msg = "can't remove validation token : " .. err}
|
|
end
|
|
return true, ngx.HTTP_OK, {status = "success", msg = "validation token removed"}
|
|
end
|
|
return true, ngx.HTTP_NOT_FOUND, {status = "error", msg = "unknown request"}
|
|
end
|
|
|
|
return _M |