From dff71372db3b1dd661f19a599f39f551d63be09d Mon Sep 17 00:00:00 2001
From: KANIKIG <gdc3489@qq.com>
Date: Tue, 17 Aug 2021 22:54:25 +0800
Subject: [PATCH] =?UTF-8?q?1.1.0=201.=20=E4=BF=AE=E5=A4=8D=E4=B8=80?=
 =?UTF-8?q?=E9=94=AE=E7=94=B3=E8=AF=B7SSL=E8=AF=81=E4=B9=A6=E5=8A=9F?=
 =?UTF-8?q?=E8=83=BD=EF=BC=88=E6=9B=B4=E6=8D=A2=E4=B8=BAZeroSSL)=202.=20?=
 =?UTF-8?q?=E6=94=AF=E6=8C=81Cloudflare=20DNS=20API=E7=94=B3=E8=AF=B7?=
 =?UTF-8?q?=E8=AF=81=E4=B9=A6=203.=20=E5=9B=BD=E5=86=85=E9=95=9C=E5=83=8F?=
 =?UTF-8?q?=E6=BA=90=E8=A1=A5=E5=85=85=E4=BA=86ARM,=20386=E7=AD=89?=
 =?UTF-8?q?=E6=9E=B6=E6=9E=84=E7=9A=84gost=E5=AE=89=E8=A3=85=E5=8C=85?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 gost.sh | 66 +++++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 50 insertions(+), 16 deletions(-)

diff --git a/gost.sh b/gost.sh
index 8e14a5c..b14df85 100755
--- a/gost.sh
+++ b/gost.sh
@@ -2,7 +2,7 @@
 Green_font_prefix="\033[32m" && Red_font_prefix="\033[31m" && Green_background_prefix="\033[42;37m" && Font_color_suffix="\033[0m"
 Info="${Green_font_prefix}[信息]${Font_color_suffix}"
 Error="${Red_font_prefix}[错误]${Font_color_suffix}"
-shell_version="1.0.8"
+shell_version="1.1.0"
 gost_conf_path="/etc/gost/config.json"
 raw_conf_path="/etc/gost/rawconf"
 function checknew() {
@@ -95,7 +95,7 @@ function Install_ct() {
   [[ -z ${addyn} ]] && addyn="n"
   if [[ ${addyn} == [Yy] ]]; then
     rm -rf gost-linux-"$bit"-"$ct_new_ver".gz
-    wget --no-check-certificate https://gotunnel.oss-cn-shenzhen.aliyuncs.com/gost-linux-amd64-2.11.1.gz
+    wget --no-check-certificate https://gotunnel.oss-cn-shenzhen.aliyuncs.com/gost-linux-"$bit"-"$ct_new_ver".gz
     gunzip gost-linux-"$bit"-"$ct_new_ver".gz
     mv gost-linux-"$bit"-"$ct_new_ver" gost
     mv gost /usr/bin/gost
@@ -462,26 +462,60 @@ function cert() {
   read -p "请选择证书生成方式: " numcert
 
   if [ "$numcert" == "1" ]; then
-    echo -e "-----------------------------------"
-    echo -e "请确认本机${Red_font_prefix}80端口${Font_color_suffix}未被占用，且已安装${Red_font_prefix}socat${Font_color_suffix}，否则会申请失败"
-    echo -e "socat安装命令  Ubuntu/Debian：apt-get install -y socat ；Centos： yum install -y socat"
+    check_sys
+    if [[ ${release} == "centos" ]]; then
+      yum install -y socat
+    else
+      apt-get install -y socat
+    fi
+    read -p "请输入ZeroSSL的账户邮箱(至 zerossl.com 注册即可)：" zeromail
     read -p "请输入解析到本机的域名：" domain
     curl https://get.acme.sh | sh
+    "$HOME"/.acme.sh/acme.sh --set-default-ca --server zerossl
+    "$HOME"/.acme.sh/acme.sh --register-account -m "${zeromail}" --server zerossl
     echo -e "ACME证书申请程序安装成功"
-    if "$HOME"/.acme.sh/acme.sh --issue -d "${domain}" --standalone -k ec-256 --force; then
-      echo -e "SSL 证书生成成功，默认申请高安全性的ECC证书"
-      if [ ! -d "$HOME/gost_cert" ]; then
-        mkdir $HOME/gost_cert
-      fi
-      if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath $HOME/gost_cert/cert.pem --keypath $HOME/gost_cert/key.pem --ecc --force; then
-        echo -e "SSL 证书配置成功，且会自动续签，证书及秘钥位于用户目录下的 ${Red_font_prefix}gost_cert${Font_color_suffix} 目录"
-        echo -e "证书目录名与证书文件名请勿更改; 删除 gost_cert 目录后用脚本重启,即自动启用gost内置证书"
-        echo -e "-----------------------------------"
+    echo -e "-----------------------------------"
+    echo -e "[1] HTTP申请（需要80端口未占用）"
+    echo -e "[2] Cloudflare DNS API 申请（需要输入APIKEY）"
+    echo -e "-----------------------------------"
+    read -p "请选择证书申请方式: " certmethod
+    if [ "certmethod" == "1" ]; then
+      echo -e "请确认本机${Red_font_prefix}80${Font_color_suffix}端口未被占用, 否则会申请失败"
+      if "$HOME"/.acme.sh/acme.sh --issue -d "${domain}" --standalone -k ec-256 --force; then
+        echo -e "SSL 证书生成成功，默认申请高安全性的ECC证书"
+        if [ ! -d "$HOME/gost_cert" ]; then
+          mkdir $HOME/gost_cert
+        fi
+        if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath $HOME/gost_cert/cert.pem --keypath $HOME/gost_cert/key.pem --ecc --force; then
+          echo -e "SSL 证书配置成功，且会自动续签，证书及秘钥位于用户目录下的 ${Red_font_prefix}gost_cert${Font_color_suffix} 目录"
+          echo -e "证书目录名与证书文件名请勿更改; 删除 gost_cert 目录后用脚本重启,即自动启用gost内置证书"
+          echo -e "-----------------------------------"
+        fi
+      else
+        echo -e "SSL 证书生成失败"
+        exit 1
       fi
     else
-      echo -e "SSL 证书生成失败"
-      exit 1
+      read -p "请输入Cloudflare账户邮箱：" cfmail
+      read -p "请输入Cloudflare Global API Key：" cfkey
+      export CF_Key="${cfkey}"
+      export CF_Email="${cfmail}"
+      if "$HOME"/.acme.sh/acme.sh --issue --dns dns_cf -d "${domain}" --standalone -k ec-256 --force; then
+        echo -e "SSL 证书生成成功，默认申请高安全性的ECC证书"
+        if [ ! -d "$HOME/gost_cert" ]; then
+          mkdir $HOME/gost_cert
+        fi
+        if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath $HOME/gost_cert/cert.pem --keypath $HOME/gost_cert/key.pem --ecc --force; then
+          echo -e "SSL 证书配置成功，且会自动续签，证书及秘钥位于用户目录下的 ${Red_font_prefix}gost_cert${Font_color_suffix} 目录"
+          echo -e "证书目录名与证书文件名请勿更改; 删除 gost_cert 目录后使用脚本重启, 即重新启用gost内置证书"
+          echo -e "-----------------------------------"
+        fi
+      else
+        echo -e "SSL 证书生成失败"
+        exit 1
+      fi
     fi
+
   elif [ "$numcert" == "2" ]; then
     if [ ! -d "$HOME/gost_cert" ]; then
       mkdir $HOME/gost_cert