├── .user.ini ├── README.md ├── check.txt ├── crack_bt_panel_pro.sh ├── install-ubuntu.sh ├── install.sh ├── install ├── acme_install.sh ├── certbot-auto.init ├── src │ ├── bt.init │ ├── panel.zip │ ├── pip-9.0.1.tar.gz │ ├── psutil-5.2.2.tar.gz │ ├── setuptools-33.1.1.zip │ └── web.py-0.38.tar.gz └── update │ ├── LinuxPanel-5.9.2_pro.zip │ └── LinuxPanel-5.9._pro.zip ├── install_soft.sh ├── installer_components ├── LuaJIT-2.0.5.zip ├── bt.init ├── certbot-auto.init └── panel.zip ├── lib.sh ├── nginx-sticky-module.zip ├── nginx.sh ├── uninstall.sh └── update_pro ├── LinuxPanel-5.9.1_pro.zip ├── public.sh ├── update_pro.sh └── vip_plugin.zip /.user.ini: -------------------------------------------------------------------------------- 1 | open_basedir=/www/wwwroot/Crack_BT_Panel.efe.cc/Crack_BT_Panel2020/:/tmp/:/proc/ -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | 宝塔面板5.9.X Pro破解版一键脚本已完成,欢迎使用。 3 | 4 | 网上主流的破解方法是导入其他已授权用户的配置信息,部分下载源并非来自宝塔官方渠道,安全性无法保障,本方法全部基于修改本地配置文件实现,安全绿色无后门。 5 | 6 | 本破解方法的原理是通过劫持宝塔面板的 common.py 里,第 164 行记录 release 的信息,将其延期到 2999 年,实现了永久破解的目的。 7 | 8 | 使用须知 9 | 本脚本必须在完全干净的 CentOS/Debian/Ubuntu 系统上安装 10 | 11 | 如已安装更高版本的宝塔面板,请先卸载高版本再安装 12 | 13 | 如已安装其他种类的面板,或 LNMP 之类的运行环境、一键包,建议备份好数据,重装干净系统再安装 14 | 15 | 使用方法 16 | wget --no-check-certificate -qO crack_bt_panel_pro.sh https://git.io/JvkjT && bash crack_bt_panel_pro.sh 17 | 18 | 卸载 19 | wget --no-check-certificate -qO uninstall.sh https://git.io/JvkjI && bash uninstall.sh 20 | 21 | 22 | 更新日志 23 | Nginx 安装器 openssl 主线版本已升级至 1.1.1d 和 1.0.2t; 24 | 提供卸载功能; 25 | 重新恢复官方安装源,将本仓库作为备份源; 26 | 为防止宝塔面板官方封杀此破解方法,面板主安装文件已迁移至本项目仓库,如对安装文件是否有后门等产生疑问,请自行与官方安装文件对比; 27 | 默认预置 Nginx 安装器,Nginx 主线版本已升级至 1.15.12,openssl 主线版本已升级至 1.1.1c 和 1.0.2s; 28 | 默认开启 ssl 登陆,因 ssl 证书是面板自签的,所以不会被浏览器信任,忽略即可; 29 | 由于破解的过程会输出一些命令,导致会把包含初始化登陆信息的输出结果顶到上面去,请在终端里调整滚动条,找到 Bt-Panel:https://你的域名:8888 一项,下面的 username 和 password 即分别是面板安装完成后,默认的用户名和密码。 30 | -------------------------------------------------------------------------------- /check.txt: -------------------------------------------------------------------------------- 1 | True -------------------------------------------------------------------------------- /crack_bt_panel_pro.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin 3 | 4 | # 颜色 5 | blue='\033[0;34m' 6 | yellow='\033[0;33m' 7 | green='\033[0;32m' 8 | red='\033[0;31m' 9 | plain='\033[0m' 10 | 11 | #检查是否为Root 12 | [ $(id -u) != "0" ] && { echo -e "${red}[错误]${plain} 你必须以 root 用户执行此安装程序"; exit 1; } 13 | 14 | echo "" 15 | echo "欢迎安装宝塔面板Pro破解版!" 16 | echo "" 17 | echo -e "${red}[警告]" 18 | echo -e "${plain}本程序系个人制作,具备宝塔面板5.9专业版的所有功能" 19 | echo "如有侵权,请联系作者在第一时间处理" 20 | echo "安装并试用后,请在24小时内卸载" 21 | echo "" 22 | echo -e "${yellow}[说明]" 23 | echo -e "${plain}本脚本必须在完全干净的 CentOS/Debian/Ubuntu 系统上安装" 24 | echo "如已安装更高版本的宝塔面板,请先卸载高版本再安装" 25 | echo "如已安装其他种类的面板,或 LNMP 之类的运行环境、一键包,建议备份好数据,重装干净系统再安装" 26 | echo "使用本脚本出现的任何不良后果,本人概不负责" 27 | echo "" 28 | echo -e "${blue}[支持]" 29 | echo -e "${plain}zhihu: https://www.zhihu.com/people/deepdarkfantastic" 30 | echo "email: net.core@outlook.com" 31 | echo "" 32 | 33 | #确认安装 34 | while [ "$go" != 'y' ] && [ "$go" != 'n' ] 35 | do 36 | read -p "确定要安装吗?(y/n): " go; 37 | done 38 | if [ "$go" = 'n' ];then 39 | exit; 40 | fi 41 | 42 | #检查系统信息 43 | if [ -f /etc/redhat-release ] && [[ `grep -i 'centos' /etc/redhat-release` ]]; then 44 | OS='CentOS' 45 | elif [ ! -z "`cat /etc/issue | grep bian`" ];then 46 | OS='Debian' 47 | elif [ ! -z "`cat /etc/issue | grep Ubuntu`" ];then 48 | OS='Ubuntu' 49 | else 50 | echo -e "${red}[错误]${plain} 你的操作系统不受支持,请选择在 Ubuntu/Debian/CentOS 操作系统上安装!" 51 | exit 1 52 | fi 53 | 54 | #禁用SELinux 55 | if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then 56 | sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 57 | setenforce 0 58 | fi 59 | 60 | #输出 centos 系统大版本号 61 | System_CentOS=`rpm -q centos-release|cut -d- -f1` 62 | CentOS_Version=`cat /etc/redhat-release|sed -r 's/.* ([0-9]+)\..*/\1/'` 63 | 64 | #CentOS 6 专用 python 65 | install_python_for_CentOS6() { 66 | py_for_centos="https://raw.githubusercontent.com/leitbogioro/SSR.Go/master/python_for_centos6.sh" 67 | py_intall="python_for_centos6.sh" 68 | yum install wget -y 69 | wget ${py_for_centos} 70 | if ! wget ${py_for_centos}; then 71 | echo -e "[${red}错误${plain}] ${py_file} 下载失败,请检测你的网络!" 72 | exit 1 73 | fi 74 | bash ${py_intall} 75 | rm -rf /root/${py_intall} 76 | } 77 | 78 | #CentOS 7 专用 pip 源 79 | install_python_for_CentOS7() { 80 | pip_file="get-pip.py" 81 | pip_url="https://bootstrap.pypa.io/get-pip.py" 82 | yum install python -y 83 | curl ${pip_url} -o ${pip_file} 84 | if ! curl ${pip_url} -o ${pip_file}; then 85 | echo -e "[${red}错误${plain}] ${pip_file} 下载失败,请检测你的网络!" 86 | exit 1 87 | fi 88 | python ${pip_file} 89 | rm -rf /root/${pip_file} 90 | } 91 | 92 | install_btPanel_for_CentOS() { 93 | yum install -y wget && wget -O install.sh https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/install.sh && bash install.sh 94 | wget -O update.sh https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/update_pro/update_pro.sh && bash update.sh pro 95 | } 96 | 97 | install_btPanel_for_APT() { 98 | wget -O install.sh https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/install-ubuntu.sh && bash install.sh 99 | wget -O update.sh https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/update_pro/update_pro.sh && bash update.sh pro 100 | } 101 | 102 | #破解步骤 103 | crack_bt_panel() { 104 | export Crack_file=/www/server/panel/class/common.py 105 | echo -e "${yellow}[注意] ${plain}破解执行中..." 106 | /etc/init.d/bt stop 107 | sed -i $'164s/panelAuth.panelAuth().get_order_status(None)/{\'status\': \True, \'msg\': {\'endtime\': 32503651199}}/g' ${Crack_file} 108 | touch /www/server/panel/data/userInfo.json 109 | /etc/init.d/bt restart 110 | } 111 | 112 | #定时重启宝塔面板 113 | execute_bt_panel() { 114 | if ! grep '/etc/init.d/bt restart' /etc/crontab; then 115 | systemctl enable cron.service 116 | systemctl start cron.service 117 | echo "0 0 * * 0 root /etc/init.d/bt restart" >> /etc/crontab 118 | /etc/init.d/cron restart 119 | fi 120 | } 121 | 122 | #开启 ssl 123 | enable_ssl(){ 124 | if [ ! -f /www/server/panel/data/ssl.pl ]; then 125 | echo "Ture" > /www/server/panel/data/ssl.pl 126 | /usr/bin/python /usr/local/bin/pip install pyOpenSSL==16.2 127 | /etc/init.d/bt restart 128 | fi 129 | } 130 | 131 | # 安装后清理 132 | clean_up() { 133 | rm -rf crack_bt_panel_pro.sh 134 | rm -rf update.sh 135 | if [[ ${OS} == 'Ubuntu' ]] || [[ ${OS} == 'Debian' ]]; then 136 | apt-get autoremove -y 137 | fi 138 | # 删除各类残留 139 | rm -rf /www/server/panel/plugin/btyw /root/install_cjson.sh /root/.pip /root/.pydistutils.cfg 140 | } 141 | 142 | # 预安装组件 143 | components(){ 144 | cd /root 145 | wget -O lib.sh https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/lib.sh 146 | mv lib.sh /www/server/panel/install 147 | wget -O nginx.sh https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/nginx.sh 148 | mv nginx.sh /www/server/panel/install 149 | if [ -f /www/server/panel/install/install_soft.sh ]; then 150 | rm -rf install_soft.sh 151 | wget -O install_soft.sh https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/install_soft.sh 152 | mv install_soft.sh /www/server/panel/install 153 | fi 154 | } 155 | 156 | # 插件配置 157 | vip_plugin(){ 158 | # 默认安装所有付费高级插件 159 | cd /www/server/panel/plugin 160 | if [ ! -d "/masterslave" ]; then 161 | wget -O vip_plugin.zip https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/master/update_pro/vip_plugin.zip 162 | unzip vip_plugin.zip 163 | rm -f vip_plugin.zip 164 | fi 165 | cd /root 166 | } 167 | 168 | #正式安装 169 | if [[ ${OS} == 'CentOS' ]] && [[ ${CentOS_Version} -eq "7" ]]; then 170 | yum install epel-release wget curl nss fail2ban unzip lrzsz vim* -y 171 | yum update -y 172 | yum clean all 173 | install_btPanel_for_CentOS 174 | install_python_for_CentOS7 175 | crack_bt_panel 176 | #enable_ssl 177 | #vip_plugin 178 | elif [[ ${OS} == 'CentOS' ]] && [[ ${CentOS_Version} -eq "6" ]]; then 179 | yum install epel-release wget curl nss fail2ban unzip lrzsz vim* -y 180 | yum update -y 181 | yum clean all 182 | install_btPanel_for_CentOS 183 | install_python_for_CentOS6 184 | crack_bt_panel 185 | #enable_ssl 186 | #vip_plugin 187 | elif [[ ${OS} == 'Ubuntu' ]] || [[ ${OS} == 'Debian' ]]; then 188 | apt-get update 189 | apt-get install ca-certificates -y 190 | apt-get install sudo apt-transport-https vim vim-gnome libnet-ifconfig-wrapper-perl socat vim vim-gnome vim-gtk libnet-ifconfig-wrapper-perl socat lrzsz fail2ban wget curl unrar unzip cron dnsutils net-tools git git-svn make cmake gdb tig -y 191 | install_btPanel_for_APT 192 | crack_bt_panel 193 | components 194 | #enable_ssl 195 | #vip_plugin 196 | execute_bt_panel 197 | fi 198 | 199 | clean_up 200 | 201 | echo -e "${green}[完成] ${plain}宝塔面板破解版已安装成功!" 202 | echo "按脚本提供的后台入口、账号、密码,登录宝塔面板并使用!" 203 | -------------------------------------------------------------------------------- /install-ubuntu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | LANG=en_US.UTF-8 5 | 6 | echo " 7 | +---------------------------------------------------------------------- 8 | | Bt-WebPanel 5.x FOR Ubuntu/Debian 9 | +---------------------------------------------------------------------- 10 | | Copyright © 2015-2018 BT-SOFT(http://www.bt.cn) All rights reserved. 11 | +---------------------------------------------------------------------- 12 | | The WebPanel URL will be http://SERVER_IP:8888 when installed. 13 | +---------------------------------------------------------------------- 14 | | This script modified by leitbogioro. 15 | +---------------------------------------------------------------------- 16 | " 17 | deepinSys=`cat /etc/issue` 18 | if [[ "${deepinSys}" =~ eepin ]]; then 19 | isroot='' 20 | if [ `whoami` != "root" ];then 21 | isroot='sudo ' 22 | fi 23 | if [ -f "/etc/init.d/bt" ]; then 24 | password=`${isroot}cat /www/server/panel/default.pl` 25 | port=`${isroot}cat /www/server/panel/data/port.pl` 26 | echo -e "==================================================================" 27 | echo -e "Bt-Panel: http://localhost:$port" 28 | echo -e "默认账户: admin" 29 | echo -e "默认密码: $password" 30 | echo -e "==================================================================" 31 | echo -e "正在尝试打开浏览器..." 32 | if [ -f "/opt/google/chrome/chrome" ]; then 33 | ${isroot}/opt/google/chrome/chrome --no-sandbox http://localhost:$port 34 | exit; 35 | fi 36 | if [ -f "/usr/lib/firefox/firefox" ]; then 37 | /usr/lib/firefox/firefox http://localhost:$port 38 | exit; 39 | fi 40 | echo -e "找不到chrome/firefox浏览器,请自行打开浏览器访问宝塔面板: http://loshost:$port" 41 | exit; 42 | 43 | fi 44 | fi 45 | if [ `whoami` != "root" ];then 46 | echo -e "\033[31mError: Please run the script with root privileges on Ubuntu, for example: sudo bash install.sh\033[0m"; 47 | exit; 48 | fi 49 | 50 | #自动选择下载节点 51 | get_node_url(){ 52 | nodes=(http://git.efe.cc:5522 http://103.224.251.67 http://128.1.164.196 http://download.bt.cn); 53 | i=1; 54 | if [ ! -f /bin/curl ];then 55 | if [ -f /usr/local/curl/bin/curl ];then 56 | ln -sf /usr/local/curl/bin/curl /bin/curl 57 | else 58 | yum install curl -y 59 | fi 60 | fi 61 | for node in ${nodes[@]}; 62 | do 63 | start=`date +%s.%N` 64 | result=`curl -sS --connect-timeout 3 -m 60 $node/check.txt` 65 | if [ $result = 'True' ];then 66 | end=`date +%s.%N` 67 | start_s=`echo $start | cut -d '.' -f 1` 68 | start_ns=`echo $start | cut -d '.' -f 2` 69 | end_s=`echo $end | cut -d '.' -f 1` 70 | end_ns=`echo $end | cut -d '.' -f 2` 71 | time_micro=$(( (10#$end_s-10#$start_s)*1000000 + (10#$end_ns/1000 - 10#$start_ns/1000) )) 72 | time_ms=$(($time_micro/1000)) 73 | values[$i]=$time_ms; 74 | urls[$time_ms]=$node 75 | i=$(($i+1)) 76 | fi 77 | done 78 | j=5000 79 | for n in ${values[@]}; 80 | do 81 | if [ $j -gt $n ];then 82 | j=$n 83 | fi 84 | done 85 | if [ $j = 5000 ];then 86 | NODE_URL='http://download.bt.cn'; 87 | else 88 | NODE_URL=${urls[$j]} 89 | fi 90 | 91 | } 92 | 93 | echo '---------------------------------------------'; 94 | echo "Selected download node..."; 95 | get_node_url 96 | download_Url=$NODE_URL 97 | echo "Download node: $download_Url"; 98 | echo '---------------------------------------------'; 99 | setup_path=/www 100 | port='8888' 101 | if [ -f $setup_path/server/panel/data/port.pl ];then 102 | port=`cat $setup_path/server/panel/data/port.pl` 103 | fi 104 | 105 | #while [ "$go" != 'y' ] && [ "$go" != 'n' ] 106 | #do 107 | # read -p "Do you want to install Bt-Panel to the $setup_path directory now?(y/n): " go; 108 | #done 109 | 110 | #if [ "$go" = 'n' ];then 111 | # exit; 112 | #fi 113 | startTime=`date +%s` 114 | 115 | #数据盘自动分区 116 | fdiskP(){ 117 | 118 | for i in `cat /proc/partitions|grep -v name|grep -v ram|awk '{print $4}'|grep -v '^$'|grep -v '[0-9]$'|grep -e 'vd' -e 'sd' -e 'xv'`; 119 | do 120 | #判断/www是否被挂载 121 | isR=`df -P|grep $setup_path` 122 | if [ "$isR" != "" ];then 123 | echo 'Warning: The /www directory has been mounted.' 124 | return; 125 | fi 126 | #判断是否存在未分区磁盘 127 | isP=`fdisk -l /dev/$i |grep -v 'bytes'|grep "$i[1-9]*"` 128 | if [ "$isP" = "" ];then 129 | #开始分区 130 | fdisk -S 56 /dev/$i << EOF 131 | n 132 | p 133 | 1 134 | 135 | 136 | wq 137 | EOF 138 | 139 | sleep 5 140 | #检查是否分区成功 141 | checkP=`fdisk -l /dev/$i|grep "/dev/${i}1"` 142 | if [ "$checkP" != "" ];then 143 | #格式化分区 144 | mkfs.ext4 /dev/${i}1 145 | mkdir $setup_path 146 | #挂载分区 147 | sed -i "/\/dev\/${i}1/d" /etc/fstab 148 | echo "/dev/${i}1 $setup_path ext4 defaults 0 0" >> /etc/fstab 149 | mount -a 150 | df -h 151 | fi 152 | else 153 | #判断是否存在Windows磁盘分区 154 | isN=`fdisk -l /dev/$i|grep -v 'bytes'|grep -v "NTFS"|grep -v "FAT32"` 155 | if [ "$isN" = "" ];then 156 | echo 'Warning: The Windows partition was detected. For your data security, Mount manually.'; 157 | return; 158 | fi 159 | 160 | #挂载已有分区 161 | checkR=`df -P|grep "/dev/$i"` 162 | if [ "$checkR" = "" ];then 163 | mkdir $setup_path 164 | sed -i "/\/dev\/${i}1/d" /etc/fstab 165 | echo "/dev/${i}1 $setup_path ext4 defaults 0 0" >> /etc/fstab 166 | mount -a 167 | df -h 168 | fi 169 | 170 | #清理不可写分区 171 | echo 'True' > $setup_path/checkD.pl 172 | if [ ! -f $setup_path/checkD.pl ];then 173 | sed -i "/\/dev\/${i}1/d" /etc/fstab 174 | mount -a 175 | df -h 176 | else 177 | rm -f $setup_path/checkD.pl 178 | fi 179 | fi 180 | done 181 | } 182 | #fdiskP 183 | 184 | ln -sf bash /bin/sh 185 | apt-get install ruby -y 186 | apt-get update -y 187 | apt-get install lsb-release -y 188 | #apt-get install ntp ntpdate -y 189 | #/etc/init.d/ntp stop 190 | #update-rc.d ntp remove 191 | #cat >>~/.profile<&1|awk '{print $2}') 204 | pVersion=${tmp:0:3} 205 | 206 | Install_setuptools() 207 | { 208 | if [ ! -f "/usr/bin/easy_install" ];then 209 | wget -O setuptools-33.1.1.zip $download_Url/install/src/setuptools-33.1.1.zip -T 10 210 | unzip setuptools-33.1.1.zip 211 | rm -f setuptools-33.1.1.zip 212 | cd setuptools-33.1.1 213 | python setup.py install 214 | cd .. 215 | rm -rf setuptools-33.1.1 216 | fi 217 | 218 | if [ ! -f "/usr/bin/easy_install" ];then 219 | echo '================================================='; 220 | echo -e "\033[31msetuptools installation failed. \033[0m"; 221 | exit; 222 | fi 223 | } 224 | Install_Pillow() 225 | { 226 | isSetup=`python -m PIL 2>&1|grep package` 227 | if [ "$isSetup" = "" ];then 228 | wget -O Pillow-3.2.0.zip $download_Url/install/src/Pillow-3.2.0.zip -T 10 229 | unzip Pillow-3.2.0.zip 230 | rm -f Pillow-3.2.0.zip 231 | cd Pillow-3.2.0 232 | python setup.py install 233 | cd .. 234 | rm -rf Pillow-3.2.0 235 | fi 236 | isSetup=`python -m PIL 2>&1|grep package` 237 | if [ "$isSetup" = "" ];then 238 | echo '================================================='; 239 | echo -e "\033[31mPillow installation failed. \033[0m"; 240 | exit; 241 | fi 242 | } 243 | 244 | Install_psutil() 245 | { 246 | isSetup=`python -m psutil 2>&1|grep package` 247 | if [ "$isSetup" = "" ];then 248 | wget -O psutil-5.2.2.tar.gz $download_Url/install/src/psutil-5.2.2.tar.gz -T 10 249 | tar xvf psutil-5.2.2.tar.gz 250 | rm -f psutil-5.2.2.tar.gz 251 | cd psutil-5.2.2 252 | python setup.py install 253 | cd .. 254 | rm -rf psutil-5.2.2 255 | fi 256 | isSetup=`python -m psutil 2>&1|grep package` 257 | if [ "$isSetup" = "" ];then 258 | echo '================================================='; 259 | echo -e "\033[31mpsutil installation failed. \033[0m"; 260 | exit; 261 | fi 262 | } 263 | 264 | Install_mysqldb() 265 | { 266 | isSetup=`python -m MySQLdb 2>&1|grep package` 267 | if [ "$isSetup" = "" ];then 268 | wget -O MySQL-python-1.2.5.zip $download_Url/install/src/MySQL-python-1.2.5.zip -T 10 269 | unzip MySQL-python-1.2.5.zip 270 | rm -f MySQL-python-1.2.5.zip 271 | cd MySQL-python-1.2.5 272 | python setup.py install 273 | cd .. 274 | rm -rf MySQL-python-1.2.5 275 | fi 276 | 277 | } 278 | 279 | Install_chardet() 280 | { 281 | isSetup=`python -m chardet 2>&1|grep package` 282 | if [ "$isSetup" = "" ];then 283 | wget -O chardet-2.3.0.tar.gz $download_Url/install/src/chardet-2.3.0.tar.gz -T 10 284 | tar xvf chardet-2.3.0.tar.gz 285 | rm -f chardet-2.3.0.tar.gz 286 | cd chardet-2.3.0 287 | python setup.py install 288 | cd .. 289 | rm -rf chardet-2.3.0 290 | fi 291 | isSetup=`python -m chardet 2>&1|grep package` 292 | if [ "$isSetup" = "" ];then 293 | echo '================================================='; 294 | echo -e "\033[31mchardet installation failed. \033[0m"; 295 | exit; 296 | fi 297 | } 298 | 299 | Install_webpy() 300 | { 301 | isSetup=`python -m web 2>&1|grep package` 302 | if [ "$isSetup" = "" ];then 303 | wget -O web.py-0.38.tar.gz $download_Url/install/src/web.py-0.38.tar.gz -T 10 304 | tar xvf web.py-0.38.tar.gz 305 | rm -f web.py-0.38.tar.gz 306 | cd web.py-0.38 307 | python setup.py install 308 | cd .. 309 | rm -rf web.py-0.38 310 | fi 311 | 312 | isSetup=`python -m web 2>&1|grep package` 313 | if [ "$isSetup" = "" ];then 314 | echo '================================================='; 315 | echo -e "\033[31mweb.py installation failed. \033[0m"; 316 | exit; 317 | fi 318 | } 319 | pipArg='' 320 | 321 | 322 | pip install setuptools 323 | #pip install --upgrade pip $pipArg 324 | pip install psutil chardet web.py virtualenv Pillow $pipArg 325 | 326 | 327 | Install_Pillow 328 | Install_psutil 329 | if [ -f /www/server/mysql/bin/mysql ]; then 330 | pip install mysql-python 331 | Install_mysqldb 332 | fi 333 | Install_chardet 334 | Install_webpy 335 | 336 | mkdir -p $setup_path/server/panel/logs 337 | mkdir -p $setup_path/server/panel/vhost/apache 338 | mkdir -p $setup_path/server/panel/vhost/nginx 339 | mkdir -p $setup_path/server/panel/vhost/rewrite 340 | wget -O $setup_path/server/panel/certbot-auto $download_Url/install/certbot-auto.init -T 5 341 | chmod +x $setup_path/server/panel/certbot-auto 342 | 343 | 344 | if [ -f '/etc/init.d/bt' ];then 345 | /etc/init.d/bt stop 346 | fi 347 | 348 | mkdir -p /www/server 349 | mkdir -p /www/wwwroot 350 | mkdir -p /www/wwwlogs 351 | mkdir -p /www/backup/database 352 | mkdir -p /www/backup/site 353 | 354 | wget -O panel.zip $download_Url/install/src/panel.zip -T 10 355 | wget -O /etc/init.d/bt $download_Url/install/src/bt.init -T 10 356 | if [ -f "$setup_path/server/panel/data/default.db" ];then 357 | if [ -d "/$setup_path/server/panel/old_data" ];then 358 | rm -rf $setup_path/server/panel/old_data 359 | fi 360 | mkdir -p $setup_path/server/panel/old_data 361 | mv -f $setup_path/server/panel/data/default.db $setup_path/server/panel/old_data/default.db 362 | mv -f $setup_path/server/panel/data/system.db $setup_path/server/panel/old_data/system.db 363 | mv -f $setup_path/server/panel/data/aliossAs.conf $setup_path/server/panel/old_data/aliossAs.conf 364 | mv -f $setup_path/server/panel/data/qiniuAs.conf $setup_path/server/panel/old_data/qiniuAs.conf 365 | mv -f $setup_path/server/panel/data/iplist.txt $setup_path/server/panel/old_data/iplist.txt 366 | mv -f $setup_path/server/panel/data/port.pl $setup_path/server/panel/old_data/port.pl 367 | fi 368 | 369 | unzip -o panel.zip -d $setup_path/server/ > /dev/null 370 | 371 | if [ -d "$setup_path/server/panel/old_data" ];then 372 | mv -f $setup_path/server/panel/old_data/default.db $setup_path/server/panel/data/default.db 373 | mv -f $setup_path/server/panel/old_data/system.db $setup_path/server/panel/data/system.db 374 | mv -f $setup_path/server/panel/old_data/aliossAs.conf $setup_path/server/panel/data/aliossAs.conf 375 | mv -f $setup_path/server/panel/old_data/qiniuAs.conf $setup_path/server/panel/data/qiniuAs.conf 376 | mv -f $setup_path/server/panel/old_data/iplist.txt $setup_path/server/panel/data/iplist.txt 377 | mv -f $setup_path/server/panel/old_data/port.pl $setup_path/server/panel/data/port.pl 378 | 379 | if [ -d "/$setup_path/server/panel/old_data" ];then 380 | rm -rf $setup_path/server/panel/old_data 381 | fi 382 | fi 383 | 384 | rm -f panel.zip 385 | 386 | if [ ! -f $setup_path/server/panel/tools.py ];then 387 | echo -e "\033[31mERROR: Failed to download, please try again!\033[0m"; 388 | echo '============================================' 389 | exit; 390 | fi 391 | 392 | rm -f $setup_path/server/panel/class/*.pyc 393 | rm -f $setup_path/server/panel/*.pyc 394 | python -m compileall $setup_path/server/panel 395 | #rm -f $setup_path/server/panel/class/*.py 396 | #rm -f $setup_path/server/panel/*.py 397 | 398 | chmod 777 /tmp 399 | chmod +x /etc/init.d/bt 400 | update-rc.d bt defaults 401 | chmod -R 600 $setup_path/server/panel 402 | chmod +x $setup_path/server/panel/certbot-auto 403 | chmod -R +x $setup_path/server/panel/script 404 | echo "$port" > $setup_path/server/panel/data/port.pl 405 | /etc/init.d/bt start 406 | password=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` 407 | cd $setup_path/server/panel/ 408 | python tools.py username 409 | username=`python tools.pyc panel $password` 410 | cd ~ 411 | echo "$password" > $setup_path/server/panel/default.pl 412 | chmod 600 $setup_path/server/panel/default.pl 413 | 414 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 415 | if [ "$isStart" == '' ];then 416 | echo -e "\033[31mERROR: The BT-Panel service startup failed.\033[0m"; 417 | echo '============================================' 418 | exit; 419 | fi 420 | 421 | if [ ! -f "/usr/bin/ufw" ];then 422 | apt-get install -y ufw 423 | fi 424 | 425 | if [ -f "/usr/sbin/ufw" ];then 426 | ufw allow 888,20,21,22,80,$port/tcp 427 | ufw allow 39000:40000/tcp 428 | ufw_status=`ufw status` 429 | echo y|ufw enable 430 | ufw default deny 431 | ufw reload 432 | fi 433 | pip install web.py==0.39 434 | pip install psutil chardet psutil virtualenv $pipArg 435 | if [ ! -d '/etc/letsencrypt' ];then 436 | 437 | mkdir -p /var/spool/cron 438 | if [ ! -f '/var/spool/cron/crontabs/root' ];then 439 | echo '' > /var/spool/cron/crontabs/root 440 | chmod 600 /var/spool/cron/crontabs/root 441 | fi 442 | isCron=`cat /var/spool/cron/crontabs/root|grep certbot.log` 443 | if [ "${isCron}" == "" ];then 444 | echo "30 2 * * * $setup_path/server/panel/certbot-auto renew >> $setup_path/server/panel/logs/certbot.log" >> /var/spool/cron/crontabs/root 445 | chown 600 /var/spool/cron/crontabs/root 446 | fi 447 | service cron restart 448 | nohup $setup_path/server/panel/certbot-auto -n > /tmp/certbot-auto.log 2>&1 & 449 | fi 450 | if [[ "${deepinSys}" =~ eepin ]]; then 451 | address="localhost" 452 | else 453 | address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` 454 | 455 | if [ "$address" == '0.0.0.0' ] || [ "$address" == '' ];then 456 | isHosts=`cat /etc/hosts|grep 'www.bt.cn'` 457 | if [ "$isHosts" == '' ];then 458 | echo "" >> /etc/hosts 459 | echo "125.88.182.170 www.bt.cn" >> /etc/hosts 460 | address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` 461 | if [ "$address" == '' ];then 462 | sed -i "/bt.cn/d" /etc/hosts 463 | fi 464 | fi 465 | fi 466 | 467 | ipCheck=`python -c "import re; print re.match('^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$','$address')"` 468 | if [ "$address" == "None" ];then 469 | address="SERVER_IP" 470 | fi 471 | if [ "$address" != "SERVER_IP" ];then 472 | echo "$address" > $setup_path/server/panel/data/iplist.txt 473 | fi 474 | fi 475 | 476 | curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/SetupCount?type=Linux\&o=$1 > /dev/null 2>&1 477 | if [ $1 != "" ];then 478 | echo $1 > /www/server/panel/data/o.pl 479 | cd /www/server/panel 480 | python tools.py o 481 | fi 482 | 483 | echo -e "==================================================================" 484 | echo -e "\033[32mCongratulations! Install succeeded!\033[0m" 485 | echo -e "==================================================================" 486 | echo -e "Bt-Panel: http://$address:$port" 487 | echo -e "username: $username" 488 | echo -e "password: $password" 489 | echo -e "\033[33mWarning:\033[0m" 490 | echo -e "\033[33mIf you cannot access the panel, \033[0m" 491 | echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" 492 | echo -e "==================================================================" 493 | 494 | endTime=`date +%s` 495 | ((outTime=($endTime-$startTime)/60)) 496 | echo -e "Time consumed:\033[32m $outTime \033[0mMinute!" 497 | rm -f install.sh 498 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | LANG=en_US.UTF-8 5 | is64bit=`getconf LONG_BIT` 6 | 7 | if [ -f "/usr/bin/apt-get" ];then 8 | isDebian=`cat /etc/issue|grep Debian` 9 | if [ "$isDebian" != "" ];then 10 | wget -O install.sh http://download.bt.cn/install/install-ubuntu.sh && bash install.sh 11 | exit; 12 | else 13 | wget -O install.sh http://download.bt.cn/install/install-ubuntu.sh && sudo bash install.sh 14 | exit; 15 | fi 16 | fi 17 | 18 | CN='http://git.efe.cc:5522' 19 | 20 | Install_Check(){ 21 | while [ "$yes" != 'yes' ] && [ "$yes" != 'n' ] 22 | do 23 | echo -e "----------------------------------------------------" 24 | echo -e "已有Web环境,安装宝塔可能影响现有站点" 25 | echo -e "Web service is alreday installed,Can't install panel" 26 | echo -e "----------------------------------------------------" 27 | read -p "输入yes强制安装/Enter yes to force installation (yes/n): " yes; 28 | done 29 | if [ "$yes" == 'n' ];then 30 | exit; 31 | fi 32 | } 33 | 34 | Web_Service_Check(){ 35 | if [ -f "/etc/init.d/nginx" ]; then 36 | nginxV=$(cat /etc/init.d/nginx|grep /www/server/nginx) 37 | if [ "${nginxV}" = "" ];then 38 | Install_Check 39 | fi 40 | fi 41 | 42 | if [ -f "/etc/init.d/httpd" ]; then 43 | httpdV=$(cat /etc/init.d/httpd|grep /www/server/apache) 44 | if [ "${httpdV}" = "" ];then 45 | Install_Check 46 | fi 47 | fi 48 | 49 | if [ -f "/etc/init.d/mysqld" ]; then 50 | mysqlV=$(cat /etc/init.d/mysqld|grep /www/server/mysql) 51 | if [ "${mysqlV}" = "" ];then 52 | Install_Check 53 | fi 54 | fi 55 | } 56 | Web_Service_Check 57 | 58 | echo " 59 | +---------------------------------------------------------------------- 60 | | Bt-WebPanel 5.x FOR CentOS/Redhat/Fedora/Ubuntu/Debian 61 | +---------------------------------------------------------------------- 62 | | Copyright © 2015-2018 BT-SOFT(http://www.bt.cn) All rights reserved. 63 | +---------------------------------------------------------------------- 64 | | The WebPanel URL will be http://SERVER_IP:8888 when installed. 65 | +---------------------------------------------------------------------- 66 | " 67 | get_node_url(){ 68 | nodes=(http://git.efe.cc:5522); 69 | #nodes=(http://git.efe.cc:5522 http://103.224.251.67 http://128.1.164.196 http://download.bt.cn); 70 | i=1; 71 | if [ ! -f /bin/curl ];then 72 | if [ -f /usr/local/curl/bin/curl ];then 73 | ln -sf /usr/local/curl/bin/curl /bin/curl 74 | else 75 | yum install curl -y 76 | fi 77 | fi 78 | for node in ${nodes[@]}; 79 | do 80 | start=`date +%s.%N` 81 | result=`curl -sS --connect-timeout 3 -m 60 $node/check.txt` 82 | if [ $result = 'True' ];then 83 | end=`date +%s.%N` 84 | start_s=`echo $start | cut -d '.' -f 1` 85 | start_ns=`echo $start | cut -d '.' -f 2` 86 | end_s=`echo $end | cut -d '.' -f 1` 87 | end_ns=`echo $end | cut -d '.' -f 2` 88 | time_micro=$(( (10#$end_s-10#$start_s)*1000000 + (10#$end_ns/1000 - 10#$start_ns/1000) )) 89 | time_ms=$(($time_micro/1000)) 90 | values[$i]=$time_ms; 91 | urls[$time_ms]=$node 92 | i=$(($i+1)) 93 | fi 94 | done 95 | j=5000 96 | for n in ${values[@]}; 97 | do 98 | if [ $j -gt $n ];then 99 | j=$n 100 | fi 101 | done 102 | if [ $j = 5000 ];then 103 | NODE_URL='http://download.bt.cn'; 104 | else 105 | NODE_URL=${urls[$j]} 106 | fi 107 | 108 | } 109 | echo '---------------------------------------------'; 110 | echo "Selected download node..."; 111 | get_node_url 112 | download_Url=$NODE_URL 113 | echo "Download node: $download_Url"; 114 | echo '---------------------------------------------'; 115 | setup_path=/www 116 | port='8888' 117 | if [ -f $setup_path/server/panel/data/port.pl ];then 118 | port=`cat $setup_path/server/panel/data/port.pl` 119 | fi 120 | 121 | while [ "$go" != 'y' ] && [ "$go" != 'n' ] 122 | do 123 | read -p "Do you want to install Bt-Panel to the $setup_path directory now?(y/n): " go; 124 | done 125 | 126 | if [ "$go" == 'n' ];then 127 | exit; 128 | fi 129 | 130 | path=/etc/yum.conf 131 | isExc=`cat $path|grep httpd` 132 | if [ "$isExc" = "" ];then 133 | echo "exclude=httpd nginx php mysql mairadb python-psutil python2-psutil" >> $path 134 | fi 135 | 136 | 137 | #数据盘自动分区 138 | fdiskP(){ 139 | 140 | for i in `cat /proc/partitions|grep -v name|grep -v ram|awk '{print $4}'|grep -v '^$'|grep -v '[0-9]$'|grep -v 'vda'|grep -v 'xvda'|grep -v 'sda'|grep -e 'vd' -e 'sd' -e 'xvd'`; 141 | do 142 | #判断指定目录是否被挂载 143 | isR=`df -P|grep $setup_path` 144 | if [ "$isR" != "" ];then 145 | echo "Error: The $setup_path directory has been mounted." 146 | return; 147 | fi 148 | 149 | isM=`df -P|grep '/dev/${i}1'` 150 | if [ "$isM" != "" ];then 151 | echo "/dev/${i}1 has been mounted." 152 | continue; 153 | fi 154 | 155 | #判断是否存在未分区磁盘 156 | isP=`fdisk -l /dev/$i |grep -v 'bytes'|grep "$i[1-9]*"` 157 | if [ "$isP" = "" ];then 158 | #开始分区 159 | fdisk -S 56 /dev/$i << EOF 160 | n 161 | p 162 | 1 163 | 164 | 165 | wq 166 | EOF 167 | 168 | sleep 5 169 | #检查是否分区成功 170 | checkP=`fdisk -l /dev/$i|grep "/dev/${i}1"` 171 | if [ "$checkP" != "" ];then 172 | #格式化分区 173 | mkfs.ext4 /dev/${i}1 174 | mkdir $setup_path 175 | #挂载分区 176 | sed -i "/\/dev\/${i}1/d" /etc/fstab 177 | echo "/dev/${i}1 $setup_path ext4 defaults 0 0" >> /etc/fstab 178 | mount -a 179 | df -h 180 | fi 181 | else 182 | #判断是否存在Windows磁盘分区 183 | isN=`fdisk -l /dev/$i|grep -v 'bytes'|grep -v "NTFS"|grep -v "FAT32"` 184 | if [ "$isN" = "" ];then 185 | echo 'Warning: The Windows partition was detected. For your data security, Mount manually.'; 186 | return; 187 | fi 188 | 189 | #挂载已有分区 190 | checkR=`df -P|grep "/dev/$i"` 191 | if [ "$checkR" = "" ];then 192 | mkdir $setup_path 193 | sed -i "/\/dev\/${i}1/d" /etc/fstab 194 | echo "/dev/${i}1 $setup_path ext4 defaults 0 0" >> /etc/fstab 195 | mount -a 196 | df -h 197 | fi 198 | 199 | #清理不可写分区 200 | echo 'True' > $setup_path/checkD.pl 201 | if [ ! -f $setup_path/checkD.pl ];then 202 | sed -i "/\/dev\/${i}1/d" /etc/fstab 203 | mount -a 204 | df -h 205 | else 206 | rm -f $setup_path/checkD.pl 207 | fi 208 | fi 209 | done 210 | } 211 | #fdiskP 212 | 213 | #自动挂载Swap 214 | autoSwap() 215 | { 216 | swap=`free |grep Swap|awk '{print $2}'` 217 | if [ $swap -gt 1 ];then 218 | echo "Swap total sizse: $swap"; 219 | return; 220 | fi 221 | if [ ! -d /www ];then 222 | mkdir /www 223 | fi 224 | swapFile='/www/swap' 225 | dd if=/dev/zero of=$swapFile bs=1M count=1025 226 | mkswap -f $swapFile 227 | swapon $swapFile 228 | echo "$swapFile swap swap defaults 0 0" >> /etc/fstab 229 | swap=`free |grep Swap|awk '{print $2}'` 230 | if [ $swap -gt 1 ];then 231 | echo "Swap total sizse: $swap"; 232 | return; 233 | fi 234 | 235 | sed -i "/\/www\/swap/d" /etc/fstab 236 | rm -f $swapFile 237 | } 238 | autoSwap 239 | 240 | #判断kernel-headers组件是否安装 241 | rpm -qa | grep kernel-headers > kernel-headers.pl 242 | kernelStatus=`cat kernel-headers.pl` 243 | #判断华为云 244 | huaweiLogin=`cat /etc/motd |grep 4000-955-988` 245 | huaweiSys=`cat /etc/redhat-release | grep ' 7.'` 246 | if [ "$kernelStatus" = "" ]; then 247 | if [ "$huaweiLogin" != "" ] && [ "$huaweiSys" != "" ]; then 248 | wget $download_Url/src/kernel-headers-3.10.0-514.el7.x86_64.rpm 249 | rpm -ivh kernel-headers-3.10.0-514.el7.x86_64.rpm 250 | rm -f kernel-headers-3.10.0-514.el7.x86_64.rpm 251 | else 252 | yum install kernel-headers -y 253 | fi 254 | fi 255 | rm -f kernel-headers.pl 256 | yum install ntp -y 257 | \cp -a -r /usr/share/zoneinfo/Asia/Shanghai /etc/localtime 258 | echo 'Synchronizing system time...' 259 | ntpdate 0.asia.pool.ntp.org 260 | startTime=`date +%s` 261 | setenforce 0 262 | sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config 263 | for pace in python-devel python-imaging zip unzip openssl openssl-devel gcc libxml2 libxml2-devel libxslt* zlib zlib-devel libjpeg-devel libpng-devel libwebp libwebp-devel freetype freetype-devel lsof pcre pcre-devel vixie-cron crontabs icu libicu-devel c-ares; 264 | do 265 | yum -y install ${pace}; 266 | done 267 | 268 | if [ -f "/usr/bin/dnf" ]; then 269 | dnf install -y redhat-rpm-config 270 | fi 271 | yum install python-devel -y 272 | tmp=`python -V 2>&1|awk '{print $2}'` 273 | pVersion=${tmp:0:3} 274 | 275 | Install_setuptools() 276 | { 277 | if [ ! -f "/usr/bin/easy_install" ];then 278 | wget -O setuptools-33.1.1.zip $download_Url/install/src/setuptools-33.1.1.zip -T 10 279 | unzip setuptools-33.1.1.zip 280 | rm -f setuptools-33.1.1.zip 281 | cd setuptools-33.1.1 282 | python setup.py install 283 | cd .. 284 | rm -rf setuptools-33.1.1 285 | fi 286 | 287 | if [ ! -f "/usr/bin/easy_install" ];then 288 | echo '================================================='; 289 | echo -e "\033[31msetuptools installation failed. \033[0m"; 290 | exit; 291 | fi 292 | } 293 | 294 | Install_pip() 295 | { 296 | ispip=`pip -V |grep from` 297 | if [ "$ispip" == "" ];then 298 | if [ ! -f "/usr/bin/easy_install" ];then 299 | Install_setuptools 300 | fi 301 | wget -O pip-9.0.1.tar.gz $download_Url/install/src/pip-9.0.1.tar.gz -T 10 302 | tar xvf pip-9.0.1.tar.gz 303 | rm -f pip-9.0.1.tar.gz 304 | cd pip-9.0.1 305 | python setup.py install 306 | cd .. 307 | rm -rf pip-9.0.1 308 | fi 309 | ispip=`pip -V |grep from` 310 | if [ "$ispip" = "" ];then 311 | echo '================================================='; 312 | echo -e "\033[31m Python-pip installation failed. \033[0m"; 313 | exit; 314 | fi 315 | } 316 | 317 | Install_Pillow() 318 | { 319 | isSetup=`python -m PIL 2>&1|grep package` 320 | if [ "$isSetup" = "" ];then 321 | isFedora = `cat /etc/redhat-release |grep Fedora` 322 | if [ "$isFedora" != "" ];then 323 | pip install Pillow 324 | return; 325 | fi 326 | wget -O Pillow-3.2.0.zip $download_Url/install/src/Pillow-3.2.0.zip -T 10 327 | unzip Pillow-3.2.0.zip 328 | rm -f Pillow-3.2.0.zip 329 | cd Pillow-3.2.0 330 | python setup.py install 331 | cd .. 332 | rm -rf Pillow-3.2.0 333 | fi 334 | 335 | isSetup=`python -m PIL 2>&1|grep package` 336 | if [ "$isSetup" = "" ];then 337 | echo '================================================='; 338 | echo -e "\033[31mPillow installation failed. \033[0m"; 339 | exit; 340 | fi 341 | } 342 | 343 | Install_psutil() 344 | { 345 | isSetup=`python -m psutil 2>&1|grep package` 346 | if [ "$isSetup" = "" ];then 347 | wget -O psutil-5.2.2.tar.gz $download_Url/install/src/psutil-5.2.2.tar.gz -T 10 348 | tar xvf psutil-5.2.2.tar.gz 349 | rm -f psutil-5.2.2.tar.gz 350 | cd psutil-5.2.2 351 | python setup.py install 352 | cd .. 353 | rm -rf psutil-5.2.2 354 | fi 355 | isSetup=`python -m psutil 2>&1|grep package` 356 | if [ "$isSetup" = "" ];then 357 | echo '================================================='; 358 | echo -e "\033[31mpsutil installation failed. \033[0m"; 359 | exit; 360 | fi 361 | } 362 | 363 | Install_mysqldb() 364 | { 365 | isSetup=`python -m MySQLdb 2>&1|grep package` 366 | if [ "$isSetup" = "" ];then 367 | wget -O MySQL-python-1.2.5.zip $download_Url/install/src/MySQL-python-1.2.5.zip -T 10 368 | unzip MySQL-python-1.2.5.zip 369 | rm -f MySQL-python-1.2.5.zip 370 | cd MySQL-python-1.2.5 371 | python setup.py install 372 | cd .. 373 | rm -rf MySQL-python-1.2.5 374 | fi 375 | } 376 | 377 | Install_chardet() 378 | { 379 | isSetup=`python -m chardet 2>&1|grep package` 380 | if [ "$isSetup" = "" ];then 381 | wget -O chardet-2.3.0.tar.gz $download_Url/install/src/chardet-2.3.0.tar.gz -T 10 382 | tar xvf chardet-2.3.0.tar.gz 383 | rm -f chardet-2.3.0.tar.gz 384 | cd chardet-2.3.0 385 | python setup.py install 386 | cd .. 387 | rm -rf chardet-2.3.0 388 | fi 389 | 390 | isSetup=`python -m chardet 2>&1|grep package` 391 | if [ "$isSetup" = "" ];then 392 | echo '================================================='; 393 | echo -e "\033[31mchardet installation failed. \033[0m"; 394 | exit; 395 | fi 396 | } 397 | 398 | Install_webpy() 399 | { 400 | isSetup=`python -m web 2>&1|grep package` 401 | if [ "$isSetup" = "" ];then 402 | wget -O web.py-0.38.tar.gz $download_Url/install/src/web.py-0.38.tar.gz -T 10 403 | tar xvf web.py-0.38.tar.gz 404 | rm -f web.py-0.38.tar.gz 405 | cd web.py-0.38 406 | python setup.py install 407 | cd .. 408 | rm -rf web.py-0.38 409 | fi 410 | 411 | isSetup=`python -m web 2>&1|grep package` 412 | if [ "$isSetup" = "" ];then 413 | echo '================================================='; 414 | echo -e "\033[31mweb.py installation failed. \033[0m"; 415 | exit; 416 | fi 417 | } 418 | 419 | 420 | Install_setuptools 421 | Install_pip 422 | 423 | if [ "${download_Url}" = "$CN" ]; then 424 | if [ ! -d "/root/.pip" ];then 425 | mkdir ~/.pip 426 | fi 427 | cat > ~/.pip/pip.conf <&1|grep package` 437 | if [ "$isPsutil" != "" ];then 438 | psutil_version=`python -c 'import psutil;print psutil.__version__;' |grep '5.'` 439 | if [ "$psutil_version" = '' ];then 440 | pip uninstall psutil -y 441 | fi 442 | fi 443 | 444 | pip install pip==9.0.3 445 | pip install psutil chardet web.py virtualenv 446 | 447 | Install_Pillow 448 | Install_psutil 449 | 450 | if [ -f /www/server/mysql/bin/mysql ]; then 451 | pip install mysql-python 452 | Install_mysqldb 453 | fi 454 | Install_chardet 455 | Install_webpy 456 | 457 | mkdir -p $setup_path/server/panel/logs 458 | mkdir -p $setup_path/server/panel/vhost/apache 459 | mkdir -p $setup_path/server/panel/vhost/nginx 460 | mkdir -p $setup_path/server/panel/vhost/rewrite 461 | wget -O $setup_path/server/panel/certbot-auto $download_Url/install/certbot-auto.init -T 5 462 | chmod +x $setup_path/server/panel/certbot-auto 463 | 464 | 465 | if [ -f '/etc/init.d/bt' ];then 466 | /etc/init.d/bt stop 467 | fi 468 | rm -f /dev/shm/session.db 469 | mkdir -p /www/server 470 | mkdir -p /www/wwwroot 471 | mkdir -p /www/wwwlogs 472 | mkdir -p /www/backup/database 473 | mkdir -p /www/backup/site 474 | 475 | if [ ! -f "/usr/bin/unzip" ];then 476 | #rm -f /etc/yum.repos.d/epel.repo 477 | yum install unzip -y 478 | fi 479 | wget -O panel.zip $download_Url/install/src/panel.zip -T 10 480 | wget -O /etc/init.d/bt $download_Url/install/src/bt.init -T 10 481 | if [ -f "$setup_path/server/panel/data/default.db" ];then 482 | if [ -d "/$setup_path/server/panel/old_data" ];then 483 | rm -rf $setup_path/server/panel/old_data 484 | fi 485 | mkdir -p $setup_path/server/panel/old_data 486 | mv -f $setup_path/server/panel/data/default.db $setup_path/server/panel/old_data/default.db 487 | mv -f $setup_path/server/panel/data/system.db $setup_path/server/panel/old_data/system.db 488 | mv -f $setup_path/server/panel/data/aliossAs.conf $setup_path/server/panel/old_data/aliossAs.conf 489 | mv -f $setup_path/server/panel/data/qiniuAs.conf $setup_path/server/panel/old_data/qiniuAs.conf 490 | mv -f $setup_path/server/panel/data/iplist.txt $setup_path/server/panel/old_data/iplist.txt 491 | mv -f $setup_path/server/panel/data/port.pl $setup_path/server/panel/old_data/port.pl 492 | fi 493 | 494 | unzip -o panel.zip -d $setup_path/server/ > /dev/null 495 | 496 | if [ -d "$setup_path/server/panel/old_data" ];then 497 | mv -f $setup_path/server/panel/old_data/default.db $setup_path/server/panel/data/default.db 498 | mv -f $setup_path/server/panel/old_data/system.db $setup_path/server/panel/data/system.db 499 | mv -f $setup_path/server/panel/old_data/aliossAs.conf $setup_path/server/panel/data/aliossAs.conf 500 | mv -f $setup_path/server/panel/old_data/qiniuAs.conf $setup_path/server/panel/data/qiniuAs.conf 501 | mv -f $setup_path/server/panel/old_data/iplist.txt $setup_path/server/panel/data/iplist.txt 502 | mv -f $setup_path/server/panel/old_data/port.pl $setup_path/server/panel/data/port.pl 503 | 504 | if [ -d "/$setup_path/server/panel/old_data" ];then 505 | rm -rf $setup_path/server/panel/old_data 506 | fi 507 | fi 508 | 509 | rm -f panel.zip 510 | 511 | if [ ! -f $setup_path/server/panel/tools.py ];then 512 | echo -e "\033[31mERROR: Failed to download, please try again!\033[0m"; 513 | echo '============================================' 514 | exit; 515 | fi 516 | 517 | rm -f $setup_path/server/panel/class/*.pyc 518 | rm -f $setup_path/server/panel/*.pyc 519 | python -m compileall $setup_path/server/panel 520 | #rm -f $setup_path/server/panel/class/*.py 521 | #rm -f $setup_path/server/panel/*.py 522 | 523 | 524 | rm -f /dev/shm/session.db 525 | chmod +x /etc/init.d/bt 526 | chkconfig --add bt 527 | chkconfig --level 2345 bt on 528 | chmod -R 600 $setup_path/server/panel 529 | chmod +x $setup_path/server/panel/certbot-auto 530 | chmod -R +x $setup_path/server/panel/script 531 | ln -sf /etc/init.d/bt /usr/bin/bt 532 | echo "$port" > $setup_path/server/panel/data/port.pl 533 | /etc/init.d/bt start 534 | password=`cat /dev/urandom | head -n 16 | md5sum | head -c 8` 535 | cd $setup_path/server/panel/ 536 | python tools.py username 537 | username=`python tools.py panel $password` 538 | cd ~ 539 | echo "$password" > $setup_path/server/panel/default.pl 540 | chmod 600 $setup_path/server/panel/default.pl 541 | 542 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 543 | if [ "$isStart" == '' ];then 544 | echo -e "\033[31mERROR: The BT-Panel service startup failed.\033[0m"; 545 | echo '============================================' 546 | exit; 547 | fi 548 | 549 | 550 | 551 | 552 | if [ -f "/etc/init.d/iptables" ];then 553 | sshPort=`cat /etc/ssh/sshd_config | grep 'Port ' | grep -oE [0-9] | tr -d '\n'` 554 | if [ "${sshPort}" != "22" ]; then 555 | iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport $sshPort -j ACCEPT 556 | fi 557 | iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT 558 | iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT 559 | iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 560 | iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT 561 | iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport $port -j ACCEPT 562 | iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 39000:40000 -j ACCEPT 563 | #iptables -I INPUT -p tcp -m state --state NEW -m udp --dport 39000:40000 -j ACCEPT 564 | iptables -A INPUT -p icmp --icmp-type any -j ACCEPT 565 | iptables -A INPUT -s localhost -d localhost -j ACCEPT 566 | iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 567 | iptables -P INPUT DROP 568 | service iptables save 569 | sed -i "s#IPTABLES_MODULES=\"\"#IPTABLES_MODULES=\"ip_conntrack_netbios_ns ip_conntrack_ftp ip_nat_ftp\"#" /etc/sysconfig/iptables-config 570 | 571 | iptables_status=`service iptables status | grep 'not running'` 572 | if [ "${iptables_status}" == '' ];then 573 | service iptables restart 574 | fi 575 | fi 576 | 577 | if [ "${isVersion}" == '' ];then 578 | if [ ! -f "/etc/init.d/iptables" ];then 579 | sshPort=`cat /etc/ssh/sshd_config | grep 'Port ' | grep -oE [0-9] | tr -d '\n'` 580 | yum install firewalld -y 581 | systemctl enable firewalld 582 | systemctl start firewalld 583 | firewall-cmd --set-default-zone=public > /dev/null 2>&1 584 | if [ "${sshPort}" != "22" ]; then 585 | firewall-cmd --permanent --zone=public --add-port=$sshPort/tcp > /dev/null 2>&1 586 | fi 587 | firewall-cmd --permanent --zone=public --add-port=20/tcp > /dev/null 2>&1 588 | firewall-cmd --permanent --zone=public --add-port=21/tcp > /dev/null 2>&1 589 | firewall-cmd --permanent --zone=public --add-port=22/tcp > /dev/null 2>&1 590 | firewall-cmd --permanent --zone=public --add-port=80/tcp > /dev/null 2>&1 591 | firewall-cmd --permanent --zone=public --add-port=$port/tcp > /dev/null 2>&1 592 | firewall-cmd --permanent --zone=public --add-port=39000-40000/tcp > /dev/null 2>&1 593 | #firewall-cmd --permanent --zone=public --add-port=39000-40000/udp > /dev/null 2>&1 594 | firewall-cmd --reload 595 | fi 596 | fi 597 | pip install web.py==0.39 598 | pip install psutil chardet psutil virtualenv cryptography==2.1 > /dev/null 2>&1 599 | 600 | if [ ! -d '/etc/letsencrypt' ];then 601 | yum install epel-release -y 602 | if [ "${country}" = "CN" ]; then 603 | isC7=`cat /etc/redhat-release |grep ' 7.'` 604 | if [ "${isC7}" == "" ];then 605 | wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo 606 | else 607 | wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo 608 | fi 609 | fi 610 | mkdir -p /var/spool/cron 611 | if [ ! -f '/var/spool/cron/root' ];then 612 | echo '' > /var/spool/cron/root 613 | chmod 600 /var/spool/cron/root 614 | fi 615 | fi 616 | 617 | wget -O acme_install.sh $download_Url/install/acme_install.sh 618 | nohup bash acme_install.sh &> /dev/null & 619 | sleep 1 620 | rm -f acme_install.sh 621 | 622 | address="" 623 | address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` 624 | 625 | if [ "$address" == '0.0.0.0' ] || [ "$address" == '' ];then 626 | isHosts=`cat /etc/hosts|grep 'www.bt.cn'` 627 | if [ "$isHosts" == '' ];then 628 | echo "" >> /etc/hosts 629 | echo "125.88.182.170 www.bt.cn" >> /etc/hosts 630 | address=`curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress` 631 | if [ "$address" == '' ];then 632 | sed -i "/bt.cn/d" /etc/hosts 633 | fi 634 | fi 635 | fi 636 | 637 | ipCheck=`python -c "import re; print re.match('^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$','$address')"` 638 | if [ "$ipCheck" == "None" ];then 639 | address="SERVER_IP" 640 | fi 641 | 642 | if [ "$address" != "SERVER_IP" ];then 643 | echo "$address" > $setup_path/server/panel/data/iplist.txt 644 | fi 645 | 646 | curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/SetupCount?type=Linux\&o=$1 > /dev/null 2>&1 647 | if [ "$1" != "" ];then 648 | echo $1 > /www/server/panel/data/o.pl 649 | cd /www/server/panel 650 | python tools.py o 651 | fi 652 | 653 | echo -e "==================================================================" 654 | echo -e "\033[32mCongratulations! Installed successfully!\033[0m" 655 | echo -e "==================================================================" 656 | echo "Bt-Panel: http://$address:$port" 657 | echo -e "username: $username" 658 | echo -e "password: $password" 659 | echo -e "\033[33mWarning:\033[0m" 660 | echo -e "\033[33mIf you cannot access the panel, \033[0m" 661 | echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" 662 | echo -e "==================================================================" 663 | 664 | endTime=`date +%s` 665 | ((outTime=($endTime-$startTime)/60)) 666 | echo -e "Time consumed:\033[32m $outTime \033[0mMinute!" 667 | rm -f install.sh 668 | -------------------------------------------------------------------------------- /install/acme_install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | LANG=en_US.UTF-8 5 | acme_path='/root/.acme.sh' 6 | wget -O acme.sh https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh -T 5 7 | bash acme.sh --install --cert-home /www/server/panel/vhost/cert 8 | curl https://get.acme.sh | sh 9 | 10 | if [ ! -f $acme_path/acme.sh ];then 11 | if [ -f /.acme.sh/acme.sh ];then 12 | acme_path='/.acme.sh' 13 | ln -sf $acme_path /root/.acme.sh 14 | else 15 | public_file=/www/server/panel/install/public.sh 16 | if [ ! -f $public_file ];then 17 | wget -O $public_file http://download.bt.cn/install/public.sh -T 5; 18 | fi 19 | . $public_file 20 | download_Url=$NODE_URL 21 | wget -O acme.sh $download_Url/install/acme.sh -T 5 22 | bash acme.sh --install --cert-home /www/server/panel/vhost/cert 23 | fi 24 | fi 25 | 26 | test=`cat $acme_path/account.conf|grep 'vhost'` 27 | if [ "$test" = '' ];then 28 | echo "CERT_HOME='/www/server/panel/vhost/cert'" >> $acme_path/account.conf 29 | fi 30 | dns_bt=$acme_path/dnsapi/dns_bt.sh 31 | if [ ! -f $dns_bt ];then 32 | wget -O $dns_bt http://download.bt.cn/install/dns_bt.sh -T 5 33 | fi 34 | 35 | rm -f acme.sh -------------------------------------------------------------------------------- /install/certbot-auto.init: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Download and run the latest release version of the Certbot client. 4 | # 5 | # NOTE: THIS SCRIPT IS AUTO-GENERATED AND SELF-UPDATING 6 | # 7 | # IF YOU WANT TO EDIT IT LOCALLY, *ALWAYS* RUN YOUR COPY WITH THE 8 | # "--no-self-upgrade" FLAG 9 | # 10 | # IF YOU WANT TO SEND PULL REQUESTS, THE REAL SOURCE FOR THIS FILE IS 11 | # letsencrypt-auto-source/letsencrypt-auto.template AND 12 | # letsencrypt-auto-source/pieces/bootstrappers/* 13 | 14 | set -e # Work even if somebody does "sh thisscript.sh". 15 | 16 | if [ -f "/root/.pip/pip.conf" ]; then 17 | mv -f ~/.pip/pip.conf ~/.pip/pip.conf.bak 18 | fi 19 | 20 | # Note: you can set XDG_DATA_HOME or VENV_PATH before running this script, 21 | # if you want to change where the virtual environment will be installed 22 | if [ -z "$XDG_DATA_HOME" ]; then 23 | XDG_DATA_HOME=~/.local/share 24 | fi 25 | VENV_NAME="letsencrypt" 26 | if [ -z "$VENV_PATH" ]; then 27 | VENV_PATH="$XDG_DATA_HOME/$VENV_NAME" 28 | fi 29 | VENV_BIN="$VENV_PATH/bin" 30 | LE_AUTO_VERSION="0.12.0" 31 | BASENAME=$(basename $0) 32 | USAGE="Usage: $BASENAME [OPTIONS] 33 | A self-updating wrapper script for the Certbot ACME client. When run, updates 34 | to both this script and certbot will be downloaded and installed. After 35 | ensuring you have the latest versions installed, certbot will be invoked with 36 | all arguments you have provided. 37 | 38 | Help for certbot itself cannot be provided until it is installed. 39 | 40 | --debug attempt experimental installation 41 | -h, --help print this help 42 | -n, --non-interactive, --noninteractive run without asking for user input 43 | --no-self-upgrade do not download updates 44 | --os-packages-only install OS dependencies and exit 45 | -v, --verbose provide more output 46 | -q, --quiet provide only update/error output; 47 | implies --non-interactive 48 | 49 | All arguments are accepted and forwarded to the Certbot client when run." 50 | 51 | for arg in "$@" ; do 52 | case "$arg" in 53 | --debug) 54 | DEBUG=1;; 55 | --os-packages-only) 56 | OS_PACKAGES_ONLY=1;; 57 | --no-self-upgrade) 58 | # Do not upgrade this script (also prevents client upgrades, because each 59 | # copy of the script pins a hash of the python client) 60 | NO_SELF_UPGRADE=1;; 61 | --help) 62 | HELP=1;; 63 | --noninteractive|--non-interactive) 64 | ASSUME_YES=1;; 65 | --quiet) 66 | QUIET=1;; 67 | --verbose) 68 | VERBOSE=1;; 69 | -[!-]*) 70 | OPTIND=1 71 | while getopts ":hnvq" short_arg $arg; do 72 | case "$short_arg" in 73 | h) 74 | HELP=1;; 75 | n) 76 | ASSUME_YES=1;; 77 | q) 78 | QUIET=1;; 79 | v) 80 | VERBOSE=1;; 81 | esac 82 | done;; 83 | esac 84 | done 85 | 86 | if [ $BASENAME = "letsencrypt-auto" ]; then 87 | # letsencrypt-auto does not respect --help or --yes for backwards compatibility 88 | ASSUME_YES=1 89 | HELP=0 90 | fi 91 | 92 | # Set ASSUME_YES to 1 if QUIET (i.e. --quiet implies --non-interactive) 93 | if [ "$QUIET" = 1 ]; then 94 | ASSUME_YES=1 95 | fi 96 | 97 | # Support for busybox and others where there is no "command", 98 | # but "which" instead 99 | if command -v command > /dev/null 2>&1 ; then 100 | export EXISTS="command -v" 101 | elif which which > /dev/null 2>&1 ; then 102 | export EXISTS="which" 103 | else 104 | echo "Cannot find command nor which... please install one!" 105 | exit 1 106 | fi 107 | 108 | # certbot-auto needs root access to bootstrap OS dependencies, and 109 | # certbot itself needs root access for almost all modes of operation 110 | # The "normal" case is that sudo is used for the steps that need root, but 111 | # this script *can* be run as root (not recommended), or fall back to using 112 | # `su`. Auto-detection can be overridden by explicitly setting the 113 | # environment variable LE_AUTO_SUDO to 'sudo', 'sudo_su' or '' as used below. 114 | 115 | # Because the parameters in `su -c` has to be a string, 116 | # we need to properly escape it. 117 | su_sudo() { 118 | args="" 119 | # This `while` loop iterates over all parameters given to this function. 120 | # For each parameter, all `'` will be replace by `'"'"'`, and the escaped string 121 | # will be wrapped in a pair of `'`, then appended to `$args` string 122 | # For example, `echo "It's only 1\$\!"` will be escaped to: 123 | # 'echo' 'It'"'"'s only 1$!' 124 | # │ │└┼┘│ 125 | # │ │ │ └── `'s only 1$!'` the literal string 126 | # │ │ └── `\"'\"` is a single quote (as a string) 127 | # │ └── `'It'`, to be concatenated with the strings following it 128 | # └── `echo` wrapped in a pair of `'`, it's totally fine for the shell command itself 129 | while [ $# -ne 0 ]; do 130 | args="$args'$(printf "%s" "$1" | sed -e "s/'/'\"'\"'/g")' " 131 | shift 132 | done 133 | su root -c "$args" 134 | } 135 | 136 | SUDO_ENV="" 137 | export CERTBOT_AUTO="$0" 138 | if [ -n "${LE_AUTO_SUDO+x}" ]; then 139 | case "$LE_AUTO_SUDO" in 140 | su_sudo|su) 141 | SUDO=su_sudo 142 | ;; 143 | sudo) 144 | SUDO=sudo 145 | SUDO_ENV="CERTBOT_AUTO=$0" 146 | ;; 147 | '') ;; # Nothing to do for plain root method. 148 | *) 149 | echo "Error: unknown root authorization mechanism '$LE_AUTO_SUDO'." 150 | exit 1 151 | esac 152 | echo "Using preset root authorization mechanism '$LE_AUTO_SUDO'." 153 | else 154 | if test "`id -u`" -ne "0" ; then 155 | if $EXISTS sudo 1>/dev/null 2>&1; then 156 | SUDO=sudo 157 | SUDO_ENV="CERTBOT_AUTO=$0" 158 | else 159 | echo \"sudo\" is not available, will use \"su\" for installation steps... 160 | SUDO=su_sudo 161 | fi 162 | else 163 | SUDO= 164 | fi 165 | fi 166 | 167 | ExperimentalBootstrap() { 168 | # Arguments: Platform name, bootstrap function name 169 | if [ "$DEBUG" = 1 ]; then 170 | if [ "$2" != "" ]; then 171 | echo "Bootstrapping dependencies via $1..." 172 | $2 173 | fi 174 | else 175 | echo "FATAL: $1 support is very experimental at present..." 176 | echo "if you would like to work on improving it, please ensure you have backups" 177 | echo "and then run this script again with the --debug flag!" 178 | exit 1 179 | fi 180 | } 181 | 182 | DeterminePythonVersion() { 183 | for LE_PYTHON in "$LE_PYTHON" python2.7 python27 python2 python; do 184 | # Break (while keeping the LE_PYTHON value) if found. 185 | $EXISTS "$LE_PYTHON" > /dev/null && break 186 | done 187 | if [ "$?" != "0" ]; then 188 | echo "Cannot find any Pythons; please install one!" 189 | exit 1 190 | fi 191 | export LE_PYTHON 192 | 193 | PYVER=`"$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//'` 194 | if [ "$PYVER" -lt 26 ]; then 195 | echo "You have an ancient version of Python entombed in your operating system..." 196 | echo "This isn't going to work; you'll need at least version 2.6." 197 | exit 1 198 | fi 199 | } 200 | 201 | BootstrapDebCommon() { 202 | # Current version tested with: 203 | # 204 | # - Ubuntu 205 | # - 14.04 (x64) 206 | # - 15.04 (x64) 207 | # - Debian 208 | # - 7.9 "wheezy" (x64) 209 | # - sid (2015-10-21) (x64) 210 | 211 | # Past versions tested with: 212 | # 213 | # - Debian 8.0 "jessie" (x64) 214 | # - Raspbian 7.8 (armhf) 215 | 216 | # Believed not to work: 217 | # 218 | # - Debian 6.0.10 "squeeze" (x64) 219 | 220 | if [ "$QUIET" = 1 ]; then 221 | QUIET_FLAG='-qq' 222 | fi 223 | 224 | $SUDO apt-get $QUIET_FLAG update || echo apt-get update hit problems but continuing anyway... 225 | 226 | # virtualenv binary can be found in different packages depending on 227 | # distro version (#346) 228 | 229 | virtualenv= 230 | # virtual env is known to apt and is installable 231 | if apt-cache show virtualenv > /dev/null 2>&1 ; then 232 | if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then 233 | virtualenv="virtualenv" 234 | fi 235 | fi 236 | 237 | if apt-cache show python-virtualenv > /dev/null 2>&1; then 238 | virtualenv="$virtualenv python-virtualenv" 239 | fi 240 | 241 | augeas_pkg="libaugeas0 augeas-lenses" 242 | AUGVERSION=`LC_ALL=C apt-cache show --no-all-versions libaugeas0 | grep ^Version: | cut -d" " -f2` 243 | 244 | if [ "$ASSUME_YES" = 1 ]; then 245 | YES_FLAG="-y" 246 | fi 247 | 248 | AddBackportRepo() { 249 | # ARGS: 250 | BACKPORT_NAME="$1" 251 | BACKPORT_SOURCELINE="$2" 252 | echo "To use the Apache Certbot plugin, augeas needs to be installed from $BACKPORT_NAME." 253 | if ! grep -v -e ' *#' /etc/apt/sources.list | grep -q "$BACKPORT_NAME" ; then 254 | # This can theoretically error if sources.list.d is empty, but in that case we don't care. 255 | if ! grep -v -e ' *#' /etc/apt/sources.list.d/* 2>/dev/null | grep -q "$BACKPORT_NAME"; then 256 | if [ "$ASSUME_YES" = 1 ]; then 257 | /bin/echo -n "Installing augeas from $BACKPORT_NAME in 3 seconds..." 258 | sleep 1s 259 | /bin/echo -ne "\e[0K\rInstalling augeas from $BACKPORT_NAME in 2 seconds..." 260 | sleep 1s 261 | /bin/echo -e "\e[0K\rInstalling augeas from $BACKPORT_NAME in 1 second ..." 262 | sleep 1s 263 | add_backports=1 264 | else 265 | read -p "Would you like to enable the $BACKPORT_NAME repository [Y/n]? " response 266 | case $response in 267 | [yY][eE][sS]|[yY]|"") 268 | add_backports=1;; 269 | *) 270 | add_backports=0;; 271 | esac 272 | fi 273 | if [ "$add_backports" = 1 ]; then 274 | $SUDO sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list" 275 | $SUDO apt-get $QUIET_FLAG update 276 | fi 277 | fi 278 | fi 279 | if [ "$add_backports" != 0 ]; then 280 | $SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends -t "$BACKPORT_NAME" $augeas_pkg 281 | augeas_pkg= 282 | fi 283 | } 284 | 285 | 286 | if dpkg --compare-versions 1.0 gt "$AUGVERSION" ; then 287 | if lsb_release -a | grep -q wheezy ; then 288 | AddBackportRepo wheezy-backports "deb http://http.debian.net/debian wheezy-backports main" 289 | elif lsb_release -a | grep -q precise ; then 290 | # XXX add ARM case 291 | AddBackportRepo precise-backports "deb http://archive.ubuntu.com/ubuntu precise-backports main restricted universe multiverse" 292 | else 293 | echo "No libaugeas0 version is available that's new enough to run the" 294 | echo "Certbot apache plugin..." 295 | fi 296 | # XXX add a case for ubuntu PPAs 297 | fi 298 | 299 | $SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends \ 300 | python \ 301 | python-dev \ 302 | $virtualenv \ 303 | gcc \ 304 | $augeas_pkg \ 305 | libssl-dev \ 306 | openssl \ 307 | libffi-dev \ 308 | ca-certificates \ 309 | 310 | 311 | if ! $EXISTS virtualenv > /dev/null ; then 312 | echo Failed to install a working \"virtualenv\" command, exiting 313 | exit 1 314 | fi 315 | } 316 | 317 | BootstrapRpmCommon() { 318 | # Tested with: 319 | # - Fedora 20, 21, 22, 23 (x64) 320 | # - Centos 7 (x64: on DigitalOcean droplet) 321 | # - CentOS 7 Minimal install in a Hyper-V VM 322 | # - CentOS 6 (EPEL must be installed manually) 323 | 324 | if type dnf 2>/dev/null 325 | then 326 | tool=dnf 327 | elif type yum 2>/dev/null 328 | then 329 | tool=yum 330 | 331 | else 332 | echo "Neither yum nor dnf found. Aborting bootstrap!" 333 | exit 1 334 | fi 335 | 336 | if [ "$ASSUME_YES" = 1 ]; then 337 | yes_flag="-y" 338 | fi 339 | if [ "$QUIET" = 1 ]; then 340 | QUIET_FLAG='--quiet' 341 | fi 342 | 343 | if ! $SUDO $tool list *virtualenv >/dev/null 2>&1; then 344 | echo "To use Certbot, packages from the EPEL repository need to be installed." 345 | if ! $SUDO $tool list epel-release >/dev/null 2>&1; then 346 | echo "Please enable this repository and try running Certbot again." 347 | exit 1 348 | fi 349 | if [ "$ASSUME_YES" = 1 ]; then 350 | /bin/echo -n "Enabling the EPEL repository in 3 seconds..." 351 | sleep 1s 352 | /bin/echo -ne "\e[0K\rEnabling the EPEL repository in 2 seconds..." 353 | sleep 1s 354 | /bin/echo -e "\e[0K\rEnabling the EPEL repository in 1 seconds..." 355 | sleep 1s 356 | fi 357 | if ! $SUDO $tool install $yes_flag $QUIET_FLAG epel-release; then 358 | echo "Could not enable EPEL. Aborting bootstrap!" 359 | exit 1 360 | fi 361 | fi 362 | 363 | pkgs=" 364 | gcc 365 | augeas-libs 366 | openssl 367 | openssl-devel 368 | libffi-devel 369 | redhat-rpm-config 370 | ca-certificates 371 | " 372 | 373 | # Some distros and older versions of current distros use a "python27" 374 | # instead of "python" naming convention. Try both conventions. 375 | if $SUDO $tool list python >/dev/null 2>&1; then 376 | pkgs="$pkgs 377 | python 378 | python-devel 379 | python-virtualenv 380 | python-tools 381 | python-pip 382 | " 383 | else 384 | pkgs="$pkgs 385 | python27 386 | python27-devel 387 | python27-virtualenv 388 | python27-tools 389 | python27-pip 390 | " 391 | fi 392 | 393 | if $SUDO $tool list installed "httpd" >/dev/null 2>&1; then 394 | pkgs="$pkgs 395 | mod_ssl 396 | " 397 | fi 398 | 399 | if ! $SUDO $tool install $yes_flag $QUIET_FLAG $pkgs; then 400 | echo "Could not install OS dependencies. Aborting bootstrap!" 401 | exit 1 402 | fi 403 | } 404 | 405 | BootstrapSuseCommon() { 406 | # SLE12 don't have python-virtualenv 407 | 408 | if [ "$ASSUME_YES" = 1 ]; then 409 | zypper_flags="-nq" 410 | install_flags="-l" 411 | fi 412 | 413 | if [ "$QUIET" = 1 ]; then 414 | QUIET_FLAG='-qq' 415 | fi 416 | 417 | $SUDO zypper $QUIET_FLAG $zypper_flags in $install_flags \ 418 | python \ 419 | python-devel \ 420 | python-virtualenv \ 421 | gcc \ 422 | augeas-lenses \ 423 | libopenssl-devel \ 424 | libffi-devel \ 425 | ca-certificates 426 | } 427 | 428 | BootstrapArchCommon() { 429 | # Tested with: 430 | # - ArchLinux (x86_64) 431 | # 432 | # "python-virtualenv" is Python3, but "python2-virtualenv" provides 433 | # only "virtualenv2" binary, not "virtualenv" necessary in 434 | # ./tools/_venv_common.sh 435 | 436 | deps=" 437 | python2 438 | python-virtualenv 439 | gcc 440 | augeas 441 | openssl 442 | libffi 443 | ca-certificates 444 | pkg-config 445 | " 446 | 447 | # pacman -T exits with 127 if there are missing dependencies 448 | missing=$($SUDO pacman -T $deps) || true 449 | 450 | if [ "$ASSUME_YES" = 1 ]; then 451 | noconfirm="--noconfirm" 452 | fi 453 | 454 | if [ "$missing" ]; then 455 | if [ "$QUIET" = 1]; then 456 | $SUDO pacman -S --needed $missing $noconfirm > /dev/null 457 | else 458 | $SUDO pacman -S --needed $missing $noconfirm 459 | fi 460 | fi 461 | } 462 | 463 | BootstrapGentooCommon() { 464 | PACKAGES=" 465 | dev-lang/python:2.7 466 | dev-python/virtualenv 467 | app-admin/augeas 468 | dev-libs/openssl 469 | dev-libs/libffi 470 | app-misc/ca-certificates 471 | virtual/pkgconfig" 472 | 473 | ASK_OPTION="--ask" 474 | if [ "$ASSUME_YES" = 1 ]; then 475 | ASK_OPTION="" 476 | fi 477 | 478 | case "$PACKAGE_MANAGER" in 479 | (paludis) 480 | $SUDO cave resolve --preserve-world --keep-targets if-possible $PACKAGES -x 481 | ;; 482 | (pkgcore) 483 | $SUDO pmerge --noreplace --oneshot $ASK_OPTION $PACKAGES 484 | ;; 485 | (portage|*) 486 | $SUDO emerge --noreplace --oneshot $ASK_OPTION $PACKAGES 487 | ;; 488 | esac 489 | } 490 | 491 | BootstrapFreeBsd() { 492 | if [ "$QUIET" = 1 ]; then 493 | QUIET_FLAG="--quiet" 494 | fi 495 | 496 | $SUDO pkg install -Ay $QUIET_FLAG \ 497 | python \ 498 | py27-virtualenv \ 499 | augeas \ 500 | libffi 501 | } 502 | 503 | BootstrapMac() { 504 | if hash brew 2>/dev/null; then 505 | echo "Using Homebrew to install dependencies..." 506 | pkgman=brew 507 | pkgcmd="brew install" 508 | elif hash port 2>/dev/null; then 509 | echo "Using MacPorts to install dependencies..." 510 | pkgman=port 511 | pkgcmd="$SUDO port install" 512 | else 513 | echo "No Homebrew/MacPorts; installing Homebrew..." 514 | ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" 515 | pkgman=brew 516 | pkgcmd="brew install" 517 | fi 518 | 519 | $pkgcmd augeas 520 | if [ "$(which python)" = "/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python" \ 521 | -o "$(which python)" = "/usr/bin/python" ]; then 522 | # We want to avoid using the system Python because it requires root to use pip. 523 | # python.org, MacPorts or HomeBrew Python installations should all be OK. 524 | echo "Installing python..." 525 | $pkgcmd python 526 | fi 527 | 528 | # Workaround for _dlopen not finding augeas on macOS 529 | if [ "$pkgman" = "port" ] && ! [ -e "/usr/local/lib/libaugeas.dylib" ] && [ -e "/opt/local/lib/libaugeas.dylib" ]; then 530 | echo "Applying augeas workaround" 531 | $SUDO mkdir -p /usr/local/lib/ 532 | $SUDO ln -s /opt/local/lib/libaugeas.dylib /usr/local/lib/ 533 | fi 534 | 535 | if ! hash pip 2>/dev/null; then 536 | echo "pip not installed" 537 | echo "Installing pip..." 538 | curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python 539 | fi 540 | 541 | if ! hash virtualenv 2>/dev/null; then 542 | echo "virtualenv not installed." 543 | echo "Installing with pip..." 544 | pip install virtualenv 545 | fi 546 | } 547 | 548 | BootstrapSmartOS() { 549 | pkgin update 550 | pkgin -y install 'gcc49' 'py27-augeas' 'py27-virtualenv' 551 | } 552 | 553 | BootstrapMageiaCommon() { 554 | if [ "$QUIET" = 1 ]; then 555 | QUIET_FLAG='--quiet' 556 | fi 557 | 558 | if ! $SUDO urpmi --force $QUIET_FLAG \ 559 | python \ 560 | libpython-devel \ 561 | python-virtualenv 562 | then 563 | echo "Could not install Python dependencies. Aborting bootstrap!" 564 | exit 1 565 | fi 566 | 567 | if ! $SUDO urpmi --force $QUIET_FLAG \ 568 | git \ 569 | gcc \ 570 | python-augeas \ 571 | libopenssl-devel \ 572 | libffi-devel \ 573 | rootcerts 574 | then 575 | echo "Could not install additional dependencies. Aborting bootstrap!" 576 | exit 1 577 | fi 578 | } 579 | 580 | 581 | # Install required OS packages: 582 | Bootstrap() { 583 | if [ -f /etc/debian_version ]; then 584 | echo "Bootstrapping dependencies for Debian-based OSes..." 585 | BootstrapDebCommon 586 | elif [ -f /etc/mageia-release ] ; then 587 | # Mageia has both /etc/mageia-release and /etc/redhat-release 588 | ExperimentalBootstrap "Mageia" BootstrapMageiaCommon 589 | elif [ -f /etc/redhat-release ]; then 590 | echo "Bootstrapping dependencies for RedHat-based OSes..." 591 | BootstrapRpmCommon 592 | elif [ -f /etc/os-release ] && `grep -q openSUSE /etc/os-release` ; then 593 | echo "Bootstrapping dependencies for openSUSE-based OSes..." 594 | BootstrapSuseCommon 595 | elif [ -f /etc/arch-release ]; then 596 | if [ "$DEBUG" = 1 ]; then 597 | echo "Bootstrapping dependencies for Archlinux..." 598 | BootstrapArchCommon 599 | else 600 | echo "Please use pacman to install letsencrypt packages:" 601 | echo "# pacman -S certbot certbot-apache" 602 | echo 603 | echo "If you would like to use the virtualenv way, please run the script again with the" 604 | echo "--debug flag." 605 | exit 1 606 | fi 607 | elif [ -f /etc/manjaro-release ]; then 608 | ExperimentalBootstrap "Manjaro Linux" BootstrapArchCommon 609 | elif [ -f /etc/gentoo-release ]; then 610 | ExperimentalBootstrap "Gentoo" BootstrapGentooCommon 611 | elif uname | grep -iq FreeBSD ; then 612 | ExperimentalBootstrap "FreeBSD" BootstrapFreeBsd 613 | elif uname | grep -iq Darwin ; then 614 | ExperimentalBootstrap "macOS" BootstrapMac 615 | elif [ -f /etc/issue ] && grep -iq "Amazon Linux" /etc/issue ; then 616 | ExperimentalBootstrap "Amazon Linux" BootstrapRpmCommon 617 | elif [ -f /etc/product ] && grep -q "Joyent Instance" /etc/product ; then 618 | ExperimentalBootstrap "Joyent SmartOS Zone" BootstrapSmartOS 619 | else 620 | echo "Sorry, I don't know how to bootstrap Certbot on your operating system!" 621 | echo 622 | echo "You will need to bootstrap, configure virtualenv, and run pip install manually." 623 | echo "Please see https://letsencrypt.readthedocs.org/en/latest/contributing.html#prerequisites" 624 | echo "for more info." 625 | exit 1 626 | fi 627 | } 628 | 629 | TempDir() { 630 | mktemp -d 2>/dev/null || mktemp -d -t 'le' # Linux || macOS 631 | } 632 | 633 | 634 | 635 | if [ "$1" = "--le-auto-phase2" ]; then 636 | # Phase 2: Create venv, install LE, and run. 637 | 638 | shift 1 # the --le-auto-phase2 arg 639 | if [ -f "$VENV_BIN/letsencrypt" ]; then 640 | # --version output ran through grep due to python-cryptography DeprecationWarnings 641 | # grep for both certbot and letsencrypt until certbot and shim packages have been released 642 | INSTALLED_VERSION=$("$VENV_BIN/letsencrypt" --version 2>&1 | grep "^certbot\|^letsencrypt" | cut -d " " -f 2) 643 | if [ -z "$INSTALLED_VERSION" ]; then 644 | echo "Error: couldn't get currently installed version for $VENV_BIN/letsencrypt: " 1>&2 645 | "$VENV_BIN/letsencrypt" --version 646 | exit 1 647 | fi 648 | else 649 | INSTALLED_VERSION="none" 650 | fi 651 | if [ "$LE_AUTO_VERSION" != "$INSTALLED_VERSION" ]; then 652 | echo "Creating virtual environment..." 653 | DeterminePythonVersion 654 | rm -rf "$VENV_PATH" 655 | if [ "$VERBOSE" = 1 ]; then 656 | virtualenv --no-site-packages --python "$LE_PYTHON" "$VENV_PATH" 657 | else 658 | virtualenv --no-site-packages --python "$LE_PYTHON" "$VENV_PATH" > /dev/null 659 | fi 660 | 661 | echo "Installing Python packages..." 662 | TEMP_DIR=$(TempDir) 663 | trap 'rm -rf "$TEMP_DIR"' EXIT 664 | # There is no $ interpolation due to quotes on starting heredoc delimiter. 665 | # ------------------------------------------------------------------------- 666 | cat << "UNLIKELY_EOF" > "$TEMP_DIR/letsencrypt-auto-requirements.txt" 667 | # This is the flattened list of packages certbot-auto installs. To generate 668 | # this, do 669 | # `pip install --no-cache-dir -e acme -e . -e certbot-apache -e certbot-nginx`, 670 | # and then use `hashin` or a more secure method to gather the hashes. 671 | 672 | # Hashin example: 673 | # pip install hashin 674 | # hashin -r letsencrypt-auto-requirements.txt cryptography==1.5.2 675 | # sets the new certbot-auto pinned version of cryptography to 1.5.2 676 | 677 | argparse==1.4.0 \ 678 | --hash=sha256:c31647edb69fd3d465a847ea3157d37bed1f95f19760b11a47aa91c04b666314 \ 679 | --hash=sha256:62b089a55be1d8949cd2bc7e0df0bddb9e028faefc8c32038cc84862aefdd6e4 680 | 681 | # This comes before cffi because cffi will otherwise install an unchecked 682 | # version via setup_requires. 683 | pycparser==2.14 \ 684 | --hash=sha256:7959b4a74abdc27b312fed1c21e6caf9309ce0b29ea86b591fd2e99ecdf27f73 \ 685 | --no-binary pycparser 686 | 687 | cffi==1.4.2 \ 688 | --hash=sha256:53c1c9ddb30431513eb7f3cdef0a3e06b0f1252188aaa7744af0f5a4cd45dbaf \ 689 | --hash=sha256:a568f49dfca12a8d9f370187257efc58a38109e1eee714d928561d7a018a64f8 \ 690 | --hash=sha256:809c6ca8cfbcaeebfbd432b4576001b40d38ff2463773cb57577d75e1a020bc3 \ 691 | --hash=sha256:86cdca2cd9cba41422230390df17dfeaa9f344a911e3975c8be9da57b35548e9 \ 692 | --hash=sha256:24b13db84aec385ca23c7b8ded83ef8bb4177bc181d14758f9f975be5d020d86 \ 693 | --hash=sha256:969aeffd7c0e097f6be1efd682c156ae226591a0793a94b6c2d5e4293f4c8d4e \ 694 | --hash=sha256:000f358d4b0fa249feaab9c1ce7d5b2fe7e02e7bdf6806c26418505fc685e268 \ 695 | --hash=sha256:a9d86f460bbd8358a2d513ad779e3f3fc878e3b93a00b5002faebf616ffe6b9c \ 696 | --hash=sha256:3127b3ab33eb23ccac071f9a0802748e5cf7c5cbcd02482bb063e35b41dbb0b0 \ 697 | --hash=sha256:e2b2d42236469a40224d39e7b6c60575f388b2f423f354c7ee90a5b7f58c8065 \ 698 | --hash=sha256:8c2dccafee89b1b424b0bec6ad2dd9622c949d2024e929f5da1ed801eac75f1d \ 699 | --hash=sha256:a4de7a4d11aed488bab4fb14f4988587a829bece5a20433f780d6e33b08083cb \ 700 | --hash=sha256:5ca8fe30425265a49274e4b0213a1bc98f4b13449ae5e96f984771e5d83e58c1 \ 701 | --hash=sha256:a4fd38802f59e714eba81a024f62db710b27dbe27a7ea12e911537327aa84d30 \ 702 | --hash=sha256:86cd6912bbc83e9405d4a73cd7f4b4ee8353652d2dbc7c820106ed5b4d1bab3a \ 703 | --hash=sha256:8f1d177d364ea35900415ae24ca3e471be3d5334ed0419294068c49f45913998 704 | ConfigArgParse==0.10.0 \ 705 | --hash=sha256:3b50a83dd58149dfcee98cb6565265d10b53e9c0a2bca7eeef7fb5f5524890a7 706 | configobj==5.0.6 \ 707 | --hash=sha256:a2f5650770e1c87fb335af19a9b7eb73fc05ccf22144eb68db7d00cd2bcb0902 708 | cryptography==1.5.3 \ 709 | --hash=sha256:e514d92086246b53ae9b048df652cf3036b462e50a6ce9fac6b6253502679991 \ 710 | --hash=sha256:10ee414f4b5af403a0d8f20dfa80f7dad1fc7ae5452ec5af03712d5b6e78c664 \ 711 | --hash=sha256:7234456d1f4345a144ed07af2416c7c0659d4bb599dd1a963103dc8c183b370e \ 712 | --hash=sha256:d3b9587406f94642bd70b3d666b813f446e95f84220c9e416ad94cbfb6be2eaa \ 713 | --hash=sha256:b15fc6b59f1474eef62207c85888afada8acc47fae8198ba2b0197d54538961a \ 714 | --hash=sha256:3b62d65d342704fc07ed171598db2a2775bdf587b1b6abd2cba2261bfe3ccde3 \ 715 | --hash=sha256:059343022ec904c867a13bc55d2573e36c8cfb2c250e30d8a2e9825f253b07ba \ 716 | --hash=sha256:c7897cf13bc8b4ee0215d83cbd51766d87c06b277fcca1f9108595508e5bcfb4 \ 717 | --hash=sha256:9b69e983e5bf83039ddd52e52a28c7faedb2b22bdfb5876377b95aac7d3be63e \ 718 | --hash=sha256:61e40905c426d02b3fae38088dc66ce4ef84830f7eb223dec6b3ac3ccdc676fb \ 719 | --hash=sha256:00783a32bcd91a12177230d35bfcf70a2333ade4a6b607fac94a633a7971c671 \ 720 | --hash=sha256:d11973f49b648cde1ea1a30e496d7557dbfeccd08b3cd9ba58d286a9c274ff8e \ 721 | --hash=sha256:f24bedf28b81932ba6063aec9a826669f5237ea3b755efe04d98b072faa053a5 \ 722 | --hash=sha256:3ab5725367239e3deb9b92e917aa965af3fef008f25b96a3000821869e208181 \ 723 | --hash=sha256:8a53209de822e22b5f73bf4b99e68ac4ccc91051fd6751c8252982983e86a77d \ 724 | --hash=sha256:5a07439d4b1e4197ac202b7eea45e26a6fd65757652dc50f1a63367f711df933 \ 725 | --hash=sha256:26b1c4b40aec7b0074bceabe6e06565aa28176eca7323a31df66ebf89fe916d3 \ 726 | --hash=sha256:eaa4a7b5a6682adcf8d6ebb2a08a008802657643655bb527c95c8a3860253d8e \ 727 | --hash=sha256:8156927dcf8da274ff205ad0612f75c380df45385bacf98531a5b3348c88d135 \ 728 | --hash=sha256:61ec0d792749d0e91e84b1d58b6dfd204806b10b5811f846c2ceca0de028c53a \ 729 | --hash=sha256:26330c88041569ca621cc42274d0ea2667a48b6deab41467272c3aba0b6e8f07 \ 730 | --hash=sha256:cf82ddac919b587f5e44247579b433224cc2e03332d2ea4d89aa70d7e6b64ae5 731 | enum34==1.1.2 \ 732 | --hash=sha256:2475d7fcddf5951e92ff546972758802de5260bf409319a9f1934e6bbc8b1dc7 \ 733 | --hash=sha256:35907defb0f992b75ab7788f65fedc1cf20ffa22688e0e6f6f12afc06b3ea501 734 | funcsigs==0.4 \ 735 | --hash=sha256:ff5ad9e2f8d9e5d1e8bbfbcf47722ab527cf0d51caeeed9da6d0f40799383fde \ 736 | --hash=sha256:d83ce6df0b0ea6618700fe1db353526391a8a3ada1b7aba52fed7a61da772033 737 | idna==2.0 \ 738 | --hash=sha256:9b2fc50bd3c4ba306b9651b69411ef22026d4d8335b93afc2214cef1246ce707 \ 739 | --hash=sha256:16199aad938b290f5be1057c0e1efc6546229391c23cea61ca940c115f7d3d3b 740 | ipaddress==1.0.16 \ 741 | --hash=sha256:935712800ce4760701d89ad677666cd52691fd2f6f0b340c8b4239a3c17988a5 \ 742 | --hash=sha256:5a3182b322a706525c46282ca6f064d27a02cffbd449f9f47416f1dc96aa71b0 743 | linecache2==1.0.0 \ 744 | --hash=sha256:e78be9c0a0dfcbac712fe04fbf92b96cddae80b1b842f24248214c8496f006ef \ 745 | --hash=sha256:4b26ff4e7110db76eeb6f5a7b64a82623839d595c2038eeda662f2a2db78e97c 746 | ordereddict==1.1 \ 747 | --hash=sha256:1c35b4ac206cef2d24816c89f89cf289dd3d38cf7c449bb3fab7bf6d43f01b1f 748 | parsedatetime==2.1 \ 749 | --hash=sha256:ce9d422165cf6e963905cd5f74f274ebf7cc98c941916169178ef93f0e557838 \ 750 | --hash=sha256:17c578775520c99131634e09cfca5a05ea9e1bd2a05cd06967ebece10df7af2d 751 | pbr==1.8.1 \ 752 | --hash=sha256:46c8db75ae75a056bd1cc07fa21734fe2e603d11a07833ecc1eeb74c35c72e0c \ 753 | --hash=sha256:e2127626a91e6c885db89668976db31020f0af2da728924b56480fc7ccf09649 754 | pyasn1==0.1.9 \ 755 | --hash=sha256:61f9d99e3cef65feb1bfe3a2eef7a93eb93819d345bf54bcd42f4e63d5204dae \ 756 | --hash=sha256:1802a6dd32045e472a419db1441aecab469d33e0d2749e192abdec52101724af \ 757 | --hash=sha256:35025cd9422c96504912f04e2f15fe79390a8597b430c2ca5d0534cf9309ffa0 \ 758 | --hash=sha256:2f96ed5a0c329ca16230b326ca12b7461ec8f65e0be3e4f997516f36bf82a345 \ 759 | --hash=sha256:28fee44217991cfad9e6a0b9f7e3f26041e21ebc96629e94e585ccd05d49fa65 \ 760 | --hash=sha256:326e7a854a17fab07691204747695f8f692d674588a355c441fb14f660bf4e68 \ 761 | --hash=sha256:cda5a90485709ca6795c86056c3e5fe7266028b05e53f1d527fdf93a6365a6b8 \ 762 | --hash=sha256:0cb2a14742b543fdd68f931a14ce3829186ed2b1b2267a06787388c96b2dd9be \ 763 | --hash=sha256:5191ff6b9126d2c039dd87f8ff025bed274baf07fa78afa46f556b1ad7265d6e \ 764 | --hash=sha256:8323e03637b2d072cc7041300bac6ec448c3c28950ab40376036788e9a1af629 \ 765 | --hash=sha256:853cacd96d1f701ddd67aa03ecc05f51890135b7262e922710112f12a2ed2a7f 766 | pyOpenSSL==16.2.0 \ 767 | --hash=sha256:26ca380ddf272f7556e48064bbcd5bd71f83dfc144f3583501c7ddbd9434ee17 \ 768 | --hash=sha256:7779a3bbb74e79db234af6a08775568c6769b5821faecf6e2f4143edb227516e 769 | pyparsing==2.1.8 \ 770 | --hash=sha256:2f0f5ceb14eccd5aef809d6382e87df22ca1da583c79f6db01675ce7d7f49c18 \ 771 | --hash=sha256:03a4869b9f3493807ee1f1cb405e6d576a1a2ca4d81a982677c0c1ad6177c56b \ 772 | --hash=sha256:ab09aee814c0241ff0c503cff30018219fe1fc14501d89f406f4664a0ec9fbcd \ 773 | --hash=sha256:6e9a7f052f8e26bcf749e4033e3115b6dc7e3c85aafcb794b9a88c9d9ef13c97 \ 774 | --hash=sha256:9f463a6bcc4eeb6c08f1ed84439b17818e2085937c0dee0d7674ac127c67c12b \ 775 | --hash=sha256:3626b4d81cfb300dad57f52f2f791caaf7b06c09b368c0aa7b868e53a5775424 \ 776 | --hash=sha256:367b90cc877b46af56d4580cd0ae278062903f02b8204ab631f5a2c0f50adfd0 \ 777 | --hash=sha256:9f1ea360086cd68681e7f4ca8f1f38df47bf81942a0d76a9673c2d23eff35b13 778 | pyRFC3339==1.0 \ 779 | --hash=sha256:eea31835c56e2096af4363a5745a784878a61d043e247d3a6d6a0a32a9741f56 \ 780 | --hash=sha256:8dfbc6c458b8daba1c0f3620a8c78008b323a268b27b7359e92a4ae41325f535 781 | python-augeas==0.5.0 \ 782 | --hash=sha256:67d59d66cdba8d624e0389b87b2a83a176f21f16a87553b50f5703b23f29bac2 783 | pytz==2015.7 \ 784 | --hash=sha256:3abe6a6d3fc2fbbe4c60144211f45da2edbe3182a6f6511af6bbba0598b1f992 \ 785 | --hash=sha256:939ef9c1e1224d980405689a97ffcf7828c56d1517b31d73464356c1f2b7769e \ 786 | --hash=sha256:ead4aefa7007249e05e51b01095719d5a8dd95760089f5730aac5698b1932918 \ 787 | --hash=sha256:3cca0df08bd0ed98432390494ce3ded003f5e661aa460be7a734bffe35983605 \ 788 | --hash=sha256:3ede470d3d17ba3c07638dfa0d10452bc1b6e5ad326127a65ba77e6aaeb11bec \ 789 | --hash=sha256:68c47964f7186eec306b13629627722b9079cd4447ed9e5ecaecd4eac84ca734 \ 790 | --hash=sha256:dd5d3991950aae40a6c81de1578942e73d629808cefc51d12cd157980e6cfc18 \ 791 | --hash=sha256:a77c52062c07eb7c7b30545dbc73e32995b7e117eea750317b5cb5c7a4618f14 \ 792 | --hash=sha256:81af9aec4bc960a9a0127c488f18772dae4634689233f06f65443e7b11ebeb51 \ 793 | --hash=sha256:e079b1dadc5c06246cc1bb6fe1b23a50b1d1173f2edd5104efd40bb73a28f406 \ 794 | --hash=sha256:fbd26746772c24cb93c8b97cbdad5cb9e46c86bbdb1b9d8a743ee00e2fb1fc5d \ 795 | --hash=sha256:99266ef30a37e43932deec2b7ca73e83c8dbc3b9ff703ec73eca6b1dae6befea \ 796 | --hash=sha256:8b6ce1c993909783bc96e0b4f34ea223bff7a4df2c90bdb9c4e0f1ac928689e3 797 | requests==2.12.1 \ 798 | --hash=sha256:3f3f27a9d0f9092935efc78054ef324eb9f8166718270aefe036dfa1e4f68e1e \ 799 | --hash=sha256:2109ecea94df90980be040490ff1d879971b024861539abb00054062388b612e 800 | six==1.10.0 \ 801 | --hash=sha256:0ff78c403d9bccf5a425a6d31a12aa6b47f1c21ca4dc2573a7e2f32a97335eb1 \ 802 | --hash=sha256:105f8d68616f8248e24bf0e9372ef04d3cc10104f1980f54d57b2ce73a5ad56a 803 | traceback2==1.4.0 \ 804 | --hash=sha256:8253cebec4b19094d67cc5ed5af99bf1dba1285292226e98a31929f87a5d6b23 \ 805 | --hash=sha256:05acc67a09980c2ecfedd3423f7ae0104839eccb55fc645773e1caa0951c3030 806 | unittest2==1.1.0 \ 807 | --hash=sha256:13f77d0875db6d9b435e1d4f41e74ad4cc2eb6e1d5c824996092b3430f088bb8 \ 808 | --hash=sha256:22882a0e418c284e1f718a822b3b022944d53d2d908e1690b319a9d3eb2c0579 809 | zope.component==4.2.2 \ 810 | --hash=sha256:282c112b55dd8e3c869a3571f86767c150ab1284a9ace2bdec226c592acaf81a 811 | zope.event==4.1.0 \ 812 | --hash=sha256:dc7a59a2fd91730d3793131a5d261b29e93ec4e2a97f1bc487ce8defee2fe786 813 | zope.interface==4.1.3 \ 814 | --hash=sha256:f07b631f7a601cd8cbd3332d54f43142c7088a83299f859356f08d1d4d4259b3 \ 815 | --hash=sha256:de5cca083b9439d8002fb76bbe6b4998c5a5a721fab25b84298967f002df4c94 \ 816 | --hash=sha256:6788416f7ea7f5b8a97be94825377aa25e8bdc73463e07baaf9858b29e737077 \ 817 | --hash=sha256:6f3230f7254518201e5a3708cbb2de98c848304f06e3ded8bfb39e5825cba2e1 \ 818 | --hash=sha256:5fa575a5240f04200c3088427d0d4b7b737f6e9018818a51d8d0f927a6a2517a \ 819 | --hash=sha256:522194ad6a545735edd75c8a83f48d65d1af064e432a7d320d64f56bafc12e99 \ 820 | --hash=sha256:e8c7b2d40943f71c99148c97f66caa7f5134147f57423f8db5b4825099ce9a09 \ 821 | --hash=sha256:279024f0208601c3caa907c53876e37ad88625f7eaf1cb3842dbe360b2287017 \ 822 | --hash=sha256:2e221a9eec7ccc58889a278ea13dcfed5ef939d80b07819a9a8b3cb1c681484f \ 823 | --hash=sha256:69118965410ec86d44dc6b9017ee3ddbd582e0c0abeef62b3a19dbf6c8ad132b \ 824 | --hash=sha256:d04df8686ec864d0cade8cf199f7f83aecd416109a20834d568f8310ded12dea \ 825 | --hash=sha256:e75a947e15ee97e7e71e02ea302feb2fc62d3a2bb4668bf9dfbed43a506ac7e7 \ 826 | --hash=sha256:4e45d22fb883222a5ab9f282a116fec5ee2e8d1a568ccff6a2d75bbd0eb6bcfc \ 827 | --hash=sha256:bce9339bb3c7a55e0803b63d21c5839e8e479bc85c4adf42ae415b72f94facb2 \ 828 | --hash=sha256:928138365245a0e8869a5999fbcc2a45475a0a6ed52a494d60dbdc540335fedd \ 829 | --hash=sha256:0d841ba1bb840eea0e6489dc5ecafa6125554971f53b5acb87764441e61bceba \ 830 | --hash=sha256:b09c8c1d47b3531c400e0195697f1414a63221de6ef478598a4f1460f7d9a392 831 | mock==1.0.1 \ 832 | --hash=sha256:b839dd2d9c117c701430c149956918a423a9863b48b09c90e30a6013e7d2f44f \ 833 | --hash=sha256:8f83080daa249d036cbccfb8ae5cc6ff007b88d6d937521371afabe7b19badbc 834 | letsencrypt==0.7.0 \ 835 | --hash=sha256:105a5fb107e45bcd0722eb89696986dcf5f08a86a321d6aef25a0c7c63375ade \ 836 | --hash=sha256:c36e532c486a7e92155ee09da54b436a3c420813ec1c590b98f635d924720de9 837 | 838 | # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. 839 | 840 | acme==0.12.0 \ 841 | --hash=sha256:a6050619b3e07b41d197992bb15b32c755dfa0665cfa1c20faa82806a798265b \ 842 | --hash=sha256:a05cba6b5b0fffdfa246b32492a44769011d45205f3ee8efde1f37ee9843fbdf 843 | certbot==0.12.0 \ 844 | --hash=sha256:d018d13665eb4cfe7038c2df636e3f4928742b83769b95edfdb0311277f0eb48 \ 845 | --hash=sha256:4a71925c035b62dfb7c3343c619ee090add76188b47225272b57798ad63388b7 846 | certbot-apache==0.12.0 \ 847 | --hash=sha256:de86907ea60e7bc35d252b87dec04eab3c7f3a1ea768774876e7ff582d89d640 \ 848 | --hash=sha256:77dde63cf97292b09da8ae09ef8a7a6d83a3b1ee0f8d1fefe513fc77a6292509 849 | certbot-nginx==0.12.0 \ 850 | --hash=sha256:c66d848c4577f1f91a06a8119b40f1ab90af1546addea27905434bd070f3924d \ 851 | --hash=sha256:4dab2c93304c80d8d0d2e5214939f016804fd46859dd7a39b892d8b7195ab5ec 852 | 853 | UNLIKELY_EOF 854 | # ------------------------------------------------------------------------- 855 | cat << "UNLIKELY_EOF" > "$TEMP_DIR/pipstrap.py" 856 | #!/usr/bin/env python 857 | """A small script that can act as a trust root for installing pip 8 858 | 859 | Embed this in your project, and your VCS checkout is all you have to trust. In 860 | a post-peep era, this lets you claw your way to a hash-checking version of pip, 861 | with which you can install the rest of your dependencies safely. All it assumes 862 | is Python 2.6 or better and *some* version of pip already installed. If 863 | anything goes wrong, it will exit with a non-zero status code. 864 | 865 | """ 866 | # This is here so embedded copies are MIT-compliant: 867 | # Copyright (c) 2016 Erik Rose 868 | # 869 | # Permission is hereby granted, free of charge, to any person obtaining a copy 870 | # of this software and associated documentation files (the "Software"), to 871 | # deal in the Software without restriction, including without limitation the 872 | # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 873 | # sell copies of the Software, and to permit persons to whom the Software is 874 | # furnished to do so, subject to the following conditions: 875 | # 876 | # The above copyright notice and this permission notice shall be included in 877 | # all copies or substantial portions of the Software. 878 | from __future__ import print_function 879 | from hashlib import sha256 880 | from os.path import join 881 | from pipes import quote 882 | from shutil import rmtree 883 | try: 884 | from subprocess import check_output 885 | except ImportError: 886 | from subprocess import CalledProcessError, PIPE, Popen 887 | 888 | def check_output(*popenargs, **kwargs): 889 | if 'stdout' in kwargs: 890 | raise ValueError('stdout argument not allowed, it will be ' 891 | 'overridden.') 892 | process = Popen(stdout=PIPE, *popenargs, **kwargs) 893 | output, unused_err = process.communicate() 894 | retcode = process.poll() 895 | if retcode: 896 | cmd = kwargs.get("args") 897 | if cmd is None: 898 | cmd = popenargs[0] 899 | raise CalledProcessError(retcode, cmd) 900 | return output 901 | from sys import exit, version_info 902 | from tempfile import mkdtemp 903 | try: 904 | from urllib2 import build_opener, HTTPHandler, HTTPSHandler 905 | except ImportError: 906 | from urllib.request import build_opener, HTTPHandler, HTTPSHandler 907 | try: 908 | from urlparse import urlparse 909 | except ImportError: 910 | from urllib.parse import urlparse # 3.4 911 | 912 | 913 | __version__ = 1, 1, 1 914 | 915 | 916 | # wheel has a conditional dependency on argparse: 917 | maybe_argparse = ( 918 | [('https://pypi.python.org/packages/source/a/argparse/' 919 | 'argparse-1.4.0.tar.gz', 920 | '62b089a55be1d8949cd2bc7e0df0bddb9e028faefc8c32038cc84862aefdd6e4')] 921 | if version_info < (2, 7, 0) else []) 922 | 923 | 924 | PACKAGES = maybe_argparse + [ 925 | # Pip has no dependencies, as it vendors everything: 926 | ('https://pypi.python.org/packages/source/p/pip/pip-8.0.3.tar.gz', 927 | '30f98b66f3fe1069c529a491597d34a1c224a68640c82caf2ade5f88aa1405e8'), 928 | # This version of setuptools has only optional dependencies: 929 | ('https://pypi.python.org/packages/source/s/setuptools/' 930 | 'setuptools-20.2.2.tar.gz', 931 | '24fcfc15364a9fe09a220f37d2dcedc849795e3de3e4b393ee988e66a9cbd85a'), 932 | ('https://pypi.python.org/packages/source/w/wheel/wheel-0.29.0.tar.gz', 933 | '1ebb8ad7e26b448e9caa4773d2357849bf80ff9e313964bcaf79cbf0201a1648') 934 | ] 935 | 936 | 937 | class HashError(Exception): 938 | def __str__(self): 939 | url, path, actual, expected = self.args 940 | return ('{url} did not match the expected hash {expected}. Instead, ' 941 | 'it was {actual}. The file (left at {path}) may have been ' 942 | 'tampered with.'.format(**locals())) 943 | 944 | 945 | def hashed_download(url, temp, digest): 946 | """Download ``url`` to ``temp``, make sure it has the SHA-256 ``digest``, 947 | and return its path.""" 948 | # Based on pip 1.4.1's URLOpener but with cert verification removed. Python 949 | # >=2.7.9 verifies HTTPS certs itself, and, in any case, the cert 950 | # authenticity has only privacy (not arbitrary code execution) 951 | # implications, since we're checking hashes. 952 | def opener(): 953 | opener = build_opener(HTTPSHandler()) 954 | # Strip out HTTPHandler to prevent MITM spoof: 955 | for handler in opener.handlers: 956 | if isinstance(handler, HTTPHandler): 957 | opener.handlers.remove(handler) 958 | return opener 959 | 960 | def read_chunks(response, chunk_size): 961 | while True: 962 | chunk = response.read(chunk_size) 963 | if not chunk: 964 | break 965 | yield chunk 966 | 967 | response = opener().open(url) 968 | path = join(temp, urlparse(url).path.split('/')[-1]) 969 | actual_hash = sha256() 970 | with open(path, 'wb') as file: 971 | for chunk in read_chunks(response, 4096): 972 | file.write(chunk) 973 | actual_hash.update(chunk) 974 | 975 | actual_digest = actual_hash.hexdigest() 976 | if actual_digest != digest: 977 | raise HashError(url, path, actual_digest, digest) 978 | return path 979 | 980 | 981 | def main(): 982 | temp = mkdtemp(prefix='pipstrap-') 983 | try: 984 | downloads = [hashed_download(url, temp, digest) 985 | for url, digest in PACKAGES] 986 | check_output('pip install --no-index --no-deps -U ' + 987 | ' '.join(quote(d) for d in downloads), 988 | shell=True) 989 | except HashError as exc: 990 | print(exc) 991 | except Exception: 992 | rmtree(temp) 993 | raise 994 | else: 995 | rmtree(temp) 996 | return 0 997 | return 1 998 | 999 | 1000 | if __name__ == '__main__': 1001 | exit(main()) 1002 | 1003 | UNLIKELY_EOF 1004 | # ------------------------------------------------------------------------- 1005 | # Set PATH so pipstrap upgrades the right (v)env: 1006 | PATH="$VENV_BIN:$PATH" "$VENV_BIN/python" "$TEMP_DIR/pipstrap.py" 1007 | set +e 1008 | if [ "$VERBOSE" = 1 ]; then 1009 | "$VENV_BIN/pip" install --no-cache-dir --require-hashes -r "$TEMP_DIR/letsencrypt-auto-requirements.txt" 1010 | else 1011 | PIP_OUT=`"$VENV_BIN/pip" install --no-cache-dir --require-hashes -r "$TEMP_DIR/letsencrypt-auto-requirements.txt" 2>&1` 1012 | fi 1013 | PIP_STATUS=$? 1014 | set -e 1015 | if [ "$PIP_STATUS" != 0 ]; then 1016 | # Report error. (Otherwise, be quiet.) 1017 | echo "Had a problem while installing Python packages." 1018 | if [ "$VERBOSE" != 1 ]; then 1019 | echo 1020 | echo "pip prints the following errors: " 1021 | echo "=====================================================" 1022 | echo "$PIP_OUT" 1023 | echo "=====================================================" 1024 | echo 1025 | echo "Certbot has problem setting up the virtual environment." 1026 | 1027 | if `echo $PIP_OUT | grep -q Killed` || `echo $PIP_OUT | grep -q "allocate memory"` ; then 1028 | echo 1029 | echo "Based on your pip output, the problem can likely be fixed by " 1030 | echo "increasing the available memory." 1031 | else 1032 | echo 1033 | echo "We were not be able to guess the right solution from your pip " 1034 | echo "output." 1035 | fi 1036 | 1037 | echo 1038 | echo "Consult https://certbot.eff.org/docs/install.html#problems-with-python-virtual-environment" 1039 | echo "for possible solutions." 1040 | echo "You may also find some support resources at https://certbot.eff.org/support/ ." 1041 | fi 1042 | rm -rf "$VENV_PATH" 1043 | exit 1 1044 | fi 1045 | echo "Installation succeeded." 1046 | fi 1047 | if [ -n "$SUDO" ]; then 1048 | # SUDO is su wrapper or sudo 1049 | if [ "$QUIET" != 1 ]; then 1050 | echo "Requesting root privileges to run certbot..." 1051 | echo " $VENV_BIN/letsencrypt" "$@" 1052 | fi 1053 | fi 1054 | if [ -z "$SUDO_ENV" ] ; then 1055 | # SUDO is su wrapper / noop 1056 | $SUDO "$VENV_BIN/letsencrypt" "$@" 1057 | else 1058 | # sudo 1059 | $SUDO "$SUDO_ENV" "$VENV_BIN/letsencrypt" "$@" 1060 | fi 1061 | 1062 | else 1063 | # Phase 1: Upgrade certbot-auto if necessary, then self-invoke. 1064 | # 1065 | # Each phase checks the version of only the thing it is responsible for 1066 | # upgrading. Phase 1 checks the version of the latest release of 1067 | # certbot-auto (which is always the same as that of the certbot 1068 | # package). Phase 2 checks the version of the locally installed certbot. 1069 | 1070 | if [ ! -f "$VENV_BIN/letsencrypt" ]; then 1071 | if [ "$HELP" = 1 ]; then 1072 | echo "$USAGE" 1073 | exit 0 1074 | fi 1075 | # If it looks like we've never bootstrapped before, bootstrap: 1076 | Bootstrap 1077 | fi 1078 | if [ "$OS_PACKAGES_ONLY" = 1 ]; then 1079 | echo "OS packages installed." 1080 | exit 0 1081 | fi 1082 | 1083 | if [ "$NO_SELF_UPGRADE" != 1 ]; then 1084 | TEMP_DIR=$(TempDir) 1085 | trap 'rm -rf "$TEMP_DIR"' EXIT 1086 | # --------------------------------------------------------------------------- 1087 | cat << "UNLIKELY_EOF" > "$TEMP_DIR/fetch.py" 1088 | """Do downloading and JSON parsing without additional dependencies. :: 1089 | 1090 | # Print latest released version of LE to stdout: 1091 | python fetch.py --latest-version 1092 | 1093 | # Download letsencrypt-auto script from git tag v1.2.3 into the folder I'm 1094 | # in, and make sure its signature verifies: 1095 | python fetch.py --le-auto-script v1.2.3 1096 | 1097 | On failure, return non-zero. 1098 | 1099 | """ 1100 | from distutils.version import LooseVersion 1101 | from json import loads 1102 | from os import devnull, environ 1103 | from os.path import dirname, join 1104 | import re 1105 | from subprocess import check_call, CalledProcessError 1106 | from sys import argv, exit 1107 | from urllib2 import build_opener, HTTPHandler, HTTPSHandler, HTTPError 1108 | 1109 | PUBLIC_KEY = environ.get('LE_AUTO_PUBLIC_KEY', """-----BEGIN PUBLIC KEY----- 1110 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MR8W/galdxnpGqBsYbq 1111 | OzQb2eyW15YFjDDEMI0ZOzt8f504obNs920lDnpPD2/KqgsfjOgw2K7xWDJIj/18 1112 | xUvWPk3LDkrnokNiRkA3KOx3W6fHycKL+zID7zy+xZYBuh2fLyQtWV1VGQ45iNRp 1113 | 9+Zo7rH86cdfgkdnWTlNSHyTLW9NbXvyv/E12bppPcEvgCTAQXgnDVJ0/sqmeiij 1114 | n9tTFh03aM+R2V/21h8aTraAS24qiPCz6gkmYGC8yr6mglcnNoYbsLNYZ69zF1XH 1115 | cXPduCPdPdfLlzVlKK1/U7hkA28eG3BIAMh6uJYBRJTpiGgaGdPd7YekUB8S6cy+ 1116 | CQIDAQAB 1117 | -----END PUBLIC KEY----- 1118 | """) 1119 | 1120 | class ExpectedError(Exception): 1121 | """A novice-readable exception that also carries the original exception for 1122 | debugging""" 1123 | 1124 | 1125 | class HttpsGetter(object): 1126 | def __init__(self): 1127 | """Build an HTTPS opener.""" 1128 | # Based on pip 1.4.1's URLOpener 1129 | # This verifies certs on only Python >=2.7.9. 1130 | self._opener = build_opener(HTTPSHandler()) 1131 | # Strip out HTTPHandler to prevent MITM spoof: 1132 | for handler in self._opener.handlers: 1133 | if isinstance(handler, HTTPHandler): 1134 | self._opener.handlers.remove(handler) 1135 | 1136 | def get(self, url): 1137 | """Return the document contents pointed to by an HTTPS URL. 1138 | 1139 | If something goes wrong (404, timeout, etc.), raise ExpectedError. 1140 | 1141 | """ 1142 | try: 1143 | return self._opener.open(url).read() 1144 | except (HTTPError, IOError) as exc: 1145 | raise ExpectedError("Couldn't download %s." % url, exc) 1146 | 1147 | 1148 | def write(contents, dir, filename): 1149 | """Write something to a file in a certain directory.""" 1150 | with open(join(dir, filename), 'w') as file: 1151 | file.write(contents) 1152 | 1153 | 1154 | def latest_stable_version(get): 1155 | """Return the latest stable release of letsencrypt.""" 1156 | metadata = loads(get( 1157 | environ.get('LE_AUTO_JSON_URL', 1158 | 'https://pypi.python.org/pypi/certbot/json'))) 1159 | # metadata['info']['version'] actually returns the latest of any kind of 1160 | # release release, contrary to https://wiki.python.org/moin/PyPIJSON. 1161 | # The regex is a sufficient regex for picking out prereleases for most 1162 | # packages, LE included. 1163 | return str(max(LooseVersion(r) for r 1164 | in metadata['releases'].iterkeys() 1165 | if re.match('^[0-9.]+$', r))) 1166 | 1167 | 1168 | def verified_new_le_auto(get, tag, temp_dir): 1169 | """Return the path to a verified, up-to-date letsencrypt-auto script. 1170 | 1171 | If the download's signature does not verify or something else goes wrong 1172 | with the verification process, raise ExpectedError. 1173 | 1174 | """ 1175 | le_auto_dir = environ.get( 1176 | 'LE_AUTO_DIR_TEMPLATE', 1177 | 'https://raw.githubusercontent.com/certbot/certbot/%s/' 1178 | 'letsencrypt-auto-source/') % tag 1179 | write(get(le_auto_dir + 'letsencrypt-auto'), temp_dir, 'letsencrypt-auto') 1180 | write(get(le_auto_dir + 'letsencrypt-auto.sig'), temp_dir, 'letsencrypt-auto.sig') 1181 | write(PUBLIC_KEY, temp_dir, 'public_key.pem') 1182 | try: 1183 | with open(devnull, 'w') as dev_null: 1184 | check_call(['openssl', 'dgst', '-sha256', '-verify', 1185 | join(temp_dir, 'public_key.pem'), 1186 | '-signature', 1187 | join(temp_dir, 'letsencrypt-auto.sig'), 1188 | join(temp_dir, 'letsencrypt-auto')], 1189 | stdout=dev_null, 1190 | stderr=dev_null) 1191 | except CalledProcessError as exc: 1192 | raise ExpectedError("Couldn't verify signature of downloaded " 1193 | "certbot-auto.", exc) 1194 | 1195 | 1196 | def main(): 1197 | get = HttpsGetter().get 1198 | flag = argv[1] 1199 | try: 1200 | if flag == '--latest-version': 1201 | print latest_stable_version(get) 1202 | elif flag == '--le-auto-script': 1203 | tag = argv[2] 1204 | verified_new_le_auto(get, tag, dirname(argv[0])) 1205 | except ExpectedError as exc: 1206 | print exc.args[0], exc.args[1] 1207 | return 1 1208 | else: 1209 | return 0 1210 | 1211 | 1212 | if __name__ == '__main__': 1213 | exit(main()) 1214 | 1215 | UNLIKELY_EOF 1216 | # --------------------------------------------------------------------------- 1217 | DeterminePythonVersion 1218 | if ! REMOTE_VERSION=`"$LE_PYTHON" "$TEMP_DIR/fetch.py" --latest-version` ; then 1219 | echo "WARNING: unable to check for updates." 1220 | elif [ "$LE_AUTO_VERSION" != "$REMOTE_VERSION" ]; then 1221 | echo "Upgrading certbot-auto $LE_AUTO_VERSION to $REMOTE_VERSION..." 1222 | 1223 | # Now we drop into Python so we don't have to install even more 1224 | # dependencies (curl, etc.), for better flow control, and for the option of 1225 | # future Windows compatibility. 1226 | "$LE_PYTHON" "$TEMP_DIR/fetch.py" --le-auto-script "v$REMOTE_VERSION" 1227 | 1228 | # Install new copy of certbot-auto. 1229 | # TODO: Deal with quotes in pathnames. 1230 | echo "Replacing certbot-auto..." 1231 | # Clone permissions with cp. chmod and chown don't have a --reference 1232 | # option on macOS or BSD, and stat -c on Linux is stat -f on macOS and BSD: 1233 | $SUDO cp -p "$0" "$TEMP_DIR/letsencrypt-auto.permission-clone" 1234 | $SUDO cp "$TEMP_DIR/letsencrypt-auto" "$TEMP_DIR/letsencrypt-auto.permission-clone" 1235 | # Using mv rather than cp leaves the old file descriptor pointing to the 1236 | # original copy so the shell can continue to read it unmolested. mv across 1237 | # filesystems is non-atomic, doing `rm dest, cp src dest, rm src`, but the 1238 | # cp is unlikely to fail (esp. under sudo) if the rm doesn't. 1239 | $SUDO mv -f "$TEMP_DIR/letsencrypt-auto.permission-clone" "$0" 1240 | fi # A newer version is available. 1241 | fi # Self-upgrading is allowed. 1242 | 1243 | "$0" --le-auto-phase2 "$@" 1244 | fi -------------------------------------------------------------------------------- /install/src/bt.init: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # chkconfig: 2345 55 25 3 | # description: bt Cloud Service 4 | 5 | ### BEGIN INIT INFO 6 | # Provides: bt 7 | # Required-Start: $all 8 | # Required-Stop: $all 9 | # Default-Start: 2 3 4 5 10 | # Default-Stop: 0 1 6 11 | # Short-Description: starts bt 12 | # Description: starts the bt 13 | ### END INIT INFO 14 | panel_path=/www/server/panel 15 | cd $panel_path 16 | panel_start() 17 | { 18 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 19 | if [ "$isStart" == '' ];then 20 | echo -e "Starting Bt-Panel... \c" 21 | if [ -f 'main.py' ];then 22 | python -m py_compile main.py 23 | fi 24 | nohup python main.pyc `cat data/port.pl` > /tmp/panelBoot.pl 2>&1 & 25 | sleep 0.2 26 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 27 | if [ "$isStart" == '' ];then 28 | echo -e "\033[31mfailed\033[0m" 29 | echo '------------------------------------------------------' 30 | cat /tmp/panelBoot.pl 31 | echo '------------------------------------------------------' 32 | echo -e "\033[31mError: BT-Panel service startup failed.\033[0m" 33 | return; 34 | fi 35 | echo -e "\033[32mdone\033[0m" 36 | else 37 | echo "Starting Bt-Panel... Bt-Panel (pid $isStart) already running" 38 | fi 39 | 40 | isStart=`ps aux |grep 'python task.pyc$'|awk '{print $2}'` 41 | if [ "$isStart" == '' ];then 42 | echo -e "Starting Bt-Tasks... \c" 43 | if [ -f 'task.py' ];then 44 | python -m py_compile task.py 45 | fi 46 | nohup python task.pyc > /tmp/panelTask.pl 2>&1 & 47 | sleep 0.2 48 | isStart=`ps aux |grep 'python task.pyc$'|awk '{print $2}'` 49 | if [ "$isStart" == '' ];then 50 | echo -e "\033[31mfailed\033[0m" 51 | echo '------------------------------------------------------' 52 | cat /tmp/panelTask.pl 53 | echo '------------------------------------------------------' 54 | echo -e "\033[31mError: BT-Task service startup failed.\033[0m" 55 | return; 56 | fi 57 | echo -e "\033[32mdone\033[0m" 58 | else 59 | echo "Starting Bt-Tasks... Bt-Tasks (pid $isStart) already running" 60 | fi 61 | } 62 | 63 | panel_stop() 64 | { 65 | echo -e "Stopping Bt-Tasks... \c"; 66 | pids=`ps aux | grep 'python task.pyc$'|awk '{print $2}'` 67 | arr=($pids) 68 | 69 | for p in ${arr[@]} 70 | do 71 | kill -9 $p 72 | done 73 | echo -e "\033[32mdone\033[0m" 74 | 75 | echo -e "Stopping Bt-Panel... \c"; 76 | pids=`ps aux | grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 77 | arr=($pids) 78 | 79 | for p in ${arr[@]} 80 | do 81 | kill -9 $p 82 | done 83 | echo -e "\033[32mdone\033[0m" 84 | } 85 | 86 | panel_status() 87 | { 88 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 89 | if [ "$isStart" != '' ];then 90 | echo -e "\033[32mBt-Panel (pid $isStart) already running\033[0m" 91 | else 92 | echo -e "\033[31mBt-Panel not running\033[0m" 93 | fi 94 | 95 | isStart=`ps aux |grep 'python task.pyc$'|awk '{print $2}'` 96 | if [ "$isStart" != '' ];then 97 | echo -e "\033[32mBt-Task (pid $isStart) already running\033[0m" 98 | else 99 | echo -e "\033[31mBt-Task not running\033[0m" 100 | fi 101 | } 102 | 103 | panel_reload() 104 | { 105 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 106 | if [ "$isStart" != '' ];then 107 | echo -e "Reload service Bt-Panel... \c" 108 | pids=`ps aux | grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 109 | arr=($pids) 110 | for p in ${arr[@]} 111 | do 112 | kill -9 $p 113 | done 114 | nohup python main.pyc `cat data/port.pl` >> /tmp/panelBoot.pl 2>&1 & 115 | if [ "$isStart" == '' ];then 116 | echo -e "\033[31mfailed\033[0m" 117 | echo '------------------------------------------------------' 118 | cat /tmp/panelBoot.pl 119 | echo '------------------------------------------------------' 120 | echo -e "\033[31mError: BT-Panel service startup failed.\033[0m" 121 | return; 122 | fi 123 | echo -e "\033[32mdone\033[0m" 124 | else 125 | echo -e "\033[31mBt-Panel not running\033[0m" 126 | fi 127 | } 128 | 129 | install_used() 130 | { 131 | if [ ! -f /www/server/panel/aliyun.pl ];then 132 | return; 133 | fi 134 | password=`cat /dev/urandom | head -n 16 | md5sum | head -c 12` 135 | username=`python /www/server/panel/tools.py panel $password` 136 | echo "$password" > /www/server/panel/default.pl 137 | rm -f /www/server/panel/aliyun.pl 138 | } 139 | 140 | 141 | case "$1" in 142 | 'start') 143 | install_used 144 | panel_start 145 | ;; 146 | 'stop') 147 | panel_stop 148 | ;; 149 | 'restart') 150 | panel_stop 151 | sleep 0.2 152 | panel_start 153 | ;; 154 | 'reload') 155 | panel_reload 156 | ;; 157 | 'status') 158 | panel_status 159 | ;; 160 | 'default') 161 | port=`cat /www/server/panel/data/port.pl` 162 | password=`cat /www/server/panel/default.pl` 163 | echo -e "==================================================================" 164 | echo -e "\033[32mBT-Panel default info!\033[0m" 165 | echo -e "\033[31m# 注意: 5.x系列Linux面板从2020年1月1日起终止维护,与技术支持,请考虑安装全新的7.x版本 宝塔官网: https://www.bt.cn\033[0m" 166 | echo -e "==================================================================" 167 | echo "Bt-Panel: http://IP:$port" 168 | echo -e `python /www/server/panel/tools.py username` 169 | echo -e "password: $password" 170 | echo -e "\033[33mWarning:\033[0m" 171 | echo -e "\033[33mIf you cannot access the panel, \033[0m" 172 | echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" 173 | echo -e "==================================================================" 174 | ;; 175 | *) 176 | echo "Usage: /etc/init.d/bt {start|stop|restart|reload|default}" 177 | ;; 178 | esac 179 | -------------------------------------------------------------------------------- /install/src/panel.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/install/src/panel.zip -------------------------------------------------------------------------------- /install/src/pip-9.0.1.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/install/src/pip-9.0.1.tar.gz -------------------------------------------------------------------------------- /install/src/psutil-5.2.2.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/install/src/psutil-5.2.2.tar.gz -------------------------------------------------------------------------------- /install/src/setuptools-33.1.1.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/install/src/setuptools-33.1.1.zip -------------------------------------------------------------------------------- /install/src/web.py-0.38.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/install/src/web.py-0.38.tar.gz -------------------------------------------------------------------------------- /install/update/LinuxPanel-5.9.2_pro.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/install/update/LinuxPanel-5.9.2_pro.zip -------------------------------------------------------------------------------- /install/update/LinuxPanel-5.9._pro.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/install/update/LinuxPanel-5.9._pro.zip -------------------------------------------------------------------------------- /install_soft.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | mtype=$1 5 | actionType=$2 6 | name=$3 7 | version=$4 8 | . /www/server/panel/install/public.sh 9 | serverUrl=$NODE_URL/install 10 | 11 | if [ ! -f 'lib.sh' ]; then 12 | wget -O lib.sh $serverUrl/$mtype/lib.sh 13 | fi 14 | 15 | if [ ! -f ${name}'.sh' ]; then 16 | wget -O $name.sh $serverUrl/$mtype/$name.sh 17 | fi 18 | 19 | if [ "$actionType" == 'install' ]; then 20 | bash lib.sh 21 | fi 22 | 23 | bash $name.sh $actionType $version 24 | -------------------------------------------------------------------------------- /installer_components/LuaJIT-2.0.5.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/installer_components/LuaJIT-2.0.5.zip -------------------------------------------------------------------------------- /installer_components/bt.init: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # chkconfig: 2345 55 25 3 | # description: bt Cloud Service 4 | 5 | ### BEGIN INIT INFO 6 | # Provides: bt 7 | # Required-Start: $all 8 | # Required-Stop: $all 9 | # Default-Start: 2 3 4 5 10 | # Default-Stop: 0 1 6 11 | # Short-Description: starts bt 12 | # Description: starts the bt 13 | ### END INIT INFO 14 | panel_path=/www/server/panel 15 | cd $panel_path 16 | panel_start() 17 | { 18 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 19 | if [ "$isStart" == '' ];then 20 | echo -e "Starting Bt-Panel... \c" 21 | if [ -f 'main.py' ];then 22 | python -m py_compile main.py 23 | fi 24 | nohup python main.pyc `cat data/port.pl` > /tmp/panelBoot.pl 2>&1 & 25 | sleep 0.2 26 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 27 | if [ "$isStart" == '' ];then 28 | echo -e "\033[31mfailed\033[0m" 29 | echo '------------------------------------------------------' 30 | cat /tmp/panelBoot.pl 31 | echo '------------------------------------------------------' 32 | echo -e "\033[31mError: BT-Panel service startup failed.\033[0m" 33 | return; 34 | fi 35 | echo -e "\033[32mdone\033[0m" 36 | else 37 | echo "Starting Bt-Panel... Bt-Panel (pid $isStart) already running" 38 | fi 39 | 40 | isStart=`ps aux |grep 'python task.pyc$'|awk '{print $2}'` 41 | if [ "$isStart" == '' ];then 42 | echo -e "Starting Bt-Tasks... \c" 43 | if [ -f 'task.py' ];then 44 | python -m py_compile task.py 45 | fi 46 | nohup python task.pyc > /tmp/panelTask.pl 2>&1 & 47 | sleep 0.2 48 | isStart=`ps aux |grep 'python task.pyc$'|awk '{print $2}'` 49 | if [ "$isStart" == '' ];then 50 | echo -e "\033[31mfailed\033[0m" 51 | echo '------------------------------------------------------' 52 | cat /tmp/panelTask.pl 53 | echo '------------------------------------------------------' 54 | echo -e "\033[31mError: BT-Task service startup failed.\033[0m" 55 | return; 56 | fi 57 | echo -e "\033[32mdone\033[0m" 58 | else 59 | echo "Starting Bt-Tasks... Bt-Tasks (pid $isStart) already running" 60 | fi 61 | } 62 | 63 | panel_stop() 64 | { 65 | echo -e "Stopping Bt-Tasks... \c"; 66 | pids=`ps aux | grep 'python task.pyc$'|awk '{print $2}'` 67 | arr=($pids) 68 | 69 | for p in ${arr[@]} 70 | do 71 | kill -9 $p 72 | done 73 | echo -e "\033[32mdone\033[0m" 74 | 75 | echo -e "Stopping Bt-Panel... \c"; 76 | pids=`ps aux | grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 77 | arr=($pids) 78 | 79 | for p in ${arr[@]} 80 | do 81 | kill -9 $p 82 | done 83 | echo -e "\033[32mdone\033[0m" 84 | } 85 | 86 | panel_status() 87 | { 88 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 89 | if [ "$isStart" != '' ];then 90 | echo -e "\033[32mBt-Panel (pid $isStart) already running\033[0m" 91 | else 92 | echo -e "\033[31mBt-Panel not running\033[0m" 93 | fi 94 | 95 | isStart=`ps aux |grep 'python task.pyc$'|awk '{print $2}'` 96 | if [ "$isStart" != '' ];then 97 | echo -e "\033[32mBt-Task (pid $isStart) already running\033[0m" 98 | else 99 | echo -e "\033[31mBt-Task not running\033[0m" 100 | fi 101 | } 102 | 103 | panel_reload() 104 | { 105 | isStart=`ps aux |grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 106 | if [ "$isStart" != '' ];then 107 | echo -e "Reload service Bt-Panel... \c" 108 | pids=`ps aux | grep 'python main.pyc'|grep -v grep|awk '{print $2}'` 109 | arr=($pids) 110 | for p in ${arr[@]} 111 | do 112 | kill -9 $p 113 | done 114 | nohup python main.pyc `cat data/port.pl` >> /tmp/panelBoot.pl 2>&1 & 115 | if [ "$isStart" == '' ];then 116 | echo -e "\033[31mfailed\033[0m" 117 | echo '------------------------------------------------------' 118 | cat /tmp/panelBoot.pl 119 | echo '------------------------------------------------------' 120 | echo -e "\033[31mError: BT-Panel service startup failed.\033[0m" 121 | return; 122 | fi 123 | echo -e "\033[32mdone\033[0m" 124 | else 125 | echo -e "\033[31mBt-Panel not running\033[0m" 126 | fi 127 | } 128 | 129 | install_used() 130 | { 131 | if [ ! -f /www/server/panel/aliyun.pl ];then 132 | return; 133 | fi 134 | password=`cat /dev/urandom | head -n 16 | md5sum | head -c 12` 135 | username=`python /www/server/panel/tools.py panel $password` 136 | echo "$password" > /www/server/panel/default.pl 137 | rm -f /www/server/panel/aliyun.pl 138 | } 139 | 140 | 141 | case "$1" in 142 | 'start') 143 | install_used 144 | panel_start 145 | ;; 146 | 'stop') 147 | panel_stop 148 | ;; 149 | 'restart') 150 | panel_stop 151 | sleep 0.2 152 | panel_start 153 | ;; 154 | 'reload') 155 | panel_reload 156 | ;; 157 | 'status') 158 | panel_status 159 | ;; 160 | 'default') 161 | port=`cat /www/server/panel/data/port.pl` 162 | password=`cat /www/server/panel/default.pl` 163 | echo -e "==================================================================" 164 | echo -e "\033[32mBT-Panel default info!\033[0m" 165 | echo -e "==================================================================" 166 | echo "Bt-Panel: http://IP:$port" 167 | echo -e `python /www/server/panel/tools.py username` 168 | echo -e "password: $password" 169 | echo -e "\033[33mWarning:\033[0m" 170 | echo -e "\033[33mIf you cannot access the panel, \033[0m" 171 | echo -e "\033[33mrelease the following port (8888|888|80|443|20|21) in the security group\033[0m" 172 | echo -e "==================================================================" 173 | ;; 174 | *) 175 | echo "Usage: /etc/init.d/bt {start|stop|restart|reload|default}" 176 | ;; 177 | esac 178 | -------------------------------------------------------------------------------- /installer_components/certbot-auto.init: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Download and run the latest release version of the Certbot client. 4 | # 5 | # NOTE: THIS SCRIPT IS AUTO-GENERATED AND SELF-UPDATING 6 | # 7 | # IF YOU WANT TO EDIT IT LOCALLY, *ALWAYS* RUN YOUR COPY WITH THE 8 | # "--no-self-upgrade" FLAG 9 | # 10 | # IF YOU WANT TO SEND PULL REQUESTS, THE REAL SOURCE FOR THIS FILE IS 11 | # letsencrypt-auto-source/letsencrypt-auto.template AND 12 | # letsencrypt-auto-source/pieces/bootstrappers/* 13 | 14 | set -e # Work even if somebody does "sh thisscript.sh". 15 | 16 | if [ -f "/root/.pip/pip.conf" ]; then 17 | mv -f ~/.pip/pip.conf ~/.pip/pip.conf.bak 18 | fi 19 | 20 | # Note: you can set XDG_DATA_HOME or VENV_PATH before running this script, 21 | # if you want to change where the virtual environment will be installed 22 | if [ -z "$XDG_DATA_HOME" ]; then 23 | XDG_DATA_HOME=~/.local/share 24 | fi 25 | VENV_NAME="letsencrypt" 26 | if [ -z "$VENV_PATH" ]; then 27 | VENV_PATH="$XDG_DATA_HOME/$VENV_NAME" 28 | fi 29 | VENV_BIN="$VENV_PATH/bin" 30 | LE_AUTO_VERSION="0.12.0" 31 | BASENAME=$(basename $0) 32 | USAGE="Usage: $BASENAME [OPTIONS] 33 | A self-updating wrapper script for the Certbot ACME client. When run, updates 34 | to both this script and certbot will be downloaded and installed. After 35 | ensuring you have the latest versions installed, certbot will be invoked with 36 | all arguments you have provided. 37 | 38 | Help for certbot itself cannot be provided until it is installed. 39 | 40 | --debug attempt experimental installation 41 | -h, --help print this help 42 | -n, --non-interactive, --noninteractive run without asking for user input 43 | --no-self-upgrade do not download updates 44 | --os-packages-only install OS dependencies and exit 45 | -v, --verbose provide more output 46 | -q, --quiet provide only update/error output; 47 | implies --non-interactive 48 | 49 | All arguments are accepted and forwarded to the Certbot client when run." 50 | 51 | for arg in "$@" ; do 52 | case "$arg" in 53 | --debug) 54 | DEBUG=1;; 55 | --os-packages-only) 56 | OS_PACKAGES_ONLY=1;; 57 | --no-self-upgrade) 58 | # Do not upgrade this script (also prevents client upgrades, because each 59 | # copy of the script pins a hash of the python client) 60 | NO_SELF_UPGRADE=1;; 61 | --help) 62 | HELP=1;; 63 | --noninteractive|--non-interactive) 64 | ASSUME_YES=1;; 65 | --quiet) 66 | QUIET=1;; 67 | --verbose) 68 | VERBOSE=1;; 69 | -[!-]*) 70 | OPTIND=1 71 | while getopts ":hnvq" short_arg $arg; do 72 | case "$short_arg" in 73 | h) 74 | HELP=1;; 75 | n) 76 | ASSUME_YES=1;; 77 | q) 78 | QUIET=1;; 79 | v) 80 | VERBOSE=1;; 81 | esac 82 | done;; 83 | esac 84 | done 85 | 86 | if [ $BASENAME = "letsencrypt-auto" ]; then 87 | # letsencrypt-auto does not respect --help or --yes for backwards compatibility 88 | ASSUME_YES=1 89 | HELP=0 90 | fi 91 | 92 | # Set ASSUME_YES to 1 if QUIET (i.e. --quiet implies --non-interactive) 93 | if [ "$QUIET" = 1 ]; then 94 | ASSUME_YES=1 95 | fi 96 | 97 | # Support for busybox and others where there is no "command", 98 | # but "which" instead 99 | if command -v command > /dev/null 2>&1 ; then 100 | export EXISTS="command -v" 101 | elif which which > /dev/null 2>&1 ; then 102 | export EXISTS="which" 103 | else 104 | echo "Cannot find command nor which... please install one!" 105 | exit 1 106 | fi 107 | 108 | # certbot-auto needs root access to bootstrap OS dependencies, and 109 | # certbot itself needs root access for almost all modes of operation 110 | # The "normal" case is that sudo is used for the steps that need root, but 111 | # this script *can* be run as root (not recommended), or fall back to using 112 | # `su`. Auto-detection can be overridden by explicitly setting the 113 | # environment variable LE_AUTO_SUDO to 'sudo', 'sudo_su' or '' as used below. 114 | 115 | # Because the parameters in `su -c` has to be a string, 116 | # we need to properly escape it. 117 | su_sudo() { 118 | args="" 119 | # This `while` loop iterates over all parameters given to this function. 120 | # For each parameter, all `'` will be replace by `'"'"'`, and the escaped string 121 | # will be wrapped in a pair of `'`, then appended to `$args` string 122 | # For example, `echo "It's only 1\$\!"` will be escaped to: 123 | # 'echo' 'It'"'"'s only 1$!' 124 | # │ │└┼┘│ 125 | # │ │ │ └── `'s only 1$!'` the literal string 126 | # │ │ └── `\"'\"` is a single quote (as a string) 127 | # │ └── `'It'`, to be concatenated with the strings following it 128 | # └── `echo` wrapped in a pair of `'`, it's totally fine for the shell command itself 129 | while [ $# -ne 0 ]; do 130 | args="$args'$(printf "%s" "$1" | sed -e "s/'/'\"'\"'/g")' " 131 | shift 132 | done 133 | su root -c "$args" 134 | } 135 | 136 | SUDO_ENV="" 137 | export CERTBOT_AUTO="$0" 138 | if [ -n "${LE_AUTO_SUDO+x}" ]; then 139 | case "$LE_AUTO_SUDO" in 140 | su_sudo|su) 141 | SUDO=su_sudo 142 | ;; 143 | sudo) 144 | SUDO=sudo 145 | SUDO_ENV="CERTBOT_AUTO=$0" 146 | ;; 147 | '') ;; # Nothing to do for plain root method. 148 | *) 149 | echo "Error: unknown root authorization mechanism '$LE_AUTO_SUDO'." 150 | exit 1 151 | esac 152 | echo "Using preset root authorization mechanism '$LE_AUTO_SUDO'." 153 | else 154 | if test "`id -u`" -ne "0" ; then 155 | if $EXISTS sudo 1>/dev/null 2>&1; then 156 | SUDO=sudo 157 | SUDO_ENV="CERTBOT_AUTO=$0" 158 | else 159 | echo \"sudo\" is not available, will use \"su\" for installation steps... 160 | SUDO=su_sudo 161 | fi 162 | else 163 | SUDO= 164 | fi 165 | fi 166 | 167 | ExperimentalBootstrap() { 168 | # Arguments: Platform name, bootstrap function name 169 | if [ "$DEBUG" = 1 ]; then 170 | if [ "$2" != "" ]; then 171 | echo "Bootstrapping dependencies via $1..." 172 | $2 173 | fi 174 | else 175 | echo "FATAL: $1 support is very experimental at present..." 176 | echo "if you would like to work on improving it, please ensure you have backups" 177 | echo "and then run this script again with the --debug flag!" 178 | exit 1 179 | fi 180 | } 181 | 182 | DeterminePythonVersion() { 183 | for LE_PYTHON in "$LE_PYTHON" python2.7 python27 python2 python; do 184 | # Break (while keeping the LE_PYTHON value) if found. 185 | $EXISTS "$LE_PYTHON" > /dev/null && break 186 | done 187 | if [ "$?" != "0" ]; then 188 | echo "Cannot find any Pythons; please install one!" 189 | exit 1 190 | fi 191 | export LE_PYTHON 192 | 193 | PYVER=`"$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//'` 194 | if [ "$PYVER" -lt 26 ]; then 195 | echo "You have an ancient version of Python entombed in your operating system..." 196 | echo "This isn't going to work; you'll need at least version 2.6." 197 | exit 1 198 | fi 199 | } 200 | 201 | BootstrapDebCommon() { 202 | # Current version tested with: 203 | # 204 | # - Ubuntu 205 | # - 14.04 (x64) 206 | # - 15.04 (x64) 207 | # - Debian 208 | # - 7.9 "wheezy" (x64) 209 | # - sid (2015-10-21) (x64) 210 | 211 | # Past versions tested with: 212 | # 213 | # - Debian 8.0 "jessie" (x64) 214 | # - Raspbian 7.8 (armhf) 215 | 216 | # Believed not to work: 217 | # 218 | # - Debian 6.0.10 "squeeze" (x64) 219 | 220 | if [ "$QUIET" = 1 ]; then 221 | QUIET_FLAG='-qq' 222 | fi 223 | 224 | $SUDO apt-get $QUIET_FLAG update || echo apt-get update hit problems but continuing anyway... 225 | 226 | # virtualenv binary can be found in different packages depending on 227 | # distro version (#346) 228 | 229 | virtualenv= 230 | # virtual env is known to apt and is installable 231 | if apt-cache show virtualenv > /dev/null 2>&1 ; then 232 | if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then 233 | virtualenv="virtualenv" 234 | fi 235 | fi 236 | 237 | if apt-cache show python-virtualenv > /dev/null 2>&1; then 238 | virtualenv="$virtualenv python-virtualenv" 239 | fi 240 | 241 | augeas_pkg="libaugeas0 augeas-lenses" 242 | AUGVERSION=`LC_ALL=C apt-cache show --no-all-versions libaugeas0 | grep ^Version: | cut -d" " -f2` 243 | 244 | if [ "$ASSUME_YES" = 1 ]; then 245 | YES_FLAG="-y" 246 | fi 247 | 248 | AddBackportRepo() { 249 | # ARGS: 250 | BACKPORT_NAME="$1" 251 | BACKPORT_SOURCELINE="$2" 252 | echo "To use the Apache Certbot plugin, augeas needs to be installed from $BACKPORT_NAME." 253 | if ! grep -v -e ' *#' /etc/apt/sources.list | grep -q "$BACKPORT_NAME" ; then 254 | # This can theoretically error if sources.list.d is empty, but in that case we don't care. 255 | if ! grep -v -e ' *#' /etc/apt/sources.list.d/* 2>/dev/null | grep -q "$BACKPORT_NAME"; then 256 | if [ "$ASSUME_YES" = 1 ]; then 257 | /bin/echo -n "Installing augeas from $BACKPORT_NAME in 3 seconds..." 258 | sleep 1s 259 | /bin/echo -ne "\e[0K\rInstalling augeas from $BACKPORT_NAME in 2 seconds..." 260 | sleep 1s 261 | /bin/echo -e "\e[0K\rInstalling augeas from $BACKPORT_NAME in 1 second ..." 262 | sleep 1s 263 | add_backports=1 264 | else 265 | read -p "Would you like to enable the $BACKPORT_NAME repository [Y/n]? " response 266 | case $response in 267 | [yY][eE][sS]|[yY]|"") 268 | add_backports=1;; 269 | *) 270 | add_backports=0;; 271 | esac 272 | fi 273 | if [ "$add_backports" = 1 ]; then 274 | $SUDO sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list" 275 | $SUDO apt-get $QUIET_FLAG update 276 | fi 277 | fi 278 | fi 279 | if [ "$add_backports" != 0 ]; then 280 | $SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends -t "$BACKPORT_NAME" $augeas_pkg 281 | augeas_pkg= 282 | fi 283 | } 284 | 285 | 286 | if dpkg --compare-versions 1.0 gt "$AUGVERSION" ; then 287 | if lsb_release -a | grep -q wheezy ; then 288 | AddBackportRepo wheezy-backports "deb http://http.debian.net/debian wheezy-backports main" 289 | elif lsb_release -a | grep -q precise ; then 290 | # XXX add ARM case 291 | AddBackportRepo precise-backports "deb http://archive.ubuntu.com/ubuntu precise-backports main restricted universe multiverse" 292 | else 293 | echo "No libaugeas0 version is available that's new enough to run the" 294 | echo "Certbot apache plugin..." 295 | fi 296 | # XXX add a case for ubuntu PPAs 297 | fi 298 | 299 | $SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends \ 300 | python \ 301 | python-dev \ 302 | $virtualenv \ 303 | gcc \ 304 | $augeas_pkg \ 305 | libssl-dev \ 306 | openssl \ 307 | libffi-dev \ 308 | ca-certificates \ 309 | 310 | 311 | if ! $EXISTS virtualenv > /dev/null ; then 312 | echo Failed to install a working \"virtualenv\" command, exiting 313 | exit 1 314 | fi 315 | } 316 | 317 | BootstrapRpmCommon() { 318 | # Tested with: 319 | # - Fedora 20, 21, 22, 23 (x64) 320 | # - Centos 7 (x64: on DigitalOcean droplet) 321 | # - CentOS 7 Minimal install in a Hyper-V VM 322 | # - CentOS 6 (EPEL must be installed manually) 323 | 324 | if type dnf 2>/dev/null 325 | then 326 | tool=dnf 327 | elif type yum 2>/dev/null 328 | then 329 | tool=yum 330 | 331 | else 332 | echo "Neither yum nor dnf found. Aborting bootstrap!" 333 | exit 1 334 | fi 335 | 336 | if [ "$ASSUME_YES" = 1 ]; then 337 | yes_flag="-y" 338 | fi 339 | if [ "$QUIET" = 1 ]; then 340 | QUIET_FLAG='--quiet' 341 | fi 342 | 343 | if ! $SUDO $tool list *virtualenv >/dev/null 2>&1; then 344 | echo "To use Certbot, packages from the EPEL repository need to be installed." 345 | if ! $SUDO $tool list epel-release >/dev/null 2>&1; then 346 | echo "Please enable this repository and try running Certbot again." 347 | exit 1 348 | fi 349 | if [ "$ASSUME_YES" = 1 ]; then 350 | /bin/echo -n "Enabling the EPEL repository in 3 seconds..." 351 | sleep 1s 352 | /bin/echo -ne "\e[0K\rEnabling the EPEL repository in 2 seconds..." 353 | sleep 1s 354 | /bin/echo -e "\e[0K\rEnabling the EPEL repository in 1 seconds..." 355 | sleep 1s 356 | fi 357 | if ! $SUDO $tool install $yes_flag $QUIET_FLAG epel-release; then 358 | echo "Could not enable EPEL. Aborting bootstrap!" 359 | exit 1 360 | fi 361 | fi 362 | 363 | pkgs=" 364 | gcc 365 | augeas-libs 366 | openssl 367 | openssl-devel 368 | libffi-devel 369 | redhat-rpm-config 370 | ca-certificates 371 | " 372 | 373 | # Some distros and older versions of current distros use a "python27" 374 | # instead of "python" naming convention. Try both conventions. 375 | if $SUDO $tool list python >/dev/null 2>&1; then 376 | pkgs="$pkgs 377 | python 378 | python-devel 379 | python-virtualenv 380 | python-tools 381 | python-pip 382 | " 383 | else 384 | pkgs="$pkgs 385 | python27 386 | python27-devel 387 | python27-virtualenv 388 | python27-tools 389 | python27-pip 390 | " 391 | fi 392 | 393 | if $SUDO $tool list installed "httpd" >/dev/null 2>&1; then 394 | pkgs="$pkgs 395 | mod_ssl 396 | " 397 | fi 398 | 399 | if ! $SUDO $tool install $yes_flag $QUIET_FLAG $pkgs; then 400 | echo "Could not install OS dependencies. Aborting bootstrap!" 401 | exit 1 402 | fi 403 | } 404 | 405 | BootstrapSuseCommon() { 406 | # SLE12 don't have python-virtualenv 407 | 408 | if [ "$ASSUME_YES" = 1 ]; then 409 | zypper_flags="-nq" 410 | install_flags="-l" 411 | fi 412 | 413 | if [ "$QUIET" = 1 ]; then 414 | QUIET_FLAG='-qq' 415 | fi 416 | 417 | $SUDO zypper $QUIET_FLAG $zypper_flags in $install_flags \ 418 | python \ 419 | python-devel \ 420 | python-virtualenv \ 421 | gcc \ 422 | augeas-lenses \ 423 | libopenssl-devel \ 424 | libffi-devel \ 425 | ca-certificates 426 | } 427 | 428 | BootstrapArchCommon() { 429 | # Tested with: 430 | # - ArchLinux (x86_64) 431 | # 432 | # "python-virtualenv" is Python3, but "python2-virtualenv" provides 433 | # only "virtualenv2" binary, not "virtualenv" necessary in 434 | # ./tools/_venv_common.sh 435 | 436 | deps=" 437 | python2 438 | python-virtualenv 439 | gcc 440 | augeas 441 | openssl 442 | libffi 443 | ca-certificates 444 | pkg-config 445 | " 446 | 447 | # pacman -T exits with 127 if there are missing dependencies 448 | missing=$($SUDO pacman -T $deps) || true 449 | 450 | if [ "$ASSUME_YES" = 1 ]; then 451 | noconfirm="--noconfirm" 452 | fi 453 | 454 | if [ "$missing" ]; then 455 | if [ "$QUIET" = 1]; then 456 | $SUDO pacman -S --needed $missing $noconfirm > /dev/null 457 | else 458 | $SUDO pacman -S --needed $missing $noconfirm 459 | fi 460 | fi 461 | } 462 | 463 | BootstrapGentooCommon() { 464 | PACKAGES=" 465 | dev-lang/python:2.7 466 | dev-python/virtualenv 467 | app-admin/augeas 468 | dev-libs/openssl 469 | dev-libs/libffi 470 | app-misc/ca-certificates 471 | virtual/pkgconfig" 472 | 473 | ASK_OPTION="--ask" 474 | if [ "$ASSUME_YES" = 1 ]; then 475 | ASK_OPTION="" 476 | fi 477 | 478 | case "$PACKAGE_MANAGER" in 479 | (paludis) 480 | $SUDO cave resolve --preserve-world --keep-targets if-possible $PACKAGES -x 481 | ;; 482 | (pkgcore) 483 | $SUDO pmerge --noreplace --oneshot $ASK_OPTION $PACKAGES 484 | ;; 485 | (portage|*) 486 | $SUDO emerge --noreplace --oneshot $ASK_OPTION $PACKAGES 487 | ;; 488 | esac 489 | } 490 | 491 | BootstrapFreeBsd() { 492 | if [ "$QUIET" = 1 ]; then 493 | QUIET_FLAG="--quiet" 494 | fi 495 | 496 | $SUDO pkg install -Ay $QUIET_FLAG \ 497 | python \ 498 | py27-virtualenv \ 499 | augeas \ 500 | libffi 501 | } 502 | 503 | BootstrapMac() { 504 | if hash brew 2>/dev/null; then 505 | echo "Using Homebrew to install dependencies..." 506 | pkgman=brew 507 | pkgcmd="brew install" 508 | elif hash port 2>/dev/null; then 509 | echo "Using MacPorts to install dependencies..." 510 | pkgman=port 511 | pkgcmd="$SUDO port install" 512 | else 513 | echo "No Homebrew/MacPorts; installing Homebrew..." 514 | ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" 515 | pkgman=brew 516 | pkgcmd="brew install" 517 | fi 518 | 519 | $pkgcmd augeas 520 | if [ "$(which python)" = "/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python" \ 521 | -o "$(which python)" = "/usr/bin/python" ]; then 522 | # We want to avoid using the system Python because it requires root to use pip. 523 | # python.org, MacPorts or HomeBrew Python installations should all be OK. 524 | echo "Installing python..." 525 | $pkgcmd python 526 | fi 527 | 528 | # Workaround for _dlopen not finding augeas on macOS 529 | if [ "$pkgman" = "port" ] && ! [ -e "/usr/local/lib/libaugeas.dylib" ] && [ -e "/opt/local/lib/libaugeas.dylib" ]; then 530 | echo "Applying augeas workaround" 531 | $SUDO mkdir -p /usr/local/lib/ 532 | $SUDO ln -s /opt/local/lib/libaugeas.dylib /usr/local/lib/ 533 | fi 534 | 535 | if ! hash pip 2>/dev/null; then 536 | echo "pip not installed" 537 | echo "Installing pip..." 538 | curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python 539 | fi 540 | 541 | if ! hash virtualenv 2>/dev/null; then 542 | echo "virtualenv not installed." 543 | echo "Installing with pip..." 544 | pip install virtualenv 545 | fi 546 | } 547 | 548 | BootstrapSmartOS() { 549 | pkgin update 550 | pkgin -y install 'gcc49' 'py27-augeas' 'py27-virtualenv' 551 | } 552 | 553 | BootstrapMageiaCommon() { 554 | if [ "$QUIET" = 1 ]; then 555 | QUIET_FLAG='--quiet' 556 | fi 557 | 558 | if ! $SUDO urpmi --force $QUIET_FLAG \ 559 | python \ 560 | libpython-devel \ 561 | python-virtualenv 562 | then 563 | echo "Could not install Python dependencies. Aborting bootstrap!" 564 | exit 1 565 | fi 566 | 567 | if ! $SUDO urpmi --force $QUIET_FLAG \ 568 | git \ 569 | gcc \ 570 | python-augeas \ 571 | libopenssl-devel \ 572 | libffi-devel \ 573 | rootcerts 574 | then 575 | echo "Could not install additional dependencies. Aborting bootstrap!" 576 | exit 1 577 | fi 578 | } 579 | 580 | 581 | # Install required OS packages: 582 | Bootstrap() { 583 | if [ -f /etc/debian_version ]; then 584 | echo "Bootstrapping dependencies for Debian-based OSes..." 585 | BootstrapDebCommon 586 | elif [ -f /etc/mageia-release ] ; then 587 | # Mageia has both /etc/mageia-release and /etc/redhat-release 588 | ExperimentalBootstrap "Mageia" BootstrapMageiaCommon 589 | elif [ -f /etc/redhat-release ]; then 590 | echo "Bootstrapping dependencies for RedHat-based OSes..." 591 | BootstrapRpmCommon 592 | elif [ -f /etc/os-release ] && `grep -q openSUSE /etc/os-release` ; then 593 | echo "Bootstrapping dependencies for openSUSE-based OSes..." 594 | BootstrapSuseCommon 595 | elif [ -f /etc/arch-release ]; then 596 | if [ "$DEBUG" = 1 ]; then 597 | echo "Bootstrapping dependencies for Archlinux..." 598 | BootstrapArchCommon 599 | else 600 | echo "Please use pacman to install letsencrypt packages:" 601 | echo "# pacman -S certbot certbot-apache" 602 | echo 603 | echo "If you would like to use the virtualenv way, please run the script again with the" 604 | echo "--debug flag." 605 | exit 1 606 | fi 607 | elif [ -f /etc/manjaro-release ]; then 608 | ExperimentalBootstrap "Manjaro Linux" BootstrapArchCommon 609 | elif [ -f /etc/gentoo-release ]; then 610 | ExperimentalBootstrap "Gentoo" BootstrapGentooCommon 611 | elif uname | grep -iq FreeBSD ; then 612 | ExperimentalBootstrap "FreeBSD" BootstrapFreeBsd 613 | elif uname | grep -iq Darwin ; then 614 | ExperimentalBootstrap "macOS" BootstrapMac 615 | elif [ -f /etc/issue ] && grep -iq "Amazon Linux" /etc/issue ; then 616 | ExperimentalBootstrap "Amazon Linux" BootstrapRpmCommon 617 | elif [ -f /etc/product ] && grep -q "Joyent Instance" /etc/product ; then 618 | ExperimentalBootstrap "Joyent SmartOS Zone" BootstrapSmartOS 619 | else 620 | echo "Sorry, I don't know how to bootstrap Certbot on your operating system!" 621 | echo 622 | echo "You will need to bootstrap, configure virtualenv, and run pip install manually." 623 | echo "Please see https://letsencrypt.readthedocs.org/en/latest/contributing.html#prerequisites" 624 | echo "for more info." 625 | exit 1 626 | fi 627 | } 628 | 629 | TempDir() { 630 | mktemp -d 2>/dev/null || mktemp -d -t 'le' # Linux || macOS 631 | } 632 | 633 | 634 | 635 | if [ "$1" = "--le-auto-phase2" ]; then 636 | # Phase 2: Create venv, install LE, and run. 637 | 638 | shift 1 # the --le-auto-phase2 arg 639 | if [ -f "$VENV_BIN/letsencrypt" ]; then 640 | # --version output ran through grep due to python-cryptography DeprecationWarnings 641 | # grep for both certbot and letsencrypt until certbot and shim packages have been released 642 | INSTALLED_VERSION=$("$VENV_BIN/letsencrypt" --version 2>&1 | grep "^certbot\|^letsencrypt" | cut -d " " -f 2) 643 | if [ -z "$INSTALLED_VERSION" ]; then 644 | echo "Error: couldn't get currently installed version for $VENV_BIN/letsencrypt: " 1>&2 645 | "$VENV_BIN/letsencrypt" --version 646 | exit 1 647 | fi 648 | else 649 | INSTALLED_VERSION="none" 650 | fi 651 | if [ "$LE_AUTO_VERSION" != "$INSTALLED_VERSION" ]; then 652 | echo "Creating virtual environment..." 653 | DeterminePythonVersion 654 | rm -rf "$VENV_PATH" 655 | if [ "$VERBOSE" = 1 ]; then 656 | virtualenv --no-site-packages --python "$LE_PYTHON" "$VENV_PATH" 657 | else 658 | virtualenv --no-site-packages --python "$LE_PYTHON" "$VENV_PATH" > /dev/null 659 | fi 660 | 661 | echo "Installing Python packages..." 662 | TEMP_DIR=$(TempDir) 663 | trap 'rm -rf "$TEMP_DIR"' EXIT 664 | # There is no $ interpolation due to quotes on starting heredoc delimiter. 665 | # ------------------------------------------------------------------------- 666 | cat << "UNLIKELY_EOF" > "$TEMP_DIR/letsencrypt-auto-requirements.txt" 667 | # This is the flattened list of packages certbot-auto installs. To generate 668 | # this, do 669 | # `pip install --no-cache-dir -e acme -e . -e certbot-apache -e certbot-nginx`, 670 | # and then use `hashin` or a more secure method to gather the hashes. 671 | 672 | # Hashin example: 673 | # pip install hashin 674 | # hashin -r letsencrypt-auto-requirements.txt cryptography==1.5.2 675 | # sets the new certbot-auto pinned version of cryptography to 1.5.2 676 | 677 | argparse==1.4.0 \ 678 | --hash=sha256:c31647edb69fd3d465a847ea3157d37bed1f95f19760b11a47aa91c04b666314 \ 679 | --hash=sha256:62b089a55be1d8949cd2bc7e0df0bddb9e028faefc8c32038cc84862aefdd6e4 680 | 681 | # This comes before cffi because cffi will otherwise install an unchecked 682 | # version via setup_requires. 683 | pycparser==2.14 \ 684 | --hash=sha256:7959b4a74abdc27b312fed1c21e6caf9309ce0b29ea86b591fd2e99ecdf27f73 \ 685 | --no-binary pycparser 686 | 687 | cffi==1.4.2 \ 688 | --hash=sha256:53c1c9ddb30431513eb7f3cdef0a3e06b0f1252188aaa7744af0f5a4cd45dbaf \ 689 | --hash=sha256:a568f49dfca12a8d9f370187257efc58a38109e1eee714d928561d7a018a64f8 \ 690 | --hash=sha256:809c6ca8cfbcaeebfbd432b4576001b40d38ff2463773cb57577d75e1a020bc3 \ 691 | --hash=sha256:86cdca2cd9cba41422230390df17dfeaa9f344a911e3975c8be9da57b35548e9 \ 692 | --hash=sha256:24b13db84aec385ca23c7b8ded83ef8bb4177bc181d14758f9f975be5d020d86 \ 693 | --hash=sha256:969aeffd7c0e097f6be1efd682c156ae226591a0793a94b6c2d5e4293f4c8d4e \ 694 | --hash=sha256:000f358d4b0fa249feaab9c1ce7d5b2fe7e02e7bdf6806c26418505fc685e268 \ 695 | --hash=sha256:a9d86f460bbd8358a2d513ad779e3f3fc878e3b93a00b5002faebf616ffe6b9c \ 696 | --hash=sha256:3127b3ab33eb23ccac071f9a0802748e5cf7c5cbcd02482bb063e35b41dbb0b0 \ 697 | --hash=sha256:e2b2d42236469a40224d39e7b6c60575f388b2f423f354c7ee90a5b7f58c8065 \ 698 | --hash=sha256:8c2dccafee89b1b424b0bec6ad2dd9622c949d2024e929f5da1ed801eac75f1d \ 699 | --hash=sha256:a4de7a4d11aed488bab4fb14f4988587a829bece5a20433f780d6e33b08083cb \ 700 | --hash=sha256:5ca8fe30425265a49274e4b0213a1bc98f4b13449ae5e96f984771e5d83e58c1 \ 701 | --hash=sha256:a4fd38802f59e714eba81a024f62db710b27dbe27a7ea12e911537327aa84d30 \ 702 | --hash=sha256:86cd6912bbc83e9405d4a73cd7f4b4ee8353652d2dbc7c820106ed5b4d1bab3a \ 703 | --hash=sha256:8f1d177d364ea35900415ae24ca3e471be3d5334ed0419294068c49f45913998 704 | ConfigArgParse==0.10.0 \ 705 | --hash=sha256:3b50a83dd58149dfcee98cb6565265d10b53e9c0a2bca7eeef7fb5f5524890a7 706 | configobj==5.0.6 \ 707 | --hash=sha256:a2f5650770e1c87fb335af19a9b7eb73fc05ccf22144eb68db7d00cd2bcb0902 708 | cryptography==1.5.3 \ 709 | --hash=sha256:e514d92086246b53ae9b048df652cf3036b462e50a6ce9fac6b6253502679991 \ 710 | --hash=sha256:10ee414f4b5af403a0d8f20dfa80f7dad1fc7ae5452ec5af03712d5b6e78c664 \ 711 | --hash=sha256:7234456d1f4345a144ed07af2416c7c0659d4bb599dd1a963103dc8c183b370e \ 712 | --hash=sha256:d3b9587406f94642bd70b3d666b813f446e95f84220c9e416ad94cbfb6be2eaa \ 713 | --hash=sha256:b15fc6b59f1474eef62207c85888afada8acc47fae8198ba2b0197d54538961a \ 714 | --hash=sha256:3b62d65d342704fc07ed171598db2a2775bdf587b1b6abd2cba2261bfe3ccde3 \ 715 | --hash=sha256:059343022ec904c867a13bc55d2573e36c8cfb2c250e30d8a2e9825f253b07ba \ 716 | --hash=sha256:c7897cf13bc8b4ee0215d83cbd51766d87c06b277fcca1f9108595508e5bcfb4 \ 717 | --hash=sha256:9b69e983e5bf83039ddd52e52a28c7faedb2b22bdfb5876377b95aac7d3be63e \ 718 | --hash=sha256:61e40905c426d02b3fae38088dc66ce4ef84830f7eb223dec6b3ac3ccdc676fb \ 719 | --hash=sha256:00783a32bcd91a12177230d35bfcf70a2333ade4a6b607fac94a633a7971c671 \ 720 | --hash=sha256:d11973f49b648cde1ea1a30e496d7557dbfeccd08b3cd9ba58d286a9c274ff8e \ 721 | --hash=sha256:f24bedf28b81932ba6063aec9a826669f5237ea3b755efe04d98b072faa053a5 \ 722 | --hash=sha256:3ab5725367239e3deb9b92e917aa965af3fef008f25b96a3000821869e208181 \ 723 | --hash=sha256:8a53209de822e22b5f73bf4b99e68ac4ccc91051fd6751c8252982983e86a77d \ 724 | --hash=sha256:5a07439d4b1e4197ac202b7eea45e26a6fd65757652dc50f1a63367f711df933 \ 725 | --hash=sha256:26b1c4b40aec7b0074bceabe6e06565aa28176eca7323a31df66ebf89fe916d3 \ 726 | --hash=sha256:eaa4a7b5a6682adcf8d6ebb2a08a008802657643655bb527c95c8a3860253d8e \ 727 | --hash=sha256:8156927dcf8da274ff205ad0612f75c380df45385bacf98531a5b3348c88d135 \ 728 | --hash=sha256:61ec0d792749d0e91e84b1d58b6dfd204806b10b5811f846c2ceca0de028c53a \ 729 | --hash=sha256:26330c88041569ca621cc42274d0ea2667a48b6deab41467272c3aba0b6e8f07 \ 730 | --hash=sha256:cf82ddac919b587f5e44247579b433224cc2e03332d2ea4d89aa70d7e6b64ae5 731 | enum34==1.1.2 \ 732 | --hash=sha256:2475d7fcddf5951e92ff546972758802de5260bf409319a9f1934e6bbc8b1dc7 \ 733 | --hash=sha256:35907defb0f992b75ab7788f65fedc1cf20ffa22688e0e6f6f12afc06b3ea501 734 | funcsigs==0.4 \ 735 | --hash=sha256:ff5ad9e2f8d9e5d1e8bbfbcf47722ab527cf0d51caeeed9da6d0f40799383fde \ 736 | --hash=sha256:d83ce6df0b0ea6618700fe1db353526391a8a3ada1b7aba52fed7a61da772033 737 | idna==2.0 \ 738 | --hash=sha256:9b2fc50bd3c4ba306b9651b69411ef22026d4d8335b93afc2214cef1246ce707 \ 739 | --hash=sha256:16199aad938b290f5be1057c0e1efc6546229391c23cea61ca940c115f7d3d3b 740 | ipaddress==1.0.16 \ 741 | --hash=sha256:935712800ce4760701d89ad677666cd52691fd2f6f0b340c8b4239a3c17988a5 \ 742 | --hash=sha256:5a3182b322a706525c46282ca6f064d27a02cffbd449f9f47416f1dc96aa71b0 743 | linecache2==1.0.0 \ 744 | --hash=sha256:e78be9c0a0dfcbac712fe04fbf92b96cddae80b1b842f24248214c8496f006ef \ 745 | --hash=sha256:4b26ff4e7110db76eeb6f5a7b64a82623839d595c2038eeda662f2a2db78e97c 746 | ordereddict==1.1 \ 747 | --hash=sha256:1c35b4ac206cef2d24816c89f89cf289dd3d38cf7c449bb3fab7bf6d43f01b1f 748 | parsedatetime==2.1 \ 749 | --hash=sha256:ce9d422165cf6e963905cd5f74f274ebf7cc98c941916169178ef93f0e557838 \ 750 | --hash=sha256:17c578775520c99131634e09cfca5a05ea9e1bd2a05cd06967ebece10df7af2d 751 | pbr==1.8.1 \ 752 | --hash=sha256:46c8db75ae75a056bd1cc07fa21734fe2e603d11a07833ecc1eeb74c35c72e0c \ 753 | --hash=sha256:e2127626a91e6c885db89668976db31020f0af2da728924b56480fc7ccf09649 754 | pyasn1==0.1.9 \ 755 | --hash=sha256:61f9d99e3cef65feb1bfe3a2eef7a93eb93819d345bf54bcd42f4e63d5204dae \ 756 | --hash=sha256:1802a6dd32045e472a419db1441aecab469d33e0d2749e192abdec52101724af \ 757 | --hash=sha256:35025cd9422c96504912f04e2f15fe79390a8597b430c2ca5d0534cf9309ffa0 \ 758 | --hash=sha256:2f96ed5a0c329ca16230b326ca12b7461ec8f65e0be3e4f997516f36bf82a345 \ 759 | --hash=sha256:28fee44217991cfad9e6a0b9f7e3f26041e21ebc96629e94e585ccd05d49fa65 \ 760 | --hash=sha256:326e7a854a17fab07691204747695f8f692d674588a355c441fb14f660bf4e68 \ 761 | --hash=sha256:cda5a90485709ca6795c86056c3e5fe7266028b05e53f1d527fdf93a6365a6b8 \ 762 | --hash=sha256:0cb2a14742b543fdd68f931a14ce3829186ed2b1b2267a06787388c96b2dd9be \ 763 | --hash=sha256:5191ff6b9126d2c039dd87f8ff025bed274baf07fa78afa46f556b1ad7265d6e \ 764 | --hash=sha256:8323e03637b2d072cc7041300bac6ec448c3c28950ab40376036788e9a1af629 \ 765 | --hash=sha256:853cacd96d1f701ddd67aa03ecc05f51890135b7262e922710112f12a2ed2a7f 766 | pyOpenSSL==16.2.0 \ 767 | --hash=sha256:26ca380ddf272f7556e48064bbcd5bd71f83dfc144f3583501c7ddbd9434ee17 \ 768 | --hash=sha256:7779a3bbb74e79db234af6a08775568c6769b5821faecf6e2f4143edb227516e 769 | pyparsing==2.1.8 \ 770 | --hash=sha256:2f0f5ceb14eccd5aef809d6382e87df22ca1da583c79f6db01675ce7d7f49c18 \ 771 | --hash=sha256:03a4869b9f3493807ee1f1cb405e6d576a1a2ca4d81a982677c0c1ad6177c56b \ 772 | --hash=sha256:ab09aee814c0241ff0c503cff30018219fe1fc14501d89f406f4664a0ec9fbcd \ 773 | --hash=sha256:6e9a7f052f8e26bcf749e4033e3115b6dc7e3c85aafcb794b9a88c9d9ef13c97 \ 774 | --hash=sha256:9f463a6bcc4eeb6c08f1ed84439b17818e2085937c0dee0d7674ac127c67c12b \ 775 | --hash=sha256:3626b4d81cfb300dad57f52f2f791caaf7b06c09b368c0aa7b868e53a5775424 \ 776 | --hash=sha256:367b90cc877b46af56d4580cd0ae278062903f02b8204ab631f5a2c0f50adfd0 \ 777 | --hash=sha256:9f1ea360086cd68681e7f4ca8f1f38df47bf81942a0d76a9673c2d23eff35b13 778 | pyRFC3339==1.0 \ 779 | --hash=sha256:eea31835c56e2096af4363a5745a784878a61d043e247d3a6d6a0a32a9741f56 \ 780 | --hash=sha256:8dfbc6c458b8daba1c0f3620a8c78008b323a268b27b7359e92a4ae41325f535 781 | python-augeas==0.5.0 \ 782 | --hash=sha256:67d59d66cdba8d624e0389b87b2a83a176f21f16a87553b50f5703b23f29bac2 783 | pytz==2015.7 \ 784 | --hash=sha256:3abe6a6d3fc2fbbe4c60144211f45da2edbe3182a6f6511af6bbba0598b1f992 \ 785 | --hash=sha256:939ef9c1e1224d980405689a97ffcf7828c56d1517b31d73464356c1f2b7769e \ 786 | --hash=sha256:ead4aefa7007249e05e51b01095719d5a8dd95760089f5730aac5698b1932918 \ 787 | --hash=sha256:3cca0df08bd0ed98432390494ce3ded003f5e661aa460be7a734bffe35983605 \ 788 | --hash=sha256:3ede470d3d17ba3c07638dfa0d10452bc1b6e5ad326127a65ba77e6aaeb11bec \ 789 | --hash=sha256:68c47964f7186eec306b13629627722b9079cd4447ed9e5ecaecd4eac84ca734 \ 790 | --hash=sha256:dd5d3991950aae40a6c81de1578942e73d629808cefc51d12cd157980e6cfc18 \ 791 | --hash=sha256:a77c52062c07eb7c7b30545dbc73e32995b7e117eea750317b5cb5c7a4618f14 \ 792 | --hash=sha256:81af9aec4bc960a9a0127c488f18772dae4634689233f06f65443e7b11ebeb51 \ 793 | --hash=sha256:e079b1dadc5c06246cc1bb6fe1b23a50b1d1173f2edd5104efd40bb73a28f406 \ 794 | --hash=sha256:fbd26746772c24cb93c8b97cbdad5cb9e46c86bbdb1b9d8a743ee00e2fb1fc5d \ 795 | --hash=sha256:99266ef30a37e43932deec2b7ca73e83c8dbc3b9ff703ec73eca6b1dae6befea \ 796 | --hash=sha256:8b6ce1c993909783bc96e0b4f34ea223bff7a4df2c90bdb9c4e0f1ac928689e3 797 | requests==2.12.1 \ 798 | --hash=sha256:3f3f27a9d0f9092935efc78054ef324eb9f8166718270aefe036dfa1e4f68e1e \ 799 | --hash=sha256:2109ecea94df90980be040490ff1d879971b024861539abb00054062388b612e 800 | six==1.10.0 \ 801 | --hash=sha256:0ff78c403d9bccf5a425a6d31a12aa6b47f1c21ca4dc2573a7e2f32a97335eb1 \ 802 | --hash=sha256:105f8d68616f8248e24bf0e9372ef04d3cc10104f1980f54d57b2ce73a5ad56a 803 | traceback2==1.4.0 \ 804 | --hash=sha256:8253cebec4b19094d67cc5ed5af99bf1dba1285292226e98a31929f87a5d6b23 \ 805 | --hash=sha256:05acc67a09980c2ecfedd3423f7ae0104839eccb55fc645773e1caa0951c3030 806 | unittest2==1.1.0 \ 807 | --hash=sha256:13f77d0875db6d9b435e1d4f41e74ad4cc2eb6e1d5c824996092b3430f088bb8 \ 808 | --hash=sha256:22882a0e418c284e1f718a822b3b022944d53d2d908e1690b319a9d3eb2c0579 809 | zope.component==4.2.2 \ 810 | --hash=sha256:282c112b55dd8e3c869a3571f86767c150ab1284a9ace2bdec226c592acaf81a 811 | zope.event==4.1.0 \ 812 | --hash=sha256:dc7a59a2fd91730d3793131a5d261b29e93ec4e2a97f1bc487ce8defee2fe786 813 | zope.interface==4.1.3 \ 814 | --hash=sha256:f07b631f7a601cd8cbd3332d54f43142c7088a83299f859356f08d1d4d4259b3 \ 815 | --hash=sha256:de5cca083b9439d8002fb76bbe6b4998c5a5a721fab25b84298967f002df4c94 \ 816 | --hash=sha256:6788416f7ea7f5b8a97be94825377aa25e8bdc73463e07baaf9858b29e737077 \ 817 | --hash=sha256:6f3230f7254518201e5a3708cbb2de98c848304f06e3ded8bfb39e5825cba2e1 \ 818 | --hash=sha256:5fa575a5240f04200c3088427d0d4b7b737f6e9018818a51d8d0f927a6a2517a \ 819 | --hash=sha256:522194ad6a545735edd75c8a83f48d65d1af064e432a7d320d64f56bafc12e99 \ 820 | --hash=sha256:e8c7b2d40943f71c99148c97f66caa7f5134147f57423f8db5b4825099ce9a09 \ 821 | --hash=sha256:279024f0208601c3caa907c53876e37ad88625f7eaf1cb3842dbe360b2287017 \ 822 | --hash=sha256:2e221a9eec7ccc58889a278ea13dcfed5ef939d80b07819a9a8b3cb1c681484f \ 823 | --hash=sha256:69118965410ec86d44dc6b9017ee3ddbd582e0c0abeef62b3a19dbf6c8ad132b \ 824 | --hash=sha256:d04df8686ec864d0cade8cf199f7f83aecd416109a20834d568f8310ded12dea \ 825 | --hash=sha256:e75a947e15ee97e7e71e02ea302feb2fc62d3a2bb4668bf9dfbed43a506ac7e7 \ 826 | --hash=sha256:4e45d22fb883222a5ab9f282a116fec5ee2e8d1a568ccff6a2d75bbd0eb6bcfc \ 827 | --hash=sha256:bce9339bb3c7a55e0803b63d21c5839e8e479bc85c4adf42ae415b72f94facb2 \ 828 | --hash=sha256:928138365245a0e8869a5999fbcc2a45475a0a6ed52a494d60dbdc540335fedd \ 829 | --hash=sha256:0d841ba1bb840eea0e6489dc5ecafa6125554971f53b5acb87764441e61bceba \ 830 | --hash=sha256:b09c8c1d47b3531c400e0195697f1414a63221de6ef478598a4f1460f7d9a392 831 | mock==1.0.1 \ 832 | --hash=sha256:b839dd2d9c117c701430c149956918a423a9863b48b09c90e30a6013e7d2f44f \ 833 | --hash=sha256:8f83080daa249d036cbccfb8ae5cc6ff007b88d6d937521371afabe7b19badbc 834 | letsencrypt==0.7.0 \ 835 | --hash=sha256:105a5fb107e45bcd0722eb89696986dcf5f08a86a321d6aef25a0c7c63375ade \ 836 | --hash=sha256:c36e532c486a7e92155ee09da54b436a3c420813ec1c590b98f635d924720de9 837 | 838 | # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. 839 | 840 | acme==0.12.0 \ 841 | --hash=sha256:a6050619b3e07b41d197992bb15b32c755dfa0665cfa1c20faa82806a798265b \ 842 | --hash=sha256:a05cba6b5b0fffdfa246b32492a44769011d45205f3ee8efde1f37ee9843fbdf 843 | certbot==0.12.0 \ 844 | --hash=sha256:d018d13665eb4cfe7038c2df636e3f4928742b83769b95edfdb0311277f0eb48 \ 845 | --hash=sha256:4a71925c035b62dfb7c3343c619ee090add76188b47225272b57798ad63388b7 846 | certbot-apache==0.12.0 \ 847 | --hash=sha256:de86907ea60e7bc35d252b87dec04eab3c7f3a1ea768774876e7ff582d89d640 \ 848 | --hash=sha256:77dde63cf97292b09da8ae09ef8a7a6d83a3b1ee0f8d1fefe513fc77a6292509 849 | certbot-nginx==0.12.0 \ 850 | --hash=sha256:c66d848c4577f1f91a06a8119b40f1ab90af1546addea27905434bd070f3924d \ 851 | --hash=sha256:4dab2c93304c80d8d0d2e5214939f016804fd46859dd7a39b892d8b7195ab5ec 852 | 853 | UNLIKELY_EOF 854 | # ------------------------------------------------------------------------- 855 | cat << "UNLIKELY_EOF" > "$TEMP_DIR/pipstrap.py" 856 | #!/usr/bin/env python 857 | """A small script that can act as a trust root for installing pip 8 858 | 859 | Embed this in your project, and your VCS checkout is all you have to trust. In 860 | a post-peep era, this lets you claw your way to a hash-checking version of pip, 861 | with which you can install the rest of your dependencies safely. All it assumes 862 | is Python 2.6 or better and *some* version of pip already installed. If 863 | anything goes wrong, it will exit with a non-zero status code. 864 | 865 | """ 866 | # This is here so embedded copies are MIT-compliant: 867 | # Copyright (c) 2016 Erik Rose 868 | # 869 | # Permission is hereby granted, free of charge, to any person obtaining a copy 870 | # of this software and associated documentation files (the "Software"), to 871 | # deal in the Software without restriction, including without limitation the 872 | # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 873 | # sell copies of the Software, and to permit persons to whom the Software is 874 | # furnished to do so, subject to the following conditions: 875 | # 876 | # The above copyright notice and this permission notice shall be included in 877 | # all copies or substantial portions of the Software. 878 | from __future__ import print_function 879 | from hashlib import sha256 880 | from os.path import join 881 | from pipes import quote 882 | from shutil import rmtree 883 | try: 884 | from subprocess import check_output 885 | except ImportError: 886 | from subprocess import CalledProcessError, PIPE, Popen 887 | 888 | def check_output(*popenargs, **kwargs): 889 | if 'stdout' in kwargs: 890 | raise ValueError('stdout argument not allowed, it will be ' 891 | 'overridden.') 892 | process = Popen(stdout=PIPE, *popenargs, **kwargs) 893 | output, unused_err = process.communicate() 894 | retcode = process.poll() 895 | if retcode: 896 | cmd = kwargs.get("args") 897 | if cmd is None: 898 | cmd = popenargs[0] 899 | raise CalledProcessError(retcode, cmd) 900 | return output 901 | from sys import exit, version_info 902 | from tempfile import mkdtemp 903 | try: 904 | from urllib2 import build_opener, HTTPHandler, HTTPSHandler 905 | except ImportError: 906 | from urllib.request import build_opener, HTTPHandler, HTTPSHandler 907 | try: 908 | from urlparse import urlparse 909 | except ImportError: 910 | from urllib.parse import urlparse # 3.4 911 | 912 | 913 | __version__ = 1, 1, 1 914 | 915 | 916 | # wheel has a conditional dependency on argparse: 917 | maybe_argparse = ( 918 | [('https://pypi.python.org/packages/source/a/argparse/' 919 | 'argparse-1.4.0.tar.gz', 920 | '62b089a55be1d8949cd2bc7e0df0bddb9e028faefc8c32038cc84862aefdd6e4')] 921 | if version_info < (2, 7, 0) else []) 922 | 923 | 924 | PACKAGES = maybe_argparse + [ 925 | # Pip has no dependencies, as it vendors everything: 926 | ('https://pypi.python.org/packages/source/p/pip/pip-8.0.3.tar.gz', 927 | '30f98b66f3fe1069c529a491597d34a1c224a68640c82caf2ade5f88aa1405e8'), 928 | # This version of setuptools has only optional dependencies: 929 | ('https://pypi.python.org/packages/source/s/setuptools/' 930 | 'setuptools-20.2.2.tar.gz', 931 | '24fcfc15364a9fe09a220f37d2dcedc849795e3de3e4b393ee988e66a9cbd85a'), 932 | ('https://pypi.python.org/packages/source/w/wheel/wheel-0.29.0.tar.gz', 933 | '1ebb8ad7e26b448e9caa4773d2357849bf80ff9e313964bcaf79cbf0201a1648') 934 | ] 935 | 936 | 937 | class HashError(Exception): 938 | def __str__(self): 939 | url, path, actual, expected = self.args 940 | return ('{url} did not match the expected hash {expected}. Instead, ' 941 | 'it was {actual}. The file (left at {path}) may have been ' 942 | 'tampered with.'.format(**locals())) 943 | 944 | 945 | def hashed_download(url, temp, digest): 946 | """Download ``url`` to ``temp``, make sure it has the SHA-256 ``digest``, 947 | and return its path.""" 948 | # Based on pip 1.4.1's URLOpener but with cert verification removed. Python 949 | # >=2.7.9 verifies HTTPS certs itself, and, in any case, the cert 950 | # authenticity has only privacy (not arbitrary code execution) 951 | # implications, since we're checking hashes. 952 | def opener(): 953 | opener = build_opener(HTTPSHandler()) 954 | # Strip out HTTPHandler to prevent MITM spoof: 955 | for handler in opener.handlers: 956 | if isinstance(handler, HTTPHandler): 957 | opener.handlers.remove(handler) 958 | return opener 959 | 960 | def read_chunks(response, chunk_size): 961 | while True: 962 | chunk = response.read(chunk_size) 963 | if not chunk: 964 | break 965 | yield chunk 966 | 967 | response = opener().open(url) 968 | path = join(temp, urlparse(url).path.split('/')[-1]) 969 | actual_hash = sha256() 970 | with open(path, 'wb') as file: 971 | for chunk in read_chunks(response, 4096): 972 | file.write(chunk) 973 | actual_hash.update(chunk) 974 | 975 | actual_digest = actual_hash.hexdigest() 976 | if actual_digest != digest: 977 | raise HashError(url, path, actual_digest, digest) 978 | return path 979 | 980 | 981 | def main(): 982 | temp = mkdtemp(prefix='pipstrap-') 983 | try: 984 | downloads = [hashed_download(url, temp, digest) 985 | for url, digest in PACKAGES] 986 | check_output('pip install --no-index --no-deps -U ' + 987 | ' '.join(quote(d) for d in downloads), 988 | shell=True) 989 | except HashError as exc: 990 | print(exc) 991 | except Exception: 992 | rmtree(temp) 993 | raise 994 | else: 995 | rmtree(temp) 996 | return 0 997 | return 1 998 | 999 | 1000 | if __name__ == '__main__': 1001 | exit(main()) 1002 | 1003 | UNLIKELY_EOF 1004 | # ------------------------------------------------------------------------- 1005 | # Set PATH so pipstrap upgrades the right (v)env: 1006 | PATH="$VENV_BIN:$PATH" "$VENV_BIN/python" "$TEMP_DIR/pipstrap.py" 1007 | set +e 1008 | if [ "$VERBOSE" = 1 ]; then 1009 | "$VENV_BIN/pip" install --no-cache-dir --require-hashes -r "$TEMP_DIR/letsencrypt-auto-requirements.txt" 1010 | else 1011 | PIP_OUT=`"$VENV_BIN/pip" install --no-cache-dir --require-hashes -r "$TEMP_DIR/letsencrypt-auto-requirements.txt" 2>&1` 1012 | fi 1013 | PIP_STATUS=$? 1014 | set -e 1015 | if [ "$PIP_STATUS" != 0 ]; then 1016 | # Report error. (Otherwise, be quiet.) 1017 | echo "Had a problem while installing Python packages." 1018 | if [ "$VERBOSE" != 1 ]; then 1019 | echo 1020 | echo "pip prints the following errors: " 1021 | echo "=====================================================" 1022 | echo "$PIP_OUT" 1023 | echo "=====================================================" 1024 | echo 1025 | echo "Certbot has problem setting up the virtual environment." 1026 | 1027 | if `echo $PIP_OUT | grep -q Killed` || `echo $PIP_OUT | grep -q "allocate memory"` ; then 1028 | echo 1029 | echo "Based on your pip output, the problem can likely be fixed by " 1030 | echo "increasing the available memory." 1031 | else 1032 | echo 1033 | echo "We were not be able to guess the right solution from your pip " 1034 | echo "output." 1035 | fi 1036 | 1037 | echo 1038 | echo "Consult https://certbot.eff.org/docs/install.html#problems-with-python-virtual-environment" 1039 | echo "for possible solutions." 1040 | echo "You may also find some support resources at https://certbot.eff.org/support/ ." 1041 | fi 1042 | rm -rf "$VENV_PATH" 1043 | exit 1 1044 | fi 1045 | echo "Installation succeeded." 1046 | fi 1047 | if [ -n "$SUDO" ]; then 1048 | # SUDO is su wrapper or sudo 1049 | if [ "$QUIET" != 1 ]; then 1050 | echo "Requesting root privileges to run certbot..." 1051 | echo " $VENV_BIN/letsencrypt" "$@" 1052 | fi 1053 | fi 1054 | if [ -z "$SUDO_ENV" ] ; then 1055 | # SUDO is su wrapper / noop 1056 | $SUDO "$VENV_BIN/letsencrypt" "$@" 1057 | else 1058 | # sudo 1059 | $SUDO "$SUDO_ENV" "$VENV_BIN/letsencrypt" "$@" 1060 | fi 1061 | 1062 | else 1063 | # Phase 1: Upgrade certbot-auto if necessary, then self-invoke. 1064 | # 1065 | # Each phase checks the version of only the thing it is responsible for 1066 | # upgrading. Phase 1 checks the version of the latest release of 1067 | # certbot-auto (which is always the same as that of the certbot 1068 | # package). Phase 2 checks the version of the locally installed certbot. 1069 | 1070 | if [ ! -f "$VENV_BIN/letsencrypt" ]; then 1071 | if [ "$HELP" = 1 ]; then 1072 | echo "$USAGE" 1073 | exit 0 1074 | fi 1075 | # If it looks like we've never bootstrapped before, bootstrap: 1076 | Bootstrap 1077 | fi 1078 | if [ "$OS_PACKAGES_ONLY" = 1 ]; then 1079 | echo "OS packages installed." 1080 | exit 0 1081 | fi 1082 | 1083 | if [ "$NO_SELF_UPGRADE" != 1 ]; then 1084 | TEMP_DIR=$(TempDir) 1085 | trap 'rm -rf "$TEMP_DIR"' EXIT 1086 | # --------------------------------------------------------------------------- 1087 | cat << "UNLIKELY_EOF" > "$TEMP_DIR/fetch.py" 1088 | """Do downloading and JSON parsing without additional dependencies. :: 1089 | 1090 | # Print latest released version of LE to stdout: 1091 | python fetch.py --latest-version 1092 | 1093 | # Download letsencrypt-auto script from git tag v1.2.3 into the folder I'm 1094 | # in, and make sure its signature verifies: 1095 | python fetch.py --le-auto-script v1.2.3 1096 | 1097 | On failure, return non-zero. 1098 | 1099 | """ 1100 | from distutils.version import LooseVersion 1101 | from json import loads 1102 | from os import devnull, environ 1103 | from os.path import dirname, join 1104 | import re 1105 | from subprocess import check_call, CalledProcessError 1106 | from sys import argv, exit 1107 | from urllib2 import build_opener, HTTPHandler, HTTPSHandler, HTTPError 1108 | 1109 | PUBLIC_KEY = environ.get('LE_AUTO_PUBLIC_KEY', """-----BEGIN PUBLIC KEY----- 1110 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MR8W/galdxnpGqBsYbq 1111 | OzQb2eyW15YFjDDEMI0ZOzt8f504obNs920lDnpPD2/KqgsfjOgw2K7xWDJIj/18 1112 | xUvWPk3LDkrnokNiRkA3KOx3W6fHycKL+zID7zy+xZYBuh2fLyQtWV1VGQ45iNRp 1113 | 9+Zo7rH86cdfgkdnWTlNSHyTLW9NbXvyv/E12bppPcEvgCTAQXgnDVJ0/sqmeiij 1114 | n9tTFh03aM+R2V/21h8aTraAS24qiPCz6gkmYGC8yr6mglcnNoYbsLNYZ69zF1XH 1115 | cXPduCPdPdfLlzVlKK1/U7hkA28eG3BIAMh6uJYBRJTpiGgaGdPd7YekUB8S6cy+ 1116 | CQIDAQAB 1117 | -----END PUBLIC KEY----- 1118 | """) 1119 | 1120 | class ExpectedError(Exception): 1121 | """A novice-readable exception that also carries the original exception for 1122 | debugging""" 1123 | 1124 | 1125 | class HttpsGetter(object): 1126 | def __init__(self): 1127 | """Build an HTTPS opener.""" 1128 | # Based on pip 1.4.1's URLOpener 1129 | # This verifies certs on only Python >=2.7.9. 1130 | self._opener = build_opener(HTTPSHandler()) 1131 | # Strip out HTTPHandler to prevent MITM spoof: 1132 | for handler in self._opener.handlers: 1133 | if isinstance(handler, HTTPHandler): 1134 | self._opener.handlers.remove(handler) 1135 | 1136 | def get(self, url): 1137 | """Return the document contents pointed to by an HTTPS URL. 1138 | 1139 | If something goes wrong (404, timeout, etc.), raise ExpectedError. 1140 | 1141 | """ 1142 | try: 1143 | return self._opener.open(url).read() 1144 | except (HTTPError, IOError) as exc: 1145 | raise ExpectedError("Couldn't download %s." % url, exc) 1146 | 1147 | 1148 | def write(contents, dir, filename): 1149 | """Write something to a file in a certain directory.""" 1150 | with open(join(dir, filename), 'w') as file: 1151 | file.write(contents) 1152 | 1153 | 1154 | def latest_stable_version(get): 1155 | """Return the latest stable release of letsencrypt.""" 1156 | metadata = loads(get( 1157 | environ.get('LE_AUTO_JSON_URL', 1158 | 'https://pypi.python.org/pypi/certbot/json'))) 1159 | # metadata['info']['version'] actually returns the latest of any kind of 1160 | # release release, contrary to https://wiki.python.org/moin/PyPIJSON. 1161 | # The regex is a sufficient regex for picking out prereleases for most 1162 | # packages, LE included. 1163 | return str(max(LooseVersion(r) for r 1164 | in metadata['releases'].iterkeys() 1165 | if re.match('^[0-9.]+$', r))) 1166 | 1167 | 1168 | def verified_new_le_auto(get, tag, temp_dir): 1169 | """Return the path to a verified, up-to-date letsencrypt-auto script. 1170 | 1171 | If the download's signature does not verify or something else goes wrong 1172 | with the verification process, raise ExpectedError. 1173 | 1174 | """ 1175 | le_auto_dir = environ.get( 1176 | 'LE_AUTO_DIR_TEMPLATE', 1177 | 'https://raw.githubusercontent.com/certbot/certbot/%s/' 1178 | 'letsencrypt-auto-source/') % tag 1179 | write(get(le_auto_dir + 'letsencrypt-auto'), temp_dir, 'letsencrypt-auto') 1180 | write(get(le_auto_dir + 'letsencrypt-auto.sig'), temp_dir, 'letsencrypt-auto.sig') 1181 | write(PUBLIC_KEY, temp_dir, 'public_key.pem') 1182 | try: 1183 | with open(devnull, 'w') as dev_null: 1184 | check_call(['openssl', 'dgst', '-sha256', '-verify', 1185 | join(temp_dir, 'public_key.pem'), 1186 | '-signature', 1187 | join(temp_dir, 'letsencrypt-auto.sig'), 1188 | join(temp_dir, 'letsencrypt-auto')], 1189 | stdout=dev_null, 1190 | stderr=dev_null) 1191 | except CalledProcessError as exc: 1192 | raise ExpectedError("Couldn't verify signature of downloaded " 1193 | "certbot-auto.", exc) 1194 | 1195 | 1196 | def main(): 1197 | get = HttpsGetter().get 1198 | flag = argv[1] 1199 | try: 1200 | if flag == '--latest-version': 1201 | print latest_stable_version(get) 1202 | elif flag == '--le-auto-script': 1203 | tag = argv[2] 1204 | verified_new_le_auto(get, tag, dirname(argv[0])) 1205 | except ExpectedError as exc: 1206 | print exc.args[0], exc.args[1] 1207 | return 1 1208 | else: 1209 | return 0 1210 | 1211 | 1212 | if __name__ == '__main__': 1213 | exit(main()) 1214 | 1215 | UNLIKELY_EOF 1216 | # --------------------------------------------------------------------------- 1217 | DeterminePythonVersion 1218 | if ! REMOTE_VERSION=`"$LE_PYTHON" "$TEMP_DIR/fetch.py" --latest-version` ; then 1219 | echo "WARNING: unable to check for updates." 1220 | elif [ "$LE_AUTO_VERSION" != "$REMOTE_VERSION" ]; then 1221 | echo "Upgrading certbot-auto $LE_AUTO_VERSION to $REMOTE_VERSION..." 1222 | 1223 | # Now we drop into Python so we don't have to install even more 1224 | # dependencies (curl, etc.), for better flow control, and for the option of 1225 | # future Windows compatibility. 1226 | "$LE_PYTHON" "$TEMP_DIR/fetch.py" --le-auto-script "v$REMOTE_VERSION" 1227 | 1228 | # Install new copy of certbot-auto. 1229 | # TODO: Deal with quotes in pathnames. 1230 | echo "Replacing certbot-auto..." 1231 | # Clone permissions with cp. chmod and chown don't have a --reference 1232 | # option on macOS or BSD, and stat -c on Linux is stat -f on macOS and BSD: 1233 | $SUDO cp -p "$0" "$TEMP_DIR/letsencrypt-auto.permission-clone" 1234 | $SUDO cp "$TEMP_DIR/letsencrypt-auto" "$TEMP_DIR/letsencrypt-auto.permission-clone" 1235 | # Using mv rather than cp leaves the old file descriptor pointing to the 1236 | # original copy so the shell can continue to read it unmolested. mv across 1237 | # filesystems is non-atomic, doing `rm dest, cp src dest, rm src`, but the 1238 | # cp is unlikely to fail (esp. under sudo) if the rm doesn't. 1239 | $SUDO mv -f "$TEMP_DIR/letsencrypt-auto.permission-clone" "$0" 1240 | fi # A newer version is available. 1241 | fi # Self-upgrading is allowed. 1242 | 1243 | "$0" --le-auto-phase2 "$@" 1244 | fi -------------------------------------------------------------------------------- /installer_components/panel.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/installer_components/panel.zip -------------------------------------------------------------------------------- /lib.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | public_file=/www/server/panel/install/public.sh 5 | if [ ! -f $public_file ];then 6 | wget -O $public_file http://download.bt.cn/install/public.sh -T 40; 7 | fi 8 | publicFileMd5=$(md5sum ${public_file}|awk '{print $1}') 9 | md5check="8eda91b70b5b0517ac6745e915863c8f" 10 | if [ "${publicFileMd5}" != "${md5check}" ]; then 11 | wget -O $public_file http://download.bt.cn/install/public.sh -T 40; 12 | fi 13 | . $public_file 14 | if [ -z "${NODE_URL}" ];then 15 | download_Url="http://download.bt.cn" 16 | else 17 | download_Url=$NODE_URL 18 | fi 19 | echo ${download_Url} 20 | mkdir -p /www/server 21 | run_path="/root" 22 | Is_64bit=`getconf LONG_BIT` 23 | 24 | opensslVersion="1.1.1d" 25 | curlVersion="7.66.0" 26 | freetypeVersion="2.10.0" 27 | pcreVersion="8.43" 28 | 29 | Install_Sendmail() 30 | { 31 | if [ "${PM}" = "yum" ]; then 32 | yum install postfix mysql-libs -y 33 | if [ "${centos_version}" != '' ];then 34 | systemctl start postfix 35 | systemctl enable postfix 36 | else 37 | service postfix start 38 | chkconfig --level 2345 postfix on 39 | fi 40 | elif [ "${PM}" = "apt-get" ]; then 41 | apt-get install sendmail sendmail-cf -y 42 | fi 43 | } 44 | 45 | Install_Curl() 46 | { 47 | if [ ! -f "/usr/local/curl/bin/curl" ];then 48 | wget https://curl.haxx.se/download/curl-${curlVersion}.tar.gz 49 | tar -zxf curl-${curlVersion}.tar.gz 50 | cd curl-${curlVersion} 51 | ./configure --prefix=/usr/local/curl --enable-ares --without-nss --with-ssl=/usr/local/openssl 52 | make -j${cpuCore} 53 | make install 54 | cd .. 55 | rm -f curl-${curlVersion}.tar.gz 56 | rm -rf curl-${curlVersion} 57 | fi 58 | } 59 | 60 | Install_Openssl() 61 | { 62 | if [ ! -f "/usr/local/openssl/bin/openssl" ];then 63 | cd ${run_path} 64 | wget https://www.openssl.org/source/openssl-${opensslVersion}.tar.gz 65 | tar -zxf openssl-${opensslVersion}.tar.gz 66 | cd openssl-${opensslVersion} 67 | ./config --openssldir=/usr/local/openssl zlib-dynamic shared 68 | make -j${cpuCore} 69 | make install 70 | echo "/usr/local/openssl/lib" > /etc/ld.so.conf.d/zopenssl.conf 71 | ldconfig 72 | cd .. 73 | rm -f openssl-${opensslVersion}.tar.gz 74 | rm -rf openssl-${opensslVersion} 75 | fi 76 | } 77 | Install_Pcre(){ 78 | Cur_Pcre_Ver=`pcre-config --version|grep '^8.' 2>&1` 79 | if [ "$Cur_Pcre_Ver" == "" ];then 80 | wget -O pcre-${pcreVersion}.tar.gz https://ftp.pcre.org/pub/pcre/pcre-${pcreVersion}.tar.gz -T 5 81 | tar zxf pcre-${pcreVersion}.tar.gz 82 | rm -f pcre-${pcreVersion}.tar.gz 83 | cd pcre-${pcreVersion} 84 | if [ "$Is_64bit" == "64" ];then 85 | ./configure --prefix=/usr --docdir=/usr/share/doc/pcre-${pcreVersion} --libdir=/usr/lib64 --enable-unicode-properties --enable-pcre16 --enable-pcre32 --enable-pcregrep-libz --enable-pcregrep-libbz2 --enable-pcretest-libreadline --disable-static --enable-utf8 86 | else 87 | ./configure --prefix=/usr --docdir=/usr/share/doc/pcre-${pcreVersion} --enable-unicode-properties --enable-pcre16 --enable-pcre32 --enable-pcregrep-libz --enable-pcregrep-libbz2 --enable-pcretest-libreadline --disable-static --enable-utf8 88 | fi 89 | make -j${cpuCore} 90 | make install 91 | cd .. 92 | rm -rf pcre-${pcreVersion} 93 | fi 94 | } 95 | Install_Freetype() 96 | { 97 | if [ ! -f "/usr/bin/freetype-config" ] && [ ! -f "/usr/local/freetype/bin/freetype-config" ]; then 98 | cd ${run_path} 99 | wget -O freetype-${freetypeVersion}.tar.gz https://download.savannah.gnu.org/releases/freetype/freetype-${freetypeVersion}.tar.gz -T 5 100 | tar zxf freetype-${freetypeVersion}.tar.gz 101 | cd freetype-${freetypeVersion} 102 | ./configure --prefix=/usr/local/freetype --enable-freetype-config 103 | make -j${cpuCore} 104 | make install 105 | cd ../ 106 | rm -rf freetype-${freetypeVersion} 107 | rm -f freetype-${freetypeVersion}.tar.gz 108 | fi 109 | } 110 | Install_Libiconv() 111 | { 112 | if [ -d '/usr/local/libiconv' ];then 113 | return 114 | fi 115 | cd ${run_path} 116 | if [ ! -f "libiconv-1.14.tar.gz" ];then 117 | wget -O libiconv-1.14.tar.gz ${download_Url}/src/libiconv-1.14.tar.gz -T 5 118 | fi 119 | mkdir /patch 120 | wget -O /patch/libiconv-glibc-2.16.patch ${download_Url}/src/patch/libiconv-glibc-2.16.patch -T 5 121 | tar zxf libiconv-1.14.tar.gz 122 | cd libiconv-1.14 123 | patch -p0 < /patch/libiconv-glibc-2.16.patch 124 | ./configure --prefix=/usr/local/libiconv --enable-static 125 | make -j${cpuCore} 126 | make install 127 | cd ${run_path} 128 | rm -rf libiconv-1.14 129 | rm -f libiconv-1.14.tar.gz 130 | echo -e "Install_Libiconv" >> /www/server/lib.pl 131 | } 132 | Install_Libmcrypt() 133 | { 134 | if [ -f '/usr/local/lib/libmcrypt.so' ];then 135 | return; 136 | fi 137 | cd ${run_path} 138 | if [ ! -f "libmcrypt-2.5.8.tar.gz" ];then 139 | wget -O libmcrypt-2.5.8.tar.gz ${download_Url}/src/libmcrypt-2.5.8.tar.gz -T 5 140 | fi 141 | tar zxf libmcrypt-2.5.8.tar.gz 142 | cd libmcrypt-2.5.8 143 | 144 | ./configure 145 | make -j${cpuCore} 146 | make install 147 | /sbin/ldconfig 148 | cd libltdl/ 149 | ./configure --enable-ltdl-install 150 | make && make install 151 | ln -sf /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la 152 | ln -sf /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so 153 | ln -sf /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4 154 | ln -sf /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8 155 | ldconfig 156 | cd ${run_path} 157 | rm -rf libmcrypt-2.5.8 158 | rm -f libmcrypt-2.5.8.tar.gz 159 | echo -e "Install_Libmcrypt" >> /www/server/lib.pl 160 | } 161 | Install_Mcrypt() 162 | { 163 | if [ -f '/usr/bin/mcrypt' ] || [ -f '/usr/local/bin/mcrypt' ];then 164 | return; 165 | fi 166 | cd ${run_path} 167 | if [ ! -f "mcrypt-2.6.8.tar.gz" ];then 168 | wget -O mcrypt-2.6.8.tar.gz ${download_Url}/src/mcrypt-2.6.8.tar.gz -T 5 169 | fi 170 | tar zxf mcrypt-2.6.8.tar.gz 171 | cd mcrypt-2.6.8 172 | ./configure 173 | make -j${cpuCore} 174 | make install 175 | cd ${run_path} 176 | rm -rf mcrypt-2.6.8 177 | rm -f mcrypt-2.6.8.tar.gz 178 | echo -e "Install_Mcrypt" >> /www/server/lib.pl 179 | } 180 | Install_Mhash() 181 | { 182 | if [ -f '/usr/local/lib/libmhash.so' ];then 183 | return; 184 | fi 185 | cd ${run_path} 186 | if [ ! -f "mhash-0.9.9.9.tar.gz" ];then 187 | wget -O mhash-0.9.9.9.tar.gz ${download_Url}/src/mhash-0.9.9.9.tar.gz -T 5 188 | fi 189 | tar zxf mhash-0.9.9.9.tar.gz 190 | cd mhash-0.9.9.9 191 | ./configure 192 | make -j${cpuCore} 193 | make install 194 | ln -sf /usr/local/lib/libmhash.a /usr/lib/libmhash.a 195 | ln -sf /usr/local/lib/libmhash.la /usr/lib/libmhash.la 196 | ln -sf /usr/local/lib/libmhash.so /usr/lib/libmhash.so 197 | ln -sf /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2 198 | ln -sf /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1 199 | ldconfig 200 | cd ${run_path} 201 | rm -rf mhash-0.9.9.9* 202 | echo -e "Install_Mhash" >> /www/server/lib.pl 203 | } 204 | 205 | Install_Yumlib(){ 206 | sed -i "s#SELINUX=enforcing#SELINUX=disabled#" /etc/selinux/config 207 | rpm -e --nodeps mariadb-libs-* 208 | mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup 209 | rm -f /var/run/yum.pid 210 | Packs="make cmake gcc gcc-c++ gcc-g77 flex bison file libtool libtool-libs autoconf kernel-devel patch wget libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel zlib zlib-devel glib2 glib2-devel tar bzip2 bzip2-devel libevent libevent-devel ncurses ncurses-devel curl curl-devel libcurl libcurl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel vim-minimal gettext gettext-devel ncurses-devel gmp-devel pspell-devel libcap diffutils ca-certificates net-tools libc-client-devel psmisc libXpm-devel c-ares-devel libicu-devel libxslt libxslt-devel zip unzip glibc.i686 libstdc++.so.6 cairo-devel bison-devel ncurses-devel libaio-devel perl perl-devel perl-Data-Dumper lsof pcre pcre-devel vixie-cron crontabs expat-devel readline-devel" 211 | yum install ${Packs} -y 212 | for yumPack in ${Packs}; 213 | do 214 | rpmPack=$(rpm -q ${yumPack}) 215 | packCheck=$(echo $rpmPack|grep not) 216 | if [ "${packCheck}" ]; then 217 | yum install ${yumPack} -y 218 | fi 219 | done 220 | mv /etc/yum.repos.d/epel.repo.backup /etc/yum.repos.d/epel.repo 221 | yum install epel-release -y 222 | echo "true" > /etc/bt_lib.lock 223 | } 224 | Install_Aptlib(){ 225 | deepinSys=`cat /etc/issue` 226 | #apt-get autoremove -y 227 | apt-get -fy install 228 | export DEBIAN_FRONTEND=noninteractive 229 | apt-get install -y build-essential gcc g++ make 230 | if [[ "${deepinSys}" =~ eepin ]]; then 231 | for aptPack in debian-keyring debian-archive-keyring build-essential gcc g++ make cmake autoconf automake re2c wget cron bzip2 libzip-dev libc6-dev bison file rcconf flex vim bison m4 gawk less cpp binutils diffutils unzip tar bzip2 libbz2-dev libncurses5 libncurses5-dev libtool libevent-dev openssl libssl-dev zlibc libsasl2-dev libltdl3-dev libltdl-dev zlib1g zlib1g-dev libbz2-1.0 libbz2-dev libglib2.0-0 libglib2.0-dev libpng3 libpng12-0 libpng12-dev libkrb5-dev libpq-dev libpq5 gettext libpng12-dev libxml2-dev libcap-dev ca-certificates libc-client2007e-dev psmisc patch git libc-ares-dev libicu-dev e2fsprogs libxslt-dev libc-client-dev xz-utils libgd3 libgd-dev; 232 | do apt-get -y install $aptPack --force-yes; done 233 | rm -rf /usr/local/openssl 234 | Install_OpenSSL 235 | else 236 | for aptPack in debian-keyring debian-archive-keyring build-essential gcc g++ make cmake autoconf automake re2c wget cron bzip2 libzip-dev libc6-dev bison file rcconf flex vim bison m4 gawk less cpp binutils diffutils unzip tar bzip2 libbz2-dev libncurses5 libncurses5-dev libtool libevent-dev openssl libssl-dev zlibc libsasl2-dev libltdl3-dev libltdl-dev zlib1g zlib1g-dev libbz2-1.0 libbz2-dev libglib2.0-0 libglib2.0-dev libpng3 libjpeg62 libjpeg62-dev libpng12-0 libpng12-dev libkrb5-dev libpq-dev libpq5 gettext libpng12-dev libxml2-dev libcap-dev ca-certificates libc-client2007e-dev psmisc patch git libc-ares-dev libicu-dev e2fsprogs libxslt-dev libc-client-dev xz-utils libgd3 libgd-dev; 237 | do apt-get -y install $aptPack --force-yes; done 238 | fi 239 | ln -s /usr/lib/x86_64-linux-gnu/libjpeg.so.8 /usr/lib/libjpeg.so 240 | ln -s /usr/lib/x86_64-linux-gnu/libjpeg.a /usr/lib/libjpeg.a 241 | ln -s /usr/lib/x86_64-linux-gnu/libpng12.so.0 /usr/lib/libpng.so 242 | ln -s /usr/lib/x86_64-linux-gnu/libpng.a /usr/lib/libpng.a 243 | echo "true" > /etc/bt_lib.lock 244 | } 245 | Install_Lib() 246 | { 247 | if [ -f "/www/server/nginx/sbin/nginx" ] || [ -f "/www/server/apache/bin/httpd" ] || [ -f "/www/server/mysql/bin/mysql" ]; then 248 | return 249 | fi 250 | lockFile="/etc/bt_lib.lock" 251 | if [ -f "${lockFile}" ]; then 252 | return 253 | fi 254 | if [ "${PM}" = "yum" ]; then 255 | Install_Yumlib 256 | elif [ "${PM}" = "apt-get" ]; then 257 | Install_Aptlib 258 | fi 259 | Install_Sendmail 260 | Run_User="www" 261 | groupadd ${Run_User} 262 | useradd -s /sbin/nologin -g ${Run_User} ${Run_User} 263 | } 264 | 265 | Install_Lib 266 | Install_Openssl 267 | Install_Pcre 268 | Install_Curl 269 | Install_Mhash 270 | Install_Libmcrypt 271 | Install_Mcrypt 272 | Install_Libiconv 273 | Install_Freetype 274 | -------------------------------------------------------------------------------- /nginx-sticky-module.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/nginx-sticky-module.zip -------------------------------------------------------------------------------- /nginx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | LANG=en_US.UTF-8 5 | public_file=/www/server/panel/install/public.sh 6 | if [ ! -f $public_file ];then 7 | wget -O $public_file http://download.bt.cn/install/public.sh -T 20; 8 | fi 9 | publicFileMd5=$(md5sum ${public_file}|awk '{print $1}') 10 | md5check="0aa6cc891b1efd074f37feef75ec60bb" 11 | if [ "${publicFileMd5}" != "${md5check}" ]; then 12 | wget -O $public_file http://download.bt.cn/install/public.sh -T 20; 13 | fi 14 | . $public_file 15 | download_Url=$NODE_URL 16 | 17 | tengine='2.3.2' 18 | nginx_108='1.8.1' 19 | nginx_112='1.12.2' 20 | nginx_114='1.14.2' 21 | nginx_115='1.15.12' 22 | nginx_116='1.16.1' 23 | nginx_117='1.17.5' 24 | openresty='1.13.6.2' 25 | 26 | Root_Path=$(cat /var/bt_setupPath.conf) 27 | Setup_Path=$Root_Path/server/nginx 28 | run_path="/root" 29 | Is_64bit=$(getconf LONG_BIT) 30 | 31 | if [ -z "${cpuCore}" ]; then 32 | cpuCore="1" 33 | fi 34 | 35 | System_Lib(){ 36 | if [ "${PM}" == "yum" ] || [ "${PM}" == "dnf" ] ; then 37 | Pack="curl curl-devel libtermcap-devel ncurses-devel libevent-devel readline-devel libuuid-devel" 38 | ${PM} install ${Pack} -y 39 | elif [ "${PM}" == "apt-get" ]; then 40 | Pack="libgd3 libgd-dev libevent-dev libncurses5-dev libreadline-dev uuid-dev" 41 | ${PM} install ${Pack} -y 42 | fi 43 | } 44 | Service_Add(){ 45 | if [ "${PM}" == "yum" ] || [ "${PM}" == "dnf" ]; then 46 | chkconfig --add nginx 47 | chkconfig --level 2345 nginx on 48 | elif [ "${PM}" == "apt-get" ]; then 49 | update-rc.d nginx defaults 50 | fi 51 | } 52 | Service_Del(){ 53 | if [ "${PM}" == "yum" ] || [ "${PM}" == "dnf" ]; then 54 | chkconfig --del nginx 55 | chkconfig --level 2345 nginx off 56 | elif [ "${PM}" == "apt-get" ]; then 57 | update-rc.d nginx remove 58 | fi 59 | } 60 | Set_Time(){ 61 | BASH_DATE=$(stat nginx.sh|grep Modify|awk '{print $2}'|tr -d '-') 62 | SYS_DATE=$(date +%Y%m%d) 63 | [ "${SYS_DATE}" -lt "${BASH_DATE}" ] && date -s "$(curl https://www.bt.cn//api/index/get_date)" 64 | } 65 | Install_Jemalloc(){ 66 | if [ ! -f '/usr/local/lib/libjemalloc.so' ]; then 67 | wget -O jemalloc-5.0.1.tar.bz2 ${download_Url}/src/jemalloc-5.0.1.tar.bz2 68 | tar -xvf jemalloc-5.0.1.tar.bz2 69 | cd jemalloc-5.0.1 70 | ./configure 71 | make && make install 72 | ldconfig 73 | cd .. 74 | rm -rf jemalloc* 75 | fi 76 | } 77 | Install_LuaJIT() 78 | { 79 | if [ ! -d '/usr/local/include/luajit-2.0' ];then 80 | wget -c -O LuaJIT-2.0.4.tar.gz ${download_Url}/install/src/LuaJIT-2.0.4.tar.gz -T 10 81 | tar xvf LuaJIT-2.0.4.tar.gz 82 | cd LuaJIT-2.0.4 83 | make linux 84 | make install 85 | cd .. 86 | rm -rf LuaJIT-* 87 | export LUAJIT_LIB=/usr/local/lib 88 | export LUAJIT_INC=/usr/local/include/luajit-2.0/ 89 | ln -sf /usr/local/lib/libluajit-5.1.so.2 /usr/local/lib64/libluajit-5.1.so.2 90 | echo "/usr/local/lib" >> /etc/ld.so.conf 91 | ldconfig 92 | fi 93 | } 94 | Install_cjson() 95 | { 96 | if [ ! -f /usr/local/lib/lua/5.1/cjson.so ];then 97 | wget -O lua-cjson-2.1.0.tar.gz $download_Url/install/src/lua-cjson-2.1.0.tar.gz -T 20 98 | tar xvf lua-cjson-2.1.0.tar.gz 99 | rm -f lua-cjson-2.1.0.tar.gz 100 | cd lua-cjson-2.1.0 101 | make 102 | make install 103 | cd .. 104 | rm -rf lua-cjson-2.1.0 105 | fi 106 | } 107 | Download_Src(){ 108 | mkdir -p ${Setup_Path} 109 | cd ${Setup_Path} 110 | rm -rf ${Setup_Path}/src 111 | if [ "${version}" == "tengine" ] || [ "${version}" == "openresty" ]; then 112 | wget -O ${Setup_Path}/src.tar.gz ${download_Url}/src/${version}-${nginxVersion}.tar.gz -T20 113 | tar -xvf src.tar.gz 114 | mv ${version}-${nginxVersion} src 115 | else 116 | wget -O ${Setup_Path}/src.tar.gz http://nginx.org/download/nginx-${nginxVersion}.tar.gz -T20 117 | tar -xvf src.tar.gz 118 | tar -xvf src.tar.gz 119 | mv nginx-${nginxVersion} src 120 | fi 121 | 122 | cd src 123 | 124 | TLSv13_NGINX=$(echo ${nginxVersion}|tr -d '.'|cut -c 1-3) 125 | if [ "${TLSv13_NGINX}" -ge "115" ] && [ "${TLSv13_NGINX}" != "181" ];then 126 | opensslVer="1.1.1d" 127 | else 128 | opensslVer="1.0.2t" 129 | fi 130 | wget -O openssl.tar.gz https://www.openssl.org/source/openssl-${opensslVer}.tar.gz -T 15 131 | tar -zxvf openssl.tar.gz 132 | mv openssl-${opensslVer} openssl 133 | rm -f openssl.tar.gz 134 | 135 | pcre_version="8.43" 136 | wget -O pcre-$pcre_version.tar.gz ${download_Url}/src/pcre-$pcre_version.tar.gz 137 | tar zxf pcre-$pcre_version.tar.gz 138 | 139 | wget -O ngx_cache_purge.tar.gz ${download_Url}/src/ngx_cache_purge-2.3.tar.gz 140 | tar -zxvf ngx_cache_purge.tar.gz 141 | mv ngx_cache_purge-2.3 ngx_cache_purge 142 | rm -f ngx_cache_purge.tar.gz 143 | 144 | wget -O nginx-sticky-module.zip ${download_Url}/src/nginx-sticky-module.zip 145 | unzip -o nginx-sticky-module.zip 146 | rm -f nginx-sticky-module.zip 147 | 148 | wget -O nginx-http-concat.zip ${download_Url}/src/nginx-http-concat-1.2.2.zip 149 | unzip -o nginx-http-concat.zip 150 | mv nginx-http-concat-1.2.2 nginx-http-concat 151 | rm -f nginx-http-concat.zip 152 | 153 | #lua_nginx_module 154 | LuaModVer="0.10.13" 155 | wget -c -O lua-nginx-module-${LuaModVer}.zip ${download_Url}/src/lua-nginx-module-${LuaModVer}.zip 156 | unzip -o lua-nginx-module-${LuaModVer}.zip 157 | mv lua-nginx-module-${LuaModVer} lua_nginx_module 158 | rm -f lua-nginx-module-${LuaModVer}.zip 159 | 160 | #ngx_devel_kit 161 | NgxDevelKitVer="0.3.1" 162 | wget -c -O ngx_devel_kit-${NgxDevelKitVer}.zip ${download_Url}/src/ngx_devel_kit-${NgxDevelKitVer}.zip 163 | unzip -o ngx_devel_kit-${NgxDevelKitVer}.zip 164 | mv ngx_devel_kit-${NgxDevelKitVer} ngx_devel_kit 165 | rm -f ngx_devel_kit-${NgxDevelKitVer}.zip 166 | 167 | if [ "${Is_64bit}" = "64" ]; then 168 | if [ "${version}" == "1.15" ] || [ "${version}" == "1.17" ] || [ "${version}" == "tengine" ];then 169 | NGX_PAGESPEED_VAR="1.13.35.2" 170 | wget -O ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz ${download_Url}/src/ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz 171 | tar -xvf ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz 172 | mv ngx-pagespeed-${NGX_PAGESPEED_VAR} ngx-pagespeed 173 | rm -f ngx-pagespeed-${NGX_PAGESPEED_VAR}.tar.gz 174 | fi 175 | fi 176 | } 177 | Install_Configure(){ 178 | Run_User="www" 179 | wwwUser=$(cat /etc/passwd|grep www) 180 | if [ "${wwwUser}" == "" ];then 181 | groupadd ${Run_User} 182 | useradd -s /sbin/nologin -g ${Run_User} ${Run_User} 183 | fi 184 | 185 | [ -f "/www/server/panel/install/nginx_prepare.sh" ] && . /www/server/panel/install/nginx_prepare.sh 186 | [ -f "/www/server/panel/install/nginx_configure.pl" ] && ADD_EXTENSION=$(cat /www/server/panel/install/nginx_configure.pl) 187 | [ -f "/usr/local/lib/libjemalloc.so" ] && jemallocLD="--with-ld-opt="-ljemalloc"" 188 | 189 | if [ "${version}" == "1.8" ];then 190 | ENABLE_HTTP2="--with-http_spdy_module" 191 | else 192 | ENABLE_HTTP2="--with-http_v2_module --with-stream --with-stream_ssl_module" 193 | fi 194 | 195 | if [ "${version}" == "openresty" ];then 196 | ENABLE_LUA="--with-luajit" 197 | else 198 | ENABLE_LUA="--add-module=${Setup_Path}/src/ngx_devel_kit --add-module=${Setup_Path}/src/lua_nginx_module" 199 | fi 200 | 201 | export LUAJIT_LIB=/usr/local/lib 202 | export LUAJIT_INC=/usr/local/include/luajit-2.0/ 203 | export LD_LIBRARY_PATH=/usr/local/lib/:$LD_LIBRARY_PATH 204 | 205 | ./configure --user=www --group=www --prefix=${Setup_Path} ${ENABLE_LUA} --add-module=${Setup_Path}/src/ngx_cache_purge --add-module=${Setup_Path}/src/nginx-sticky-module --with-openssl=${Setup_Path}/src/openssl --with-pcre=pcre-${pcre_version} ${ENABLE_HTTP2} --with-http_stub_status_module --with-http_ssl_module --with-http_image_filter_module --with-http_gzip_static_module --with-http_gunzip_module --with-ipv6 --with-http_sub_module --with-http_flv_module --with-http_addition_module --with-http_realip_module --with-http_mp4_module --with-ld-opt="-Wl,-E" --with-cc-opt="-Wno-error" ${jemallocLD} ${ENABLE_NGX_PAGESPEED} ${ADD_EXTENSION} 206 | 207 | make -j${cpuCore} 208 | } 209 | Install_Nginx(){ 210 | make install 211 | if [ "${version}" == "openresty" ];then 212 | ln -sf /www/server/nginx/nginx/html /www/server/nginx/html 213 | ln -sf /www/server/nginx/nginx/conf /www/server/nginx/conf 214 | ln -sf /www/server/nginx/nginx/logs /www/server/nginx/logs 215 | ln -sf /www/server/nginx/nginx/sbin /www/server/nginx/sbin 216 | fi 217 | 218 | if [ ! -f "${Setup_Path}/sbin/nginx" ];then 219 | echo '========================================================' 220 | GetSysInfo 221 | echo -e "ERROR: nginx-${nginxVersion} installation failed."; 222 | echo -e "安装失败,请截图以上报错信息发帖至论坛www.bt.cn/bbs求助" 223 | rm -rf ${Setup_Path} 224 | exit 1; 225 | fi 226 | 227 | ln -sf ${Setup_Path}/sbin/nginx /usr/bin/nginx 228 | rm -f ${Setup_Path}/conf/nginx.conf 229 | 230 | cd ${Setup_Path} 231 | rm -f src.tar.gz 232 | } 233 | Update_Nginx(){ 234 | if [ "${nginxVersion}" = "openresty" ]; then 235 | make install 236 | echo -e "done" 237 | nginx -v 238 | echo "${nginxVersion}" > ${Setup_Path}/version.pl 239 | rm -f ${Setup_Path}/version_check.pl 240 | exit; 241 | fi 242 | if [ ! -f ${Setup_Path}/src/objs/nginx ]; then 243 | echo '========================================================' 244 | GetSysInfo 245 | echo -e "ERROR: nginx-${nginxVersion} installation failed."; 246 | echo -e "升级失败,请截图以上报错信息发帖至论坛www.bt.cn/bbs求助" 247 | rm -rf ${Setup_Path} 248 | exit 0; 249 | fi 250 | sleep 1 251 | /etc/init.d/nginx stop 252 | mv -f ${Setup_Path}/sbin/nginx ${Setup_Path}/sbin/nginxBak 253 | \cp -rfp ${Setup_Path}/src/objs/nginx ${Setup_Path}/sbin/ 254 | sleep 1 255 | /etc/init.d/nginx start 256 | rm -rf ${Setup_Path}/src 257 | nginx -v 258 | 259 | echo "${nginxVersion}" > ${Setup_Path}/version.pl 260 | rm -f ${Setup_Path}/version_check.pl 261 | if [ "${version}" == "tengine" ]; then 262 | echo "2.2.4(${tengine})" > ${Setup_Path}/version_check.pl 263 | fi 264 | exit 265 | } 266 | Set_Conf(){ 267 | Default_Website_Dir=$Root_Path'/wwwroot/default' 268 | mkdir -p ${Default_Website_Dir} 269 | mkdir -p ${Root_Path}/wwwlogs 270 | mkdir -p ${Setup_Path}/conf/vhost 271 | mkdir -p /usr/local/nginx/logs 272 | mkdir -p ${Setup_Path}/conf/rewrite 273 | 274 | wget -O ${Setup_Path}/conf/nginx.conf ${download_Url}/conf/nginx.conf -T20 275 | wget -O ${Setup_Path}/conf/pathinfo.conf ${download_Url}/conf/pathinfo.conf -T20 276 | wget -O ${Setup_Path}/conf/enable-php.conf ${download_Url}/conf/enable-php.conf -T20 277 | wget -O ${Setup_Path}/html/index.html ${download_Url}/error/index.html -T 5 278 | 279 | cat > ${Root_Path}/server/panel/vhost/nginx/phpfpm_status.conf< /www/server/nginx/conf/enable-php-00.conf 290 | for phpV in 52 53 54 55 56 70 71 72 73 74 75 291 | do 292 | cat > ${Setup_Path}/conf/enable-php-${phpV}.conf<> ${Root_Path}/server/panel/vhost/nginx/phpfpm_status.conf<> ${Root_Path}/server/panel/vhost/nginx/phpfpm_status.conf 311 | 312 | cat > ${Setup_Path}/conf/proxy.conf< ${Setup_Path}/conf/luawaf.conf< /dev/null 340 | if [ ! -d "/www/server/panel/vhost/wafconf" ];then 341 | mv $Setup_Path/waf/wafconf /www/server/panel/vhost/wafconf 342 | fi 343 | 344 | sed -i "s#include vhost/\*.conf;#include /www/server/panel/vhost/nginx/\*.conf;#" ${Setup_Path}/conf/nginx.conf 345 | sed -i "s#/www/wwwroot/default#/www/server/phpmyadmin#" ${Setup_Path}/conf/nginx.conf 346 | sed -i "/pathinfo/d" ${Setup_Path}/conf/enable-php.conf 347 | sed -i "s/#limit_conn_zone.*/limit_conn_zone \$binary_remote_addr zone=perip:10m;\n\tlimit_conn_zone \$server_name zone=perserver:10m;/" ${Setup_Path}/conf/nginx.conf 348 | sed -i "s/mime.types;/mime.types;\n\t\tinclude proxy.conf;\n/" ${Setup_Path}/conf/nginx.conf 349 | #if [ "${nginx_version}" == "1.12.2" ] || [ "${nginx_version}" == "openresty" ] || [ "${nginx_version}" == "1.14.2" ];then 350 | sed -i "s/mime.types;/mime.types;\n\t\t#include luawaf.conf;\n/" ${Setup_Path}/conf/nginx.conf 351 | #fi 352 | 353 | PHPVersion="" 354 | for phpVer in 52 53 54 55 56 70 71 72 73; 355 | do 356 | if [ -d "/www/server/php/${phpVer}/bin" ]; then 357 | PHPVersion=${phpVer} 358 | fi 359 | done 360 | 361 | if [ "${PHPVersion}" ];then 362 | \cp -r -a ${Setup_Path}/conf/enable-php-${PHPVersion}.conf ${Setup_Path}/conf/enable-php.conf 363 | fi 364 | 365 | wget -O /etc/init.d/nginx ${download_Url}/init/nginx.init -T 5 366 | chmod +x /etc/init.d/nginx 367 | } 368 | Set_Version(){ 369 | if [ "${version}" == "tengine" ]; then 370 | echo "-Tengine2.2.3" > ${Setup_Path}/version.pl 371 | echo "2.2.4(${tengine})" > ${Setup_Path}/version_check.pl 372 | elif [ "${version}" == "openresty" ]; then 373 | echo "openresty" > ${Setup_Path}/version.pl 374 | else 375 | echo "${nginxVersion}" > ${Setup_Path}/version.pl 376 | fi 377 | } 378 | 379 | Uninstall_Nginx() 380 | { 381 | if [ -f "/etc/init.d/nginx" ];then 382 | Service_Del 383 | /etc/init.d/nginx stop 384 | rm -f /etc/init.d/nginx 385 | fi 386 | [ -f "${Setup_Path}/rpm.pl" ] && yum remove bt-$(cat ${Setup_Path}/rpm.pl) -y 387 | pkill -9 nginx 388 | rm -rf ${Setup_Path} 389 | } 390 | 391 | actionType=$1 392 | version=$2 393 | 394 | if [ "${actionType}" == "uninstall" ]; then 395 | Service_Del 396 | Uninstall_Nginx 397 | else 398 | case "${version}" in 399 | '1.10') 400 | nginxVersion=${nginx_112} 401 | ;; 402 | '1.12') 403 | nginxVersion=${nginx_112} 404 | ;; 405 | '1.14') 406 | nginxVersion=${nginx_114} 407 | ;; 408 | '1.15') 409 | nginxVersion=${nginx_115} 410 | ;; 411 | '1.16') 412 | nginxVersion=${nginx_116} 413 | ;; 414 | '1.17') 415 | nginxVersion=${nginx_117} 416 | ;; 417 | '1.8') 418 | nginxVersion=${nginx_108} 419 | ;; 420 | 'openresty') 421 | nginxVersion=${openresty} 422 | ;; 423 | *) 424 | nginxVersion=${tengine} 425 | version="tengine" 426 | ;; 427 | esac 428 | if [ "${actionType}" == "install" ];then 429 | if [ -f "/www/server/nginx/sbin/nginx" ]; then 430 | Uninstall_Nginx 431 | fi 432 | System_Lib 433 | Install_Jemalloc 434 | Install_LuaJIT 435 | Install_cjson 436 | Download_Src 437 | Install_Configure 438 | Install_Nginx 439 | Set_Conf 440 | Set_Version 441 | Service_Add 442 | /etc/init.d/nginx start 443 | elif [ "${actionType}" == "update" ];then 444 | Download_Src 445 | Install_Configure 446 | Update_Nginx 447 | fi 448 | fi 449 | -------------------------------------------------------------------------------- /uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | 5 | Remove_Bt(){ 6 | if [ ! -f "/etc/init.d/bt" ] || [ ! -d "/www/server/panel" ]; then 7 | echo -e "此服务器没有安装宝塔!" 8 | echo -e "This server does not install bt-panel" 9 | exit; 10 | fi 11 | 12 | if [ -f "/etc/init.d/bt_syssafe" ]; then 13 | echo -e "此服务器装有宝塔系统加固可能导致无法正常卸载,请在面板卸载后再执行卸载命令!" 14 | exit; 15 | fi 16 | 17 | if [ -f "/etc/init.d/bt_tamper_proof" ]; then 18 | echo -e "此服务器装有宝塔网站防篡改可能导致无法正常卸载,请在面板卸载后再执行卸载命令!" 19 | exit; 20 | fi 21 | 22 | /etc/init.d/bt stop 23 | if [ -f "/usr/sbin/chkconfig" ];then 24 | chkconfig --del bt 25 | elif [ -f "/usr/sbin/update-rc.d" ];then 26 | update-rc.d -f bt remove 27 | fi 28 | rm -rf /www/server/panel 29 | rm -f /etc/init.d/bt 30 | echo -e "宝塔面板已卸载成功" 31 | echo -e "bt-panel uninstall success" 32 | } 33 | Remove_Rpm(){ 34 | echo -e "查询已安装rpm包.." 35 | echo -e "Find installed packages" 36 | for lib in libiconv-1.14 libmcrypt-2.5.8 mcrypt-2.6.8 mhash-0.9.9.9 bt-nginx bt-httpd bt-mysql bt-curl bt-AliSQL AliSQL-master bt-mariadb bt-php-5.2 bt-php-5.3 bt-php-5.4 bt-php-5.5 bt-php-5.6 bt-php-7.0 bt-php-7.1 37 | do 38 | rpm -qa |grep ${lib} > ${lib}.pl 39 | libRpm=`cat ${lib}.pl` 40 | if [ "${libRpm}" != "" ]; then 41 | rpm -e ${libRpm} --nodeps > /dev/null 2>&1 42 | echo -e ${lib} "\033[32mclean\033[0m" 43 | fi 44 | rm -f ${lib}.pl 45 | done 46 | yum remove bt-openssl* -y 47 | yum remove bt-php* -y 48 | echo -e "清理完毕" 49 | echo -e "Clean over" 50 | } 51 | 52 | Remove_Service(){ 53 | servicePath="/www/server" 54 | 55 | for service in nginx httpd mysqld pure-ftpd tomcat redis memcached mongodb pgsql tomcat tomcat7 tomcat8 tomcat9 php-fpm-52 php-fpm-53 php-fpm-54 php-fpm-55 php-fpm-56 php-fpm-70 php-fpm-71 php-fpm-72 php-fpm-73 56 | do 57 | if [ -f "/etc/init.d/${service}" ]; then 58 | /etc/init.d/${service} stop 59 | if [ -f "/usr/sbin/chkconfig" ];then 60 | chkconfig --del ${service} 61 | elif [ -f "/usr/sbin/update-rc.d" ];then 62 | update-rc.d -f ${service} remove 63 | fi 64 | 65 | if [ "${service}" = "mysqld" ]; then 66 | rm -rf ${servicePath}/mysql 67 | rm -f /etc/my.cnf 68 | elif [ "${service}" = "httpd" ]; then 69 | rm -rf ${servicePath}/apache 70 | elif [ "${service}" = "memcached" ]; then 71 | rm -rf /usr/local/memcached 72 | elif [ -d "${servicePath}/${service}" ]; then 73 | rm -rf ${servicePath}/${service} 74 | fi 75 | rm -f /etc/init.d/${service} 76 | echo -e ${service} "\033[32mclean\033[0m" 77 | fi 78 | done 79 | 80 | 81 | [ -d "${servicePath}/php" ] && rm -rf ${servicePath}/php 82 | if [ -d "${servicePath}/phpmyadmin" ]; then 83 | rm -rf ${servicePath}/phpmyadmin 84 | echo -e "phpmyadmin" "\033[32mclean\033[0m" 85 | fi 86 | 87 | if [ -d "${servicePath}/nvm" ]; then 88 | source /www/server/nvm/nvm.sh 89 | pm2 stop all 90 | rm -rf ${servicePath}/nvm 91 | sed -i "/NVM/d" /root/.bash_profile 92 | sed -i "/NVM/d" /root/.bashrc 93 | echo -e "node.js" "\033[32mclean\033[0m" 94 | fi 95 | 96 | if [ -f /opt/gitlab/embedded/service/gitlab-rails/Gemfile ];then 97 | gitlab-ctl stop 98 | yum remove gitlab-ce -y 99 | rm -rf /opt/gitlab 100 | rm -rf /var/opt/gitlab 101 | rm -rf /etc/gitlab 102 | rm -rf /www/server/panel/plugin/gitlab 103 | echo -e "gitlab" "\033[32mclean\033[0m" 104 | fi 105 | 106 | echo "清除面板运行环境完毕" 107 | } 108 | Remove_Data(){ 109 | rm -rf /www/server/data 110 | rm -rf /www/wwwlogs 111 | rm -rf /www/wwwroot 112 | } 113 | 114 | #echo -e "What you want to do ?(Default:1)" 115 | echo "1) 卸载宝塔" 116 | echo "2) 卸载宝塔及运行环境" 117 | #echo "3) 卸载宝塔及运行环境并清除所有站点相关数据" 118 | echo "*请检查安全类软件是否关闭,否正可能导致无法正常卸载 " 119 | echo "=================================================" 120 | read -p "请选择你要进行的操作(1-2 默认:1): " action; 121 | 122 | case $action in 123 | '1') 124 | Remove_Bt 125 | ;; 126 | '2') 127 | if [ -f "/usr/bin/yum" ] && [ -f "/usr/bin/rpm" ]; then 128 | Remove_Rpm 129 | fi 130 | Remove_Service 131 | Remove_Bt 132 | ;; 133 | *) 134 | Remove_Bt 135 | ;; 136 | esac 137 | -------------------------------------------------------------------------------- /update_pro/LinuxPanel-5.9.1_pro.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/update_pro/LinuxPanel-5.9.1_pro.zip -------------------------------------------------------------------------------- /update_pro/public.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | export LANG=en_US.UTF-8 5 | export LANGUAGE=en_US:en 6 | 7 | get_node_url(){ 8 | nodes=(http://git.efe.cc:5522); 9 | #nodes=(http://183.235.223.101:3389 http://125.88.182.172:5880 http://103.224.251.67 http://119.188.210.21:5880 http://download.bt.cn http://45.32.116.160 http://128.1.164.196); 10 | 11 | 12 | i=1; 13 | for node in ${nodes[@]}; 14 | do 15 | start=`date +%s.%N` 16 | result=`curl -sS --connect-timeout 3 -m 60 $node/check.txt` 17 | if [ "$result" = 'True' ];then 18 | end=`date +%s.%N` 19 | start_s=`echo $start | cut -d '.' -f 1` 20 | start_ns=`echo $start | cut -d '.' -f 2` 21 | end_s=`echo $end | cut -d '.' -f 1` 22 | end_ns=`echo $end | cut -d '.' -f 2` 23 | time_micro=$(( (10#$end_s-10#$start_s)*1000000 + (10#$end_ns/1000 - 10#$start_ns/1000) )) 24 | time_ms=$(($time_micro/1000)) 25 | values[$i]=$time_ms; 26 | urls[$time_ms]=$node 27 | i=$(($i+1)) 28 | if [ $time_ms -lt 70 ];then 29 | break; 30 | fi 31 | fi 32 | done 33 | j=5000 34 | for n in ${values[@]}; 35 | do 36 | if [ $j -gt $n ];then 37 | j=$n 38 | fi 39 | if [ $j -lt 70 ];then 40 | break; 41 | fi 42 | done 43 | if [ $j = 5000 ];then 44 | NODE_URL='http://download.bt.cn'; 45 | else 46 | NODE_URL=${urls[$j]} 47 | fi 48 | 49 | } 50 | 51 | GetCpuStat(){ 52 | time1=$(cat /proc/stat |grep 'cpu ') 53 | sleep 1 54 | time2=$(cat /proc/stat |grep 'cpu ') 55 | cpuTime1=$(echo ${time1}|awk '{print $2+$3+$4+$5+$6+$7+$8}') 56 | cpuTime2=$(echo ${time2}|awk '{print $2+$3+$4+$5+$6+$7+$8}') 57 | runTime=$((${cpuTime2}-${cpuTime1})) 58 | idelTime1=$(echo ${time1}|awk '{print $5}') 59 | idelTime2=$(echo ${time2}|awk '{print $5}') 60 | idelTime=$((${idelTime2}-${idelTime1})) 61 | useTime=$(((${runTime}-${idelTime})*3)) 62 | [ ${useTime} -gt ${runTime} ] && cpuBusy="true" 63 | if [ "${cpuBusy}" == "true" ]; then 64 | cpuCore=$((${cpuInfo}/2)) 65 | else 66 | cpuCore=$((${cpuInfo}-1)) 67 | fi 68 | } 69 | GetPackManager(){ 70 | if [ -f "/usr/bin/yum" ] && [ -f "/etc/yum.conf" ]; then 71 | PM="yum" 72 | elif [ -f "/usr/bin/apt-get" ] && [ -f "/usr/bin/dpkg" ]; then 73 | PM="apt-get" 74 | fi 75 | } 76 | 77 | bt_check(){ 78 | p_path=/www/server/panel/class/panelPlugin.py 79 | if [ -f $p_path ];then 80 | is_ext=$(cat $p_path|grep btwaf) 81 | if [ "$is_ext" != "" ];then 82 | send_check 83 | fi 84 | fi 85 | 86 | p_path=/www/server/panel/BTPanel/templates/default/index.html 87 | if [ -f $p_path ];then 88 | is_ext=$(cat $p_path|grep fbi) 89 | if [ "$is_ext" != "" ];then 90 | send_check 91 | fi 92 | fi 93 | } 94 | 95 | send_check(){ 96 | chattr -i /etc/init.d/bt 97 | chmod +x /etc/init.d/bt 98 | p_path2=/www/server/panel/class/common.py 99 | p_version=$(cat $p_path2|grep "version = "|awk '{print $3}'|tr -cd [0-9.]) 100 | curl -sS --connect-timeout 3 -m 60 http://www.bt.cn/api/panel/notpro?version=$p_version 101 | NODE_URL="" 102 | exit 0; 103 | } 104 | GetSysInfo(){ 105 | if [ "${PM}" = "yum" ]; then 106 | SYS_VERSION=$(cat /etc/redhat-release) 107 | elif [ "${PM}" = "apt-get" ]; then 108 | SYS_VERSION=$(cat /etc/issue) 109 | fi 110 | SYS_INFO=$(uname -a) 111 | SYS_BIT=$(getconf LONG_BIT) 112 | MEM_TOTAL=$(free -m|grep Mem|awk '{print $2}') 113 | CPU_INFO=$(getconf _NPROCESSORS_ONLN) 114 | GCC_VER=$(gcc -v 2>&1|grep "gcc version"|awk '{print $3}') 115 | CMAKE_VER=$(cmake --version|grep version|awk '{print $3}') 116 | 117 | echo -e ${SYS_VERSION} 118 | echo -e Bit:${SYS_BIT} Mem:${MEM_TOTAL}M Core:${CPU_INFO} gcc:${GCC_VER} cmake:${CMAKE_VER} 119 | echo -e ${SYS_INFO} 120 | } 121 | cpuInfo=$(getconf _NPROCESSORS_ONLN) 122 | if [ "${cpuInfo}" -ge "4" ];then 123 | GetCpuStat 124 | else 125 | cpuCore="1" 126 | fi 127 | GetPackManager 128 | if [ ! $NODE_URL ];then 129 | echo '正在选择下载节点...'; 130 | get_node_url 131 | bt_check 132 | fi 133 | -------------------------------------------------------------------------------- /update_pro/update_pro.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | LANG=en_US.UTF-8 5 | 6 | vp=$1 7 | m=`cat /www/server/panel/class/common.py|grep checkSafe` 8 | if [ "${vp}" == "free" ]; then 9 | vp="" 10 | Ver="免费版" 11 | elif [ "${vp}" == "pro" ] || [ "${m}" != "" ] ;then 12 | vp="_pro" 13 | Ver="专业版" 14 | elif [ -f /www/server/panel/plugin/beta/config.conf ]; then 15 | updateApi=https://www.bt.cn/Api/updateLinuxBeta 16 | vp="" 17 | Ver="内测版" 18 | fi 19 | 20 | public_file=/www/server/panel/install/public.sh 21 | if [ ! -f $public_file ];then 22 | wget -O $public_file http://git.efe.cc:5522/update_pro/public.sh -T 5; 23 | fi 24 | . $public_file 25 | 26 | download_Url=$NODE_URL 27 | setup_path=/www 28 | version='' 29 | 30 | pcreRpm=`rpm -qa |grep bt-pcre` 31 | if [ "${pcreRpm}" != "" ];then 32 | rpm -e bt-pcre 33 | yum reinstall pcre pcre-devel -y 34 | fi 35 | 36 | if [ "$version" = '' ];then 37 | if [ "${updateApi}" == "" ];then 38 | updateApi=https://www.bt.cn/Api/updateLinux 39 | fi 40 | if [ -f /usr/local/curl/bin/curl ]; then 41 | version=`/usr/local/curl/bin/curl $updateApi 2>/dev/null|grep -Po '"version":".*?"'|grep -Po '[0-9\.]+'` 42 | else 43 | version=`curl $updateApi 2>/dev/null|grep -Po '"version":".*?"'|grep -Po '[0-9\.]+'` 44 | fi 45 | fi 46 | 47 | if [ "$version" = '' ];then 48 | version=`cat /www/server/panel/class/common.py|grep "\.version"|awk '{print $3}'|sed 's/"//g'|sed 's/;//g'` 49 | version=${version:0:-1} 50 | fi 51 | 52 | if [ "$version" = '' ];then 53 | echo '版本号获取失败,请手动在第一个参数传入!'; 54 | exit; 55 | fi 56 | #wget -T 5 -O panel.zip $download_Url/install/update/LinuxPanel-${version}${vp}.zip 57 | wget -T 5 -O panel.zip http://git.efe.cc:5522/install/update/LinuxPanel-${version}${vp}.zip 58 | 59 | 60 | 61 | if [ ! -f "panel.zip" ];then 62 | echo "获取更新包失败,请稍后更新或联系宝塔运维" 63 | exit; 64 | fi 65 | unzip -o panel.zip -d $setup_path/server/ > /dev/null 66 | rm -f panel.zip 67 | cd $setup_path/server/panel/ 68 | rm -f $setup_path/server/panel/data/templates.pl 69 | check_bt=`cat /etc/init.d/bt` 70 | if [ "${check_bt}" = "" ];then 71 | rm -f /etc/init.d/bt 72 | wget -O /etc/init.d/bt $download_Url/install/src/bt.init -T 10 73 | chmod +x /etc/init.d/bt 74 | fi 75 | if [ ! -f "/etc/init.d/bt" ]; then 76 | wget -O /etc/init.d/bt $download_Url/install/src/bt.init -T 10 77 | chmod +x /etc/init.d/bt 78 | fi 79 | cd /www/server/panel 80 | python tools.py o 81 | 82 | sleep 1 && service bt restart > /dev/null 2>&1 & 83 | echo "=====================================" 84 | echo "已成功升级到[$version]${Ver}"; -------------------------------------------------------------------------------- /update_pro/vip_plugin.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ylwnet/Crack_BT_Panel2020/dc6a4e40d46de0b35a8ae5887929d4fa974df879/update_pro/vip_plugin.zip --------------------------------------------------------------------------------