scripts/share/ningx_proxy_manager.py

import json

from lib.all import *


def get_all_cert_map():
    headers = {
        'Accept': 'application/json, text/javascript, */*; q=0.01',
        'Accept-Language': 'zh-CN,zh;q=0.9,ko;q=0.8,ja;q=0.7,en;q=0.6',
        'Authorization': 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhcGkiLCJzY29wZSI6WyJ1c2VyIl0sImF0dHJzIjp7ImlkIjoxfSwiZXhwaXJlc0luIjoiMWQiLCJqdGkiOiJndVVDWnNjbmE1TzljdzFoIiwiaWF0IjoxNzMzOTc2OTU5LCJleHAiOjE3MzQwNjMzNTl9.TWcVzTMVR1wgphBYYfuH7BhOkrL8vqolzLBvgRU9f5KvkWOWLeF2g0P69YefqQHc32NH6YB81PWUlr_ZFQeeMnGDmcPGk0HvzZawMau44GKCB7iADFpGwWhrQvxYQuvm_f6KeYvLoOJsfTketHu_YoFNlPBhgRJ83uyLzmgd8w2-gdgvWuxHPbDkIO_k3eyw5rqSxjS6lNlo7SlyBCSW3FTgRcOAhOWI0uf87s-RwTHpZxLTDje6QH4PKYMUOJCzhojoxl5PxgDerA5ru0M13bdTAnBGMYjYHP_2X7Xa9DgwZ0yMxDLLIhnrntXQzKFEjv79alehPZe6ENQTHJvNBQ',
        'Connection': 'keep-alive',
        'Content-Type': 'application/json; charset=UTF-8',
        'Referer': 'http://47.242.233.23:81/nginx/certificates',
        'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36',
    }

    params = {
        'expand': 'owner',
    }

    response = requests.get('http://47.242.233.23:81/api/nginx/certificates', params=params, headers=headers, verify=False)
    res = json.loads(response.text)

    cert_map = dict()
    for cert in res:
        domain_names = safe_get_list(cert, "domain_names")
        for domain_name in domain_names:
            dmn = domain_name.replace("*.", "")
            cert_map[dmn] = cert

    return cert_map


def batch_apply_cert(domain_names):
    headers = {
        'Accept': 'application/json, text/javascript, */*; q=0.01',
        'Accept-Language': 'zh-CN,zh;q=0.9,ko;q=0.8,ja;q=0.7,en;q=0.6',
        'Authorization': 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhcGkiLCJzY29wZSI6WyJ1c2VyIl0sImF0dHJzIjp7ImlkIjoxfSwiZXhwaXJlc0luIjoiMWQiLCJqdGkiOiJndVVDWnNjbmE1TzljdzFoIiwiaWF0IjoxNzMzOTc2OTU5LCJleHAiOjE3MzQwNjMzNTl9.TWcVzTMVR1wgphBYYfuH7BhOkrL8vqolzLBvgRU9f5KvkWOWLeF2g0P69YefqQHc32NH6YB81PWUlr_ZFQeeMnGDmcPGk0HvzZawMau44GKCB7iADFpGwWhrQvxYQuvm_f6KeYvLoOJsfTketHu_YoFNlPBhgRJ83uyLzmgd8w2-gdgvWuxHPbDkIO_k3eyw5rqSxjS6lNlo7SlyBCSW3FTgRcOAhOWI0uf87s-RwTHpZxLTDje6QH4PKYMUOJCzhojoxl5PxgDerA5ru0M13bdTAnBGMYjYHP_2X7Xa9DgwZ0yMxDLLIhnrntXQzKFEjv79alehPZe6ENQTHJvNBQ',
        'Connection': 'keep-alive',
        'Content-Type': 'application/json; charset=UTF-8',
        'Origin': 'http://47.242.233.23:81',
        'Referer': 'http://47.242.233.23:81/nginx/certificates',
        'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36',
    }

    json_data = {
        'domain_names': domain_names,
        'meta': {
            'letsencrypt_email': 'jueweijue@gmail.com',
            'dns_challenge': True,
            'dns_provider': 'cloudflare',
            'dns_provider_credentials': '# Cloudflare API token\r\ndns_cloudflare_api_token=OYrExEPmDzx5lYnFrg9c8qU05k-3SgjVe3Us6NoL',
            'letsencrypt_agree': True,
        },
        'provider': 'letsencrypt',
    }

    response = requests.post('http://47.242.233.23:81/api/nginx/certificates', headers=headers, json=json_data, verify=False)
    res = json.loads(response.text)
    return res


def batch_add_records(domain_names, forward_host, forward_port, cert_id):
    headers = {
        'Accept': 'application/json, text/javascript, */*; q=0.01',
        'Accept-Language': 'zh-CN,zh;q=0.9,ko;q=0.8,ja;q=0.7,en;q=0.6',
        'Authorization': 'Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhcGkiLCJzY29wZSI6WyJ1c2VyIl0sImF0dHJzIjp7ImlkIjoxfSwiZXhwaXJlc0luIjoiMWQiLCJqdGkiOiI3U05KaHVLOWR0YjdmRExDIiwiaWF0IjoxNzMzOTgyMTMyLCJleHAiOjE3MzQwNjg1MzJ9.mhHrgOATwgRQQ0GI3opDw-qck_TV3c7Ka4TEkDi0ORO3e8iKcEsELd3zfgOzEV5oLHWoGUcOpOn2LPSp4GLMqzbmDE4PWQ4xsAbgT-LCSaN3NRTGGo4XwMkmAYIRrPRIWTqlaR2FwXPYVJocVNbKm5TWJF57dmjFQPrikAxZEJfXewpGPSCF6qnSlCQeFK_lx1um_XIkLxnBLnGy3KsGMhcOtgJ4wT8DRiyd2htYztcv-4TFzhyDsc2U2ge6OfXhPVTHILEPPiCXSgBPjlEx63ilG2w6vaUam1cafRIOgDEqhVT730NmhZVSD8hmRym8t8IPf_6fMgf3Mlv7GrcEyw',
        'Connection': 'keep-alive',
        'Content-Type': 'application/json; charset=UTF-8',
        'Origin': 'http://47.242.233.23:81',
        'Referer': 'http://47.242.233.23:81/nginx/proxy',
        'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36',
    }

    json_data = {
        'domain_names': domain_names,
        'forward_scheme': 'http',
        'forward_host': forward_host,
        'forward_port': forward_port,
        'allow_websocket_upgrade': True,
        'access_list_id': '0',
        'certificate_id': cert_id,
        'ssl_forced': True,
        'meta': {
            'letsencrypt_agree': False,
            'dns_challenge': False,
        },
        'advanced_config': '',
        'locations': [],
        'block_exploits': False,
        'caching_enabled': False,
        'http2_support': False,
        'hsts_enabled': False,
        'hsts_subdomains': False,
    }
    response = requests.post('http://47.242.233.23:81/api/nginx/proxy-hosts', headers=headers, json=json_data, verify=False)
    res = json.loads(response.text)
    return res

# cert_map = get_all_cert_map()
# print(cert_map["*.tiefen888.top"])

#
# dms = list()
# ns_domains = ns_manager.client.list_domains()
# for nsdm in ns_domains:
#     dm = "*." + safe_get_str(nsdm, "#text")
#     if dm in cert_map.keys():
#         print(dm)
#         continue
#     dms.append(dm)
#
# print(apply_cert(dms))

#
# print(cert_map)