nas/MoviePilot
1
0
Fork 0
mirror of https://github.com/jxxghp/MoviePilot.git synced 2026-04-04 19:28:59 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
59c09681cbe29a9bcac5120eaae3144dbcc0f8a0
MoviePilot/docker/cert.sh
jxxghp 01a847a9c2 test beta
2025-04-17 11:43:42 +08:00

77 lines
2.6 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/bin/bash
set -e
Green="\033[32m"
Red="\033[31m"
Yellow='\033[33m'
Font="\033[0m"
INFO="[${Green}INFO${Font}]"
ERROR="[${Red}ERROR${Font}]"
WARN="[${Yellow}WARN${Font}]"
function INFO() {
echo -e "${INFO} ${1}"
}
function ERROR() {
echo -e "${ERROR} ${1}"
}
function WARN() {
echo -e "${WARN} ${1}"
}
# 仅当启用HTTPS且需要自动签发时执行
if [ "$ENABLE_SSL" = "true" ] && [ "$AUTO_ISSUE_CERT" = "true" ]; then
INFO "▄■▀▄■▀▄■▀▄■▀▄■▀ 证书管理开始 ▀■▄▀■▄▀■▄▀■▄▀■▄"
# 创建证书目录
mkdir -p /config/certs/"${SSL_DOMAIN}"
chown moviepilot:moviepilot /config/certs -R
# 安装acme.sh
if [ ! -d "/config/acme.sh" ]; then
INFO "→ 安装acme.sh..."
git clone https://github.com/acmesh-official/acme.sh.git /config/acme.sh
cd /config/acme.sh
./acme.sh --install --home /config/acme.sh \
--config-home /config/acme.sh/data \
--cert-home /config/certs \
--accountemail "${SSL_EMAIL}"
fi
# 签发证书(仅当证书不存在时)
if [ ! -f "/config/certs/${SSL_DOMAIN}/fullchain.pem" ]; then
# 检查必要参数
[ -z "${DNS_PROVIDER}" ] && { ERROR "必须指定DNS_PROVIDER环境变量"; exit 1; }
[ -z "${SSL_DOMAIN}" ] && { ERROR "必须指定SSL_DOMAIN环境变量"; exit 1; }
INFO "→ 签发证书: ${SSL_DOMAIN} (DNS验证方式: ${DNS_PROVIDER})"
# 导出所有ACME_ENV_开头的环境变量自动去除前缀
INFO "正在加载ACME环境变量..."
for acme_var in $(env | grep '^ACME_ENV_'); do
key="${acme_var#ACME_ENV_}"
key="${key%%=*}"
value="${acme_var#ACME_ENV_${key}=}"
export "${key}=${value}"
INFO "已加载环境变量: ${key}=******"
done
# 签发证书
/config/acme.sh/acme.sh --issue \
--dns "${DNS_PROVIDER}" \
--domain "${SSL_DOMAIN}" \
--key-file /config/certs/"${SSL_DOMAIN}"/privkey.pem \
--fullchain-file /config/certs/"${SSL_DOMAIN}"/fullchain.pem \
--force
# 创建稳定符号链接
ln -sf /config/certs/"${SSL_DOMAIN}" /config/certs/latest
fi
# 配置自动更新任务
INFO "→ 配置cron自动更新..."
echo "0 3 * * * /config/acme.sh/acme.sh --cron --home /config/acme.sh && nginx -s reload" > /etc/cron.d/acme
chmod 644 /etc/cron.d/acme
service cron start
INFO "▄■▀▄■▀▄■▀▄■▀▄■▀ 证书管理完成 ▀■▄▀■▄▀■▄▀■▄▀■▄"
fi
Reference in New Issue View Git Blame Copy Permalink