improve docker

.docker/openresty/entrypoint.sh

@@ -1,57 +1,73 @@
 #!/bin/sh
 set -e
 
+# 定义颜色
+COLOR_RED='\033[0;31m'
+COLOR_GREEN='\033[0;32m'
+COLOR_YELLOW='\033[1;33m'
+COLOR_BLUE='\033[0;34m'
+COLOR_RESET='\033[0m'
+
+# 封装彩色输出函数
+echo_info() {
+  echo -e "${COLOR_BLUE}[INFO]${COLOR_RESET} $*"
+}
+
+echo_success() {
+  echo -e "${COLOR_GREEN}[SUCCESS]${COLOR_RESET} $*"
+}
+
+echo_warn() {
+  echo -e "${COLOR_YELLOW}[WARN]${COLOR_RESET} $*"
+}
+
+echo_error() {
+  echo -e "${COLOR_RED}[ERROR]${COLOR_RESET} $*"
+}
+
+
+# 设定证书目录
+CERT_DIR="/certs"
+FULLCHAIN="fullchain.pem"
+PRIVATE_KEY="private.key"
+USE_HTTPS="1"
+
 if [ -z "$DOMAIN" ]; then
-  echo "❌ 错误：必须设置 DOMAIN 环境变量！"
+  echo_error "❌ 错误：必须设置 DOMAIN 环境变量！"
   exit 1
 fi
 
-echo "当前域名是: $DOMAIN"
+echo_info "DOMAIN: $DOMAIN"
 
-# 设定证书目录
-CLOUDFLARE_CERT_DIR="/certs/cloudflare"
-FINAL_CERT_DIR="/certs/live"
-FULLCHAIN="fullchain.pem"
-PRIVATE_KEY="private.key"
-
-# 检查 Cloudflare 证书是否存在
-if [ -f "$FINAL_CERT_DIR/$FULLCHAIN" ] && [ -f "$FINAL_CERT_DIR/$PRIVATE_KEY" ]; then
-    echo "ssl certs already exists at: ${FINAL_CERT_DIR}"
+# 检查证书是否存在
+if [ -f "$CERT_DIR/$FULLCHAIN" ] && [ -f "$CERT_DIR/$PRIVATE_KEY" ]; then
+    echo_info "ssl certs already exists at: ${CERT_DIR}"
 else
-    if [ -f "$CLOUDFLARE_CERT_DIR/$FULLCHAIN" ] && [ -f "$CLOUDFLARE_CERT_DIR/$PRIVATE_KEY" ]; then
-        echo "⚡️ Cloudflare certs exists at: $CLOUDFLARE_CERT_DIR, copy to: $FINAL_CERT_DIR ..."
-        mkdir -p "$FINAL_CERT_DIR"
-        cp "$CLOUDFLARE_CERT_DIR/$FULLCHAIN" "$FINAL_CERT_DIR/$FULLCHAIN"
-        cp "$CLOUDFLARE_CERT_DIR/$PRIVATE_KEY" "$FINAL_CERT_DIR/$PRIVATE_KEY"
-    else
-        echo "🔍 Cloudflare certs not exists at: $CLOUDFLARE_CERT_DIR，use acme.sh to apply ..."
-
-        # 安装 acme.sh（如果还没装）
-        if [ ! -d "/root/.acme.sh" ]; then
-          curl https://get.acme.sh | sh
-          source ~/.bashrc
-        fi
-
-        # 申请证书
-        ~/.acme.sh/acme.sh --issue --standalone -d "$DOMAIN" --keylength ec-256
-
-        # 安装证书到目标目录
-        ~/.acme.sh/acme.sh --install-cert -d "$DOMAIN" --ecc \
-          --key-file "$FINAL_CERT_DIR/$PRIVATE_KEY" \
-          --fullchain-file "$FINAL_CERT_DIR/$FULLCHAIN"
-    fi
+    echo_info "no ssl certs at: ${CERT_DIR}"
+    USE_HTTPS="0"
 fi
 
-echo "✅ ssl certs done."
+echo_info "USE_HTTPS: $USE_HTTPS"
 
 # 组合子域名变量
 export PHPMYADMIN_SERVER_NAME="phpmyadmin.${DOMAIN}"
 
-# 清空旧配置
-rm -rf /etc/nginx/conf.d/*.conf
-
 # 生成配置
-envsubst '$DOMAIN' < /etc/nginx/conf.d/sites/app.conf.template > /etc/nginx/conf.d/app.conf
-envsubst '$PHPMYADMIN_SERVER_NAME' < /etc/nginx/conf.d/sites/phpmyadmin.conf.template > /etc/nginx/conf.d/phpmyadmin.conf
+APP_CONF="/etc/nginx/conf.d/app.conf"
+PMA_CONF="/etc/nginx/conf.d/phpmyadmin.conf"
+envsubst '$DOMAIN' < /etc/nginx/conf.d/sites/app.conf.template > "$APP_CONF"
+envsubst '$PHPMYADMIN_SERVER_NAME' < /etc/nginx/conf.d/sites/phpmyadmin.conf.template > "$PMA_CONF"
+
+# if no certs, remove ssl configuration
+if [ "$USE_HTTPS" = "0" ]; then
+    echo_info "remove https related configuration ..."
+    sed -i '/ssl_certificate/d' "$APP_CONF"
+    sed -i 's/listen.*/listen 80;/g' "$APP_CONF"
+
+    sed -i '/ssl_certificate/d' "$PMA_CONF"
+    sed -i 's/listen.*/listen 80;/g' "$PMA_CONF"
+fi
+
+openresty -T
 
 exec openresty -g 'daemon off;'