mirror of
https://github.com/lkddi/nexusphp.git
synced 2026-04-24 12:07:23 +08:00
improve docker
This commit is contained in:
@@ -1,57 +1,73 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# 定义颜色
|
||||
COLOR_RED='\033[0;31m'
|
||||
COLOR_GREEN='\033[0;32m'
|
||||
COLOR_YELLOW='\033[1;33m'
|
||||
COLOR_BLUE='\033[0;34m'
|
||||
COLOR_RESET='\033[0m'
|
||||
|
||||
# 封装彩色输出函数
|
||||
echo_info() {
|
||||
echo -e "${COLOR_BLUE}[INFO]${COLOR_RESET} $*"
|
||||
}
|
||||
|
||||
echo_success() {
|
||||
echo -e "${COLOR_GREEN}[SUCCESS]${COLOR_RESET} $*"
|
||||
}
|
||||
|
||||
echo_warn() {
|
||||
echo -e "${COLOR_YELLOW}[WARN]${COLOR_RESET} $*"
|
||||
}
|
||||
|
||||
echo_error() {
|
||||
echo -e "${COLOR_RED}[ERROR]${COLOR_RESET} $*"
|
||||
}
|
||||
|
||||
|
||||
# 设定证书目录
|
||||
CERT_DIR="/certs"
|
||||
FULLCHAIN="fullchain.pem"
|
||||
PRIVATE_KEY="private.key"
|
||||
USE_HTTPS="1"
|
||||
|
||||
if [ -z "$DOMAIN" ]; then
|
||||
echo "❌ 错误:必须设置 DOMAIN 环境变量!"
|
||||
echo_error "❌ 错误:必须设置 DOMAIN 环境变量!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "当前域名是: $DOMAIN"
|
||||
echo_info "DOMAIN: $DOMAIN"
|
||||
|
||||
# 设定证书目录
|
||||
CLOUDFLARE_CERT_DIR="/certs/cloudflare"
|
||||
FINAL_CERT_DIR="/certs/live"
|
||||
FULLCHAIN="fullchain.pem"
|
||||
PRIVATE_KEY="private.key"
|
||||
|
||||
# 检查 Cloudflare 证书是否存在
|
||||
if [ -f "$FINAL_CERT_DIR/$FULLCHAIN" ] && [ -f "$FINAL_CERT_DIR/$PRIVATE_KEY" ]; then
|
||||
echo "ssl certs already exists at: ${FINAL_CERT_DIR}"
|
||||
# 检查证书是否存在
|
||||
if [ -f "$CERT_DIR/$FULLCHAIN" ] && [ -f "$CERT_DIR/$PRIVATE_KEY" ]; then
|
||||
echo_info "ssl certs already exists at: ${CERT_DIR}"
|
||||
else
|
||||
if [ -f "$CLOUDFLARE_CERT_DIR/$FULLCHAIN" ] && [ -f "$CLOUDFLARE_CERT_DIR/$PRIVATE_KEY" ]; then
|
||||
echo "⚡️ Cloudflare certs exists at: $CLOUDFLARE_CERT_DIR, copy to: $FINAL_CERT_DIR ..."
|
||||
mkdir -p "$FINAL_CERT_DIR"
|
||||
cp "$CLOUDFLARE_CERT_DIR/$FULLCHAIN" "$FINAL_CERT_DIR/$FULLCHAIN"
|
||||
cp "$CLOUDFLARE_CERT_DIR/$PRIVATE_KEY" "$FINAL_CERT_DIR/$PRIVATE_KEY"
|
||||
else
|
||||
echo "🔍 Cloudflare certs not exists at: $CLOUDFLARE_CERT_DIR,use acme.sh to apply ..."
|
||||
|
||||
# 安装 acme.sh(如果还没装)
|
||||
if [ ! -d "/root/.acme.sh" ]; then
|
||||
curl https://get.acme.sh | sh
|
||||
source ~/.bashrc
|
||||
fi
|
||||
|
||||
# 申请证书
|
||||
~/.acme.sh/acme.sh --issue --standalone -d "$DOMAIN" --keylength ec-256
|
||||
|
||||
# 安装证书到目标目录
|
||||
~/.acme.sh/acme.sh --install-cert -d "$DOMAIN" --ecc \
|
||||
--key-file "$FINAL_CERT_DIR/$PRIVATE_KEY" \
|
||||
--fullchain-file "$FINAL_CERT_DIR/$FULLCHAIN"
|
||||
fi
|
||||
echo_info "no ssl certs at: ${CERT_DIR}"
|
||||
USE_HTTPS="0"
|
||||
fi
|
||||
|
||||
echo "✅ ssl certs done."
|
||||
echo_info "USE_HTTPS: $USE_HTTPS"
|
||||
|
||||
# 组合子域名变量
|
||||
export PHPMYADMIN_SERVER_NAME="phpmyadmin.${DOMAIN}"
|
||||
|
||||
# 清空旧配置
|
||||
rm -rf /etc/nginx/conf.d/*.conf
|
||||
|
||||
# 生成配置
|
||||
envsubst '$DOMAIN' < /etc/nginx/conf.d/sites/app.conf.template > /etc/nginx/conf.d/app.conf
|
||||
envsubst '$PHPMYADMIN_SERVER_NAME' < /etc/nginx/conf.d/sites/phpmyadmin.conf.template > /etc/nginx/conf.d/phpmyadmin.conf
|
||||
APP_CONF="/etc/nginx/conf.d/app.conf"
|
||||
PMA_CONF="/etc/nginx/conf.d/phpmyadmin.conf"
|
||||
envsubst '$DOMAIN' < /etc/nginx/conf.d/sites/app.conf.template > "$APP_CONF"
|
||||
envsubst '$PHPMYADMIN_SERVER_NAME' < /etc/nginx/conf.d/sites/phpmyadmin.conf.template > "$PMA_CONF"
|
||||
|
||||
# if no certs, remove ssl configuration
|
||||
if [ "$USE_HTTPS" = "0" ]; then
|
||||
echo_info "remove https related configuration ..."
|
||||
sed -i '/ssl_certificate/d' "$APP_CONF"
|
||||
sed -i 's/listen.*/listen 80;/g' "$APP_CONF"
|
||||
|
||||
sed -i '/ssl_certificate/d' "$PMA_CONF"
|
||||
sed -i 's/listen.*/listen 80;/g' "$PMA_CONF"
|
||||
fi
|
||||
|
||||
openresty -T
|
||||
|
||||
exec openresty -g 'daemon off;'
|
||||
|
||||
Reference in New Issue
Block a user