张翔
38 lines
1.2 KiB
Bash
Executable File
38 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
SSL_DIR="./ssl"
|
|
CERTBOT_DIR="/var/www/certbot"
|
|
DOMAIN="novalon.cn"
|
|
|
|
mkdir -p "$SSL_DIR"
|
|
mkdir -p "$CERTBOT_DIR"
|
|
|
|
echo "🔒 开始配置SSL证书..."
|
|
|
|
if [ ! -f "$SSL_DIR/fullchain.pem" ] || [ ! -f "$SSL_DIR/privkey.pem" ]; then
|
|
echo "📝 SSL证书不存在,需要手动配置Let's Encrypt证书"
|
|
echo "📋 请按照以下步骤操作:"
|
|
echo "1. 在服务器上安装certbot:"
|
|
echo " sudo apt-get update"
|
|
echo " sudo apt-get install certbot"
|
|
echo ""
|
|
echo "2. 获取SSL证书:"
|
|
echo " sudo certbot certonly --webroot -w $CERTBOT_DIR -d $DOMAIN -d www.$DOMAIN"
|
|
echo ""
|
|
echo "3. 复制证书文件到SSL目录:"
|
|
echo " sudo cp /etc/letsencrypt/live/$DOMAIN/fullchain.pem $SSL_DIR/"
|
|
echo " sudo cp /etc/letsencrypt/live/$DOMAIN/privkey.pem $SSL_DIR/"
|
|
echo ""
|
|
echo "4. 设置证书文件权限:"
|
|
echo " sudo chmod 644 $SSL_DIR/fullchain.pem"
|
|
echo " sudo chmod 600 $SSL_DIR/privkey.pem"
|
|
echo ""
|
|
echo "5. 配置自动续期:"
|
|
echo " 添加cron任务: 0 0,12 * * * certbot renew --quiet"
|
|
else
|
|
echo "✅ SSL证书已存在"
|
|
echo "📋 证书信息:"
|
|
ls -lh "$SSL_DIR"
|
|
fi
|
|
|
|
echo "🎉 SSL证书配置完成!" |