Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
5b41f15ff2 | ||
|
|
cef4b73111 | ||
|
|
c1122d038f | ||
|
|
862a2cdc18 | ||
|
|
7eead75905 |
@@ -16,8 +16,8 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- ./letsencrypt:/etc/letsencrypt
|
- ./letsencrypt:/etc/letsencrypt
|
||||||
#- ./certs:/app/certs
|
#- ./certs:/app/certs
|
||||||
- ./letsencrypt/live/derper.jmsu.top/fullchain.pem:/app/certs/derper.jmsu.top.crt:ro
|
- ./letsencrypt/live/derphz.jmsu.top/fullchain.pem:/app/certs/derphz.jmsu.top.crt:ro
|
||||||
- ./letsencrypt/live/derper.jmsu.top/privkey.pem:/app/certs/derper.jmsu.top.key:ro
|
- ./letsencrypt/live/derphz.jmsu.top/privkey.pem:/app/certs/derphz.jmsu.top.key:ro
|
||||||
- ./logs:/var/log/certbot
|
- ./logs:/var/log/certbot
|
||||||
- /var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock:ro
|
- /var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock:ro
|
||||||
# tailscale login first require
|
# tailscale login first require
|
||||||
@@ -27,7 +27,7 @@ services:
|
|||||||
- -c
|
- -c
|
||||||
- |
|
- |
|
||||||
/app/derper \
|
/app/derper \
|
||||||
-hostname derper.jmsu.top \
|
-hostname derphz.jmsu.top \
|
||||||
-certdir /app/certs \
|
-certdir /app/certs \
|
||||||
-certmode manual \
|
-certmode manual \
|
||||||
-a :3477 \
|
-a :3477 \
|
||||||
|
|||||||
@@ -1,23 +1,15 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
cd /opt/caddy/certbot-aliyun-docker/derper
|
cd /opt/certbot-aliyun-docker/derper
|
||||||
|
rm -rf ./letsencrypt/accounts
|
||||||
docker run --rm \
|
docker run --rm \
|
||||||
|
--entrypoint /bin/bash \
|
||||||
-e REGION=cn-hangzhou \
|
-e REGION=cn-hangzhou \
|
||||||
-e ACCESS_KEY_ID=LTAI5tP1yWFMMJhF6nrGYEit \
|
-e ACCESS_KEY_ID=LTAI5tP1yWFMMJhF6nrGYEit \
|
||||||
-e ACCESS_KEY_SECRET=xBEMX76UwvO21DCES2605VM0kAU7TV \
|
-e ACCESS_KEY_SECRET=xBEMX76UwvO21DCES2605VM0kAU7TV \
|
||||||
-e DOMAIN=derper.jmsu.top \
|
-e DOMAIN=derphz.jmsu.top \
|
||||||
-e EMAIL=pylyzeng@gmail.com \
|
-e EMAIL=pylyzeng@gmail.com \
|
||||||
-e CRON_SCHEDULE="0 0 * * *" \
|
-v "./letsencrypt:/etc/letsencrypt" \
|
||||||
-v "$PWD/letsencrypt:/etc/letsencrypt" \
|
-v "./certs:/app/certs" \
|
||||||
-v "$PWD/certs:/app/certs" \
|
-v "./logs:/var/log/certbot" \
|
||||||
-v "$PWD/logs:/var/log/certbot" \
|
|
||||||
hotwa/certbot:latest \
|
hotwa/certbot:latest \
|
||||||
certbot certonly \
|
-c 'source /opt/venv/bin/activate && aliyun configure set --profile akProfile --mode AK --region "$REGION" --access-key-id "$ACCESS_KEY_ID" --access-key-secret "$ACCESS_KEY_SECRET" && certbot certonly -d "$DOMAIN" --manual --preferred-challenges dns --manual-auth-hook "/usr/local/bin/alidns" --manual-cleanup-hook "/usr/local/bin/alidns clean" --email "$EMAIL" --agree-tos --non-interactive'
|
||||||
-d "*.derper.jmsu.top" \
|
|
||||||
--manual \
|
|
||||||
--preferred-challenges dns \
|
|
||||||
--manual-auth-hook "alidns" \
|
|
||||||
--manual-cleanup-hook "alidns clean" \
|
|
||||||
--email pylyzeng@gmail.com \
|
|
||||||
--agree-tos \
|
|
||||||
--non-interactive \
|
|
||||||
-v
|
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ cd /opt/caddy/certbot-aliyun-docker/derper
|
|||||||
docker run --rm \
|
docker run --rm \
|
||||||
-e REGION=cn-hangzhou \
|
-e REGION=cn-hangzhou \
|
||||||
-e ACCESS_KEY_ID=LTAI5tP1yWFMMJhF6nrGYEit \
|
-e ACCESS_KEY_ID=LTAI5tP1yWFMMJhF6nrGYEit \
|
||||||
-e ACCESS_KEY_SECRET=LTAI5tP1yWFMMJhF6nrGYEit \
|
-e ACCESS_KEY_SECRET=xBEMX76UwvO21DCES2605VM0kAU7TV \
|
||||||
-e DOMAIN=derper.jmsu.top \
|
-e DOMAIN=derper.jmsu.top \
|
||||||
-e EMAIL=pylyzeng@gmail.com \
|
-e EMAIL=pylyzeng@gmail.com \
|
||||||
-v "$PWD/letsencrypt:/etc/letsencrypt" \
|
-v "$PWD/letsencrypt:/etc/letsencrypt" \
|
||||||
|
|||||||
@@ -3,6 +3,7 @@
|
|||||||
# 检查参数
|
# 检查参数
|
||||||
if [ $# -lt 2 ]; then
|
if [ $# -lt 2 ]; then
|
||||||
echo "用法: $0 <工作目录> <域名>"
|
echo "用法: $0 <工作目录> <域名>"
|
||||||
|
echo "/opt/certbot-aliyun-docker/renew_derper.sh /opt/certbot-aliyun-docker/derper derphz.jmsu.top"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@@ -12,7 +13,7 @@ DOMAIN="$2" # 第二个参数:域名,比如 derper.jmsu.top
|
|||||||
# 可选:你可以将阿里云AK/SK/邮箱也作为参数或放到环境变量/配置文件
|
# 可选:你可以将阿里云AK/SK/邮箱也作为参数或放到环境变量/配置文件
|
||||||
REGION="cn-hangzhou"
|
REGION="cn-hangzhou"
|
||||||
ACCESS_KEY_ID="LTAI5tP1yWFMMJhF6nrGYEit" # 推荐写到外部变量,或传参数
|
ACCESS_KEY_ID="LTAI5tP1yWFMMJhF6nrGYEit" # 推荐写到外部变量,或传参数
|
||||||
ACCESS_KEY_SECRET="LTAI5tP1yWFMMJhF6nrGYEit" # 推荐写到外部变量,或传参数
|
ACCESS_KEY_SECRET="xBEMX76UwvO21DCES2605VM0kAU7TV" # 推荐写到外部变量,或传参数
|
||||||
EMAIL="pylyzeng@gmail.com"
|
EMAIL="pylyzeng@gmail.com"
|
||||||
|
|
||||||
cd "$WORKDIR" || exit 1
|
cd "$WORKDIR" || exit 1
|
||||||
@@ -45,10 +46,10 @@ echo ">>> derper up OK"
|
|||||||
echo "crontab 添加任务选项(请根据实际需求选择,复制到 crontab 即可):"
|
echo "crontab 添加任务选项(请根据实际需求选择,复制到 crontab 即可):"
|
||||||
echo
|
echo
|
||||||
echo "【每周一凌晨 2 点执行】"
|
echo "【每周一凌晨 2 点执行】"
|
||||||
echo "0 2 * * 1 $WORKDIR/renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"
|
echo "0 2 * * 1 $WORKDIR/../renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"
|
||||||
echo
|
echo
|
||||||
echo "【每月 1 号凌晨 2 点执行】"
|
echo "【每月 1 号凌晨 2 点执行】"
|
||||||
echo "0 2 1 * * $WORKDIR/renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"
|
echo "0 2 1 * * $WORKDIR/../renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"
|
||||||
|
|
||||||
echo ">>> 当前容器日志"
|
echo ">>> 当前容器日志"
|
||||||
docker compose logs
|
docker compose logs
|
||||||
Reference in New Issue
Block a user