54 lines
1.7 KiB
Bash
54 lines
1.7 KiB
Bash
#!/bin/bash
|
||
|
||
# 检查参数
|
||
if [ $# -lt 2 ]; then
|
||
echo "用法: $0 <工作目录> <域名>"
|
||
exit 1
|
||
fi
|
||
|
||
WORKDIR="$1" # 第一个参数:工作目录,比如 /opt/caddy/certbot-aliyun-docker/derper
|
||
DOMAIN="$2" # 第二个参数:域名,比如 derper.jmsu.top
|
||
|
||
# 可选:你可以将阿里云AK/SK/邮箱也作为参数或放到环境变量/配置文件
|
||
REGION="cn-hangzhou"
|
||
ACCESS_KEY_ID="LTAI5tP1yWFMMJhF6nrGYEit" # 推荐写到外部变量,或传参数
|
||
ACCESS_KEY_SECRET="LTAI5tP1yWFMMJhF6nrGYEit" # 推荐写到外部变量,或传参数
|
||
EMAIL="pylyzeng@gmail.com"
|
||
|
||
cd "$WORKDIR" || exit 1
|
||
|
||
echo ">>> 停止 derper 服务"
|
||
docker compose down
|
||
|
||
echo ">>> 续期证书 $DOMAIN"
|
||
|
||
docker run --rm \
|
||
-e REGION="$REGION" \
|
||
-e ACCESS_KEY_ID="$ACCESS_KEY_ID" \
|
||
-e ACCESS_KEY_SECRET="$ACCESS_KEY_SECRET" \
|
||
-e DOMAIN="$DOMAIN" \
|
||
-e EMAIL="$EMAIL" \
|
||
-v "$PWD/letsencrypt:/etc/letsencrypt" \
|
||
-v "$PWD/certs:/app/certs" \
|
||
-v "$PWD/logs:/var/log/certbot" \
|
||
hotwa/certbot:latest \
|
||
certbot renew \
|
||
--manual \
|
||
--preferred-challenges dns \
|
||
--manual-auth-hook "alidns" \
|
||
--manual-cleanup-hook "alidns clean" \
|
||
--deploy-hook "/app/scripts/webhook.sh" \
|
||
--no-random-sleep-on-renew \
|
||
-v
|
||
|
||
echo ">>> 启动 derper 服务"
|
||
docker compose up -d
|
||
|
||
echo "crontab 添加任务选项(请根据实际需求选择,复制到 crontab 即可):"
|
||
echo
|
||
echo "【每周一凌晨 2 点执行】"
|
||
echo "0 2 * * 1 $WORKDIR/renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"
|
||
echo
|
||
echo "【每月 1 号凌晨 2 点执行】"
|
||
echo "0 2 1 * * $WORKDIR/renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"
|