【资源】分享一个lnmp后补SSL的sh脚本
yumanutong发表于 2018-06-30 09:05:01
忙?懒?反正我是赶在最后一天来处理自己网站的SSL的。哦,我还有好几个站呢。所以,写了个.sh脚本,就不用一个个去折腾啦。代码筛选(整理)摘录自lnmp脚本。所以本文只能算分享。哈哈哈。这样不需要重新去执行一次lnmp vhost add来重新添加。没啥问题。
首先在任意目录,你喜欢就好,我在 /root/lnmp1.x/目录下。
然后按下insert按钮,进行插入如下内容:
- Echo_Yellow()
- {
- echo -n $(Color_Text "$1" "33")
- }
- Color_Text()
- {
- echo -e " \e[0;$2m$1\e[0m"
- }
- domain=""
- while :;do
- Echo_Yellow "Please enter domain(example: www.lnmp.org): "
- read domain
- if [ "${domain}" != "" ]; then
- echo " Your domain: ${domain}"
- break
- else
- Echo_Red "Domain name can't be empty!"
- fi
- done
- Echo_Yellow "Enter more domain name(example: lnmp.org *.lnmp.org): "
- read moredomain
- if [ "${moredomain}" != "" ]; then
- echo " domain list: ${moredomain}"
- fi
- vhostdir="/home/wwwroot/${domain}"
- echo "Please enter the directory for the domain: $domain"
- Echo_Yellow "Default directory: /home/wwwroot/${domain}: "
- read vhostdir
- if [ "${vhostdir}" == "" ]; then
- vhostdir="/home/wwwroot/${domain}"
- fi
- echo "Virtual Host Directory: ${vhostdir}"
- email=""
- while :;do
- Echo_Yellow "Please enter Administrator Email Address: "
- read email
- if [ "${email}" == "" ]; then
- Echo_Red "Administrator Email Address cannot be empty!"
- else
- echo "Server Administrator Email:${email}"
- break
- fi
- done
- letsdomain=""
- if [ "${moredomain}" != "" ]; then
- letsdomain="-d ${domain}"
- for i in ${moredomain};do
- letsdomain=${letsdomain}" -d ${i}"
- done
- else
- letsdomain="-d ${domain}"
- fi
- wget https://dl.eff.org/certbot-auto --no-check-certificate -O /bin/certbot
- chmod +x /bin/certbot
- if grep -Eqi "CentOS" /etc/issue || grep -Eq "CentOS" /etc/*-release; then
- yum -y install epel-release
- fi
- country=`curl -sSk --connect-timeout 10 -m 60 https://ip.vpser.net/country`
- if [ "${country}" = "CN" ]; then
- if [ -s ~/.pip/pip.conf ]; then
- grep "index-url" ~/.pip/pip.conf
- echo "pip.conf exist."
- else
- echo "Create pip.conf..."
- mkdir ~/.pip
- cat > ~/.pip/pip.conf <<EOF
- [global]
- index-url = https://pypi.doubanio.com/simple/
- [install]
- trusted-host=pypi.doubanio.com
- EOF
- fi
- sed -i 's#pypi.python.org/packages#pypi.doubanio.com/packages#g' /bin/certbot
- fi
- echo "Starting create SSL Certificate use Let's Encrypt..."
- /bin/certbot certonly --email ${email} --agree-tos -n --webroot -w ${vhostdir} ${letsdomain}
- lets_status=$?
- if [ "${lets_status}" = 0 ]; then
- Check_Lets_Cron
- echo "Let's Encrypt SSL Certificate create successfully."
- else
- Echo_Red "Let's Encrypt SSL Certificate create failed!"
- fi
- Check_Lets_Cron()
- {
- if crontab -l|grep -q "/bin/certbot renew --disable-hook-validation";then
- echo "Let's encrypt crontab renew rule is exist."
- else
- echo "Add Let's encrypt crontab renew rule..."
- (crontab -l ; echo '0 3 */7 * * /bin/certbot renew --disable-hook-validation --renew-hook "/etc/init.d/nginx reload"') | crontab -
- fi
- }
然后按下ESC按钮退出编辑,ctrl+Q组合然后输入wq保存文件。
- #执行权限设置
- chmod +x add_ssl.sh
- #执行脚本
- ./add_ssl.sh
然后根据提示操作输入域名,输入要一起签约的域名,然后还有就是现在网站所在的路径,和邮箱。然后就可以执行了。如果报错根据错误提示百度解决或者付费找我解决。
关于wordpress、opencart等配置SSL。百度很多,,不过我也可以开一篇来写。done.
