first commit
This commit is contained in:
root
+155
@@ -0,0 +1,155 @@
|
||||
# 🔧 SSL Manager 服务管理指南
|
||||
|
||||
## 📋 启动方式
|
||||
|
||||
### 方式一:systemd 服务(推荐,开机自启)
|
||||
|
||||
```bash
|
||||
# 启动服务
|
||||
sudo systemctl start ssl-manager
|
||||
|
||||
# 停止服务
|
||||
sudo systemctl stop ssl-manager
|
||||
|
||||
# 重启服务
|
||||
sudo systemctl restart ssl-manager
|
||||
|
||||
# 查看状态
|
||||
sudo systemctl status ssl-manager
|
||||
|
||||
# 开机自启
|
||||
sudo systemctl enable ssl-manager
|
||||
|
||||
# 取消开机自启
|
||||
sudo systemctl disable ssl-manager
|
||||
|
||||
# 查看日志
|
||||
sudo journalctl -u ssl-manager -f
|
||||
```
|
||||
|
||||
### 方式二:启动脚本
|
||||
|
||||
```bash
|
||||
cd /root/.openclaw/workspace/ssl-manager
|
||||
|
||||
# 启动
|
||||
./scripts/start-ssl-manager.sh start
|
||||
|
||||
# 停止
|
||||
./scripts/start-ssl-manager.sh stop
|
||||
|
||||
# 重启
|
||||
./scripts/start-ssl-manager.sh restart
|
||||
|
||||
# 查看状态
|
||||
./scripts/start-ssl-manager.sh status
|
||||
|
||||
# 查看日志(实时)
|
||||
./scripts/start-ssl-manager.sh logs
|
||||
```
|
||||
|
||||
### 方式三:手动启动(开发调试用)
|
||||
|
||||
```bash
|
||||
cd /root/.openclaw/workspace/ssl-manager/backend
|
||||
node src/index.js
|
||||
```
|
||||
|
||||
## 🌐 访问地址
|
||||
|
||||
服务启动后访问:**http://localhost:3000**
|
||||
|
||||
## 📝 日志位置
|
||||
|
||||
- **systemd 日志**: `journalctl -u ssl-manager -f`
|
||||
- **应用日志**: `/var/log/ssl-manager/backend.log`
|
||||
|
||||
## 🔍 故障排查
|
||||
|
||||
### 服务启动失败
|
||||
|
||||
```bash
|
||||
# 查看 systemd 日志
|
||||
sudo journalctl -u ssl-manager --since "10 minutes ago"
|
||||
|
||||
# 查看应用日志
|
||||
tail -100 /var/log/ssl-manager/backend.log
|
||||
|
||||
# 检查端口占用
|
||||
netstat -tlnp | grep 3000
|
||||
|
||||
# 检查 Node.js
|
||||
node --version
|
||||
```
|
||||
|
||||
### 证书申请失败
|
||||
|
||||
```bash
|
||||
# 查看 acme.sh 日志
|
||||
tail -50 /root/.acme.sh/acme.sh.log
|
||||
|
||||
# 手动测试 acme.sh
|
||||
/root/.acme.sh/acme.sh --issue --dns tencent -d "example.com" --server letsencrypt
|
||||
```
|
||||
|
||||
### 重启服务
|
||||
|
||||
```bash
|
||||
# 方式 1
|
||||
sudo systemctl restart ssl-manager
|
||||
|
||||
# 方式 2
|
||||
./scripts/start-ssl-manager.sh restart
|
||||
```
|
||||
|
||||
## 📊 服务状态检查清单
|
||||
|
||||
- [ ] 服务运行中:`systemctl status ssl-manager`
|
||||
- [ ] 端口监听:`netstat -tlnp | grep 3000`
|
||||
- [ ] 健康检查:`curl http://localhost:3000/api/health`
|
||||
- [ ] 日志正常:`tail -20 /var/log/ssl-manager/backend.log`
|
||||
|
||||
## 🔐 安全建议
|
||||
|
||||
1. **防火墙配置**
|
||||
```bash
|
||||
# 仅允许本地访问(如果需要外网访问,开放 3000 端口)
|
||||
sudo ufw allow 3000/tcp
|
||||
```
|
||||
|
||||
2. **HTTPS 配置**
|
||||
- 生产环境建议在前端加一层 nginx 反向代理并配置 HTTPS
|
||||
- 使用本工具申请的证书来加密管理界面
|
||||
|
||||
3. **定期更新**
|
||||
```bash
|
||||
# 更新 acme.sh
|
||||
/root/.acme.sh/acme.sh --upgrade
|
||||
|
||||
# 更新项目代码
|
||||
cd /root/.openclaw/workspace/ssl-manager
|
||||
git pull # 如果有版本控制
|
||||
```
|
||||
|
||||
## 📞 常用命令速查
|
||||
|
||||
```bash
|
||||
# 一键重启
|
||||
sudo systemctl restart ssl-manager
|
||||
|
||||
# 查看实时日志
|
||||
sudo journalctl -u ssl-manager -f
|
||||
|
||||
# 检查服务是否正常
|
||||
curl http://localhost:3000/api/health
|
||||
|
||||
# 停止服务
|
||||
sudo systemctl stop ssl-manager
|
||||
|
||||
# 启动服务
|
||||
sudo systemctl start ssl-manager
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
**提示**: 推荐使用 systemd 方式,可以开机自启、自动重启、日志统一管理。
|
||||
Reference in New Issue
Block a user