root
156 lines
2.9 KiB
Markdown
156 lines
2.9 KiB
Markdown
# 🔧 SSL Manager 服务管理指南
|
|
|
|
## 📋 启动方式
|
|
|
|
### 方式一:systemd 服务(推荐,开机自启)
|
|
|
|
```bash
|
|
# 启动服务
|
|
sudo systemctl start ssl-manager
|
|
|
|
# 停止服务
|
|
sudo systemctl stop ssl-manager
|
|
|
|
# 重启服务
|
|
sudo systemctl restart ssl-manager
|
|
|
|
# 查看状态
|
|
sudo systemctl status ssl-manager
|
|
|
|
# 开机自启
|
|
sudo systemctl enable ssl-manager
|
|
|
|
# 取消开机自启
|
|
sudo systemctl disable ssl-manager
|
|
|
|
# 查看日志
|
|
sudo journalctl -u ssl-manager -f
|
|
```
|
|
|
|
### 方式二:启动脚本
|
|
|
|
```bash
|
|
cd /root/.openclaw/workspace/ssl-manager
|
|
|
|
# 启动
|
|
./scripts/start-ssl-manager.sh start
|
|
|
|
# 停止
|
|
./scripts/start-ssl-manager.sh stop
|
|
|
|
# 重启
|
|
./scripts/start-ssl-manager.sh restart
|
|
|
|
# 查看状态
|
|
./scripts/start-ssl-manager.sh status
|
|
|
|
# 查看日志(实时)
|
|
./scripts/start-ssl-manager.sh logs
|
|
```
|
|
|
|
### 方式三:手动启动(开发调试用)
|
|
|
|
```bash
|
|
cd /root/.openclaw/workspace/ssl-manager/backend
|
|
node src/index.js
|
|
```
|
|
|
|
## 🌐 访问地址
|
|
|
|
服务启动后访问:**http://localhost:3000**
|
|
|
|
## 📝 日志位置
|
|
|
|
- **systemd 日志**: `journalctl -u ssl-manager -f`
|
|
- **应用日志**: `/var/log/ssl-manager/backend.log`
|
|
|
|
## 🔍 故障排查
|
|
|
|
### 服务启动失败
|
|
|
|
```bash
|
|
# 查看 systemd 日志
|
|
sudo journalctl -u ssl-manager --since "10 minutes ago"
|
|
|
|
# 查看应用日志
|
|
tail -100 /var/log/ssl-manager/backend.log
|
|
|
|
# 检查端口占用
|
|
netstat -tlnp | grep 3000
|
|
|
|
# 检查 Node.js
|
|
node --version
|
|
```
|
|
|
|
### 证书申请失败
|
|
|
|
```bash
|
|
# 查看 acme.sh 日志
|
|
tail -50 /root/.acme.sh/acme.sh.log
|
|
|
|
# 手动测试 acme.sh
|
|
/root/.acme.sh/acme.sh --issue --dns tencent -d "example.com" --server letsencrypt
|
|
```
|
|
|
|
### 重启服务
|
|
|
|
```bash
|
|
# 方式 1
|
|
sudo systemctl restart ssl-manager
|
|
|
|
# 方式 2
|
|
./scripts/start-ssl-manager.sh restart
|
|
```
|
|
|
|
## 📊 服务状态检查清单
|
|
|
|
- [ ] 服务运行中:`systemctl status ssl-manager`
|
|
- [ ] 端口监听:`netstat -tlnp | grep 3000`
|
|
- [ ] 健康检查:`curl http://localhost:3000/api/health`
|
|
- [ ] 日志正常:`tail -20 /var/log/ssl-manager/backend.log`
|
|
|
|
## 🔐 安全建议
|
|
|
|
1. **防火墙配置**
|
|
```bash
|
|
# 仅允许本地访问(如果需要外网访问,开放 3000 端口)
|
|
sudo ufw allow 3000/tcp
|
|
```
|
|
|
|
2. **HTTPS 配置**
|
|
- 生产环境建议在前端加一层 nginx 反向代理并配置 HTTPS
|
|
- 使用本工具申请的证书来加密管理界面
|
|
|
|
3. **定期更新**
|
|
```bash
|
|
# 更新 acme.sh
|
|
/root/.acme.sh/acme.sh --upgrade
|
|
|
|
# 更新项目代码
|
|
cd /root/.openclaw/workspace/ssl-manager
|
|
git pull # 如果有版本控制
|
|
```
|
|
|
|
## 📞 常用命令速查
|
|
|
|
```bash
|
|
# 一键重启
|
|
sudo systemctl restart ssl-manager
|
|
|
|
# 查看实时日志
|
|
sudo journalctl -u ssl-manager -f
|
|
|
|
# 检查服务是否正常
|
|
curl http://localhost:3000/api/health
|
|
|
|
# 停止服务
|
|
sudo systemctl stop ssl-manager
|
|
|
|
# 启动服务
|
|
sudo systemctl start ssl-manager
|
|
```
|
|
|
|
---
|
|
|
|
**提示**: 推荐使用 systemd 方式,可以开机自启、自动重启、日志统一管理。
|