Startsida Utforska Hjälp
Logga in
cnbugs
/
ssl-manager
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Gren: master
Grenar Taggar
ssl-manager
/
install.sh

install.sh 5.0 KB
Permalänk Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 
  1. #!/bin/bash
    2. 

  2. 

  3. #############################################
    4. 

  4. # SSL Manager 一键安装脚本
    5. 

  5. #############################################
    6. 

  6. 

  7. set -e
    8. 

  8. 

  9. echo "🚀 开始安装 SSL 证书管理器..."
    10. 

  10. 

  11. # 颜色定义
    12. 

  12. RED='\033[0;31m'
    13. 

  13. GREEN='\033[0;32m'
    14. 

  14. YELLOW='\033[1;33m'
    15. 

  15. NC='\033[0m' # No Color
    16. 

  16. 

  17. # 检查 Node.js
    18. 

  18. check_node() {
    19. 

  19.     if ! command -v node &> /dev/null; then
    20. 

  20.         echo -e "${RED}❌ 未检测到 Node.js,请先安装 Node.js 18+${NC}"
    21. 

  21.         exit 1
    22. 

  22.     fi
    23. 

  23.     
    24. 

  24.     NODE_VERSION=$(node -v | cut -d'v' -f2 | cut -d'.' -f1)
    25. 

  25.     if [ "$NODE_VERSION" -lt 18 ]; then
    26. 

  26.         echo -e "${RED}❌ Node.js 版本过低,需要 18+,当前版本:$(node -v)${NC}"
    27. 

  27.         exit 1
    28. 

  28.     fi
    29. 

  29.     
    30. 

  30.     echo -e "${GREEN}✓ Node.js 版本检查通过:$(node -v)${NC}"
    31. 

  31. }
    32. 

  32. 

  33. # 安装 acme.sh(使用 Gitee 镜像)
    34. 

  34. install_acme() {
    35. 

  35.     echo "📦 安装 acme.sh..."
    36. 

  36.     
    37. 

  37.     if [ -f /root/.acme.sh/acme.sh ]; then
    38. 

  38.         echo -e "${YELLOW}⚠️  acme.sh 已安装,跳过${NC}"
    39. 

  39.     else
    40. 

  40.         echo -e "${YELLOW}📌 使用 Gitee 镜像源安装 acme.sh${NC}"
    41. 

  41.         
    42. 

  42.         # 从 Gitee 克隆到临时目录,避免冲突
    43. 

  43.         if command -v git &> /dev/null; then
    44. 

  44.             git clone https://gitee.com/Neilpang/acme.sh.git /tmp/acme.sh
    45. 

  45.             cd /tmp/acme.sh
    46. 

  46.             ./acme.sh --install --accountemail "${ACME_EMAIL:-}" --home /root/.acme.sh
    47. 

  47.             rm -rf /tmp/acme.sh
    48. 

  48.             echo -e "${GREEN}✓ acme.sh 安装完成(Gitee 镜像)${NC}"
    49. 

  49.         else
    50. 

  50.             # 备用方案 - 使用 GitHub 镜像站
    51. 

  51.             echo -e "${YELLOW}⚠️  Git 不可用,尝试备用方案...${NC}"
    52. 

  52.             curl -L https://ghproxy.com/https://github.com/acmesh-official/acme.sh/archive/master.tar.gz | tar xz
    53. 

  53.             cd acme.sh-master
    54. 

  54.             ./acme.sh --install --accountemail "${ACME_EMAIL:-}" --home /root/.acme.sh
    55. 

  55.             cd ..
    56. 

  56.             rm -rf acme.sh-master
    57. 

  57.             echo -e "${GREEN}✓ acme.sh 安装完成(GitHub 镜像)${NC}"
    58. 

  58.         fi
    59. 

  59.     fi
    60. 

  60. }
    61. 

  61. 

  62. # 安装后端依赖(使用淘宝镜像)
    63. 

  63. install_backend() {
    64. 

  64.     echo "📦 安装后端依赖..."
    65. 

  65.     cd "$(dirname "$0")/backend"
    66. 

  66.     
    67. 

  67.     # 配置 npm 淘宝镜像
    68. 

  68.     npm config set registry https://registry.npmmirror.com
    69. 

  69.     npm install --production
    70. 

  70.     echo -e "${GREEN}✓ 后端依赖安装完成(淘宝镜像)${NC}"
    71. 

  71. }
    72. 

  72. 

  73. # 安装前端依赖并构建(使用淘宝镜像)
    74. 

  74. install_frontend() {
    75. 

  75.     echo "📦 安装前端依赖并构建..."
    76. 

  76.     cd "$(dirname "$0")/frontend"
    77. 

  77.     
    78. 

  78.     # 配置 npm 淘宝镜像
    79. 

  79.     npm config set registry https://registry.npmmirror.com
    80. 

  80.     npm install
    81. 

  81.     npm run build
    82. 

  82.     echo -e "${GREEN}✓ 前端构建完成(淘宝镜像)${NC}"
    83. 

  83. }
    84. 

  84. 

  85. # 创建日志目录
    86. 

  86. setup_logs() {
    87. 

  87.     echo "📁 创建日志目录..."
    88. 

  88.     sudo mkdir -p /var/log/ssl-manager
    89. 

  89.     sudo chmod 755 /var/log/ssl-manager
    90. 

  90.     echo -e "${GREEN}✓ 日志目录创建完成${NC}"
    91. 

  91. }
    92. 

  92. 

  93. # 配置环境变量
    94. 

  94. setup_env() {
    95. 

  95.     echo "⚙️  配置环境变量..."
    96. 

  96.     cd "$(dirname "$0")/backend"
    97. 

  97.     
    98. 

  98.     if [ ! -f .env ]; then
    99. 

  99.         cp .env.example .env
    100. 

  100.         
    101. 

  101.         # 生成加密密钥
    102. 

  102.         ENCRYPTION_KEY=$(openssl rand -hex 32)
    103. 

  103.         sed -i "s/your-32-character-secret-key-here/$ENCRYPTION_KEY/" .env
    104. 

  104.         
    105. 

  105.         echo -e "${GREEN}✓ 环境配置完成${NC}"
    106. 

  106.     else
    107. 

  107.         echo -e "${YELLOW}⚠️  .env 已存在,跳过${NC}"
    108. 

  108.     fi
    109. 

  109. }
    110. 

  110. 

  111. # 配置 systemd 服务(可选)
    112. 

  112. setup_systemd() {
    113. 

  113.     echo "🔧 配置 systemd 服务..."
    114. 

  114.     
    115. 

  115.     read -p "是否配置 systemd 服务以便开机自启?(y/n): " choice
    116. 

  116.     if [ "$choice" != "y" ]; then
    117. 

  117.         echo -e "${YELLOW}⚠️  跳过 systemd 配置${NC}"
    118. 

  118.         return
    119. 

  119.     fi
    120. 

  120.     
    121. 

  121.     SERVICE_FILE="/etc/systemd/system/ssl-manager.service"
    122. 

  122.     
    123. 

  123.     cat > "$SERVICE_FILE" << EOF
    124. 

  124. [Unit]
    125. 

  125. Description=SSL Certificate Manager
    126. 

  126. After=network.target
    127. 

  127. 

  128. [Service]
    129. 

  129. Type=simple
    130. 

  130. User=root
    131. 

  131. WorkingDirectory=$(dirname "$0")/backend
    132. 

  132. ExecStart=/usr/bin/node src/index.js
    133. 

  133. Restart=always
    134. 

  134. RestartSec=10
    135. 

  135. 

  136. [Install]
    137. 

  137. WantedBy=multi-user.target
    138. 

  138. EOF
    139. 

  139.     
    140. 

  140.     systemctl daemon-reload
    141. 

  141.     systemctl enable ssl-manager
    142. 

  142.     systemctl start ssl-manager
    143. 

  143.     
    144. 

  144.     echo -e "${GREEN}✓ systemd 服务配置完成${NC}"
    145. 

  145.     echo -e "${GREEN}  服务状态:systemctl status ssl-manager${NC}"
    146. 

  146. }
    147. 

  147. 

  148. # 主流程
    149. 

  149. main() {
    150. 

  150.     echo ""
    151. 

  151.     check_node
    152. 

  152.     echo ""
    153. 

  153.     install_acme
    154. 

  154.     echo ""
    155. 

  155.     install_backend
    156. 

  156.     echo ""
    157. 

  157.     install_frontend
    158. 

  158.     echo ""
    159. 

  159.     setup_logs
    160. 

  160.     echo ""
    161. 

  161.     setup_env
    162. 

  162.     echo ""
    163. 

  163.     setup_systemd
    164. 

  164.     echo ""
    165. 

  165.     
    166. 

  166.     echo "=========================================="
    167. 

  167.     echo -e "${GREEN}🎉 安装完成!${NC}"
    168. 

  168.     echo "=========================================="
    169. 

  169.     echo ""
    170. 

  170.     echo "📍 访问地址:http://localhost:3000"
    171. 

  171.     echo "📝 日志文件:/var/log/ssl-manager/renew.log"
    172. 

  172.     echo "🔧 管理服务:systemctl [start|stop|restart|status] ssl-manager"
    173. 

  173.     echo ""
    174. 

  174.     echo -e "${YELLOW}⚠️  别忘了配置自动续期:${NC}"
    175. 

  175.     echo "   chmod +x scripts/auto-renew.sh"
    176. 

  176.     echo "   crontab -e"
    177. 

  177.     echo "   添加:0 0 * * * $(dirname "$0")/scripts/auto-renew.sh"
    178. 

  178.     echo ""
    179. 

  179. }
    180. 

  180. 

  181. # 执行
    182. 

  182. main
    183.