colben/www.colben.cn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
colben 2024-10-30 13:45:30 +08:00
parent 30a17ff30f
commit f7f9ff37b6
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
content/post/letsencrypt.md
View File

@ -68,7 +68,7 @@ categories: ["web"]
## 容器部署
### 申请常规域名证书
- 为域名 x1.xx.com 和 x2.xx.com 申请 ssl 证书,创建 /letsencrypt/docker-compose.yml内容如下
```YAML
```yaml
version: "3.7"
services:
letsencrypt-common:
@ -89,23 +89,23 @@ categories: ["web"]
```
- 创建目录
```BASH
```bash
mkdir -p /letsencrypt/common/{etc,log}
```
- 手动启动,等待容器停止后,证书申请完成
```BASH
```bash
docker-compose up -d
```
- 创建定时任务,在每月的 31 号晚上十一点更新一次
```
```bash
0 23 31 * * docker-compose -f /letsencrypt/docker-compose.yml up letsencrypt-common
```
### 申请通配域名证书
- 为域名 \*.xxx.com 和 \*.yyy.com 申请 ssl 证书,创建 /letsencrypt/docker-compose.yml内容如下
```YAML
```yaml
version: "3.7"
services:
letsencrypt-wildcard:
@ -126,13 +126,13 @@ categories: ["web"]
```
- 创建目录
```BASH
```bash
mkdir -p /letsencrypt/wildcard/{etc,log}
```
- 获取通配域名的证书时,需要设置 TXT 解析记录,这里配合脚本实现自动添加和更新
- 调用腾讯云接口设置/更新 TXT 解析记录
```BASH
```bash
cp tencent-api.sh /letsencrypt/wildcard/etc/manual-hook.sh
# 修改脚本,替换成自己的阿里云 access key 信息
#ACCESS_KEY_ID='aliyun access key id'
@ -140,7 +140,7 @@ categories: ["web"]
```
- 调用阿里云接口设置/更新 TXT 解析记录
```BASH
```bash
cp aliyun-api.sh /letsencrypt/wildcard/etc/manual-hook.sh
# 修改脚本,替换成自己的腾讯云 secret 信息
#SECRET_ID='tencent secret id'
@ -148,7 +148,7 @@ categories: ["web"]
```
- 手动启动,等待容器停止后,证书申请完成
```
```bash
docker-compose up -d
```