-
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathdocker-entrypoint.sh
executable file
·71 lines (53 loc) · 1.23 KB
/
docker-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/bin/sh
# 传入 bash sh
if [ "$1" = bash ] || [ "$1" = sh ];then exec /bin/sh; fi
# 传入 acme.sh ...
if [ "$1" = 'acme.sh' ];then exec "$@"; fi
echo ; echo ; echo "DNS_TYPE: ${DNS_TYPE}" ; echo ; echo
acme.sh -v
echo
# SELF ENV
# HTTPD
# RSA
if [ "$RSA" = '0' ];then
# 是 ECC 证书
echo "ECC"; echo ; echo
unset RSA
ECC='--ecc'
else
# 不是 ECC 证书
echo "RSA"; echo ; echo
RSA="--keylength 2048"
RSA_FILE='.rsa.'
fi
set -e
issue(){
echo "正在申请证书 ..." ; echo ; echo
first_domain=$1
shift
acme.sh --issue \
--dns ${DNS_TYPE:-dns_dp} \
${RSA:---keylength ec-256} \
-d $first_domain "$@"
install $first_domain
}
install(){
echo "开始转移证书到 /ssl ..." ; echo ; echo
if [ "${HTTPD}" = '1' ];then
echo "HTTPD..."; echo; echo
acme.sh --install-cert \
-d $1 \
--cert-file /ssl/$1${RSA_FILE:-.}crt \
--key-file /ssl/$1${RSA_FILE:-.}key \
--fullchain-file /ssl/$1${RSA_FILE:-.}fullchain.crt \
${ECC:- }
else
echo "NGINX..."; echo ; echo
acme.sh --install-cert \
-d $1 \
--key-file /ssl/$1${RSA_FILE:-.}key \
--fullchain-file /ssl/$1${RSA_FILE:-.}crt \
${ECC:- }
fi
}
issue "$@"