From ad3a6cf73cff879529dd60f187649b7024b05552 Mon Sep 17 00:00:00 2001 From: "ipcjs.mac4" Date: Mon, 10 Nov 2025 17:18:54 +0800 Subject: [PATCH 01/10] =?UTF-8?q?wip:=20=E6=B7=BB=E5=8A=A0certbot?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certbot/.env | 1 + certbot/compose.yml | 41 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 120000 certbot/.env create mode 100644 certbot/compose.yml diff --git a/certbot/.env b/certbot/.env new file mode 120000 index 0000000..0ef0888 --- /dev/null +++ b/certbot/.env @@ -0,0 +1 @@ +../.env.default \ No newline at end of file diff --git a/certbot/compose.yml b/certbot/compose.yml new file mode 100644 index 0000000..059deef --- /dev/null +++ b/certbot/compose.yml @@ -0,0 +1,41 @@ +services: + certbot: + image: ghcr.io/alexzorin/certbot-dns-multi:4.27.0 + command: + - certonly + - --non-interactive + - --agree-tos + - --authenticator=dns-multi + - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini + - --domains=${TRACK_HOSTNAME:?required} + - --domains=${BUS_HOSTNAME:?required} + # - --dry-run + volumes: + - ${DATA_DIR:-/data}/logs/certbot:/var/log/letsencrypt + configs: + - source: cerbot-dns-multi.ini + target: /etc/letsencrypt/dns-multi.ini + mode: 0600 + + ofelia: + image: mcuadros/ofelia + command: daemon --docker + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + labels: + # https://github.com/mcuadros/ofelia/issues/280#issuecomment-2561863012 + ofelia.job-run.certbot-renew.schedule: "@daily" + ofelia.job-run.certbot-renew.command: "sh -c 'docker compose -p ${COMPOSE_PROJECT_NAME} restart certbot'" + ofelia.job-run.certbot-renew.image: "docker:cli" + ofelia.job-run.certbot-renew.volume: "/var/run/docker.sock:/var/run/docker.sock" + +configs: + cerbot-dns-multi.ini: + content: | + dns_multi_provider=cloudflare + CLOUDFLARE_DNS_API_TOKEN= + cerbot-dns-multi-tencentcloud.ini: + content: | + dns_multi_provider=tencentcloud + TENCENTCLOUD_SECRET_ID= + TENCENTCLOUD_SECRET_KEY= From e02796549ce1cbe0ac4b492ae348edc6da73f70f Mon Sep 17 00:00:00 2001 From: "ipcjs.mac4" Date: Mon, 10 Nov 2025 19:15:35 +0800 Subject: [PATCH 02/10] =?UTF-8?q?wip:=20=E5=B0=9D=E8=AF=95=E6=94=B9?= =?UTF-8?q?=E6=88=90=E6=89=A7=E8=A1=8C=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certbot/certbot-renew.sh | 26 ++++++++++++++++++++++++++ certbot/compose.yml | 34 +++++++++++++++++++++------------- 2 files changed, 47 insertions(+), 13 deletions(-) create mode 100644 certbot/certbot-renew.sh diff --git a/certbot/certbot-renew.sh b/certbot/certbot-renew.sh new file mode 100644 index 0000000..2c2b2ef --- /dev/null +++ b/certbot/certbot-renew.sh @@ -0,0 +1,26 @@ +#!/bin/sh +set -e + +renewed_domains="/etc/letsencrypt/renewed_domains" + +rm -f "$renewed_domains" + +docker run --rm -it \ + -v /etc/letsencrypt:/etc/letsencrypt \ + ghcr.io/alexzorin/certbot-dns-multi:4.27.0 \ + certonly \ + --non-interactive --agree-tos \ + --authenticator dns-multi \ + --dns-multi-credentials /etc/letsencrypt/dns-multi.ini \ + --domains "*.example.com" \ + --deploy-hook "echo \${RENEWED_DOMAINS} >> $renewed_domains" \ + --dry-run + +if [ -f "$renewed_domains" ]; then + while IFS= read -r line; do + cp -v "$line/fullchain.pem" "$line/xx.crt" + cp -v "$line/privkey.pem" "$line/xx.key" + done < "$renewed_domains" +else + echo "No domains to renew" +fi diff --git a/certbot/compose.yml b/certbot/compose.yml index 059deef..34b2b40 100644 --- a/certbot/compose.yml +++ b/certbot/compose.yml @@ -1,21 +1,27 @@ services: certbot: - image: ghcr.io/alexzorin/certbot-dns-multi:4.27.0 - command: - - certonly - - --non-interactive - - --agree-tos - - --authenticator=dns-multi - - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini - - --domains=${TRACK_HOSTNAME:?required} - - --domains=${BUS_HOSTNAME:?required} + # image: ghcr.io/alexzorin/certbot-dns-multi:4.27.0 + # command: + # - certonly + # - --non-interactive + # - --agree-tos + # - --authenticator=dns-multi + # - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini + # - --domains=${TRACK_HOSTNAME:?required} + # - --domains=${BUS_HOSTNAME:?required} # - --dry-run + image: docker:cli + command: /home/docker/certbot/certbot-renew.sh volumes: - - ${DATA_DIR:-/data}/logs/certbot:/var/log/letsencrypt + - /var/run/docker.sock:/var/run/docker.sock + - ${DATA_DIR:-/data}/certbot:/etc/letsencrypt configs: - - source: cerbot-dns-multi.ini + - source: certbot-renew.sh + target: /home/docker/certbot/certbot-renew.sh + - source: certbot-dns-multi.ini target: /etc/letsencrypt/dns-multi.ini mode: 0600 + ofelia: image: mcuadros/ofelia @@ -30,11 +36,13 @@ services: ofelia.job-run.certbot-renew.volume: "/var/run/docker.sock:/var/run/docker.sock" configs: - cerbot-dns-multi.ini: + certbot-renew.sh: + file: ./certbot-renew.sh + certbot-dns-multi.ini: content: | dns_multi_provider=cloudflare CLOUDFLARE_DNS_API_TOKEN= - cerbot-dns-multi-tencentcloud.ini: + certbot-dns-multi-tencentcloud.ini: content: | dns_multi_provider=tencentcloud TENCENTCLOUD_SECRET_ID= From 250c1e7da72013d2c2a3355564c315d02b906f82 Mon Sep 17 00:00:00 2001 From: cli Date: Tue, 11 Nov 2025 02:57:40 -0500 Subject: [PATCH 03/10] =?UTF-8?q?wip:=20=E4=BD=BF=E7=94=A8Dockerfile?= =?UTF-8?q?=E7=BB=99certbot=E7=9A=84=E5=AE=B9=E5=99=A8=E6=B7=BB=E5=8A=A0do?= =?UTF-8?q?cker=20compose=E5=91=BD=E4=BB=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env.default | 12 ++++++++++ certbot/Dockerfile | 7 ++++++ certbot/certbot-renew.sh | 26 ---------------------- certbot/compose.yml | 47 ++++++++++++++++++++-------------------- certbot/deploy-hook.sh | 11 ++++++++++ 5 files changed, 54 insertions(+), 49 deletions(-) create mode 100644 certbot/Dockerfile delete mode 100644 certbot/certbot-renew.sh create mode 100755 certbot/deploy-hook.sh diff --git a/.env.default b/.env.default index 0b3651d..8e582f7 100644 --- a/.env.default +++ b/.env.default @@ -51,6 +51,18 @@ WEB_PORT_HTTPS=443 # jtt808和maintain分开部署时, 必须填写这个变量 WEB_BASE_URL='' # https://livedvr.tripsdd.com +# certbot的配置 +# 注意: 修改这些配置之后, 必须强制重建(docker compose up --force-recreate certbot), 才会生效 +# +# DNS解析的提供商, 常用的提供商如下: +# - dnspod: https://console.dnspod.cn/account/token/token +# - cloudflare: https://go-acme.github.io/lego/dns/cloudflare/ +# - tencentcloud: https://console.cloud.tencent.com/cam/capi +CERTBOT_DNS_PROVIDER='dnspod' +CERTBOT_DNS_API_KEY='' # 必填 +# tencentcloud还需要额外设置这个变量 +CERTBOT_TENCENTCLOUD_SECRET_ID='' + ## ================================ Services ================================ ## 视频服务器 diff --git a/certbot/Dockerfile b/certbot/Dockerfile new file mode 100644 index 0000000..28b0710 --- /dev/null +++ b/certbot/Dockerfile @@ -0,0 +1,7 @@ +# 支持100+DNS提供商的Certbot插件 +# 详见: https://github.com/alexzorin/certbot-dns-multi +FROM ghcr.io/alexzorin/certbot-dns-multi:4.27.0 + +# 添加docker和docker compose命令 +COPY --from=docker:cli /usr/local/bin/docker /usr/local/bin/docker +COPY --from=docker:cli /usr/local/libexec/docker/cli-plugins/docker-compose /usr/local/libexec/docker/cli-plugins/docker-compose diff --git a/certbot/certbot-renew.sh b/certbot/certbot-renew.sh deleted file mode 100644 index 2c2b2ef..0000000 --- a/certbot/certbot-renew.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -set -e - -renewed_domains="/etc/letsencrypt/renewed_domains" - -rm -f "$renewed_domains" - -docker run --rm -it \ - -v /etc/letsencrypt:/etc/letsencrypt \ - ghcr.io/alexzorin/certbot-dns-multi:4.27.0 \ - certonly \ - --non-interactive --agree-tos \ - --authenticator dns-multi \ - --dns-multi-credentials /etc/letsencrypt/dns-multi.ini \ - --domains "*.example.com" \ - --deploy-hook "echo \${RENEWED_DOMAINS} >> $renewed_domains" \ - --dry-run - -if [ -f "$renewed_domains" ]; then - while IFS= read -r line; do - cp -v "$line/fullchain.pem" "$line/xx.crt" - cp -v "$line/privkey.pem" "$line/xx.key" - done < "$renewed_domains" -else - echo "No domains to renew" -fi diff --git a/certbot/compose.yml b/certbot/compose.yml index 34b2b40..517746c 100644 --- a/certbot/compose.yml +++ b/certbot/compose.yml @@ -1,23 +1,23 @@ services: certbot: - # image: ghcr.io/alexzorin/certbot-dns-multi:4.27.0 - # command: - # - certonly - # - --non-interactive - # - --agree-tos - # - --authenticator=dns-multi - # - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini - # - --domains=${TRACK_HOSTNAME:?required} - # - --domains=${BUS_HOSTNAME:?required} - # - --dry-run - image: docker:cli - command: /home/docker/certbot/certbot-renew.sh + build: . + command: + - certonly + - --non-interactive + - --agree-tos + - --authenticator=dns-multi + - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini + # 两个域名可以同时申请, 故不要求两个都必填 + - --domains=${TRACK_HOSTNAME} + - --domains=${BUS_HOSTNAME} + - --deploy-hook + - "sh -c 'COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME} DATA=${DATA_DIR:-/data} /home/docker/certbot/deploy-hook.sh'" volumes: - /var/run/docker.sock:/var/run/docker.sock - ${DATA_DIR:-/data}/certbot:/etc/letsencrypt configs: - - source: certbot-renew.sh - target: /home/docker/certbot/certbot-renew.sh + - source: certbot-deploy-hook.sh + target: /home/docker/certbot/deploy-hook.sh - source: certbot-dns-multi.ini target: /etc/letsencrypt/dns-multi.ini mode: 0600 @@ -29,6 +29,7 @@ services: volumes: - /var/run/docker.sock:/var/run/docker.sock:ro labels: + # 通过ofelia重启其他服务, 需要这样绕一道 # https://github.com/mcuadros/ofelia/issues/280#issuecomment-2561863012 ofelia.job-run.certbot-renew.schedule: "@daily" ofelia.job-run.certbot-renew.command: "sh -c 'docker compose -p ${COMPOSE_PROJECT_NAME} restart certbot'" @@ -36,14 +37,14 @@ services: ofelia.job-run.certbot-renew.volume: "/var/run/docker.sock:/var/run/docker.sock" configs: - certbot-renew.sh: - file: ./certbot-renew.sh + certbot-deploy-hook.sh: + file: ./deploy-hook.sh + # certbot-dns-multi的配置文件 + # https://github.com/alexzorin/certbot-dns-multi#usage certbot-dns-multi.ini: content: | - dns_multi_provider=cloudflare - CLOUDFLARE_DNS_API_TOKEN= - certbot-dns-multi-tencentcloud.ini: - content: | - dns_multi_provider=tencentcloud - TENCENTCLOUD_SECRET_ID= - TENCENTCLOUD_SECRET_KEY= + dns_multi_provider=${CERTBOT_DNS_PROVIDER:-dnspod} + DNSPOD_API_KEY=${CERTBOT_DNS_API_KEY:?required} + CLOUDFLARE_DNS_API_TOKEN=${CERTBOT_DNS_API_KEY:?required} + TENCENTCLOUD_SECRET_KEY=${CERTBOT_DNS_API_KEY:?required} + TENCENTCLOUD_SECRET_ID=${CERTBOT_TENCENTCLOUD_SECRET_ID} diff --git a/certbot/deploy-hook.sh b/certbot/deploy-hook.sh new file mode 100755 index 0000000..a53c4f2 --- /dev/null +++ b/certbot/deploy-hook.sh @@ -0,0 +1,11 @@ +#!/bin/sh +set -e + +cp "$RENEWED_LINEAGE/fullchain.pem" "$RENEWED_LINEAGE/certificate.crt" +cp "$RENEWED_LINEAGE/privkey.pem" "$RENEWED_LINEAGE/certificate.key" + +echo "请保证将证书变量设置为:" +echo "SSL_CERTIFICATE=${DATA_DIR:-/data}/certbot/live/$(basename "$RENEWED_DOMAINS")/certificate" + +echo "重启Nginx..." +docker compose -p "${COMPOSE_PROJECT_NAME}" restart nginx From ad0f35356a4b35b5627e676b578ec230f194ec51 Mon Sep 17 00:00:00 2001 From: cli Date: Tue, 11 Nov 2025 03:33:32 -0500 Subject: [PATCH 04/10] =?UTF-8?q?wip:=20=E6=B7=BB=E5=8A=A0=E8=BF=87?= =?UTF-8?q?=E6=9C=9F=E6=8F=90=E9=86=92=E9=82=AE=E7=AE=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env.default | 2 ++ certbot/compose.yml | 1 + 2 files changed, 3 insertions(+) diff --git a/.env.default b/.env.default index 8e582f7..7e96d59 100644 --- a/.env.default +++ b/.env.default @@ -62,6 +62,8 @@ CERTBOT_DNS_PROVIDER='dnspod' CERTBOT_DNS_API_KEY='' # 必填 # tencentcloud还需要额外设置这个变量 CERTBOT_TENCENTCLOUD_SECRET_ID='' +# 接收证书过期提醒的email +CERTBOT_EMAIL='transcodegroupdeveloper@gmail.com' ## ================================ Services ================================ diff --git a/certbot/compose.yml b/certbot/compose.yml index 517746c..cd9596d 100644 --- a/certbot/compose.yml +++ b/certbot/compose.yml @@ -4,6 +4,7 @@ services: command: - certonly - --non-interactive + - --email=${CERTBOT_EMAIL:-transcodegroupdeveloper@gmail.com} - --agree-tos - --authenticator=dns-multi - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini From fe781000e4ac9f50948f111a86432a234a342d70 Mon Sep 17 00:00:00 2001 From: cli Date: Tue, 11 Nov 2025 04:34:28 -0500 Subject: [PATCH 05/10] =?UTF-8?q?wip:=20email=E5=8F=82=E6=95=B0=E4=B8=8D?= =?UTF-8?q?=E6=94=AF=E6=8C=81=3D=E5=88=86=E9=9A=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certbot/compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/certbot/compose.yml b/certbot/compose.yml index cd9596d..4dd6038 100644 --- a/certbot/compose.yml +++ b/certbot/compose.yml @@ -4,8 +4,9 @@ services: command: - certonly - --non-interactive - - --email=${CERTBOT_EMAIL:-transcodegroupdeveloper@gmail.com} - --agree-tos + - --email + - ${CERTBOT_EMAIL:-transcodegroupdeveloper@gmail.com} - --authenticator=dns-multi - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini # 两个域名可以同时申请, 故不要求两个都必填 From 9e417e4ee421fe535942ad71db5064709e2a093b Mon Sep 17 00:00:00 2001 From: cli Date: Wed, 12 Nov 2025 01:34:46 -0500 Subject: [PATCH 06/10] =?UTF-8?q?fix:=20=E8=A7=84=E8=8C=83ini=E6=96=87?= =?UTF-8?q?=E4=BB=B6=E6=A0=BC=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certbot/compose.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/certbot/compose.yml b/certbot/compose.yml index 4dd6038..dff2ec1 100644 --- a/certbot/compose.yml +++ b/certbot/compose.yml @@ -45,8 +45,8 @@ configs: # https://github.com/alexzorin/certbot-dns-multi#usage certbot-dns-multi.ini: content: | - dns_multi_provider=${CERTBOT_DNS_PROVIDER:-dnspod} - DNSPOD_API_KEY=${CERTBOT_DNS_API_KEY:?required} - CLOUDFLARE_DNS_API_TOKEN=${CERTBOT_DNS_API_KEY:?required} - TENCENTCLOUD_SECRET_KEY=${CERTBOT_DNS_API_KEY:?required} - TENCENTCLOUD_SECRET_ID=${CERTBOT_TENCENTCLOUD_SECRET_ID} + dns_multi_provider = ${CERTBOT_DNS_PROVIDER:-dnspod} + DNSPOD_API_KEY = "${CERTBOT_DNS_API_KEY:?required}" + CLOUDFLARE_DNS_API_TOKEN = "${CERTBOT_DNS_API_KEY:?required}" + TENCENTCLOUD_SECRET_KEY = "${CERTBOT_DNS_API_KEY:?required}" + TENCENTCLOUD_SECRET_ID = "${CERTBOT_TENCENTCLOUD_SECRET_ID}" From 85cf31dc04c0d80389285c85aba3dd9535074d09 Mon Sep 17 00:00:00 2001 From: th-ci Date: Wed, 12 Nov 2025 14:18:39 +0700 Subject: [PATCH 07/10] =?UTF-8?q?wip:=20=E6=B7=BB=E5=8A=A0=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E7=94=B3=E8=AF=B7=E8=AF=81=E4=B9=A6=E7=9A=84demo?= =?UTF-8?q?=E5=92=8C=E8=AF=B4=E6=98=8E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env.default | 1 + certbot/compose.yml | 3 ++- certbot/deploy-hook.sh | 12 ++++++++---- examples/bus-https/.env | 24 +++++++++++++----------- examples/bus-https/compose.yaml | 1 + 5 files changed, 25 insertions(+), 16 deletions(-) diff --git a/.env.default b/.env.default index 7e96d59..9978964 100644 --- a/.env.default +++ b/.env.default @@ -36,6 +36,7 @@ SERVER_HOSTNAME='' # livedvr.tripsdd.com # 使用https时, 必填, 证书文件的绝对路径, 排除.crt/.key后缀, nginx实际读取的是 ${SSL_CERTIFICATE}.crt 和 ${SSL_CERTIFICATE}.key 两个文件 # 如果暂时没有申请到证书, 可以使用内置的假证书: /home/docker/nginx/ssl/placeholder +# 若使用crotbot自动申请证书, 证书的路径会在日志中打印, 一般为: /data/certbot/live/${SERVER_HOSTNAME}/certificate SSL_CERTIFICATE='' # /home/docker-compose/ssl/livedvr_tripsdd_com # bus和track部署在同一台服务器上时, 需要通过域名区分两者 diff --git a/certbot/compose.yml b/certbot/compose.yml index dff2ec1..8ac637b 100644 --- a/certbot/compose.yml +++ b/certbot/compose.yml @@ -9,7 +9,8 @@ services: - ${CERTBOT_EMAIL:-transcodegroupdeveloper@gmail.com} - --authenticator=dns-multi - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini - # 两个域名可以同时申请, 故不要求两个都必填 + # 三个域名可以同时申请, 故不要求必填 + - --domains=${SERVER_HOSTNAME} - --domains=${TRACK_HOSTNAME} - --domains=${BUS_HOSTNAME} - --deploy-hook diff --git a/certbot/deploy-hook.sh b/certbot/deploy-hook.sh index a53c4f2..8977e4f 100755 --- a/certbot/deploy-hook.sh +++ b/certbot/deploy-hook.sh @@ -1,11 +1,15 @@ #!/bin/sh set -e -cp "$RENEWED_LINEAGE/fullchain.pem" "$RENEWED_LINEAGE/certificate.crt" -cp "$RENEWED_LINEAGE/privkey.pem" "$RENEWED_LINEAGE/certificate.key" +cp -f "$RENEWED_LINEAGE/fullchain.pem" "$RENEWED_LINEAGE/certificate.crt" +cp -f "$RENEWED_LINEAGE/privkey.pem" "$RENEWED_LINEAGE/certificate.key" -echo "请保证将证书变量设置为:" -echo "SSL_CERTIFICATE=${DATA_DIR:-/data}/certbot/live/$(basename "$RENEWED_DOMAINS")/certificate" +echo "======================" +echo "请将证书变量设置为:" +echo "SSL_CERTIFICATE='${DATA_DIR:-/data}/certbot/live/$(basename "$RENEWED_LINEAGE")/certificate'" +echo echo "重启Nginx..." docker compose -p "${COMPOSE_PROJECT_NAME}" restart nginx +echo "重启完成" +echo "======================" diff --git a/examples/bus-https/.env b/examples/bus-https/.env index 8f3a8f1..f459115 100644 --- a/examples/bus-https/.env +++ b/examples/bus-https/.env @@ -1,22 +1,24 @@ -#---------服务器信息, 必须按实际服务器信息填写----------------- -## 公网IP +##---------服务器信息, 必须按实际服务器信息填写----------------- +# 公网IP SERVER_IP_PUBLIC='81.71.36.80' -## HOSTNAME 没有用域名IP替代 +# HOSTNAME 没有用域名IP替代 SERVER_HOSTNAME='transcodegroup.cn' -## SSL证书 -SSL_CERTIFICATE='/home/docker-compose/ssl/tg_com' +# 自动申请的SSL证书 +SSL_CERTIFICATE="/data/certbot/live/${SERVER_HOSTNAME}/certificate" +# dnspod的api key, 由id和token拼接而成: https://console.dnspod.cn/account/token/token +CERTBOT_DNS_API_KEY='id,token' -#---------自定义初始密码, 建议随机生成新的替换------------- -## MYSQL, 必填 +##---------自定义初始密码, 建议随机生成新的替换------------- +# MYSQL, 必填 MYSQL_PASSWORD='ZfJwfEJvL8wbPr4LvCyx' -## REDIS, 必填 +# REDIS, 必填 REDIS_PASSWORD='ZfJwfEJvL8wbPr4LvCyx' -## RABBIT_MQ, 必填 +# RABBIT_MQ, 必填 RABBITMQ_PASSWORD='ZfJwfEJvL8wbPr4LvCyx' -## Email,必填 +# Email,必填 MAIL_PASSWORD='ZfJwfEJvL8wbPr4LvCyx' -#----------自定义端口信息, 推荐开放9000~9100,443,80-------- +##----------自定义端口信息, 推荐开放9000~9100,443,80-------- # 前端端口配置, HTTP默认80, HTTPS默认443 WEB_PORT_HTTP=9070 WEB_PORT_HTTPS=9080 diff --git a/examples/bus-https/compose.yaml b/examples/bus-https/compose.yaml index 82d02b3..cfcdcf8 100644 --- a/examples/bus-https/compose.yaml +++ b/examples/bus-https/compose.yaml @@ -7,6 +7,7 @@ include: - ../docker/redis/compose.yml - ../docker/bus/compose.yml - ../docker/video-nginx/compose.yml + - ../docker/certbot/compose.yml - path: - ../docker/video/compose.yml - ../docker/video/compose.bus.yml From 80bbb05c15cc8822ce7e79bf05b26365e87b5860 Mon Sep 17 00:00:00 2001 From: cli Date: Thu, 13 Nov 2025 02:24:58 -0500 Subject: [PATCH 08/10] =?UTF-8?q?wip:=20=E9=87=8D=E5=90=AF=E6=89=80?= =?UTF-8?q?=E6=9C=89=E5=8C=85=E5=90=ABnginx=E7=9A=84=E6=9C=8D=E5=8A=A1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certbot/deploy-hook.sh | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/certbot/deploy-hook.sh b/certbot/deploy-hook.sh index 8977e4f..004367b 100755 --- a/certbot/deploy-hook.sh +++ b/certbot/deploy-hook.sh @@ -9,7 +9,14 @@ echo "请将证书变量设置为:" echo "SSL_CERTIFICATE='${DATA_DIR:-/data}/certbot/live/$(basename "$RENEWED_LINEAGE")/certificate'" echo -echo "重启Nginx..." -docker compose -p "${COMPOSE_PROJECT_NAME}" restart nginx -echo "重启完成" +echo "正在查找包含'nginx'的服务..." +nginx_services=$(docker compose -p "${COMPOSE_PROJECT_NAME}" ps --services | grep nginx || true) + +if [ -n "$nginx_services" ]; then + echo "重启$nginx_services..." | tr '\n' ' ' + echo "$nginx_services" | xargs docker compose -p "${COMPOSE_PROJECT_NAME}" restart + echo "重启完成" +else + echo "未找到包含'nginx'的服务" +fi echo "======================" From abcac17a91341d6e39cad12feb024866eb7b4b18 Mon Sep 17 00:00:00 2001 From: th-ci Date: Thu, 13 Nov 2025 14:29:50 +0700 Subject: [PATCH 09/10] =?UTF-8?q?wip:=20=E4=BC=98=E5=8C=96=E6=97=A5?= =?UTF-8?q?=E5=BF=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certbot/deploy-hook.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/certbot/deploy-hook.sh b/certbot/deploy-hook.sh index 004367b..e6962d7 100755 --- a/certbot/deploy-hook.sh +++ b/certbot/deploy-hook.sh @@ -13,7 +13,8 @@ echo "正在查找包含'nginx'的服务..." nginx_services=$(docker compose -p "${COMPOSE_PROJECT_NAME}" ps --services | grep nginx || true) if [ -n "$nginx_services" ]; then - echo "重启$nginx_services..." | tr '\n' ' ' + echo "重启 $nginx_services 中..." | tr '\n' ' ' + echo echo "$nginx_services" | xargs docker compose -p "${COMPOSE_PROJECT_NAME}" restart echo "重启完成" else From ccb716035bf16cdba5a7437a6a3e7a41aa2151b6 Mon Sep 17 00:00:00 2001 From: th-ci Date: Thu, 13 Nov 2025 14:39:26 +0700 Subject: [PATCH 10/10] =?UTF-8?q?wip:=20=E4=B9=9F=E7=94=B3=E8=AF=B7VIDEO?= =?UTF-8?q?=5FHOSTNAME=E5=9F=9F=E5=90=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certbot/compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/certbot/compose.yml b/certbot/compose.yml index 8ac637b..592f822 100644 --- a/certbot/compose.yml +++ b/certbot/compose.yml @@ -9,10 +9,11 @@ services: - ${CERTBOT_EMAIL:-transcodegroupdeveloper@gmail.com} - --authenticator=dns-multi - --dns-multi-credentials=/etc/letsencrypt/dns-multi.ini - # 三个域名可以同时申请, 故不要求必填 + # 四个域名可以同时申请, 故不要求必填 - --domains=${SERVER_HOSTNAME} - --domains=${TRACK_HOSTNAME} - --domains=${BUS_HOSTNAME} + - --domains=${VIDEO_HOSTNAME} - --deploy-hook - "sh -c 'COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME} DATA=${DATA_DIR:-/data} /home/docker/certbot/deploy-hook.sh'" volumes: