lua/apisix
1
0
Fork 0
Code Pull Requests Activity
apisix/ssl_manager/fix_webroot_route.sh

72 lines
2.5 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# 修复 webroot 路由配置,解决 HTTP-01 验证问题
set -e
APISIX_ADMIN_URL="${APISIX_ADMIN_URL:-http://localhost:9180}"
APISIX_ADMIN_KEY="${APISIX_ADMIN_KEY:-8206e6e42b6b53243c52a767cc633137}"
echo "修复 webroot 路由配置..."
# 获取所有需要配置的域名(从路由中提取)
DOMAINS=$(curl -s "${APISIX_ADMIN_URL}/apisix/admin/routes" \
-H "X-API-KEY: ${APISIX_ADMIN_KEY}" \
| python3 -c "
import sys, json
try:
data = json.load(sys.stdin)
routes = data.get('list', [])
domains = set()
for r in routes:
host = r.get('value', {}).get('host')
if host and host not in ['localhost', '127.0.0.1']:
domains.add(host)
print(' '.join(domains))
except:
print('')
" 2>/dev/null || echo "")
if [ -z "$DOMAINS" ]; then
echo "未找到域名,使用默认配置"
DOMAINS="jingrowtools.cn"
fi
echo "找到域名: $DOMAINS"
# 创建统一的 webroot 路由(适用于所有域名,不指定 host
echo "创建统一的 webroot 验证路由(适用于所有域名)..."
ROUTE_ID="certbot-webroot"
# 创建/更新 webroot 路由
RESPONSE=$(curl -s -X PUT "${APISIX_ADMIN_URL}/apisix/admin/routes/${ROUTE_ID}" \
-H "X-API-KEY: ${APISIX_ADMIN_KEY}" \
-H "Content-Type: application/json" \
-d "{
\"uri\": \"/.well-known/acme-challenge/*\",
\"name\": \"certbot-webroot\",
\"priority\": 10000,
\"plugins\": {
\"serverless-pre-function\": {
\"phase\": \"rewrite\",
\"functions\": [
\"return function(conf, ctx) local uri = ctx.var.uri; local token = string.match(uri, '/%.well%-known/acme%-challenge/(.+)'); if not token then ngx.status = 404; ngx.say('Token not found in URI: ' .. (uri or 'nil')); return; end; local path = '/var/www/certbot/.well-known/acme-challenge/' .. token; local file = io.open(path, 'r'); if file then local content = file:read('*all'); file:close(); ngx.header.content_type = 'text/plain'; ngx.say(content); else ngx.status = 404; ngx.say('File not found: ' .. path); end end\"
]
}
},
\"status\": 1
}")
if echo "$RESPONSE" | grep -q '"value"'; then
echo "✅ Webroot 路由配置成功(适用于所有域名)"
else
echo "❌ Webroot 路由配置失败: $RESPONSE"
fi
echo ""
echo "修复完成!"
echo ""
echo "测试验证路径:"
echo " echo 'test-token' | sudo tee /var/www/certbot/.well-known/acme-challenge/test-token"
echo " curl http://jingrowtools.cn/.well-known/acme-challenge/test-token"
View Git Blame Copy Permalink