设置acme.json权限为600以便能自动申请SSL证书
This commit is contained in:
parent
c6248b67c0
commit
7f26f9f1dd
@ -447,9 +447,9 @@ get_or_assign_port() {
|
||||
fi
|
||||
fi
|
||||
|
||||
# 如果没有保存过,则保存端口分配
|
||||
# 如果没有保存过,则保存端口分配(重定向日志输出)
|
||||
if [ "$already_saved" = false ]; then
|
||||
save_port_assignment "$site_name" "$port"
|
||||
save_port_assignment "$site_name" "$port" >/dev/null 2>&1
|
||||
fi
|
||||
|
||||
echo "$port"
|
||||
@ -542,8 +542,8 @@ create_env_file() {
|
||||
# 获取项目端口
|
||||
local project_port=$(get_or_assign_port "$SITE_NAME")
|
||||
|
||||
# 更新SITE_URL以使用分配的端口
|
||||
local site_url_with_port=$(echo "$SITE_URL" | sed "s|:[0-9]*|:$project_port|")
|
||||
# 构建本地地址URL(用于PUBLIC_SITE_URL)
|
||||
local public_site_url="http://127.0.0.1:$project_port"
|
||||
|
||||
# 检查.env文件是否已存在
|
||||
if [ -f "/home/jingrow/jsite/$SITE_NAME/.env" ]; then
|
||||
@ -557,7 +557,7 @@ create_env_file() {
|
||||
|
||||
# 创建.env文件
|
||||
cat > "/home/jingrow/jsite/$SITE_NAME/.env" << EOF
|
||||
PUBLIC_SITE_URL=$site_url_with_port
|
||||
PUBLIC_SITE_URL=$public_site_url
|
||||
|
||||
REVALIDATE_TOKEN=$REVALIDATE_TOKEN
|
||||
|
||||
@ -566,16 +566,13 @@ JINGROW_SITE_NAME=$SITE_NAME
|
||||
JINGROW_SERVER_URL=$SERVER_URL
|
||||
JINGROW_API_KEY=$API_KEY
|
||||
JINGROW_API_SECRET=$API_SECRET
|
||||
|
||||
# 项目端口配置
|
||||
PORT=$project_port
|
||||
EOF
|
||||
|
||||
# 设置文件权限
|
||||
chown jingrow:jingrow "/home/jingrow/jsite/$SITE_NAME/.env"
|
||||
chmod 600 "/home/jingrow/jsite/$SITE_NAME/.env"
|
||||
|
||||
log_success ".env文件创建完成 (端口: $project_port)"
|
||||
log_success ".env文件创建完成 (端口: $project_port, PUBLIC_SITE_URL: $public_site_url)"
|
||||
}
|
||||
|
||||
# 4.5. 创建PM2配置文件
|
||||
@ -790,6 +787,15 @@ install_traefik() {
|
||||
# 设置目录权限
|
||||
chown -R jingrow:jingrow /home/jingrow/traefik-docker
|
||||
log_success "设置traefik目录权限"
|
||||
|
||||
# 设置 acme.json 文件权限(Let's Encrypt 要求 600 权限)
|
||||
if [ -f "/home/jingrow/traefik-docker/acme.json" ]; then
|
||||
chmod 600 /home/jingrow/traefik-docker/acme.json
|
||||
chown jingrow:jingrow /home/jingrow/traefik-docker/acme.json
|
||||
log_success "设置 acme.json 文件权限为 600"
|
||||
else
|
||||
log_warning "acme.json 文件不存在,请检查 Traefik 配置"
|
||||
fi
|
||||
}
|
||||
|
||||
# 6. 安装Docker(如果未安装)
|
||||
@ -980,6 +986,36 @@ install_project_dependencies() {
|
||||
fi
|
||||
|
||||
log_success "项目依赖安装完成"
|
||||
|
||||
# 构建项目
|
||||
log_info "构建jsite/$SITE_NAME项目..."
|
||||
|
||||
# 获取当前内存大小(MB)并减去200MB作为构建内存限制
|
||||
local total_memory_mb=$(free -m | awk 'NR==2{print $2}')
|
||||
local build_memory_mb=$((total_memory_mb - 300))
|
||||
|
||||
# 确保内存限制至少为512MB
|
||||
if [ "$build_memory_mb" -lt 512 ]; then
|
||||
build_memory_mb=512
|
||||
log_warning "可用内存不足,设置构建内存限制为512MB"
|
||||
fi
|
||||
|
||||
log_info "设置构建内存限制为 ${build_memory_mb}MB (总内存: ${total_memory_mb}MB)"
|
||||
|
||||
su - jingrow -c "
|
||||
export NVM_DIR=\"\$HOME/.nvm\"
|
||||
[ -s \"\$NVM_DIR/nvm.sh\" ] && \. \"\$NVM_DIR/nvm.sh\"
|
||||
export NODE_OPTIONS=\"--max-old-space-size=$build_memory_mb\"
|
||||
cd /home/jingrow/jsite/$SITE_NAME
|
||||
npm run build
|
||||
"
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
log_error "项目构建失败"
|
||||
return 1
|
||||
fi
|
||||
|
||||
log_success "项目构建完成 (内存限制: ${build_memory_mb}MB)"
|
||||
}
|
||||
|
||||
# 9. 显示部署信息
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user