diff --git a/bazhong.sh b/bazhong.sh index f67b5c6..0c01bbf 100755 --- a/bazhong.sh +++ b/bazhong.sh @@ -46,17 +46,17 @@ export KAFKA_DOMAIN=kafka.${DOMAIN_END} #域名证书位置写在这边 #dsp.bazhongfeifu.com hhz.bazhongfeifu.com minio.bazhongfeifu.com oidc.bazhongfeifu.com srs.bazhongfeifu.com -export DSP_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/dsp/ -export DSP_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/dsp/ +export DSP_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/dsp/dsp.bazhongfeifu.com.pem +export DSP_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/dsp/dsp.bazhongfeifu.com.key -export HHZ_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/hhz/ -export HHZ_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/hhz/ +export HHZ_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/hhz/hhz.bazhongfeifu.com.pem +export HHZ_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/hhz/hhz.bazhongfeifu.com.key -export MINIO_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/minio/ -export MINIO_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/minio/ +export MINIO_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/minio/minio.bazhongfeifu.com.pem +export MINIO_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/minio/minio.bazhongfeifu.com.key -export OIDC_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/oidc/ -export OIDC_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/oidc/ +export OIDC_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/oidc/oidc.bazhongfeifu.com.pem +export OIDC_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/oidc/oidc.bazhongfeifu.com.key -export SRS_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/srs/ -export SRS_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/srs/ +export SRS_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/srs/srs.bazhongfeifu.com.pem +export SRS_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/certs/srs/srs.bazhongfeifu.com.key diff --git a/start/nginx.sh b/start/nginx.sh index a8383d6..957a93f 100755 --- a/start/nginx.sh +++ b/start/nginx.sh @@ -35,37 +35,67 @@ DOCKER_RUN_CMD="docker run --pull always -d \ # 如果配置了证书,添加证书挂载 if [ ! -z "${DSP_PEM_PATH}" ] && [ ! -z "${DSP_KEY_PATH}" ]; then echo "检测到DSP证书配置,将挂载证书文件..." + # if [ ! -f "${DSP_PEM_PATH}" ] || [ ! -f "${DSP_KEY_PATH}" ]; then + # echo "错误:DSP证书文件不存在!" + # echo "PEM文件路径: ${DSP_PEM_PATH}" + # echo "KEY文件路径: ${DSP_KEY_PATH}" + # exit 1 + # fi DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \ ---volume ${DSP_PEM_PATH}:/etc/nginx/dsp.pem \ ---volume ${DSP_KEY_PATH}:/etc/nginx/dsp.key" +--mount type=bind,source=${DSP_PEM_PATH},target=/etc/nginx/dsp.pem,readonly \ +--mount type=bind,source=${DSP_KEY_PATH},target=/etc/nginx/dsp.key,readonly" fi if [ ! -z "${HHZ_PEM_PATH}" ] && [ ! -z "${HHZ_KEY_PATH}" ]; then echo "检测到HHZ证书配置,将挂载证书文件..." + # if [ ! -f "${HHZ_PEM_PATH}" ] || [ ! -f "${HHZ_KEY_PATH}" ]; then + # echo "错误:HHZ证书文件不存在!" + # echo "PEM文件路径: ${HHZ_PEM_PATH}" + # echo "KEY文件路径: ${HHZ_KEY_PATH}" + # exit 1 + # fi DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \ ---volume ${HHZ_PEM_PATH}:/etc/nginx/hhz.pem \ ---volume ${HHZ_KEY_PATH}:/etc/nginx/hhz.key" +--mount type=bind,source=${HHZ_PEM_PATH},target=/etc/nginx/hhz.pem,readonly \ +--mount type=bind,source=${HHZ_KEY_PATH},target=/etc/nginx/hhz.key,readonly" fi if [ ! -z "${MINIO_PEM_PATH}" ] && [ ! -z "${MINIO_KEY_PATH}" ]; then echo "检测到MINIO证书配置,将挂载证书文件..." + # if [ ! -f "${MINIO_PEM_PATH}" ] || [ ! -f "${MINIO_KEY_PATH}" ]; then + # echo "错误:MINIO证书文件不存在!" + # echo "PEM文件路径: ${MINIO_PEM_PATH}" + # echo "KEY文件路径: ${MINIO_KEY_PATH}" + # exit 1 + # fi DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \ ---volume ${MINIO_PEM_PATH}:/etc/nginx/minio.pem \ ---volume ${MINIO_KEY_PATH}:/etc/nginx/minio.key" +--mount type=bind,source=${MINIO_PEM_PATH},target=/etc/nginx/minio.pem,readonly \ +--mount type=bind,source=${MINIO_KEY_PATH},target=/etc/nginx/minio.key,readonly" fi if [ ! -z "${OIDC_PEM_PATH}" ] && [ ! -z "${OIDC_KEY_PATH}" ]; then echo "检测到OIDC证书配置,将挂载证书文件..." + # if [ ! -f "${OIDC_PEM_PATH}" ] || [ ! -f "${OIDC_KEY_PATH}" ]; then + # echo "错误:OIDC证书文件不存在!" + # echo "PEM文件路径: ${OIDC_PEM_PATH}" + # echo "KEY文件路径: ${OIDC_KEY_PATH}" + # exit 1 + # fi DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \ ---volume ${OIDC_PEM_PATH}:/etc/nginx/oidc.pem \ ---volume ${OIDC_KEY_PATH}:/etc/nginx/oidc.key" +--mount type=bind,source=${OIDC_PEM_PATH},target=/etc/nginx/oidc.pem,readonly \ +--mount type=bind,source=${OIDC_KEY_PATH},target=/etc/nginx/oidc.key,readonly" fi if [ ! -z "${SRS_PEM_PATH}" ] && [ ! -z "${SRS_KEY_PATH}" ]; then echo "检测到SRS证书配置,将挂载证书文件..." + # if [ ! -f "${SRS_PEM_PATH}" ] || [ ! -f "${SRS_KEY_PATH}" ]; then + # echo "错误:SRS证书文件不存在!" + # echo "PEM文件路径: ${SRS_PEM_PATH}" + # echo "KEY文件路径: ${SRS_KEY_PATH}" + # exit 1 + # fi DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \ ---volume ${SRS_PEM_PATH}:/etc/nginx/srs.pem \ ---volume ${SRS_KEY_PATH}:/etc/nginx/srs.key" +--mount type=bind,source=${SRS_PEM_PATH},target=/etc/nginx/srs.pem,readonly \ +--mount type=bind,source=${SRS_KEY_PATH},target=/etc/nginx/srs.key,readonly" fi echo "镜像名字------" @@ -86,6 +116,4 @@ if [ $? -eq 0 ]; then else echo "错误:Nginx 容器启动失败!" exit 1 -fi - - \ No newline at end of file +fi \ No newline at end of file