retry_https.sh 1.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142
  1. #!/bin/bash
  2. SERVER_IP="45.61.60.10"
  3. SERVER_USER="root"
  4. SERVER_PASS="UQb9TgSwC@vwhEM"
  5. /usr/bin/expect <<EOF
  6. set timeout 120
  7. spawn ssh -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP
  8. expect {
  9. "password:" { send "$SERVER_PASS\r" }
  10. "yes/no" { send "yes\r"; exp_continue }
  11. }
  12. expect "#"
  13. send "ls -l /etc/letsencrypt/live/ccdw.xyz/fullchain.pem\r"
  14. # 使用 test 命令代替 [] 避免 Tcl 解析错误
  15. send "if test -f /etc/letsencrypt/live/ccdw.xyz/fullchain.pem; then \
  16. mv /tmp/ccdw_full.conf /etc/nginx/sites-available/ccdw.xyz.conf && ln -sf /etc/nginx/sites-available/ccdw.xyz.conf /etc/nginx/sites-enabled/ccdw.xyz.conf; \
  17. echo 'Certificate verified. Applying config...'; \
  18. else \
  19. echo 'Certificate NOT found, trying install again...'; \
  20. apt-get update && apt-get install -y certbot; \
  21. systemctl stop nginx; \
  22. killall nginx; \
  23. certbot certonly --standalone -d ccdw.xyz -d www.ccdw.xyz --email bob.yuxinyang@gmail.com --agree-tos --non-interactive; \
  24. if test -f /etc/letsencrypt/live/ccdw.xyz/fullchain.pem; then \
  25. mv /tmp/ccdw_full.conf /etc/nginx/sites-available/ccdw.xyz.conf && ln -sf /etc/nginx/sites-available/ccdw.xyz.conf /etc/nginx/sites-enabled/ccdw.xyz.conf; \
  26. fi; \
  27. fi\r"
  28. send "echo '--- RESTARTING NGINX ---'\r"
  29. send "systemctl start nginx\r"
  30. send "systemctl reload nginx\r"
  31. send "nginx -t\r"
  32. send "echo '--- VERIFYING ---'\r"
  33. send "curl -I https://ccdw.xyz\r"
  34. send "exit\r"
  35. expect eof
  36. EOF