| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- #!/bin/sh
- # 定义证书路径
- CERT_DIR="/etc/nginx/certs"
- CRT_FILE="$CERT_DIR/server.crt"
- KEY_FILE="$CERT_DIR/server.key"
- # 确保目录存在
- mkdir -p "$CERT_DIR"
- # 如果证书不存在,生成自签名证书以防止Nginx启动失败
- if [ ! -f "$CRT_FILE" ] || [ ! -f "$KEY_FILE" ]; then
- echo "SSL certificates not found. Generating self-signed certificates..."
- openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
- -keyout "$KEY_FILE" \
- -out "$CRT_FILE" \
- -subj "/C=CN/ST=State/L=City/O=Organization/CN=localhost"
- echo "Self-signed certificates generated."
- fi
- # 启动 Nginx (后台运行)
- echo "Starting Nginx..."
- nginx -g "daemon on;"
- # 启动文件监控循环
- echo "Starting SSL certificate monitor..."
- while true; do
- # 监控 /etc/nginx/certs 目录下的 modify, move, create, delete 事件
- inotifywait -e modify,move,create,delete -r "$CERT_DIR"
-
- echo "Certificate change detected. Testing configuration..."
- nginx -t
- if [ $? -eq 0 ]; then
- echo "Configuration valid. Reloading Nginx..."
- nginx -s reload
- else
- echo "Configuration invalid. Skipping reload."
- fi
- done
|
