添加证书文件
readme
./addurl.sh 产品名称(必须和vhost中产品名字一致) 比如 : ./addurl.sh E68 addurl.sh(脚本名称,可以修改)
所有的域名文件必须已txt结尾
证书目录和 域名的文件必须在同一个目录下面
域名txt文件的名字必须和证书目录的主体名字相同,
例如: 证书文件的目录叫 longdu03.com_nginx 域名文件的名字就是 longdu03.com.txt 或 longdu03.txt 否则 会由于匹配问题找不到该文件
脚本 addcrt.sh
#!/bin/bash # Date: 2020/02/18 # Usage: Add new crts and keys and modifi config date=`date +%F_%H:%M` product=$1 crtdir="/opt/nginx/conf/crt" vhostdir="/opt/nginx/conf/vhost" RED_COLOR='\E[1;31m' GREEN_COLOR='\E[1;32m' YELLOW_COLOR='\E[1;33m' BLUE_COLOR='\E[1;34m' RES='\E[0m' newdir=`find -type d -a -name "*nginx*"` check_product_num=`find $vhostdir -type d -a -name "$product" | wc -l` ## check your options if [ -z $product ];then echo "Usage $0 E68|qile|qy" echo "Please input Your product" exit 1 elif [ $check_product_num -eq 0 ];then echo "Options ERROR, please check your product in your $vhostdir" exit 1 fi echo -e "========================${RED_COLOR} $date START ${RES} ==========================" >> log.log for i in $newdir do newname1=`echo $i| awk -F "." '{ print $(NF-1)}' | awk -F '/' '{print $2}'` newname2=`echo $i| awk -F "." '{ print $(NF-1)}' ` newcrtname=${newname1:-"$newname2"} if [ -z $newcrtname ];then echo -e "$date New filename $newcrtname is $RED_COLOR empty ${RES} , Please check." >> log.log exit 1 else echo -e "======${YELLOW_COLOR} New filename is $newcrtname ${RES} ============" echo -e "$date New filename is ${GREEN_COLOR} $newcrtname ${RES}." >> log.log fi crtnum=`find $crtdir -name "*$newcrtname*" | wc -l` newcrtfile=`ls $i/*.crt` newkeyfile=`ls $i/*.key` function process_crtdir() { if [ $crtnum -gt 0 ];then echo -e "$date $crtdir/$newcrtname is ${RED_COLOR} exist ${RES} Please check it " >> log.log exit 1 else mkdir -p $crtdir/$newcrtname if [ $? -eq 0 ];then echo -e "$date Creat new folder $crtdir/$newcrtname is ${GREEN_COLOR} successfully ${RES}" >> log.log # copy crt cp -rp $newcrtfile $crtdir/$newcrtname/ if [ $? -eq 0 ];then echo -e "$date Copy new crt $newcrtfile is ${GREEN_COLOR} successfully ${RES}" >> log.log else echo -e "$date Copy new crt $newcrtfile is ${RED_COLOR} false ${RES}. So exit" >> log.log exit 1 fi #copy key cp -rp $newkeyfile $crtdir/$newcrtname/ if [ $? -eq 0 ];then echo -e "$date Copy new crt $newkeyfile is ${GREEN_COLOR} successfully ${RES}" >> log.log else echo -e "$date Copy new crt $newkeyfile is ${RED_COLOR} false ${RES} So exit" >> log.log exit 1 fi else echo -e "$date Creat new folder $crtdir/$newcrtname is ${RED_COLOR} false ${RES} So exit" >> log.log exit 1 fi fi } process_crtdir echo "process crtdir is ok" newsslfile="server_name_e68_ssl_$newcrtname" newsslfile_num=`find $vhostdir -name "$newsslfile" | wc -l ` function process_sslfile(){ if [ $newsslfile_num -gt 0 ];then echo -e "$date $vhostdir/$newsslfile is ${RED_COLOR} exist ${RES} Please check it " >> log.log exit 1 else echo -e "server_name\n;" >> $vhostdir/$product/$newsslfile if [ $? -eq 0 ];then echo -e "$date Create new ssl file $vhostdir/$product/$newsslfile is ${GREEN_COLOR} successfully ${RES}" >> log.log else echo -e "$date Create new ssl file $vhostdir/$product/$newsslfile is ${RED_COLOR} false ${RES}. So exit" >> log.log exit 1 fi fi echo -e "Create $vhostdir/$product/$newsslfile is ${GREEN_COLOR} successfully ${RES} " newurlfile=`ls $newcrtname*.txt ` # delete blank line sed -i '/^$/d' $newurlfile # add url to nwessl file sum=0 for j in `cat $newurlfile` do sed -i '/;/ i'$j'' "$vhostdir/$product/$newsslfile" if [ $? -eq 0 ];then ((sum=sum+1)) else echo -e "$date Add $j in $vhostdir/$product/$newsslfile is ${RED_COLOR} false ${RES}. So exit" >> log.log exit 1 fi done if [ $? -eq 0 ];then echo -e "$date Add new url in $vhostdir/$product/$newsslfile is ${GREEN_COLOR} successfully ${RES}" >> log.log else echo -e "$date Add new url in $vhostdir/$product/$newsslfile is ${RED_COLOR} false ${RES}. So exit" >> log.log exit 1 fi echo -e "There are $sum url add in $vhostdir/$product/$newsslfile " } process_sslfile echo "sslfile is ok" model_configfile=`ls $vhostdir/$product/*.conf | head -n 10 | tail -n 1 ` new_configfile=ssl_"$product"_"$newcrtname".conf new_configfile_num=`find $vhostdir/$product/ -name "$new_configfile" | wc -l ` function prosee_config(){ if [ $new_configfile_num -gt 0 ];then echo -e "$date $vhostdir/$product/$new_configfile is ${RED_COLOR} exist ${RES} . So exit " >> log.log exit 1 else cp -rp $model_configfile $vhostdir/$product/$new_configfile if [ $? -eq 0 ];then echo -e "$date Create $vhostdir/$product/$new_configfile is ${GREEN_COLOR} successfully ${RES} " >> log.log else echo -e "$date Create $vhostdir/$product/$new_configfile is ${RED_COLOR} false ${RES} So exit" >> log.log exit 1 fi fi ## Modified config ## Delete strings sed -i '/include/d' $vhostdir/$product/$new_configfile if [ $? -eq 0 ];then echo -e "$date Delete include $vhostdir/$product/$new_configfile is ${GREEN_COLOR} successfully ${RES} " >> log.log else echo -e "$date Delete include $vhostdir/$product/$new_configfile is ${RED_COLOR} false ${RES} So exit " >> log.log exit1 fi sed -i '/ssl_certificate/d' $vhostdir/$product/$new_configfile if [ $? -eq 0 ];then echo -e "$date Delete ssl_certificate $vhostdir/$product/$new_configfile is ${GREEN_COLOR} successfully ${RES} " >> log.log else echo -e "$date Delete ssl_certificate $vhostdir/$product/$new_configfile is ${RED_COLOR} false ${RES} So exit" >> log.log exit1 fi ## Add strings real_newcrt_name=`echo $newcrtfile | awk -F "/" '{ print $NF}'` real_newkey_name=`echo $newkeyfile | awk -F "/" '{ print $NF}'` sed -i "/listen/a \ include vhost/$product/$newsslfile;\n include vhost/conf_global;\n include vhost/conf_proxy;" $vhostdir/$product/$new_configfile if [ $? -eq 0 ];then echo -e "$date Replace strings include in $vhostdir/$product/$new_configfile is ${GREEN_COLOR} successfully ${RES} " >> log.log else echo -e "$date Replace strings include in $vhostdir/$product/$new_configfile ${RED_COLOR} false ${RES} So exit" >> log.log exit 1 fi sed -i "/access_log/i \ ssl_certificate crt/$newcrtname/$real_newcrt_name;" $vhostdir/$product/$new_configfile sed -i "/access_log/i \ ssl_certificate_key crt/$newcrtname/$real_newkey_name;" $vhostdir/$product/$new_configfile if [ $? -eq 0 ];then echo -e "$date Replace strings sslcrt and sslkey in $vhostdir/$product/$new_configfile is ${GREEN_COLOR} successfully ${RES} " >> log.log else echo -e "$date Replace strings sslcrt and sslkey in $vhostdir/$product/$new_configfile ${RED_COLOR} false ${RES} So exit" >> log.log exit 1 fi } prosee_config echo "process config file $vhostdir/$product/$new_configfile is ok " echo -e "=============== ${BLUE_COLOR} $newcrtname done ${RES}=====================================" done #### change group and user to www chown -R www.www "$crtdir" if [ $? -eq 0 ];then echo -e "$date Change $crtdir Owner to www is ${GREEN_COLOR} successfully ${RES} " >> log.log else echo -e "$date Change $crtdir Owner to www is ${RED_COLOR} false ${RES} " >> log.log fi chown -R www.www $vhostdir if [ $? -eq 0 ];then echo -e "$date Change $vhostdir Owner to www is ${GREEN_COLOR} successfully ${RES} " >> log.log else echo -e "$date Change $vhostdir Owner to www is ${RED_COLOR} false ${RES} " >> log.log fi echo -e "*****${YELLOW_COLOR}all ok ${RES}*****"
检测。删除重复域名和 文件脚本
检测多余域名
readme
脚本和 nginx的配置需要同一个目录下面。
脚本 check.sh
#!/bin/bash for i in `find -name "server_name*"` do for j in ` cat url.txt` do urlnum=`grep -rnw "$j" $i | wc -l` if [ $urlnum -gt 0 ] ;then sed -i /$j/d $i echo "Delete $j from $i " >> check.log fi done done
脚本mvfile.sh
#!/bin/bash file=`find -name "server_name*" -a -size -16c | awk -F "\/" '{ print $2}'` bak_dir="/home/bak/vhost2020211" for i in $file do filename=`echo "$i" | awk -F "_" '{ print $NF}'` sslfile=`sudo grep -rnw "$i" ./* | awk -F ":" '{ print $1}'` echo "$i" >> log.log echo "$sslfile" >> log.log mv $i $bak_dir mv $sslfile $bak_dir done