bivashy/Blitz-Proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔒 Improve SSL certificate handling with auto-renewal detection

Browse Source
This commit is contained in:
Whispering Wind
2025-04-27 23:05:30 +03:30
committed by GitHub
parent 0dfe4277c3
commit 15780cf43a
1 changed files with 23 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
core/scripts/normalsub/normalsub.sh
View File

@ -2,16 +2,6 @@
source /etc/hysteria/core/scripts/utils.sh source /etc/hysteria/core/scripts/utils.sh
define_colors define_colors
# install_dependencies() {
# echo "Installing necessary dependencies..."
# apt-get install certbot -y > /dev/null 2>&1
# if [ $? -ne 0 ]; then
# echo -e "${red}Error: Failed to install certbot. ${NC}"
# exit 1
# fi
# echo -e "${green}Certbot installed successfully. ${NC}"
# }
update_env_file() { update_env_file() {
local domain=$1 local domain=$1
local port=$2 local port=$2
@ -54,15 +44,24 @@ start_service() {
return return
fi fi
# install_dependencies echo "Checking SSL certificates for $domain..."
# systemctl stop caddy.service > /dev/null 2>&1 # We stopped caddy service just after its installation if certbot certificates | grep -q "$domain"; then
echo -e "${yellow}Certificate for $domain already exists. Renewing...${NC}"
echo "Generating SSL certificates for $domain..." certbot renew --cert-name "$domain"
if [ $? -ne 0 ]; then
echo -e "${red}Error: Failed to renew SSL certificate. ${NC}"
exit 1
fi
echo -e "${green}Certificate renewed successfully. ${NC}"
else
echo -e "${yellow}Requesting new certificate for $domain...${NC}"
certbot certonly --standalone --agree-tos --register-unsafely-without-email -d "$domain" certbot certonly --standalone --agree-tos --register-unsafely-without-email -d "$domain"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo -e "${red}Error: Failed to generate SSL certificates. ${NC}" echo -e "${red}Error: Failed to generate SSL certificate. ${NC}"
exit 1 exit 1
fi fi
echo -e "${green}Certificate generated successfully. ${NC}"
fi
update_env_file "$domain" "$port" update_env_file "$domain" "$port"
create_service_file create_service_file
@ -86,12 +85,12 @@ stop_service() {
source /etc/hysteria/core/scripts/normalsub/.env source /etc/hysteria/core/scripts/normalsub/.env
fi fi
if [ -n "$HYSTERIA_DOMAIN" ]; then # if [ -n "$HYSTERIA_DOMAIN" ]; then
echo -e "${yellow}Deleting SSL certificate for domain: $HYSTERIA_DOMAIN...${NC}" # echo -e "${yellow}Deleting SSL certificate for domain: $HYSTERIA_DOMAIN...${NC}"
certbot delete --cert-name "$HYSTERIA_DOMAIN" --non-interactive > /dev/null 2>&1 # certbot delete --cert-name "$HYSTERIA_DOMAIN" --non-interactive > /dev/null 2>&1
else # else
echo -e "${red}HYSTERIA_DOMAIN not found in .env. Skipping certificate deletion.${NC}" # echo -e "${red}HYSTERIA_DOMAIN not found in .env. Skipping certificate deletion.${NC}"
fi # fi
systemctl stop hysteria-normal-sub.service > /dev/null 2>&1 systemctl stop hysteria-normal-sub.service > /dev/null 2>&1
systemctl disable hysteria-normal-sub.service > /dev/null 2>&1 systemctl disable hysteria-normal-sub.service > /dev/null 2>&1