feat: 更新ssl证书文件命名
This commit is contained in:
9
.github/workflows/docker-image.yml
vendored
9
.github/workflows/docker-image.yml
vendored
@@ -117,11 +117,12 @@ jobs:
|
|||||||
mkdir -p ${DEPLOY_PATH}/nginx/ssl
|
mkdir -p ${DEPLOY_PATH}/nginx/ssl
|
||||||
|
|
||||||
# 如果SSL证书不存在,创建自签名证书(仅用于测试)
|
# 如果SSL证书不存在,创建自签名证书(仅用于测试)
|
||||||
if [ ! -f ${DEPLOY_PATH}/nginx/ssl/cert.pem ] || [ ! -f ${DEPLOY_PATH}/nginx/ssl/key.pem ]; then
|
if [ ! -f ${DEPLOY_PATH}/nginx/ssl/fullchain.pem ] || [ ! -f ${DEPLOY_PATH}/nginx/ssl/privkey.pem ]; then
|
||||||
echo "SSL证书不存在,创建自签名证书..."
|
echo "SSL证书不存在,创建自签名证书..."
|
||||||
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
|
openssl req -x509 -nodes -days 365 \
|
||||||
-keyout ${DEPLOY_PATH}/nginx/ssl/key.pem \
|
-newkey rsa:2048 \
|
||||||
-out ${DEPLOY_PATH}/nginx/ssl/cert.pem \
|
-keyout ${DEPLOY_PATH}/nginx/ssl/privkey.pem \
|
||||||
|
-out ${DEPLOY_PATH}/nginx/ssl/fullchain.pem \
|
||||||
-subj "/CN=localhost" \
|
-subj "/CN=localhost" \
|
||||||
-addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
|
-addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
|
||||||
echo "自签名证书创建完成"
|
echo "自签名证书创建完成"
|
||||||
|
|||||||
18
README.md
18
README.md
@@ -62,7 +62,7 @@ API_URL 处理逻辑说明:
|
|||||||
项目已集成Nginx服务,可以通过80端口(HTTP)和443端口(HTTPS)访问应用
|
项目已集成Nginx服务,可以通过80端口(HTTP)和443端口(HTTPS)访问应用
|
||||||
使用docker-compose启动:
|
使用docker-compose启动:
|
||||||
|
|
||||||
```
|
```shell
|
||||||
# 克隆仓库
|
# 克隆仓库
|
||||||
git clone https://github.com/your-username/stock-scanner.git
|
git clone https://github.com/your-username/stock-scanner.git
|
||||||
cd stock-scanner
|
cd stock-scanner
|
||||||
@@ -81,9 +81,10 @@ EOL
|
|||||||
mkdir -p nginx/ssl
|
mkdir -p nginx/ssl
|
||||||
|
|
||||||
# 生成自签名SSL证书(仅用于测试环境)
|
# 生成自签名SSL证书(仅用于测试环境)
|
||||||
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
|
openssl req -x509 -nodes -days 365 \
|
||||||
-keyout nginx/ssl/key.pem \
|
-newkey rsa:2048 \
|
||||||
-out nginx/ssl/cert.pem \
|
-keyout nginx/ssl/privkey.pem \
|
||||||
|
-out nginx/ssl/fullchain.pem \
|
||||||
-subj "/CN=localhost" \
|
-subj "/CN=localhost" \
|
||||||
-addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
|
-addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
|
||||||
|
|
||||||
@@ -91,18 +92,16 @@ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
|
|||||||
docker-compose up -d
|
docker-compose up -d
|
||||||
```
|
```
|
||||||
|
|
||||||
启动后可通过以下方式访问应用:
|
|
||||||
- HTTP: http://你的域名或ip
|
|
||||||
- HTTPS: https://你的域名或ip
|
|
||||||
|
|
||||||
### 使用自己的SSL证书
|
### 使用自己的SSL证书
|
||||||
|
|
||||||
如果您有自己的SSL证书,可以替换自签名证书:
|
如果您有自己的SSL证书,可以替换自签名证书:
|
||||||
|
|
||||||
1. 将您的证书文件放在 `nginx/ssl/` 目录下
|
1. 将您的证书文件放在 `nginx/ssl/` 目录下
|
||||||
2. 确保证书文件命名为 `cert.pem`,私钥文件命名为 `key.pem`
|
2. 确保证书文件命名为 `fullchain.pem`,私钥文件命名为 `privkey.pem`
|
||||||
3. 重启服务: `docker-compose restart nginx`
|
3. 重启服务: `docker-compose restart nginx`
|
||||||
|
|
||||||
|
相关参考:[免费泛域名 SSL 证书申请及自动续期(使用 1Panel 面板)](https://bronya-zaychik.cn/archives/GenSSL.html)
|
||||||
|
|
||||||
## Github Actions 部署
|
## Github Actions 部署
|
||||||
|
|
||||||
| 环境变量 | 说明 |
|
| 环境变量 | 说明 |
|
||||||
@@ -120,7 +119,6 @@ docker-compose up -d
|
|||||||
- 股票分析仅供参考,不构成投资建议
|
- 股票分析仅供参考,不构成投资建议
|
||||||
- 使用前请确保网络连接正常
|
- 使用前请确保网络连接正常
|
||||||
- 建议在实盘前充分测试
|
- 建议在实盘前充分测试
|
||||||
- 使用HTTPS可以提高数据传输的安全性
|
|
||||||
|
|
||||||
## 贡献 (Contributing)
|
## 贡献 (Contributing)
|
||||||
欢迎提交 issues 和 pull requests!
|
欢迎提交 issues 和 pull requests!
|
||||||
|
|||||||
@@ -1,3 +1,5 @@
|
|||||||
|
# 用于GitHub Actions自动化部署流程
|
||||||
|
|
||||||
version: '3.8'
|
version: '3.8'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
|||||||
@@ -1,3 +1,5 @@
|
|||||||
|
# 本地开发和手动构建场景
|
||||||
|
|
||||||
version: '3.8'
|
version: '3.8'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
|||||||
@@ -4,8 +4,8 @@ server {
|
|||||||
server_name localhost;
|
server_name localhost;
|
||||||
|
|
||||||
# SSL证书配置
|
# SSL证书配置
|
||||||
ssl_certificate /etc/nginx/ssl/cert.pem;
|
ssl_certificate /etc/nginx/ssl/fullchain.pem;
|
||||||
ssl_certificate_key /etc/nginx/ssl/key.pem;
|
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
|
||||||
ssl_protocols TLSv1.2 TLSv1.3;
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
|
|||||||
Reference in New Issue
Block a user