diff --git a/trojan.sh b/trojan.sh index bb26db3..048d6ce 100644 --- a/trojan.sh +++ b/trojan.sh @@ -11,7 +11,7 @@ function red(){ function version_lt(){ test "$(echo "$@" | tr " " "\n" | sort -rV | head -n 1)" != "$1"; } - + source /etc/os-release RELEASE=$ID VERSION=$VERSION_ID @@ -26,7 +26,7 @@ elif [ "$RELEASE" == "ubuntu" ]; then systemPackage="apt-get" fi systempwd="/etc/systemd/system/" - + function install_trojan(){ $systemPackage install -y nginx if [ ! -d "/etc/nginx/" ]; then @@ -102,7 +102,7 @@ EOF mkdir /usr/src/trojan-cert/$your_domain ~/.acme.sh/acme.sh --register-account -m myemail@example.com --server zerossl ~/.acme.sh/acme.sh --issue -d $your_domain --nginx - if test -s /root/.acme.sh/$your_domain/fullchain.cer; then + if test -s /root/.acme.sh/$your_domain_ecc/fullchain.cer; then cert_success="1" fi fi @@ -286,7 +286,7 @@ EOF fi } function preinstall_check(){ - + nginx_status=`ps -aux | grep "nginx: worker" |grep -v "grep"` if [ -n "$nginx_status" ]; then systemctl stop nginx @@ -406,7 +406,7 @@ function preinstall_check(){ fi fi } - + function repair_cert(){ systemctl stop nginx #iptables -I INPUT -p tcp --dport 80 -j ACCEPT @@ -427,19 +427,34 @@ function repair_cert(){ real_addr=`ping ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'` local_addr=`curl ipv4.icanhazip.com` if [ $real_addr == $local_addr ] ; then - ~/.acme.sh/acme.sh --register-account -m myemail@example.com --server zerossl - ~/.acme.sh/acme.sh --issue -d $your_domain --standalone - ~/.acme.sh/acme.sh --installcert -d $your_domain \ - --key-file /usr/src/trojan-cert/$your_domain/private.key \ - --fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \ - --reloadcmd "systemctl restart trojan" - if test -s /usr/src/trojan-cert/$your_domain/fullchain.cer; then - green "证书申请成功" - systemctl restart trojan - systemctl start nginx - else - red "申请证书失败" - fi + if [ -f "/usr/src/trojan-cert/$your_domain/fullchain.cer" ]; then + cd /usr/src/trojan-cert/$your_domain + create_time=`stat -c %Y fullchain.cer` + now_time=`date +%s` + minus=$(($now_time - $create_time )) + if [ $minus -gt 5184000 ]; then + ~/.acme.sh/acme.sh --register-account -m myemail@example.com --server zerossl + ~/.acme.sh/acme.sh --issue -d $your_domain --standalone + ~/.acme.sh/acme.sh --installcert -d $your_domain \ + --key-file /usr/src/trojan-cert/$your_domain/private.key \ + --fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \ + --reloadcmd "systemctl restart trojan" + if test -s /usr/src/trojan-cert/$your_domain/fullchain.cer; then + green "证书申请成功" + systemctl restart trojan + systemctl start nginx + else + red "申请证书失败" + fi + else + ~/.acme.sh/acme.sh --installcert -d $your_domain \ + --key-file /usr/src/trojan-cert/$your_domain/private.key \ + --fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \ + --reloadcmd "systemctl restart trojan" + green "检测到域名$your_domain证书存在且未超过60天,无需重新申请" + cert_success="1" + fi + fi else red "================================" red "域名解析地址与本VPS IP地址不一致" @@ -447,7 +462,7 @@ function repair_cert(){ red "================================" fi } - + function remove_trojan(){ red "================================" red "即将卸载trojan" @@ -475,7 +490,7 @@ function remove_trojan(){ green "trojan删除完毕" green "==============" } - + function update_trojan(){ /usr/src/trojan/trojan -v 2>trojan.tmp curr_version=`cat trojan.tmp | grep "trojan" | awk '{print $4}'` @@ -500,9 +515,9 @@ function update_trojan(){ } - + function install_acme(){ - file_path="~/.acme.sh/acme.sh/" + file_path="/root/.acme.sh/acme.sh" if [ -f "$file_path" ] then red "$file_path 已存在" @@ -511,7 +526,7 @@ function install_acme(){ curl https://get.acme.sh | sh fi } - + start_menu(){ clear green " =======================================" @@ -557,5 +572,5 @@ start_menu(){ ;; esac } - -start_menu + +start_menu \ No newline at end of file