21400700c5
Co-authored-by: Cursor <cursoragent@cursor.com>
35 lines
975 B
Bash
35 lines
975 B
Bash
#!/usr/bin/env bash
|
|
# 生成本地 HTTPS 自签证书(局域网 PWA 安装用)
|
|
# 用法: sudo bash scripts/gen_ssl_cert.sh [服务器局域网IP]
|
|
set -euo pipefail
|
|
|
|
SERVER_IP="${1:-}"
|
|
SSL_DIR="/etc/nginx/ssl"
|
|
KEY="${SSL_DIR}/trading_studio.key"
|
|
CRT="${SSL_DIR}/trading_studio.crt"
|
|
|
|
if [[ "${EUID:-0}" -ne 0 ]]; then
|
|
echo "请使用 root: sudo bash scripts/gen_ssl_cert.sh 192.168.x.x"
|
|
exit 1
|
|
fi
|
|
|
|
if [[ -z "${SERVER_IP}" ]]; then
|
|
SERVER_IP=$(hostname -I | awk '{print $1}')
|
|
echo "[INFO] 未指定 IP,使用: ${SERVER_IP}"
|
|
fi
|
|
|
|
mkdir -p "${SSL_DIR}"
|
|
|
|
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
|
|
-keyout "${KEY}" \
|
|
-out "${CRT}" \
|
|
-subj "/CN=TradingStudio/O=Trading/C=CN" \
|
|
-addext "subjectAltName=IP:${SERVER_IP},DNS:trading.local,DNS:localhost"
|
|
|
|
chmod 600 "${KEY}"
|
|
echo "[OK] 证书已生成:"
|
|
echo " ${CRT}"
|
|
echo " ${KEY}"
|
|
echo ""
|
|
echo "手机/平板首次访问 HTTPS 需点「继续访问」信任自签证书,之后即可安装 App。"
|