From ad9787942fdd05cc3e35c39120e8bfca957daa1a Mon Sep 17 00:00:00 2001 From: dekun Date: Tue, 16 Jun 2026 09:01:06 +0800 Subject: [PATCH] fix: install TLS certs before sing-box check Hysteria2 inbound validates certificate paths during check; copy acme.sh certs to /etc/sing-box/certs before running sing-box check. Co-authored-by: Cursor --- scripts/install.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/scripts/install.sh b/scripts/install.sh index d7c7b9a..ea80e23 100644 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -101,6 +101,11 @@ if [[ ! -f "/root/.acme.sh/${DOMAIN}_ecc/fullchain.cer" ]]; then /root/.acme.sh/acme.sh --issue -d "$DOMAIN" -w /var/www/acme --force fi +log "安装 TLS 证书到 sing-box ..." +/root/.acme.sh/acme.sh --install-cert -d "$DOMAIN" \ + --key-file /etc/sing-box/certs/privkey.pem \ + --fullchain-file /etc/sing-box/certs/fullchain.pem + log "生成 sing-box 服务端配置 ..." mkdir -p /etc/sing-box/certs sed -e "s|\${UUID}|${UUID}|g" \ @@ -134,7 +139,7 @@ UNIT systemctl daemon-reload systemctl enable sing-box -log "安装 TLS 证书到 sing-box ..." +log "注册证书续期 reload 命令 ..." /root/.acme.sh/acme.sh --install-cert -d "$DOMAIN" \ --key-file /etc/sing-box/certs/privkey.pem \ --fullchain-file /etc/sing-box/certs/fullchain.pem \