Files
jiedian/scripts/enable-panel-https.sh
T
dekun 78b85c0d83 feat: enable HTTPS admin panel on port 443 for new deployments
Add Nginx SSL panel config, enable-panel-https.sh, secure Flask cookies, and update docs for https login.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-28 00:46:08 +08:00

61 lines
1.6 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/usr/bin/env bash
# 为管理面板启用 Nginx HTTPS443);install.sh 与新装/升级后调用
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ROOT_DIR="$(dirname "$SCRIPT_DIR")"
ENV_FILE="${ROOT_DIR}/.env"
[[ -f "$ENV_FILE" ]] || { echo "缺少 $ENV_FILE"; exit 1; }
# shellcheck disable=SC1090
source "$ENV_FILE"
: "${DOMAIN:?}"
: "${VPS_IP:?}"
normalize_panel_path() {
local p="${1:-}"
p="${p#/}"
p="${p%/}"
echo "$p"
}
PANEL_PATH="$(normalize_panel_path "${PANEL_PATH:-}")"
if [[ -z "$PANEL_PATH" ]]; then
echo "缺少 PANEL_PATH,请先运行 install.sh 或写入 .env"
exit 1
fi
PANEL_LOCATION="/${PANEL_PATH}/"
PANEL_PREFIX="/${PANEL_PATH}"
PANEL_ALLOW_BLOCK=""
if [[ -n "${PANEL_ALLOW_IP:-}" ]]; then
PANEL_ALLOW_BLOCK=" allow ${PANEL_ALLOW_IP};
deny all;"
fi
if [[ ! -f /etc/sing-box/certs/fullchain.pem ]] || [[ ! -f /etc/sing-box/certs/privkey.pem ]]; then
echo "缺少 TLS 证书,请先完成 install.sh 或 acme.sh 申请证书"
exit 1
fi
if command -v ufw &>/dev/null; then
ufw allow 443/tcp comment 'Panel-HTTPS' 2>/dev/null || true
fi
sed -e "s|__DOMAIN__|${DOMAIN}|g" \
-e "s|__PANEL_LOCATION__|${PANEL_LOCATION}|g" \
-e "s|__PANEL_PREFIX__|${PANEL_PREFIX}|g" \
-e "s|__PANEL_ALLOW__|${PANEL_ALLOW_BLOCK}|g" \
"$ROOT_DIR/server/nginx/panel.conf.template" \
> /etc/nginx/sites-available/jiedian-panel
ln -sf /etc/nginx/sites-available/jiedian-panel /etc/nginx/sites-enabled/jiedian-panel
rm -f /etc/nginx/sites-enabled/acme
nginx -t
systemctl reload nginx
echo "面板 HTTPS 已启用: https://${DOMAIN}${PANEL_LOCATION}"