wangfan
/
adweb-ops-scripts


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
							#!/bin/bash

#### 从临时服务器发布站点到正式环境
#### Author: chenpeiqing
#### Date: 2025-01-07

SITE_CODE=$1
DOMAIN_NAME=$2
DATABASE_NAME=$3

TEMP_DOMAIN='v3-site.adwebcloud.com'

RDS_HOST='127.0.0.1'
RDS_ADMIN='root'
RDS_PWD='Admin@123.com'

TEMP_USER_NAME='ubuntu'
TEMP_IP='35.87.155.71'
TEMP_PEM='/opt/adweb3/pem/adweb3.pem'

first_time=$(date +'%s')

#打印入参
echo "SITE_CODE":$SITE_CODE
echo "DOMAIN_NAME":$DOMAIN_NAME
echo "DATABASE_NAME":$DATABASE_NAME

#临时服务器打包项目代码和数据库文件
ssh -i $TEMP_PEM -p 22 -o IdentitiesOnly=yes $TEMP_USER_NAME@$TEMP_IP << EOF
        sudo -i
        sh /opt/adweb3/shell/bak-wpsite.sh $SITE_CODE
   exit
EOF


#创建空数据库以及指定用户
mysql -h $RDS_HOST -u$RDS_ADMIN -p$RDS_PWD<< EOF
  DROP DATABASE IF EXISTS $DATABASE_NAME;
  CREATE DATABASE $DATABASE_NAME CHARACTER SET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
  DROP USER IF EXISTS $SITE_CODE;
  CREATE USER '$SITE_CODE'@'%' IDENTIFIED BY 'Admin@123.com';
  GRANT ALL ON $DATABASE_NAME.* TO '$SITE_CODE'@'%';
  flush privileges;
  exit
EOF

#创建站点文件夹
if [ ! -d  "/usr/local/wwwroot/$DOMAIN_NAME" ]; then
     mkdir -p /usr/local/wwwroot/$DOMAIN_NAME
fi

#下载SQL文件
wget -P /usr/local/wwwroot/$DOMAIN_NAME/ http://download-template-v3.adwebcloud.com/$SITE_CODE.sql

mysql -h $RDS_HOST -u$SITE_CODE -p'Admin@123.com' $DATABASE_NAME</usr/local/wwwroot/$DOMAIN_NAME/$SITE_CODE.sql

#下载站点文件
wget -P /usr/local/wwwroot/$DOMAIN_NAME/ http://download-template-v3.adwebcloud.com/$SITE_CODE.tar.gz
tar -zxf /usr/local/wwwroot/$DOMAIN_NAME/$SITE_CODE.tar.gz -C /usr/local/wwwroot/$DOMAIN_NAME/

mv /usr/local/wwwroot/$DOMAIN_NAME/$SITE_CODE/* /usr/local/wwwroot/$DOMAIN_NAME/
rm -rf /usr/local/wwwroot/$DOMAIN_NAME/$SITE_CODE

#更新站点配置文件
chown -R www-data:www-data /usr/local/wwwroot/$DOMAIN_NAME

#替换redis object cache 键值
sed -i "s:'$SITE_CODE.$TEMP_DOMAIN':'$DOMAIN_NAME':g" /usr/local/wwwroot/$DOMAIN_NAME/wp-config.php

#替换sql数据库名称
sed -i "s:'$SITE_CODE':'$DATABASE_NAME':g" /usr/local/wwwroot/$DOMAIN_NAME/wp-config.php

#替换sql数据库用户名
sed -i "s:'adweb':'$SITE_CODE':g" /usr/local/wwwroot/$DOMAIN_NAME/wp-config.php

#替换sql数据库密码
sed -i "s:'2024_RqBQxctjakHCJVq8kmmYHQKZQGU4YMUH':'Admin@123.com':g" /usr/local/wwwroot/$DOMAIN_NAME/wp-config.php

#替换sql数据库链接地址
sed -i "s:'127.0.0.1':'$RDS_HOST':g" /usr/local/wwwroot/$DOMAIN_NAME/wp-config.php
sed -i "s:'localhost':'$RDS_HOST':g" /usr/local/wwwroot/$DOMAIN_NAME/wp-config.php

#删除下载站点文件和sql文件压缩包
cd /usr/local/wwwroot/$DOMAIN_NAME/
rm -rf $SITE_CODE.sql.tar.gz $SITE_CODE.tar.gz $SITE_CODE.sql

#更新站点域名
cp /opt/adweb3/config/wp-cli.phar /usr/local/wwwroot/$DOMAIN_NAME
cd /usr/local/wwwroot/$DOMAIN_NAME
# 解析域名
result=$(nslookup $DOMAIN_NAME | grep -Po 'Address: \K[\d.]+')
result_www=$(nslookup www.$DOMAIN_NAME | grep -Po 'Address: \K[\d.]+')

# 判断解析结果是否为空
if [ ! -z "$result" ] && [ ! -z "$result_www" ]; then
  #替换为www域名
  php ./wp-cli.phar search-replace "$SITE_CODE.$TEMP_DOMAIN" "www.$DOMAIN_NAME" --allow-root
  echo "result:"$result
  echo "result_www:"$result_www
elif [ ! -z "$result" ] && [ -z "$result_www" ]; then
  #替换域名
  php ./wp-cli.phar search-replace "$SITE_CODE.$TEMP_DOMAIN" "$DOMAIN_NAME" --allow-root
  echo "result":$result
elif [ -z "$result" ] && [ ! -z "$result_www" ]; then
  #替换为www域名
  php ./wp-cli.phar search-replace "$SITE_CODE.$TEMP_DOMAIN" "www.$DOMAIN_NAME" --allow-root
  echo "result:"$result
  echo "result_www:"$result_www
else
  echo "Parsing failed"
fi

#清除站点缓存
php ./wp-cli.phar cache flush --allow-root
rm -rf /usr/local/wwwroot/$DOMAIN_NAME/wp-cli.phar


# 重启nginx
cp /opt/adweb3/nginx_template/wp-site.conf /usr/local/openresty/nginx/vhost/$DOMAIN_NAME.conf
sed -i "s:DOMAIN_NAME:$DOMAIN_NAME:g" /usr/local/openresty/nginx/vhost/$DOMAIN_NAME.conf
echo "开始重启nginx配置"
/usr/local/openresty/nginx/sbin/nginx -s reload
echo "nginx配置重启完成"echo "开始重启nginx配置"

#生成ssl证书

echo "生成$DOMAIN_NAME的ssl证书开始："
start_time=$(date +'%s')

# 解析域名
result=$(nslookup $DOMAIN_NAME | grep -Po 'Address: \K[\d.]+')
result_www=$(nslookup www.$DOMAIN_NAME | grep -Po 'Address: \K[\d.]+')

# 判断解析结果是否为空
if [ ! -z "$result" ] && [ ! -z "$result_www" ]; then
  #生成SSL证书
  #生成位置 /root/.acme.sh/$DOMAIN_NAME
  /root/.acme.sh/acme.sh --issue -d $DOMAIN_NAME -d "www.$DOMAIN_NAME" --webroot /usr/local/wwwroot/$DOMAIN_NAME
  echo "result:"$result
  echo "result_www:"$result_www
elif [ ! -z "$result" ] && [ -z "$result_www" ]; then
  /root/.acme.sh/acme.sh --issue -d $DOMAIN_NAME  --webroot /usr/local/wwwroot/$DOMAIN_NAME
  echo "result":$result
elif [ -z "$result" ] && [ ! -z "$result_www" ]; then
  /root/.acme.sh/acme.sh --issue -d "www.$DOMAIN_NAME" --webroot /usr/local/wwwroot/$DOMAIN_NAME
  echo "result:"$result
  echo "result_www:"$result_www
else
  echo "Parsing failed"
fi


#等待30s,确保SSL证书目录生成
sleep 30

if [ -d "/root/.acme.sh/$DOMAIN_NAME" ]; then
fullchain=$(cat /root/.acme.sh/$DOMAIN_NAME/fullchain.cer)
awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "fullchain" n ".pem"}' < /root/.acme.sh/$DOMAIN_NAME/fullchain.cer
Certificate_body=$(cat fullchain.pem)
echo '[start cert.pem]'
echo $Certificate_body
echo '[end cert.pem]'

Certificate_chain=$(cat fullchain1.pem)
Certificate_chain1=$(cat fullchain2.pem)
echo '[start chain.pem]'
echo ${Certificate_chain}" "${Certificate_chain1}
echo '[end chain.pem]'

Certificate_private_key=$(cat /root/.acme.sh/$DOMAIN_NAME/*key)
echo '[start privkey.pem]'
echo $Certificate_private_key
echo '[end privkey.pem]'

rm -rf *.pem
elif [ -d "/root/.acme.sh/${DOMAIN_NAME}_ecc" ]; then
fullchain=$(cat /root/.acme.sh/${DOMAIN_NAME}_ecc/fullchain.cer)
awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "fullchain" n ".pem"}' < /root/.acme.sh/${DOMAIN_NAME}_ecc/fullchain.cer
Certificate_body=$(cat fullchain.pem)
echo '[start cert.pem]'
echo $Certificate_body
echo '[end cert.pem]'

Certificate_chain=$(cat fullchain1.pem)
Certificate_chain1=$(cat fullchain2.pem)
echo '[start chain.pem]'
echo ${Certificate_chain}" "${Certificate_chain1}
echo '[end chain.pem]'

Certificate_private_key=$(cat /root/.acme.sh/${DOMAIN_NAME}_ecc/*key)
echo '[start privkey.pem]'
echo $Certificate_private_key
echo '[end privkey.pem]'
rm -rf *.pem
else
echo "SSL Certificate not found"
fi

end_time=$(date +'%s')
echo "生成$DOMAIN_NAME的ssl证书开始花费："$((end_time - start_time))"s"

#开启nginx证书 ssl 配置
#重启nginx
sed -i "s:####::g" /usr/local/openresty/nginx/vhost/$DOMAIN_NAME.conf
echo "开始重启nginx配置"
/usr/local/openresty/nginx/sbin/nginx -s reload
echo "nginx配置重启完成"echo "开始重启nginx配置"


echo "[Creation completed]"