This commit is contained in:
jeremygan2021
2026-03-22 23:28:36 +08:00
parent 3dd1f01483
commit 22f5d77d44

View File

@@ -515,34 +515,106 @@ EOF
# 最终验证 # 最终验证
final_verification() { final_verification() {
log_step "最终验证..." log_step "开始最终验证流程..."
# 删除临时 HTTP 配置(不再需要) # 清理所有旧的相关配置文件
log_info "清理旧配置文件..."
# 删除临时 HTTP 配置
if [[ -f "$HTTP_CONF_FILE" ]]; then if [[ -f "$HTTP_CONF_FILE" ]]; then
rm -f "$HTTP_CONF_FILE" rm -f "$HTTP_CONF_FILE"
log_info "已删除临时 HTTP 配置" log_info "已删除临时 HTTP 配置: $HTTP_CONF_FILE"
fi fi
# 删除旧的符号链接
if [[ -L "${NGINX_ENABLED}/${DOMAIN}.conf" ]]; then
rm -f "${NGINX_ENABLED}/${DOMAIN}.conf"
log_info "已删除旧符号链接: ${NGINX_ENABLED}/${DOMAIN}.conf"
fi
# 删除 sites-available 中的旧配置
if [[ -f "${NGINX_AVAILABLE}/${DOMAIN}.conf" ]]; then
rm -f "${NGINX_AVAILABLE}/${DOMAIN}.conf"
log_info "已删除旧配置: ${NGINX_AVAILABLE}/${DOMAIN}.conf"
fi
# 删除 sites-enabled 中的旧符号链接
if [[ -L "${NGINX_ENABLED}/${DOMAIN}.conf" ]]; then
rm -f "${NGINX_ENABLED}/${DOMAIN}.conf"
log_info "已删除旧符号链接: ${NGINX_ENABLED}/${DOMAIN}.conf"
fi
# 等待一下确保配置已清理
sleep 1
# 验证 nginx 配置 # 验证 nginx 配置
log_info "验证 nginx 配置..." log_step "验证 nginx 配置..."
if ! nginx -t; then if ! nginx -t; then
log_error "nginx 配置验证失败" log_error "nginx 配置验证失败"
log_error "请检查 /etc/nginx/conf.d 目录下的配置文件"
exit 1 exit 1
fi fi
log_success "nginx 配置验证通过" log_success "nginx 配置验证通过"
# 重 nginx # 重 nginx 服务(确保完全重新加载配置)
log_step "重 nginx 服务..." log_step "重 nginx 服务..."
if systemctl reload nginx >/dev/null 2>&1 || service nginx reload >/dev/null 2>&1 || nginx -s reload; then if systemctl restart nginx >/dev/null 2>&1; then
log_success "nginx 重启成功"
elif systemctl reload nginx >/dev/null 2>&1; then
log_success "nginx 重载成功" log_success "nginx 重载成功"
elif service nginx restart >/dev/null 2>&1; then
log_success "nginx 重启成功 (service 命令)"
elif service nginx reload >/dev/null 2>&1; then
log_success "nginx 重载成功 (service 命令)"
elif nginx -s reload >/dev/null 2>&1; then
log_success "nginx 重载成功 (nginx -s)"
else else
log_error "nginx 重载失败" log_error "nginx 重启/重载失败,请手动执行: systemctl restart nginx"
exit 1 exit 1
fi fi
# 清理旧的符号链接(如果存在) # 测试域名访问
if [[ -L "${NGINX_ENABLED}/${DOMAIN}.conf" ]]; then log_step "测试域名访问..."
rm -f "${NGINX_ENABLED}/${DOMAIN}.conf" echo ""
# 测试 HTTPS 访问
echo -e "${CYAN}测试 1: HTTPS 访问${NC}"
local https_response=$(curl -I -s --connect-timeout 10 "https://${DOMAIN}" 2>&1)
local https_code=$(echo "$https_response" | grep -i "HTTP/" | head -n1 | awk '{print $2}')
if [[ "$https_code" == "200" ]] || [[ "$https_code" == "301" ]] || [[ "$https_code" == "302" ]]; then
log_success "✅ HTTPS 访问成功 (HTTP $https_code)"
else
log_warn "⚠️ HTTPS 响应异常: ${https_code:-无响应}"
fi
# 测试 HTTP 跳转
echo ""
echo -e "${CYAN}测试 2: HTTP 跳转测试${NC}"
local http_response=$(curl -I -s --connect-timeout 10 "http://${DOMAIN}" 2>&1)
local http_code=$(echo "$http_response" | grep -i "HTTP/" | head -n1 | awk '{print $2}')
local location=$(echo "$http_response" | grep -i "Location:" | head -n1)
if [[ "$http_code" == "301" ]] || [[ "$http_code" == "302" ]]; then
log_success "✅ HTTP 跳转正常 (HTTP $http_code)"
if [[ -n "$location" ]]; then
log_info "跳转目标: $location"
fi
else
log_warn "⚠️ HTTP 跳转异常: ${http_code:-无响应}"
fi
# 验证 SSL 证书
echo ""
echo -e "${CYAN}测试 3: SSL 证书验证${NC}"
local ssl_verify=$(echo | openssl s_client -connect "${DOMAIN}:443" -servername "${DOMAIN}" 2>/dev/null | openssl x509 -noout -subject -dates 2>/dev/null)
if [[ -n "$ssl_verify" ]]; then
log_success "✅ SSL 证书有效"
echo "$ssl_verify" | while read line; do
log_info " $line"
done
else
log_warn "⚠️ SSL 证书验证失败"
fi fi
echo "" echo ""