create
This commit is contained in:
@@ -515,34 +515,106 @@ EOF
|
||||
|
||||
# 最终验证
|
||||
final_verification() {
|
||||
log_step "最终验证..."
|
||||
log_step "开始最终验证流程..."
|
||||
|
||||
# 删除临时 HTTP 配置(不再需要)
|
||||
# 清理所有旧的相关配置文件
|
||||
log_info "清理旧配置文件..."
|
||||
|
||||
# 删除临时 HTTP 配置
|
||||
if [[ -f "$HTTP_CONF_FILE" ]]; then
|
||||
rm -f "$HTTP_CONF_FILE"
|
||||
log_info "已删除临时 HTTP 配置"
|
||||
log_info "已删除临时 HTTP 配置: $HTTP_CONF_FILE"
|
||||
fi
|
||||
|
||||
# 删除旧的符号链接
|
||||
if [[ -L "${NGINX_ENABLED}/${DOMAIN}.conf" ]]; then
|
||||
rm -f "${NGINX_ENABLED}/${DOMAIN}.conf"
|
||||
log_info "已删除旧符号链接: ${NGINX_ENABLED}/${DOMAIN}.conf"
|
||||
fi
|
||||
|
||||
# 删除 sites-available 中的旧配置
|
||||
if [[ -f "${NGINX_AVAILABLE}/${DOMAIN}.conf" ]]; then
|
||||
rm -f "${NGINX_AVAILABLE}/${DOMAIN}.conf"
|
||||
log_info "已删除旧配置: ${NGINX_AVAILABLE}/${DOMAIN}.conf"
|
||||
fi
|
||||
|
||||
# 删除 sites-enabled 中的旧符号链接
|
||||
if [[ -L "${NGINX_ENABLED}/${DOMAIN}.conf" ]]; then
|
||||
rm -f "${NGINX_ENABLED}/${DOMAIN}.conf"
|
||||
log_info "已删除旧符号链接: ${NGINX_ENABLED}/${DOMAIN}.conf"
|
||||
fi
|
||||
|
||||
# 等待一下确保配置已清理
|
||||
sleep 1
|
||||
|
||||
# 验证 nginx 配置
|
||||
log_info "验证 nginx 配置..."
|
||||
log_step "验证 nginx 配置..."
|
||||
if ! nginx -t; then
|
||||
log_error "nginx 配置验证失败"
|
||||
log_error "请检查 /etc/nginx/conf.d 目录下的配置文件"
|
||||
exit 1
|
||||
fi
|
||||
log_success "nginx 配置验证通过"
|
||||
|
||||
# 重载 nginx
|
||||
log_step "重载 nginx 服务..."
|
||||
if systemctl reload nginx >/dev/null 2>&1 || service nginx reload >/dev/null 2>&1 || nginx -s reload; then
|
||||
# 重启 nginx 服务(确保完全重新加载配置)
|
||||
log_step "重启 nginx 服务..."
|
||||
if systemctl restart nginx >/dev/null 2>&1; then
|
||||
log_success "nginx 重启成功"
|
||||
elif systemctl reload nginx >/dev/null 2>&1; then
|
||||
log_success "nginx 重载成功"
|
||||
elif service nginx restart >/dev/null 2>&1; then
|
||||
log_success "nginx 重启成功 (service 命令)"
|
||||
elif service nginx reload >/dev/null 2>&1; then
|
||||
log_success "nginx 重载成功 (service 命令)"
|
||||
elif nginx -s reload >/dev/null 2>&1; then
|
||||
log_success "nginx 重载成功 (nginx -s)"
|
||||
else
|
||||
log_error "nginx 重载失败"
|
||||
log_error "nginx 重启/重载失败,请手动执行: systemctl restart nginx"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 清理旧的符号链接(如果存在)
|
||||
if [[ -L "${NGINX_ENABLED}/${DOMAIN}.conf" ]]; then
|
||||
rm -f "${NGINX_ENABLED}/${DOMAIN}.conf"
|
||||
# 测试域名访问
|
||||
log_step "测试域名访问..."
|
||||
echo ""
|
||||
|
||||
# 测试 HTTPS 访问
|
||||
echo -e "${CYAN}测试 1: HTTPS 访问${NC}"
|
||||
local https_response=$(curl -I -s --connect-timeout 10 "https://${DOMAIN}" 2>&1)
|
||||
local https_code=$(echo "$https_response" | grep -i "HTTP/" | head -n1 | awk '{print $2}')
|
||||
|
||||
if [[ "$https_code" == "200" ]] || [[ "$https_code" == "301" ]] || [[ "$https_code" == "302" ]]; then
|
||||
log_success "✅ HTTPS 访问成功 (HTTP $https_code)"
|
||||
else
|
||||
log_warn "⚠️ HTTPS 响应异常: ${https_code:-无响应}"
|
||||
fi
|
||||
|
||||
# 测试 HTTP 跳转
|
||||
echo ""
|
||||
echo -e "${CYAN}测试 2: HTTP 跳转测试${NC}"
|
||||
local http_response=$(curl -I -s --connect-timeout 10 "http://${DOMAIN}" 2>&1)
|
||||
local http_code=$(echo "$http_response" | grep -i "HTTP/" | head -n1 | awk '{print $2}')
|
||||
local location=$(echo "$http_response" | grep -i "Location:" | head -n1)
|
||||
|
||||
if [[ "$http_code" == "301" ]] || [[ "$http_code" == "302" ]]; then
|
||||
log_success "✅ HTTP 跳转正常 (HTTP $http_code)"
|
||||
if [[ -n "$location" ]]; then
|
||||
log_info "跳转目标: $location"
|
||||
fi
|
||||
else
|
||||
log_warn "⚠️ HTTP 跳转异常: ${http_code:-无响应}"
|
||||
fi
|
||||
|
||||
# 验证 SSL 证书
|
||||
echo ""
|
||||
echo -e "${CYAN}测试 3: SSL 证书验证${NC}"
|
||||
local ssl_verify=$(echo | openssl s_client -connect "${DOMAIN}:443" -servername "${DOMAIN}" 2>/dev/null | openssl x509 -noout -subject -dates 2>/dev/null)
|
||||
if [[ -n "$ssl_verify" ]]; then
|
||||
log_success "✅ SSL 证书有效"
|
||||
echo "$ssl_verify" | while read line; do
|
||||
log_info " $line"
|
||||
done
|
||||
else
|
||||
log_warn "⚠️ SSL 证书验证失败"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
||||
Reference in New Issue
Block a user