{"id":32478055,"url":"https://github.com/apts-1547/acme-docker-reloader","last_synced_at":"2026-03-07T19:31:29.719Z","repository":{"id":320589561,"uuid":"1082520928","full_name":"AptS-1547/acme-docker-reloader","owner":"AptS-1547","description":"🔄 Out-of-the-box acme.sh Docker automation solution - Auto-renew SSL certificates and reload services","archived":false,"fork":false,"pushed_at":"2025-10-24T15:59:34.000Z","size":41,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-10-24T17:33:47.281Z","etag":null,"topics":["acme","automation","certificate-management","certificate-renewal","devops","docker","docker-compose","shell-script","ssl","systemd"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AptS-1547.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-24T11:13:33.000Z","updated_at":"2025-10-24T16:09:07.000Z","dependencies_parsed_at":"2025-10-24T17:44:31.319Z","dependency_job_id":null,"html_url":"https://github.com/AptS-1547/acme-docker-reloader","commit_stats":null,"previous_names":["apts-1547/acme-docker-reloader"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/AptS-1547/acme-docker-reloader","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AptS-1547%2Facme-docker-reloader","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AptS-1547%2Facme-docker-reloader/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AptS-1547%2Facme-docker-reloader/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AptS-1547%2Facme-docker-reloader/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AptS-1547","download_url":"https://codeload.github.com/AptS-1547/acme-docker-reloader/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AptS-1547%2Facme-docker-reloader/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30227791,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-07T19:01:10.287Z","status":"ssl_error","status_checked_at":"2026-03-07T18:59:58.103Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acme","automation","certificate-management","certificate-renewal","devops","docker","docker-compose","shell-script","ssl","systemd"],"created_at":"2025-10-26T23:28:08.980Z","updated_at":"2026-03-07T19:31:29.653Z","avatar_url":"https://github.com/AptS-1547.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# acme-reloader\n\n[![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)\n\n**开箱即用的 acme.sh Docker 证书自动化解决方案**\n\n一个完整的解决方案，让 acme.sh 在 Docker 容器中自动申请和续签证书，并在证书更新后自动重载宿主机或其他容器的服务（如 Nginx、Caddy 等）。\n\n## ✨ 为什么选择 acme-reloader？\n\n- 🚀 **开箱即用**：克隆、安装、启动，三步搞定\n- 🐳 **完美容器化**：acme.sh 运行在 Docker，Web 服务器在宿主机或其他容器\n- 🔄 **自动化一切**：证书自动续签，服务自动重载，无需人工干预\n- 🛡️ **健壮可靠**：超时重试、错误处理、详细日志\n- 📝 **配置简单**：只需配置一条重启命令即可\n\n## 🎯 使用场景\n\n这个项目专为以下场景设计：\n\n- acme.sh 运行在 Docker 容器中\n- Nginx/Caddy 运行在宿主机上\n- 需要在证书更新后自动重载 Web 服务器\n\n**架构图：**\n```\n┌─────────────────────┐         ┌──────────────────┐\n│  acme.sh 容器       │  socket │   宿主机          │\n│  - 自动续签证书      │◄───────►│  - Nginx/Caddy   │\n│  - 调用 reloadcmd   │  通信   │  - 自动重载       │\n└─────────────────────┘         └──────────────────┘\n```\n\n## 🚀 快速开始\n\n### 三步部署\n\n```bash\n# 1. 克隆项目\ngit clone https://github.com/AptS-1547/acme-docker-reloader.git\ncd acme-reloader\n\n# 2. 运行安装脚本（会提示输入重载命令）\nsudo ./install.sh\n\n# 3. 启动 acme.sh 容器\ndocker-compose up -d\n```\n\n就这么简单！🎉\n\n### 申请证书\n\n```bash\n# 进入容器（bash 已自动安装）\ndocker exec -it acme.sh bash\n\n# 首次使用：注册账号\nacme.sh --register-account -m your@email.com\nacme.sh --set-default-ca --server letsencrypt\n\n# 申请证书（以 Cloudflare DNS 验证为例）\nexport CF_Token=\"your_cloudflare_token\"\nexport CF_Zone_ID=\"your_zone_id\"\nacme.sh --issue -d example.com -d *.example.com --dns dns_cf\n\n# 安装证书并设置自动重载\nacme.sh --install-cert -d example.com \\\n  --cert-file /ssl/example.com/cert.pem \\\n  --key-file /ssl/example.com/key.pem \\\n  --fullchain-file /ssl/example.com/fullchain.pem \\\n  --reloadcmd \"bash /acme-reloader.sh\"\n```\n\n### 配置 Web 服务器\n\n证书文件位于项目的 `ssl/` 目录下，配置你的 Nginx：\n\n```nginx\nserver {\n    listen 443 ssl;\n    server_name example.com;\n\n    # 使用证书的绝对路径\n    ssl_certificate /path/to/acme-reloader/ssl/example.com/fullchain.pem;\n    ssl_certificate_key /path/to/acme-reloader/ssl/example.com/key.pem;\n\n    # 其他配置...\n}\n```\n\n重载 Nginx：\n```bash\nsudo nginx -t\nsudo systemctl reload nginx\n```\n\n完成！🎊 证书会自动续签，续签后自动重载 Nginx。\n\n## 📁 项目结构\n\n```\nacme-reloader/\n├── bin/                          # 可执行脚本\n│   ├── acme-reloader.sh          # 容器端客户端\n│   └── acme-reloader-host.sh     # 宿主机端守护进程\n├── lib/                          # 库模块\n│   ├── logger.sh                 # 日志模块\n│   ├── config.sh                 # 配置解析\n│   ├── ipc.sh                    # 进程间通信\n│   └── service.sh                # 服务管理\n├── config/                       # 配置文件\n│   └── config.yml                # 主配置（安装时自动生成）\n├── ssl/                          # 证书存储（自动创建）\n├── acme-config/                  # acme.sh 配置（自动创建）\n├── acme-reloader/                # Socket 通信目录（自动创建）\n├── logs/                         # 日志目录（自动创建）\n├── docker-compose.yml            # 核心配置文件\n├── install.sh                    # 一键安装脚本\n├── uninstall.sh                  # 一键卸载脚本\n└── README.md                     # 本文件\n```\n\n## 🔧 工作原理\n\n1. **安装阶段**：\n   - `install.sh` 在当前目录初始化项目\n   - 配置 systemd 服务运行 `acme-reloader-host.sh`\n   - 创建必要的目录和配置文件\n\n2. **运行阶段**：\n   - `acme-reloader-host.sh` 在宿主机作为守护进程运行\n   - 创建命名管道（socket）等待通知\n\n3. **证书更新**：\n   - acme.sh 容器中的证书到期自动续签\n   - 续签完成后调用 `reloadcmd`（即容器内的 `/acme-reloader.sh`）\n   - 脚本通过 socket 通知宿主机守护进程\n   - 守护进程执行配置的重载命令（如 `systemctl reload nginx`）\n   - 返回执行结果\n\n## ⚙️ 配置说明\n\n配置文件在 `config/config.yml`，安装时会自动生成。\n\n### 核心配置\n\n```yaml\nservices:\n  main:\n    command: \"systemctl reload nginx\"  # 你的重载命令\n    enabled: true\n    timeout: 15\n```\n\n### 多服务配置\n\n如果需要同时重载多个服务：\n\n```yaml\nservices:\n  nginx:\n    command: \"systemctl reload nginx\"\n    enabled: true\n\n  caddy:\n    command: \"systemctl reload caddy\"\n    enabled: true\n```\n\n### Docker 容器服务\n\n如果你的 Nginx 也在 Docker 中：\n\n```yaml\nservices:\n  nginx_container:\n    command: \"docker exec nginx nginx -s reload\"\n    enabled: true\n```\n\n## 🐛 故障排查\n\n### 检查服务状态\n\n```bash\n# 检查宿主机守护进程\nsudo systemctl status acme-reloader-host\n\n# 查看日志\nsudo journalctl -u acme-reloader-host -f\ntail -f ./logs/acme-reloader.log\n```\n\n### 手动测试重载\n\n```bash\n# 在容器内测试\ndocker exec acme.sh bash /acme-reloader.sh\n\n# 在宿主机测试\n./bin/acme-reloader.sh\n```\n\n### 常见问题\n\n#### Socket not found\n\n**问题**：容器无法连接到宿主机\n\n**解决**：\n1. 检查守护进程是否运行：`sudo systemctl status acme-reloader-host`\n2. 检查 socket 是否存在：`ls -la ./acme-reloader/socket/`\n3. 重启守护进程：`sudo systemctl restart acme-reloader-host`\n\n#### 服务重载失败\n\n**问题**：命令执行失败\n\n**解决**：\n1. 查看详细日志：`tail -f ./logs/acme-reloader.log`\n2. 手动测试命令：`systemctl reload nginx`\n3. 检查配置文件：`cat config/config.yml`\n4. 确认有 sudo 权限\n\n更多故障排查请查看 [docs/TROUBLESHOOTING.md](docs/TROUBLESHOOTING.md)\n\n## 📚 详细文档\n\n- [安装指南](docs/INSTALL.md) - 详细的安装步骤和配置说明\n- [配置说明](docs/CONFIG.md) - 完整的配置选项文档\n- [故障排查](docs/TROUBLESHOOTING.md) - 常见问题和解决方案\n\n## 🔄 升级\n\n```bash\n# 1. 备份配置\ncp config/config.yml ~/config.yml.bak\n\n# 2. 停止服务\nsudo systemctl stop acme-reloader-host\ndocker-compose down\n\n# 3. 拉取最新代码\ngit pull\n\n# 4. 重新安装（会保留现有配置）\nsudo ./install.sh\n\n# 5. 重启服务\nsudo systemctl start acme-reloader-host\ndocker-compose up -d\n```\n\n## 🗑️ 卸载\n\n```bash\nsudo ./uninstall.sh\n```\n\n## 🤝 贡献\n\n欢迎提交 Issue 和 Pull Request！\n\n## 📄 许可证\n\nMIT License\n\n## 👤 作者\n\nAptS:1547\n\n## 🙏 致谢\n\n- [acme.sh](https://github.com/acmesh-official/acme.sh) - 出色的 ACME 客户端\n- 所有贡献者\n\n## ⭐ Star History\n\n如果这个项目对你有帮助，欢迎给个 Star！\n\n---\n\n**快速链接**：[安装指南](docs/INSTALL.md) | [配置说明](docs/CONFIG.md) | [故障排查](docs/TROUBLESHOOTING.md) | [提交 Issue](https://github.com/AptS-1547/acme-docker-reloader/issues)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapts-1547%2Facme-docker-reloader","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapts-1547%2Facme-docker-reloader","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapts-1547%2Facme-docker-reloader/lists"}