From b702f3357e844dbbeec7756edfb3c9b3d3083c86 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Fri, 14 Jun 2024 08:41:53 +0000
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=20route53=E9=80=9A=E9=85=8D?=
 =?UTF-8?q?=E7=AC=A6=E8=AF=B4=E6=98=8E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docker-nginx-https配置.md | 35 +++++++----------------------------
 1 file changed, 7 insertions(+), 28 deletions(-)

diff --git a/docker-nginx-https配置.md b/docker-nginx-https配置.md
index 87a1074..5b09d72 100644
--- a/docker-nginx-https配置.md
+++ b/docker-nginx-https配置.md
@@ -17,38 +17,17 @@ sudo certbot certonly --standalone
 # 手动填写信息, 等待注册完成
 # 此处会生成证书
 ```
+(可选)通配符证书-route53 [说明文档](https://eff-certbot.readthedocs.io/en/latest/using.html#dns-plugins)
+```sh
+sudo snap set certbot trust-plugin-with-root=ok
+sudo snap install certbot-dns-route53
+sudo certbot certonly --dns-route53 -d example.com -d *.example.com  -d *.example1.com -m user@example.com
+```
 
 ### 如果是docker中, 则还需要将证书文件拷贝到容器中去
 
 ```bash
-sudo cp -r /etc/letsencrypt/archive/*.huangguanpc.com Lotter/ssl
-```
-
-修改Dockerfile, 将证书拷贝进容器中
-```dockerfile
-COPY ssl /ssl
+sudo cp -r /etc/letsencrypt/archive/*.huangguanpc.com /ssl
 ```
 
 
-修改nginx.cnf
-```yml
-# 1. 原80需转发到443
-# 2. 增加证书信息
-
-      listen 80 ;
-      server_name *.huangguanpc.com;
-      rewrite ^(.*) https://$server_name$1 permanent;
-  }
-
-  server {
-      listen 443 ssl;
-      server_name *.huangguanpc.com;
-      ssl_certificate /ssl/fullchain1.pem;
-      ssl_certificate_key  /ssl/privkey1.pem;
-```
-
-修改dockercompose.yml的web, 增加443端口
-```yml
-    - '443:443'
-```
-