这是一个使用 GitHub Actions 通过 acme.sh 自动申请 SSL 证书的项目。
- 自动申请SSL 证书,并通过 git commit 的方式保存证书到 SSL
- 每天检查SSL 证书是否快过期,如果小于30天,自动续期
- 每天的检查报告会同步到 CHECK_LIST.md 文件中
- 证书是泛域名证书
- 同时申请 ECDSA 和 RSA 证书
确保已经拥有一个域名。如果没有,您可以通过各大域名注册商申请。
将您的域名托管到 Cloudflare 上。这一步骤确保了您可以通过 Cloudflare 管理您的 DNS 记录。
访问 Cloudflare 的 API Token 管理页面,申请一个 API Token。
CF_Token 可以在这里申请 https://dash.cloudflare.com/profile/api-tokens, 权限需要Edit zone DNS
![image](https://private-user-images.githubusercontent.com/4090783/347728950-ea014646-8cbe-4064-a764-b45281e42e55.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE5OTAyOTcsIm5iZiI6MTcyMTk4OTk5NywicGF0aCI6Ii80MDkwNzgzLzM0NzcyODk1MC1lYTAxNDY0Ni04Y2JlLTQwNjQtYTc2NC1iNDUyODFlNDJlNTUucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcyNiUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MjZUMTAzMzE3WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9NDA3ZjNmMmFkNmVkZGI1NjcyYjc2Mzg0MmFjYWU0NmEzYzE2YTA1OTIwZmZlZGQyOGFhOTBhMGFlMjEyYzA0ZCZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.wNndJ0MZbNCLoggKgR2KIgYqEtNxY_q0XP92uLtWV60)
CF_Account_ID 点开Cloudflare首页,随便点击一个你托管在此的域名,在右侧会显示CF_Account_ID。
![image](https://private-user-images.githubusercontent.com/4090783/347723574-d1d86260-89ce-4179-a0c2-e8a2361e627f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE5OTAyOTcsIm5iZiI6MTcyMTk4OTk5NywicGF0aCI6Ii80MDkwNzgzLzM0NzcyMzU3NC1kMWQ4NjI2MC04OWNlLTQxNzktYTBjMi1lOGEyMzYxZTYyN2YucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcyNiUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MjZUMTAzMzE3WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9NmE0YzNmMjk5MTVkMTViMjE3NjBiMGMyYzc2NzcwNjE2Y2I5MDQ1YzIwMTk1OGI5YTU5MzY4NmFkNTZmZmMxYyZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.j5taxXhZ8vqHyXOBqiduMhLwH57uFSxYU6x_3TYHCSQ)
在您的 GitHub 仓库中,依次访问 Settings -> Security -> Secrets and variables -> Actions
,添加以下三个变量:
CF_TOKEN
:在上一步中获取的 Cloudflare API Token。CF_ACCOUNT_ID
:在上一步中获取的 Cloudflare Account ID。EMAIL
:申请SSL需要的邮箱地址。
![image](https://private-user-images.githubusercontent.com/4090783/347730802-e3ea47d8-7b3e-4605-94ee-689e6bb6ca45.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE5OTAyOTcsIm5iZiI6MTcyMTk4OTk5NywicGF0aCI6Ii80MDkwNzgzLzM0NzczMDgwMi1lM2VhNDdkOC03YjNlLTQ2MDUtOTRlZS02ODllNmJiNmNhNDUucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcyNiUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MjZUMTAzMzE3WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9NDBkYTBkZDcwYWRlODIwMDRlYWIxNDMxMmIxYTZlMDViZDcyNTY0ZDM0NDM3Njc1MTBkZDVjYWE3YjVhNTZmYyZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.BAOUN2TVY9uJx9s1zasGtLBw9ZvWPQTvo0-uF-BP554)
在 GitHub 仓库中,依次访问 Settings -> Code and automation -> Actions -> General -> Workflow permissions
,勾选 Read and write permissions
权限。
![image](https://private-user-images.githubusercontent.com/4090783/347720058-abb42eb0-fd78-4417-bf07-9cf090ee7a2c.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE5OTAyOTcsIm5iZiI6MTcyMTk4OTk5NywicGF0aCI6Ii80MDkwNzgzLzM0NzcyMDA1OC1hYmI0MmViMC1mZDc4LTQ0MTctYmYwNy05Y2YwOTBlZTdhMmMucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcyNiUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MjZUMTAzMzE3WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9MTgxM2E0ZWM3OWVjMzc2NTg2ZTFjZWE3NGRlOGU3OWI0YTc5YzVlZDA4OGU4YTA0NGQzMGQwNzFlZGZlMGFjYiZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.1AAikSsugYI7coLguFk-Q7VIdegYtOSbErNi34vY4X8)
把里面的域名改为你自己的域名,可以填多个域名每行一个