转载自:jenkins+xcode+svn+nginx+https自签名
1.主要实现功能
- 动态拉取git最新代码,将ipa上传到SVN上
- 生成ipa文件
- 生成plist文件
- 生成dsYM文件
- ipa、plist自动上传本地nginx服务器
- 邮件反馈,生成下载链接、链接二维码、自动安装
- nginx服务器安装与配置
- https证书自签名
2.环境安装
homebrew安装【用来傻瓜式安装Jenkins 、nginx等等】
Mac下Homebrew的安装与使用
ruby -e "$(curl -fsSL [https://raw.githubusercontent.com/Homebrew/install/master/install])"
Jenkins安装
brew install jenkins
jenkins (启动)httpProt端口号是8888,你可以修改成任意的
jenkins --httpPort=8888
- http://localhost:8080(浏览器输入默认 8080)
- /Users/apple(电脑用户名)/.jenkins(brew安装jenkins位置
- ${WORKSPACE} 值为 /Users/apple(电脑用户名)/.jenkins/jobs/qiniuTest(job名称)/workspace/)
nginx安装
brew install nginx
- Nginx默认的是8080端口,因为我们还要安装tomcat服务,所以修改nginx的端口为9000,顺便可以设置一下“开启目录浏览功能”。
在本地目录下面,找到【nginx.conf】这个文件
也可以用vim修改其内容
sudo vim /usr/local/etc/nginx/nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
autoindex on; #开启目录浏览功能
autoindex_exact_size off; #文件大小从kb开始
autoindex_localtime on; #显示文件修改时间为服务时间
charset utf-8,gbk;
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 8889;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
autoindex on; #开启目录浏览功能
autoindex_exact_size off; #文件大小从kb开始
autoindex_localtime on; #显示文件修改时间为服务时间
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
include servers/*;
}
- 每次修改nginx.conf配置以后都要执行以下命令检查配置文件是否正确
nginx -t
当出现以下提示则表示正确:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
给予管理员权限:
sudo chown root:wheel /usr/local/opt/nginx/bin/nginx
sudo chmod u+s /usr/local/opt/nginx/bin/nginx
加入launchctl启动控制
mkdir -p ~/Library/LaunchAgents
cp /usr/local/opt/nginx/homebrew.mxcl.nginx.plist ~/Library/LaunchAgents/
launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.nginx.plist
启动 nginx
sudo nginx #打开 nginx
nginx -s reload|reopen|stop|quit #重新加载配置|重启|停止|退出 nginx
nginx -t #测试配置是否有语法错误
https自签名证书
- 生成服务器的私钥
openssl genrsa -out server.key 1024
- 生成签署申请(注意除Common Name以外可以为空,Common Name必须为服务器的ip或域名)
openssl req -new -key server.key -out server.csr
- 生成CA私钥
openssl genrsa -out ca.key 1024
- 利用CA的私钥产生CA的自签署证书
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
- 在当前目录创建demoCA,里面创建文件index.txt和serial,serial内容为01,index.txt为空,以及文件夹newcerts
#openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key
#下面这行才能生成crt证书
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
- 这样,生成了的文件中有 server.crt,server.key, ca.key, ca.crt
【把上面的证书拷贝到nginx的目录下,并且编辑nginx.conf文件】
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
autoindex on; #开启目录浏览功能
autoindex_exact_size off; #文件大小从kb开始
autoindex_localtime on; #显示文件修改时间为服务时间
charset utf-8,gbk;
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 8889;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
autoindex on; #开启目录浏览功能
autoindex_exact_size off; #文件大小从kb开始
autoindex_localtime on; #显示文件修改时间为服务时间
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
server {
listen 443 ssl;
#server_name localhost;
ssl_certificate /usr/local/etc/nginx/server.crt;
ssl_certificate_key /usr/local/etc/nginx/server.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
}
include servers/*;
}
- 拷贝ca.crt到服务器目录下以备用户信任安装
/usr/local/var/www#可以在该目录下新建一文件夹,放入ca.crt文件 - 访问https 信任自签名证书
#查看证书是否配置成功
nginx -t
#重新加载nginx
nginx -s reload
比较遗憾的是自签名HTTPS证书iPhone会提示无法连接到xxxx,所以要做手机直接安装访问需要正式机构签名证书,一个取巧的方式是使用github创建一个仓库,让后把plist放到GitHub仓库上,使用访问原始数据的方式访问plist,这样就能正常访问并安装ipa了,不过这会有泄露信息的风险
- 到这里服务器的工作已经搭建完毕
将打好的安装包放到服务器下就可以用Safari访问并安装ipa包了
5分钟快速构建苹果IPA免费发布服务器
mac下git push避免每次都输入用户名和密码的配置
参考链接:http://www.linuxdiyf.com/linux/18389.html
链接2:https://git-scm.com/book/zh/v2/Git-%E5%B7%A5%E5%85%B7-%E5%87%AD%E8%AF%81%E5%AD%98%E5%82%A8#_credential_caching
我选择的是明文存放在磁盘中,不过期的
1.创建并且写入.git-credentials文件,vim编辑他,写入下面一条
image
2.比如用户名为tom,密码为tompassword,就这样写
https://tom:[email protected]
image
3.保存后在终端下执行 git config --global credential.helper store
这样就可以了