long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 整理项目根目录结构

Browse Source 
整理内容:
- 删除 60+ 临时测试输出文件 (*.txt)
- 移动二进制文件到 bin/ 目录
- 移动 Shell 脚本到 scripts/ 目录
  - scripts/dev/: check_gitea.sh, check_sub2api.sh, run_tests.sh
  - scripts/deploy/: deploy_*.sh, simple_deploy.sh
  - scripts/ops/: fix_nginx.sh, fix_ssl.sh, install_docker.sh
  - scripts/test/: test_*.sh, test_*.bat
- 移动批处理文件到 scripts/
- 移动 Python 脚本到 tools/
- 清理临时日志文件

保留根目录必要文件:
- go.mod, go.sum, go.work
- Makefile, docker-compose.yml
- .env.example, .gitignore
- README.md, AGENTS.md, DEPLOY_GUIDE.md

验证: go build ./... && go test ./... 通过
This commit is contained in:
long-agent
2026-04-07 18:10:36 +08:00
parent 5dbb530b76
commit 5b6bd93179
152 changed files with 8775 additions and 4084 deletions
Download Patch File Download Diff File Expand all files Collapse all files

264
scripts/deploy/deploy_full.sh Normal file
View File

@@ -0,0 +1,264 @@
#!/bin/bash
# 服务器初始化和部署脚本 - Ubuntu 24.04
# 域名: tksea.top
# 服务器 IP: 43.155.133.187
set -e
echo "========================================"
echo "服务器初始化和部署脚本"
echo "========================================"
# 0. 检查是否是 root 用户
if [ "$EUID" -ne 0 ]; then
echo "请使用 root 用户运行此脚本"
exit 1
fi
# 1. 更新系统
echo "[1/14] 更新系统包..."
export DEBIAN_FRONTEND=noninteractive
apt update && apt upgrade -y
# 2. 安装基础工具
echo "[2/14] 安装基础工具..."
apt install -y curl wget vim git htop net-tools unzip certbot python3-certbot-nginx gnupg2 ca-certificates lsb-release
# 3. 安装 Docker
echo "[3/14] 安装 Docker..."
if ! command -v docker &> /dev/null; then
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
systemctl enable docker
systemctl start docker
fi
# 4. 验证 Docker
echo "[4/14] 验证 Docker 安装..."
docker --version
docker compose version
# 5. 安装 Nginx
echo "[5/14] 安装 Nginx..."
if ! command -v nginx &> /dev/null; then
apt install -y nginx
fi
# 6. 配置防火墙
echo "[6/14] 配置防火墙..."
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
echo "y" | ufw enable 2>/dev/null || true
# 7. 创建应用目录
echo "[7/14] 创建应用目录..."
mkdir -p /opt/gitea
mkdir -p /opt/sub2api
mkdir -p /opt/nginx/ssl
mkdir -p /var/www/html
# 8. 配置 DNS 验证(用于 Let's Encrypt
echo "[8/14] 配置 Nginx 用于 SSL..."
cat > /etc/nginx/sites-available/tksea.top << 'EOF'
server {
listen 80;
server_name tksea.top www.tksea.top;
root /var/www/html;
location / {
return 200 "Sub2API Server";
}
location /.well-known/acme-challenge/ {
root /var/www/html;
}
}
EOF
ln -sf /etc/nginx/sites-available/tksea.top /etc/nginx/sites-enabled/
nginx -t
systemctl reload nginx
# 9. 获取 SSL 证书
echo "[9/14] 获取 SSL 证书..."
certbot --nginx -d tksea.top -d www.tksea.top --non-interactive --agree-tos --email admin@tksea.top --keep-until-expiring
# 10. 配置 Nginx 反向代理
echo "[10/14] 配置 Nginx 反向代理..."
cat > /etc/nginx/sites-available/tksea.top << 'EOF'
# HTTP 重定向到 HTTPS
server {
listen 80;
server_name tksea.top www.tksea.top;
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location / {
return 301 https://$server_name$request_uri;
}
}
# HTTPS - Gitea (主域名)
server {
listen 443 ssl http2;
server_name tksea.top www.tksea.top;
ssl_certificate /etc/letsencrypt/live/tksea.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/tksea.top/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
# Gitea 反向代理
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
# sub2api 子域名
server {
listen 443 ssl http2;
server_name api.tksea.top;
ssl_certificate /etc/letsencrypt/live/tksea.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/tksea.top/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
underscores_in_headers on;
# Sub2API 反向代理
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
EOF
ln -sf /etc/nginx/sites-available/tksea.top /etc/nginx/sites-enabled/
nginx -t
systemctl reload nginx
# 11. 部署 Gitea
echo "[11/14] 部署 Gitea..."
cat > /opt/gitea/docker-compose.yml << 'EOF'
version: '3.8'
services:
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
ports:
- "127.0.0.1:3000:3000"
- "127.0.0.1:2222:22"
volumes:
- gitea-data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=sqlite3
- GITEA__server__DOMAIN=tksea.top
- GITEA__server__ROOT_URL=https://tksea.top/
- GITEA__server__HTTP_PORT=3000
- GITEA__ssh__DOMAIN=tksea.top
- GITEA__ssh__PORT=2222
- GITEA__webhook__ALLOWED_HOSTS=tksea.top
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3000/"]
interval: 30s
timeout: 10s
retries: 3
volumes:
gitea-data:
name: gitea-data
EOF
cd /opt/gitea
docker compose up -d
echo "等待 Gitea 启动..."
sleep 10
# 12. 部署 Sub2API
echo "[12/14] 部署 Sub2API..."
mkdir -p /opt/sub2api/deploy
cd /opt/sub2api/deploy
# 下载部署脚本
curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/docker-deploy.sh -o docker-deploy.sh
chmod +x docker-deploy.sh
bash docker-deploy.sh
# 修改 docker-compose 使用本地存储
if [ -f docker-compose.yml ]; then
# 替换为本地目录版本
curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/docker-compose.local.yml -o docker-compose.local.yml
docker compose -f docker-compose.local.yml up -d
fi
# 13. 配置 SSL 自动续期
echo "[13/14] 配置 SSL 自动续期..."
cat > /etc/cron.d/certbot-renew << 'EOF'
0 0 * * * root certbot renew --quiet --deploy-hook "systemctl reload nginx"
EOF
# 14. 等待服务启动并显示状态
echo "[14/14] 验证服务状态..."
sleep 15
echo ""
echo "========================================"
echo "部署完成!"
echo "========================================"
echo ""
echo "Gitea 状态:"
docker ps | grep gitea || echo "Gitea 容器状态待检查"
echo ""
echo "Sub2API 状态:"
docker ps | grep sub2api || echo "Sub2API 容器状态待检查"
echo ""
echo "Nginx 状态:"
systemctl status nginx --no-pager | head -5
echo ""
echo "SSL 证书状态:"
certbot certificates 2>/dev/null | head -10
echo ""
echo "========================================"
echo "访问地址:"
echo "- Gitea: https://tksea.top"
echo "- Sub2API: https://api.tksea.top"
echo ""
echo "后续步骤:"
echo "1. 首次访问 https://tksea.top 完成 Gitea 初始化"
echo "2. 访问 https://api.tksea.top 完成 Sub2API 设置向导"
echo "3. 在腾讯云控制台添加 DNS 解析: api.tksea.top -> 43.155.133.187"
echo "========================================"

172
scripts/deploy/deploy_server.sh Normal file
View File

@@ -0,0 +1,172 @@
#!/bin/bash
# 服务器初始化和部署脚本 - Ubuntu 24.04
# 域名: tksea.top
# IP: 43.155.133.187
set -e
echo "========================================"
echo "服务器初始化和部署脚本"
echo "========================================"
# 1. 更新系统
echo "[1/12] 更新系统包..."
apt update && apt upgrade -y
# 2. 安装基础工具
echo "[2/12] 安装基础工具..."
apt install -y curl wget vim git htop net-tools unzipsoftware-properties-common
# 3. 安装 Docker
echo "[3/12] 安装 Docker..."
if ! command -v docker &> /dev/null; then
curl -fsSL https://get.docker.com | sh
systemctl enable docker
systemctl start docker
fi
# 4. 安装 Docker Compose
echo "[4/12] 安装 Docker Compose..."
if ! command -v docker-compose &> /dev/null; then
apt install -y docker-compose-plugin
fi
# 5. 安装 Nginx
echo "[5/12] 安装 Nginx..."
apt install -y nginx
# 6. 安装 Certbot
echo "[6/12] 安装 Certbot..."
snap install --classic certbot
ln -sf /snap/bin/certbot /usr/bin/certbot
# 7. 配置防火墙
echo "[7/12] 配置防火墙..."
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw enable
# 8. 创建应用目录
echo "[8/12] 创建应用目录..."
mkdir -p /opt/gitea
mkdir -p /opt/sub2api
mkdir -p /opt/nginx/ssl
# 9. 配置 Nginx
echo "[9/12] 配置 Nginx..."
cat > /etc/nginx/sites-available/tksea.top << 'EOF'
server {
listen 80;
server_name tksea.top www.tksea.top;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name tksea.top www.tksea.top;
# SSL 证书配置 (使用Let's Encrypt)
ssl_certificate /etc/letsencrypt/live/tksea.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/tksea.top/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# Gitea 代理
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /git/ {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
EOF
ln -sf /etc/nginx/sites-available/tksea.top /etc/nginx/sites-enabled/
nginx -t
# 10. 配置 SSL 证书
echo "[10/12] 配置 SSL 证书..."
certbot --nginx -d tksea.top -d www.tksea.top --non-interactive --agree-tos --email your-email@example.com
# 11. 配置 SSL 自动续期
echo "[11/12] 配置 SSL 自动续期..."
cat > /etc/cron.d/certbot-renew << 'EOF'
0 0 * * * root certbot renew --quiet --deploy-hook "nginx -s reload"
EOF
# 12. 创建 Docker Compose 文件
echo "[12/12] 创建 Docker Compose 文件..."
# Gitea
cat > /opt/gitea/docker-compose.yml << 'EOF'
version: '3'
services:
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
ports:
- "3000:3000"
- "2222:22"
volumes:
- gitea-data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=sqlite3
- GITEA__server__DOMAIN=tksea.top
- GITEA__server__ROOT_URL=https://tksea.top/
- GITEA__server__HTTP_PORT=3000
- GITEA__ssh__DOMAIN=tksea.top
- GITEA__ssh__PORT=2222
networks:
- gitea-network
networks:
gitea-network:
name: gitea-network
volumes:
gitea-data:
name: gitea-data
EOF
# 启动 Gitea
cd /opt/gitea && docker compose up -d
# 安装 Docker (如果还没有)
echo "========================================"
echo "部署完成!"
echo "========================================"
echo ""
echo "服务状态:"
docker ps
echo ""
echo "Nginx 状态:"
systemctl status nginx --no-pager
echo ""
echo "SSL 证书状态:"
certbot certificates
echo ""
echo "========================================"
echo "后续步骤:"
echo "1. 访问 https://tksea.top 完成 Gitea 初始化"
echo "2. 配置 sub2api 项目部署"
echo "========================================"

181
scripts/deploy/deploy_single.sh Normal file
View File

@@ -0,0 +1,181 @@
#!/bin/bash
# 一键部署脚本 - Ubuntu 24.04
# 域名: tksea.top, 服务器: 43.155.133.187
# 使用方法: 在服务器上运行此脚本
set -e
echo "========================================"
echo "一键部署服务器初始化脚本"
echo "========================================"
# 检查 root 权限
if [ "$EUID" -ne 0 ]; then
echo "错误: 请使用 root 用户运行此脚本"
echo "解决方法: sudo bash deploy.sh"
exit 1
fi
echo "[1/12] 更新系统..."
export DEBIAN_FRONTEND=noninteractive
apt update && apt upgrade -y
echo "[2/12] 安装基础工具..."
apt install -y curl wget vim git htop net-tools unzip certbot python3-certbot-nginx gnupg2 ca-certificates lsb-release
echo "[3/12] 安装 Docker..."
if ! command -v docker &> /dev/null; then
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
systemctl enable docker
fi
echo "[4/12] 安装 Nginx..."
apt install -y nginx
echo "[5/12] 配置防火墙..."
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
echo "y" | ufw enable 2>/dev/null || true
echo "[6/12] 创建目录..."
mkdir -p /opt/gitea /opt/sub2api/deploy /var/www/html
echo "[7/12] 配置 Nginx..."
cat > /etc/nginx/sites-available/tksea.top << 'NGINXEOF'
server {
listen 80;
server_name tksea.top www.tksea.top api.tksea.top;
root /var/www/html;
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location / {
return 200 "Server initializing...";
}
}
NGINXEOF
ln -sf /etc/nginx/sites-available/tksea.top /etc/nginx/sites-enabled/
nginx -t && systemctl reload nginx
echo "[8/12] 获取 SSL 证书..."
certbot --nginx -d tksea.top -d www.tksea.top -d api.tksea.top --non-interactive --agree-tos --email admin@tksea.top --keep-until-expiring || true
echo "[9/12] 配置完整 Nginx 反向代理..."
cat > /etc/nginx/sites-available/tksea.top << 'NGINXEOF'
server {
listen 80;
server_name tksea.top www.tksea.top api.tksea.top;
location /.well-known/acme-challenge/ { root /var/www/html; }
location / { return 301 https://$host$request_uri; }
}
server {
listen 443 ssl http2;
server_name tksea.top www.tksea.top;
ssl_certificate /etc/letsencrypt/live/tksea.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/tksea.top/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl http2;
server_name api.tksea.top;
ssl_certificate /etc/letsencrypt/live/tksea.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/tksea.top/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
underscores_in_headers on;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
NGINXEOF
nginx -t && systemctl reload nginx
echo "[10/12] 部署 Gitea..."
cat > /opt/gitea/docker-compose.yml << 'GITEAEOF'
version: '3.8'
services:
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
ports:
- "127.0.0.1:3000:3000"
- "127.0.0.1:2222:22"
volumes:
- gitea-data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=sqlite3
- GITEA__server__DOMAIN=tksea.top
- GITEA__server__ROOT_URL=https://tksea.top/
- GITEA__server__HTTP_PORT=3000
- GITEA__ssh__DOMAIN=tksea.top
- GITEA__ssh__PORT=2222
volumes:
gitea-data:
GITEAEOF
cd /opt/gitea && docker compose up -d
echo "[11/12] 部署 Sub2API..."
cd /opt/sub2api/deploy
curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/docker-deploy.sh -o docker-deploy.sh
chmod +x docker-deploy.sh
bash docker-deploy.sh
echo "[12/12] 配置自动续期..."
cat > /etc/cron.d/certbot-renew << 'CRONEOF'
0 0 * * * root certbot renew --quiet --deploy-hook "systemctl reload nginx"
CRONEOF
echo ""
echo "========================================"
echo "部署完成!"
echo "========================================"
echo ""
echo "请在腾讯云控制台添加 DNS 解析:"
echo " - 记录类型: A"
echo " - 主机记录: api"
echo " - 记录值: 43.155.133.187"
echo ""
echo "等待 5 分钟后访问:"
echo " - Gitea: https://tksea.top"
echo " - Sub2API: https://api.tksea.top"
echo "========================================"

47
scripts/deploy/simple_deploy.sh Normal file
View File

@@ -0,0 +1,47 @@
#!/bin/bash
# 极简一键部署脚本 - Ubuntu 24.04
# 服务器: 43.155.133.187 | 域名: tksea.top
set -e
[ "$EUID" -ne 0 ] && echo "请用 sudo 运行" && exit 1
export DEBIAN_FRONTEND=noninteractive
echo "[1/8] 更新..." && apt update -y && apt upgrade -y
echo "[2/8] Docker..." && curl -fsSL https://get.docker.com | sh && systemctl enable docker
echo "[3/8] Nginx/Certbot..." && apt install -y nginx certbot python3-certbot-nginx
echo "[4/8] 目录..." && mkdir -p /opt/gitea /opt/sub2api/deploy /var/www/html
echo "[5/8] Nginx配置..." && cat > /etc/nginx/sites-available/tksea << 'N'
server { listen 80; server_name tksea.top www.tksea.top api.tksea.top; root /var/www/html; location /.well-known/acme-challenge/ { root /var/www/html; } location / { return 200 "Init..."; } }
N
ln -sf /etc/nginx/sites-available/tksea /etc/nginx/sites-enabled/ && nginx -t && systemctl reload nginx
echo "[6/8] SSL证书..." && certbot --nginx -d tksea.top -d www.tksea.top -d api.tksea.top --non-interactive --agree-tos --email admin@tksea.top || true
echo "[7/8] Nginx反向代理..." && cat > /etc/nginx/sites-available/tksea << 'N'
server { listen 80; server_name tksea.top www.tksea.top api.tksea.top; location /.well-known/acme-challenge/ { root /var/www/html; } location / { return 301 https://$host$request_uri; } }
server { listen 443 ssl http2; server_name tksea.top; ssl_certificate /etc/letsencrypt/live/tksea.top/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/tksea.top/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_protocols TLSv1.2 TLSv1.3; add_header Strict-Transport-Security "max-age=63072000" always; location / { proxy_pass http://127.0.0.1:3000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
server { listen 443 ssl http2; server_name api.tksea.top; ssl_certificate /etc/letsencrypt/live/tksea.top/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/tksea.top/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_protocols TLSv1.2 TLSv1.3; add_header Strict-Transport-Security "max-age=63072000" always; underscores_in_headers on; location / { proxy_pass http://127.0.0.1:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
N
nginx -t && systemctl reload nginx
echo "[8/8] Gitea..." && cat > /opt/gitea/docker-compose.yml << 'G'
version: "3.8"
services:
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
ports:
- "127.0.0.1:3000:3000"
- "127.0.0.1:2222:22"
volumes:
- gitea-data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- USER_UID=1000
- USER_GID=1000
- GITEA__database__DB_TYPE=sqlite3
- GITEA__server__DOMAIN=tksea.top
- GITEA__server__ROOT_URL=https://tksea.top/
volumes:
gitea-data:
G
cd /opt/gitea && docker compose up -d
echo "部署完成! 继续执行 Sub2API 部署..." && cd /opt/sub2api/deploy && curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/docker-deploy.sh | bash
echo "========================================" && echo "完成! 请添加 DNS: api.tksea.top -> 43.155.133.187" && echo "访问: https://tksea.top 和 https://api.tksea.top" && echo "========================================"