105 lines
4.0 KiB
Bash
Executable File
105 lines
4.0 KiB
Bash
Executable File
#!/bin/bash
|
||
# =============================================================
|
||
# 节点 1:上海服务器
|
||
# 部署:sub2api + node-tls-proxy + postgres + redis
|
||
# =============================================================
|
||
# 用法:bash setup-node1-shanghai.sh
|
||
# 前置:已安装 Docker,已克隆仓库到当前目录
|
||
|
||
set -euo pipefail
|
||
GREEN='\033[0;32m' YELLOW='\033[1;33m' NC='\033[0m'
|
||
ok() { echo -e "${GREEN}✅ $*${NC}"; }
|
||
info() { echo -e "${YELLOW}ℹ $*${NC}"; }
|
||
|
||
echo "================================================"
|
||
echo " 节点1:上海服务器 部署"
|
||
echo "================================================"
|
||
|
||
# ── 1. 检查 Docker ─────────────────────────────────
|
||
if ! command -v docker &>/dev/null; then
|
||
info "安装 Docker..."
|
||
curl -fsSL https://get.docker.com | bash
|
||
systemctl enable docker && systemctl start docker
|
||
fi
|
||
ok "Docker 已就绪"
|
||
|
||
# ── 2. 进入 deploy 目录 ─────────────────────────────
|
||
# 兼容从仓库根目录执行(/root/sub2api/)或脚本原始位置(antigravity/maintenance/)
|
||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||
if [ -d "$SCRIPT_DIR/deploy" ]; then
|
||
DEPLOY_DIR="$SCRIPT_DIR/deploy"
|
||
elif [ -d "$(dirname "$SCRIPT_DIR")/deploy" ]; then
|
||
DEPLOY_DIR="$(dirname "$SCRIPT_DIR")/deploy"
|
||
elif [ -d "$(dirname "$(dirname "$SCRIPT_DIR")")/deploy" ]; then
|
||
DEPLOY_DIR="$(dirname "$(dirname "$SCRIPT_DIR")")/deploy"
|
||
elif [ -d "$(pwd)/deploy" ]; then
|
||
DEPLOY_DIR="$(pwd)/deploy"
|
||
else
|
||
echo "❌ 找不到 deploy/ 目录,请在仓库根目录执行脚本"
|
||
exit 1
|
||
fi
|
||
cd "$DEPLOY_DIR"
|
||
ok "工作目录: $DEPLOY_DIR"
|
||
|
||
# ── 3. 生成 .env(如不存在)──────────────────────────
|
||
if [ ! -f .env ]; then
|
||
cat > .env << EOF
|
||
# ========== 必填 ==========
|
||
POSTGRES_PASSWORD=$(openssl rand -hex 16)
|
||
ADMIN_EMAIL=admin@sub2api.local
|
||
ADMIN_PASSWORD=$(openssl rand -hex 8)
|
||
JWT_SECRET=$(openssl rand -hex 32)
|
||
TOTP_ENCRYPTION_KEY=$(openssl rand -hex 32)
|
||
|
||
# ========== 时区(上海)==========
|
||
TZ=Asia/Shanghai
|
||
|
||
# ========== node-tls-proxy 指向 CN中转机 ==========
|
||
# 上海的 sub2api 通过 GOST 把 TLS 流量送到 CN中转,
|
||
# 中转再转发到美国落地,最终到 Anthropic/Google
|
||
# 这里填 CN中转机 IP + GOST 暴露给上海的端口
|
||
GATEWAY_NODE_TLS_PROXY_ENABLED=true
|
||
GATEWAY_NODE_TLS_PROXY_LISTEN_HOST=<CN中转机IP>
|
||
GATEWAY_NODE_TLS_PROXY_LISTEN_PORT=3456
|
||
|
||
# ========== Gemini OAuth(如有)==========
|
||
GEMINI_CLI_OAUTH_CLIENT_SECRET=
|
||
ANTIGRAVITY_OAUTH_CLIENT_SECRET=
|
||
EOF
|
||
ok ".env 已生成,请编辑填入 CN中转机 IP"
|
||
echo ""
|
||
echo " → 编辑: nano $DEPLOY_DIR/.env"
|
||
echo " → 修改 GATEWAY_NODE_TLS_PROXY_LISTEN_HOST=<CN中转机IP>"
|
||
echo ""
|
||
read -rp "填完后按 Enter 继续..." _
|
||
fi
|
||
|
||
# ── 4. 启动服务 ─────────────────────────────────────
|
||
info "启动 sub2api + node-tls-proxy..."
|
||
docker compose -f docker-compose.yml \
|
||
-f docker-compose.tls-proxy.yml \
|
||
pull
|
||
docker compose -f docker-compose.yml \
|
||
-f docker-compose.tls-proxy.yml \
|
||
up -d
|
||
|
||
ok "服务启动完成"
|
||
|
||
# ── 5. 验证 ────────────────────────────────────────
|
||
sleep 10
|
||
echo ""
|
||
echo "【验证】"
|
||
docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
|
||
echo ""
|
||
if curl -sf http://127.0.0.1:8080/health >/dev/null 2>&1; then
|
||
ok "sub2api 健康检查通过(端口 8080)"
|
||
else
|
||
echo "⏳ sub2api 还在启动,等 30 秒后手动检查..."
|
||
fi
|
||
|
||
echo ""
|
||
echo "================================================"
|
||
echo " 节点1 部署完成"
|
||
echo " 管理面板: http://$(curl -sf ipinfo.io/ip 2>/dev/null || echo '<服务器IP>'):8080"
|
||
echo "================================================"
|