feat: enable HTTPS admin panel on port 443 for new deployments

Add Nginx SSL panel config, enable-panel-https.sh, secure Flask cookies, and update docs for https login.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
dekun
2026-06-28 00:46:08 +08:00
parent 5704ab1a0a
commit 78b85c0d83
13 changed files with 175 additions and 47 deletions
+15 -6
View File
@@ -31,15 +31,23 @@ ss -tlnp | grep :80 # Nginx 面板
| SNI | 与域名相同 |
| 端口 | 面板显示的端口(8443 / 8444…) |
### 面板打不开 / Invalid URL
### 面板打不开
- 使用 **`http://域名/PANEL_PATH/`**,不要用 `https://`
- 面板在 **80** 端口,不是 443
- 域名建议 **关闭 CDN**,仅 DNS 解析到 VPS
- 使用 **`https://域名/PANEL_PATH/`** 登录(推荐)
- 输入 `http://` 也会自动跳转到 HTTPS
- 安全组需放行 **443/TCP****80/TCP**ACME 续期)
```bash
grep PANEL_PATH /opt/jiedian/.env
curl -I "http://$(grep ^DOMAIN= /opt/jiedian/.env | cut -d= -f2)/$(grep ^PANEL_PATH= /opt/jiedian/.env | cut -d= -f2)/login"
curl -Ik "https://$(grep ^DOMAIN= /opt/jiedian/.env | cut -d= -f2)/$(grep ^PANEL_PATH= /opt/jiedian/.env | cut -d= -f2)/login"
```
### 旧 VPS 升级 HTTPS 面板
```bash
cd /opt/jiedian && git pull
sudo bash scripts/enable-panel-https.sh
systemctl restart jiedian-panel
```
### 多节点全部显示离线
@@ -81,7 +89,8 @@ systemctl restart jiedian-panel
| 端口 | 协议 | 用途 |
|------|------|------|
| 22 | TCP | SSH |
| 80 | TCP | 面板 + ACME |
| 80 | TCP | ACME 续期 |
| 443 | TCP | HTTPS 管理面板 |
| 84438499 | UDP | Hysteria2 |
---