feat: enable HTTPS admin panel on port 443 for new deployments
Add Nginx SSL panel config, enable-panel-https.sh, secure Flask cookies, and update docs for https login. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
+9
-8
@@ -115,7 +115,8 @@ ufw --force reset
|
||||
ufw default deny incoming
|
||||
ufw default allow outgoing
|
||||
ufw allow 22/tcp comment 'SSH'
|
||||
ufw allow 80/tcp comment 'HTTP-ACME-Panel'
|
||||
ufw allow 80/tcp comment 'HTTP-ACME'
|
||||
ufw allow 443/tcp comment 'Panel-HTTPS'
|
||||
ufw allow 8443:8499/udp comment 'Hysteria2-multi-node'
|
||||
ufw --force enable
|
||||
|
||||
@@ -126,13 +127,10 @@ cp "$ROOT_DIR/server/nginx/fallback.conf" /etc/nginx/sites-available/fallback
|
||||
ln -sf /etc/nginx/sites-available/fallback /etc/nginx/sites-enabled/fallback
|
||||
rm -f /etc/nginx/sites-enabled/default
|
||||
|
||||
log "部署 Nginx ACME + 管理面板反向代理 (80) ..."
|
||||
log "部署 Nginx ACME 验证站点 (80) ..."
|
||||
mkdir -p /var/www/acme
|
||||
sed -e "s|__DOMAIN__|${DOMAIN}|g" \
|
||||
-e "s|__PANEL_LOCATION__|${PANEL_LOCATION}|g" \
|
||||
-e "s|__PANEL_PREFIX__|${PANEL_PREFIX}|g" \
|
||||
-e "s|__PANEL_ALLOW__|${PANEL_ALLOW_BLOCK}|g" \
|
||||
"$ROOT_DIR/server/nginx/acme.conf.template" \
|
||||
"$ROOT_DIR/server/nginx/acme-bootstrap.conf.template" \
|
||||
> /etc/nginx/sites-available/acme
|
||||
ln -sf /etc/nginx/sites-available/acme /etc/nginx/sites-enabled/acme
|
||||
nginx -t && systemctl enable nginx && systemctl restart nginx
|
||||
@@ -160,8 +158,10 @@ log "安装 TLS 证书到 sing-box ..."
|
||||
--key-file /etc/sing-box/certs/privkey.pem \
|
||||
--fullchain-file /etc/sing-box/certs/fullchain.pem
|
||||
|
||||
log "部署 Nginx HTTPS 管理面板 (443) ..."
|
||||
bash "$ROOT_DIR/scripts/enable-panel-https.sh"
|
||||
|
||||
rm -f /etc/nginx/sites-enabled/panel /etc/nginx/sites-available/panel
|
||||
nginx -t && systemctl reload nginx
|
||||
|
||||
log "安装 Python 面板依赖 ..."
|
||||
python3 -m venv "$ROOT_DIR/panel/venv"
|
||||
@@ -229,7 +229,8 @@ systemctl restart sing-box jiedian-panel
|
||||
log "部署完成!"
|
||||
echo ""
|
||||
echo "=========================================="
|
||||
echo " 管理面板: http://${DOMAIN}${PANEL_LOCATION}"
|
||||
echo " 管理面板: https://${DOMAIN}${PANEL_LOCATION}"
|
||||
echo " (HTTP 会自动跳转到 HTTPS)"
|
||||
echo " 面板路径: ${PANEL_PATH} (见 .env 中 PANEL_PATH)"
|
||||
echo " 用户名: ${PANEL_USERNAME}"
|
||||
echo " 密码: ${PANEL_PASSWORD}"
|
||||
|
||||
Reference in New Issue
Block a user