feat: proxy admin panel via nginx port 80 to avoid exposing 8444
Route the panel through a secret subpath on port 80, remove the separate 8444 listener, and document common troubleshooting in docs. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -9,7 +9,7 @@
|
||||
|------|-----|
|
||||
| VPS IP | `47.76.87.111` |
|
||||
| 域名 | `66.hyf2.cc` |
|
||||
| 管理面板 | `https://66.hyf2.cc:8444` |
|
||||
| 管理面板 | `http://66.hyf2.cc/<PANEL_PATH>/`(安装时输出,见 `.env`) |
|
||||
|
||||
> 完整部署步骤见 **[docs/DEPLOY.md](docs/DEPLOY.md)**
|
||||
|
||||
@@ -33,7 +33,7 @@ bash scripts/install.sh
|
||||
## 架构
|
||||
|
||||
```
|
||||
浏览器 ──► Nginx:8444 ──► Web 管理面板(登录、添加节点)
|
||||
浏览器 ──► Nginx:80/<PANEL_PATH>/ ──► Web 管理面板(登录、添加节点)
|
||||
│
|
||||
▼
|
||||
sing-box 配置重载
|
||||
@@ -42,7 +42,7 @@ bash scripts/install.sh
|
||||
├─ TCP 443 ──► sing-box VLESS+Reality
|
||||
└─ UDP 8443 ─► sing-box Hysteria2
|
||||
|
||||
Nginx 127.0.0.1:8080 ← 伪装静态页(fallback)
|
||||
Nginx 127.0.0.1:8080 ← 伪装静态页(Reality fallback 场景)
|
||||
```
|
||||
|
||||
---
|
||||
@@ -71,18 +71,17 @@ Nginx 127.0.0.1:8080 ← 伪装静态页(fallback)
|
||||
| 端口 | 协议 | 用途 |
|
||||
|------|------|------|
|
||||
| 22 | TCP | SSH |
|
||||
| 80 | TCP | HTTP(Let's Encrypt 验证) |
|
||||
| 80 | TCP | HTTP(ACME 验证 + **管理面板反向代理**) |
|
||||
| 443 | TCP | VLESS + Reality |
|
||||
| 8443 | UDP | Hysteria2 |
|
||||
| 8444 | TCP | **Web 管理面板(HTTPS)** |
|
||||
|
||||
---
|
||||
|
||||
## 常用运维
|
||||
|
||||
```bash
|
||||
# 面板 / 节点
|
||||
https://66.hyf2.cc:8444
|
||||
# 面板地址(安装时输出)
|
||||
grep PANEL_PATH /opt/jiedian/.env
|
||||
|
||||
# 服务状态
|
||||
systemctl status sing-box jiedian-panel
|
||||
@@ -100,7 +99,7 @@ bash scripts/install.sh
|
||||
1. 不要公开分享节点链接
|
||||
2. Reality SNI 使用 `www.microsoft.com`,不要用 `66.hyf2.cc`
|
||||
3. 客户端开启 uTLS / chrome 指纹
|
||||
4. 面板密码请妥善保管,安装后可在 `.env` 查看 `PANEL_PASSWORD`
|
||||
4. 面板路径与密码请妥善保管,安装后可在 `.env` 查看 `PANEL_PATH` / `PANEL_PASSWORD`
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user