Commit Graph

14 Commits

Author SHA1 Message Date
dekun ba361eb5b8 fix: prevent [No Host] panel errors behind CDN or missing Host header
Force nginx to pass the domain as Host, add PANEL_DOMAIN fallback in Flask,
and document that the admin panel must be accessed over HTTP not HTTPS.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 10:28:00 +08:00
dekun 6edba863b5 fix: use Clash API only for traffic stats on stock sing-box builds
Official sing-box binaries lack v2ray_api, so drop that config and grpcio
and track per-node traffic from Clash connection stats instead.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 10:02:41 +08:00
dekun ccf7e2a4c7 feat: show node connection status and traffic stats in admin panel
Enable sing-box Clash/V2Ray APIs for per-user metrics, persist cumulative
traffic in SQLite, and refresh the dashboard every five seconds.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:57:16 +08:00
dekun f0a3317e8b feat: proxy admin panel via nginx port 80 to avoid exposing 8444
Route the panel through a secret subpath on port 80, remove the separate
8444 listener, and document common troubleshooting in docs.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:45:26 +08:00
dekun 30e43cc9ce fix: generate-keys variable names and preserve existing panel password
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:29:09 +08:00
dekun 59a88a9afe fix: panel init without werkzeug; stop tracking .env
Use stdlib pbkdf2 for admin passwords so init_db works reliably.
Remove .env from git to avoid pull conflicts on VPS.
Verify flask install before database init.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:17:43 +08:00
dekun 042ae5a422 fix: run init_db with panel venv python
Use venv interpreter so werkzeug is available; sync admin user from .env on init.
Set default panel username to dekun.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:14:12 +08:00
dekun bccf6cfdce feat: add web admin panel for node management
Add Flask panel with login, add/delete nodes, and share link copy.
Generate sing-box config from SQLite; add uninstall script and clean install flow.
Panel served at https://DOMAIN:8444 via nginx.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:10:19 +08:00
dekun e8631a0e10 fix: generate share links before acme reloadcmd registration
Avoid script exit when acme reloadcmd fails transiently on systemd dbus.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:06:47 +08:00
dekun ad9787942f fix: install TLS certs before sing-box check
Hysteria2 inbound validates certificate paths during check; copy
acme.sh certs to /etc/sing-box/certs before running sing-box check.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:01:06 +08:00
dekun 9293e242be fix: create sing-box service before acme install-cert reload
Move install-cert after systemd unit creation so reloadcmd succeeds.
Add finish-install.sh to recover partial deployments when cert exists.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 08:42:59 +08:00
dekun 2653afa287 fix: use webroot nginx site for acme.sh certificate issuance
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 08:30:33 +08:00
dekun 7089fa5777 fix: convert shell scripts to LF line endings for Linux
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 08:25:49 +08:00
dekun cd0639d55c Initial commit: sing-box Reality + Hysteria2 deploy for 66.hyf2.cc
Ubuntu deployment at /opt/jiedian with pre-filled env for 47.76.87.111.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 08:21:49 +08:00