Files
jiedian/README.md
T
dekun f0a3317e8b feat: proxy admin panel via nginx port 80 to avoid exposing 8444
Route the panel through a secret subpath on port 80, remove the separate
8444 listener, and document common troubleshooting in docs.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-16 09:45:26 +08:00

109 lines
2.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# jiedian — VPS 自建节点
个人/家庭自用的 **VLESS + Reality(主力)** + **Hysteria2(备用)** 双栈方案,基于 [sing-box](https://github.com/SagerNet/sing-box),带 **Web 管理面板**
**仓库**https://git.bz121.com/dekun/jiedian.git
**部署路径**`/opt/jiedian`Ubuntu
| 项目 | 值 |
|------|-----|
| VPS IP | `47.76.87.111` |
| 域名 | `66.hyf2.cc` |
| 管理面板 | `http://66.hyf2.cc/<PANEL_PATH>/`(安装时输出,见 `.env` |
> 完整部署步骤见 **[docs/DEPLOY.md](docs/DEPLOY.md)**
---
## 快速部署(Ubuntu VPS
```bash
ssh root@47.76.87.111
apt update && apt install -y git
git clone https://git.bz121.com/dekun/jiedian.git /opt/jiedian
cd /opt/jiedian
bash scripts/install.sh
```
安装完成后会显示面板地址、用户名和密码。登录面板即可 **添加节点、复制分享链接**
---
## 架构
```
浏览器 ──► Nginx:80/<PANEL_PATH>/ ──► Web 管理面板(登录、添加节点)
sing-box 配置重载
客户端 (Win/iOS/Android)
├─ TCP 443 ──► sing-box VLESS+Reality
└─ UDP 8443 ─► sing-box Hysteria2
Nginx 127.0.0.1:8080 ← 伪装静态页(Reality fallback 场景)
```
---
## 目录结构
```
/opt/jiedian/
├── .env # VPS / Reality / 面板账号配置
├── data/nodes.db # 节点数据库(安装后生成)
├── panel/ # Web 管理面板(Flask
├── scripts/
│ ├── install.sh # 一键部署
│ ├── uninstall.sh # 卸载后重装
│ ├── generate-keys.sh # 生成 Reality 密钥与面板密码
│ └── render-server.py # 根据数据库生成 sing-box 配置
└── docs/
├── DEPLOY.md
└── client-import.md
```
---
## 端口与防火墙
| 端口 | 协议 | 用途 |
|------|------|------|
| 22 | TCP | SSH |
| 80 | TCP | HTTPACME 验证 + **管理面板反向代理** |
| 443 | TCP | VLESS + Reality |
| 8443 | UDP | Hysteria2 |
---
## 常用运维
```bash
# 面板地址(安装时输出)
grep PANEL_PATH /opt/jiedian/.env
# 服务状态
systemctl status sing-box jiedian-panel
# 卸载后干净重装
bash scripts/uninstall.sh
bash scripts/generate-keys.sh # 可选:重置密钥与面板密码
bash scripts/install.sh
```
---
## 防墙要点
1. 不要公开分享节点链接
2. Reality SNI 使用 `www.microsoft.com`,不要用 `66.hyf2.cc`
3. 客户端开启 uTLS / chrome 指纹
4. 面板路径与密码请妥善保管,安装后可在 `.env` 查看 `PANEL_PATH` / `PANEL_PASSWORD`
---
## 免责声明
本项目仅供学习网络技术使用。请遵守当地法律法规。