82.158.226.4 先删除 ssh 密钥和会话,防止第一次链接失败。 # 1Panel【域名】 ## (1)安装面板 [1Panel 服务器运维管理面板](https://1panel.cn/) ``` 域名访问: https://1panel.excalicode.org 外部地址: http://82.158.226.4:31693 面板用户: excalicode 面板密码: 6cd500f202 ``` ## (2)申请面板证书 DNS 账户 Cloudflare ``` MPLkv5dlbyKh_q0DdvH5ECxaUHVr5BVg0Ogf5AOH ``` 为 1panel.excalicode.org 申请证书 ## (3)面板设置 1. 面板设置 - 安全 里关掉安全入口,对绑定域名后用域名访问面板友好 2. 面板设置 - 安全 里 开启面板 SSL 3. 在系统 - SSH 管理修改链接端口、关闭密码认证、开启密钥认证、授权密钥 4. 配置终端,方便后续操作 ``` ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBfW4LWZ/HxIHdQcT+bnUUa5Tqbbag5otkv+y6OkDa9I ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP87fXzm4HSwkS3XaJHGTsEeiu4o9lLlu+ZEwHGuSbzS github-actions ``` ## (4)CF 设置 1. cloudflare DNS 添加记录 2. 在 Cloudflare 中先设定好 Origin Rules 以准备将面板域名请求自动重写到 1Panel 端口,目标端口: 选择 重写到 面板端口号 CF 小技巧: 1. 在 Cloudflare 的侧栏点击 SSL/TLS,选择**完全(严格)** 2. 在侧栏点击**边缘证书**,开启下列选项: - 始终使用 HTTPS - 随机加密 - TLS 1.3 - 自动 HTTPS 重写 - 证书透明度监视 ## (5)安装 Openresty # Sub-Store【域名】 docker-compose.yml ```yaml services: sub-store: image: xream/sub-store:http-meta container_name: sub-store restart: always network_mode: host environment: SUB_STORE_BACKEND_API_HOST: 127.0.0.1 SUB_STORE_BACKEND_API_PORT: 3001 SUB_STORE_BACKEND_MERGE: true SUB_STORE_FRONTEND_BACKEND_PATH: /AZmFbXAp9Tyhws PORT: 9876 HOST: 127.0.0.1 volumes: - sub-store-data:/opt/app/data volumes: sub-store-data: ``` 申请证书并在 Openresty 中反向代理 3001 访问地址 ``` https://sub-store.excalicode.org?api=https://sub-store.excalicode.org/AZmFbXAp9Tyhws ``` # OpenClaw【域名】 ``` r5hzczwdpd2bin2zxapbnqjmwdjny2kz mq7swt5pxdhhz6mmryz28n3ytgma83fb 18789 18790 http://82.158.226.4:18789?token=r5hzczwdpd2bin2zxapbnqjmwdjny2kz https://openclaw.excalicode.org?token=mq7swt5pxdhhz6mmryz28n3ytgma83fb ``` # MySQL ``` root ykz2WKZ@vke6rmk*req 13306 ``` # Redis ``` jgw5wpe!HVB@vem2wmp 16379 ``` # Gitea ``` 数据库 gitea 数据库用户 gitea 数据库密码 ykz2WKZ@vke6rmk*req HTTP 端口 3000 SSH 端口 222 ``` # s-ui 安装 [节点搭建](https://bulianglin.com/archives/nicename.html) ``` bash <(curl -Ls https://raw.githubusercontent.com/alireza0/s-ui/master/install.sh) ``` ``` ############################################### username:Yha0HLb5 password:pEJ3HHa7 ############################################### if you forgot your login info,you can type s-ui for configuration menu reset admin credentials success First admin credentials: Username: Yha0HLb5 Password: pEJ3HHa7 Created symlink /etc/systemd/system/multi-user.target.wants/s-ui.service → /etc/systemd/system/s-ui.service. s-ui vv1.3.7 installation finished, it is up and running now... You may access the Panel with following URL(s): Local address: http://82.158.226.4:2095/app/ http://172.17.0.1:2095/app/ http://172.18.0.1:2095/app/ Global address: http://82.158.226.4:2095/app/ The OS release is: ubuntu S-UI Control Menu Usage ------------------------------------------ SUBCOMMANDS: s-ui - Admin Management Script s-ui start - Start s-ui s-ui stop - Stop s-ui s-ui restart - Restart s-ui s-ui status - Current Status of s-ui s-ui enable - Enable Autostart on OS Startup s-ui disable - Disable Autostart on OS Startup s-ui log - Check s-ui Logs s-ui update - Update s-ui install - Install s-ui uninstall - Uninstall s-ui help - Control Menu Usage ------------------------------------------ ``` ``` for d in cdn.userway.org intel.com s.mp.marsflag.com ts4.tc.mm.bing.net apps.mzstatic.com beacon.gtv-pub.com mscom.demdex.net www.intel.com go.microsoft.com logx.optimizely.com ; do t1=$(date +%s%3N); timeout 1 openssl s_client -connect $d:443 -servername $d /dev/null && t2=$(date +%s%3N) && echo "$d: $((t2 - t1)) ms" || echo "$d: timeout"; done ``` ``` apps.apple.com ``` s-ui 配置信息 ``` curl --location 'http://82.158.226.4:2095/app/apiv2/load' \ --header 'Token: HkpCXP8AkxqOjKbo29KdnrlPrlxmNksW' ``` # excalicode 服务用户 ``` http://82.158.226.4/ ibs 8GE6Ccs7kWwiSzWA ``` 前端站点 ``` /opt/1panel/www/sites/82.158.226.4/ ```