# 20230728

  1. 目标: 站点需要切换到 45.77.4.124
  2. 新增picview站点
  3. 采用Github Action. 添加DEPLOY_KEY, 设置开发机上的~/.ssh/id_rsa
  4. 提交会部署到服务器上。
  5. nginx配置修改 4.1 配置文件修改后的语法是否正确: nginx -t 4.2 重启服务: nginx -s reload 4.3 nginx 配置如下:

server { listen 80 default_server; listen [::]:80 default_server; listen 443 http2 ssl; ssl_certificate /etc/chitaner.com.pem; ssl_certificate_key /etc/chitaner.com.key;

    server_name ~^(?<subdomain>.+).chitaner.com$;
    server_name chitaner.com;

   location / {

      if ($subdomain = "keylic") {
        proxy_pass http://127.0.0.1:8060;
      }
       
      if ($subdomain = "picsee") {
        root /var/www/picsee;
      }

      if ($subdomain = "blog") {
          root /var/www/blog;
      }

      if ($subdomain = "enpicsee") {
          root /var/www/enpicsee;
      }

      if ($subdomain = "longshot") {
          root /var/www/longshot;
      }

      if ($subdomain = "enlongshot") {
          root /var/www/enlongshot;
      }

      if ($subdomain = "picview") {
          root /var/www/picview;
      }

      if ($subdomain = "enpicview") {
          root /var/www/enpicview;
      }

      root /var/www/chitaner; 
      index index.html; 

   }

    location /api/ {
        proxy_pass http://127.0.0.1:3000;
    }

    location /ray { # 与 V2Ray 配置中的 path 保持一致
      proxy_redirect off;
      proxy_pass http://127.0.0.1:9000;#假设WebSocket监听在环回地址的10000端口上
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header Host $http_host;

      # Show realip in v2ray access.log
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

}

# 20230619

  1. 目标: 站点需要切换到 45.77.4.124
  2. 新增longshot站点
  3. 采用Github Action. 添加DEPLOY_KEY, 设置开发机上的~/.ssh/id_rsa
  4. 提交会部署到服务器上。
  5. nginx配置修改 4.1 配置文件修改后的语法是否正确: nginx -t 4.2 重启服务: nginx -s reload 4.3 nginx 配置如下:

server { listen 80 default_server; listen [::]:80 default_server; listen 443 http2 ssl; ssl_certificate /etc/chitaner.com.pem; ssl_certificate_key /etc/chitaner.com.key;

    server_name ~^(?<subdomain>.+).chitaner.com$;
    server_name chitaner.com;

   location / {

      if ($subdomain = "picsee") {
        root /var/www/picsee;
      }

      if ($subdomain = "blog") {
          root /var/www/blog;
      }

      if ($subdomain = "enpicsee") {
          root /var/www/enpicsee;
      }

      if ($subdomain = "longshot") {
          root /var/www/longshot;
      }

      if ($subdomain = "enlongshot") {
          root /var/www/enlongshot;
      }

      root /var/www/chitaner; 
      index index.html; 

   }

    location /api/ {
        proxy_pass http://127.0.0.1:3000;
    }

    location /ray { # 与 V2Ray 配置中的 path 保持一致
      proxy_redirect off;
      proxy_pass http://127.0.0.1:9000;#假设WebSocket监听在环回地址的10000端口上
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header Host $http_host;

      # Show realip in v2ray access.log
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

}

# 20230404 修改IP记录

  1. 直接在vultr上申请新的主机, IP 地址45.77.4.124
  2. 在cloudflare上修改域名指向的IP地址
  3. 在vultr上用镜像恢复
  4. ssh [email protected]
  5. 安装了cloudflare的warp服务, 使用的https://github.com/fscarmen/warp/blob/main/README.md#warp-license-%E5%8F%8A-id-%E8%8E%B7%E5%8F%96 服务。用的是warp-go运行脚本, 选项:为 原生双栈 添加 WARP IPv6 全局 网络接口,IPv6 优先 (bash warp-go.sh 6)

# 20230101 修改记录

  1. 域名chitaner.com 续费到了:2028-07-02
  2. V2RAY服务, 修改: 站点服务,接口服务,统一集成到vultr[https://my.vultr.com/]中, 207.148.118.58
  3. 20230101时间点了做服务器镜像备份

# Travis CI 集成 基于Github Action

  1. 目标: 站点需要切换到 207.148.118.58
  2. 配置在目录.github/workflows的deploy.yml中
  3. 需要配置: DEPLOY_KEY, SERVER_DESTINATION, SERVER_PORT, SSH_HOST, SSH_USERNAME
  4. 其中DEPLOY_KEY配置为SSH私钥
  5. 参考文章:https://frostming.com/2020/04-26/github-actions-deploy/

# Nginx配置

  1. nginx配置文件如下, 在/etc/nginx/sites-available配置一个Config, 在/etc/nginx/enabled ln到它。[ln -s 原文件 链接的文件]
  2. Server配置如下:

server { listen 80 default_server; listen [::]:80 default_server; listen 443 http2 ssl; ssl_certificate /etc/chitaner.com.pem; ssl_certificate_key /etc/chitaner.com.key; root /var/www/$subdomain;

    server_name ~^(?<subdomain>.+)\.chitaner\.com$;

    location /api/ {
            proxy_pass http://127.0.0.1:3000;
    }

    location /ray { # 与 V2Ray 配置中的 path 保持一致
      proxy_redirect off;
      proxy_pass http://127.0.0.1:9000;#假设WebSocket监听在环回地址的10000端口上
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header Host $http_host;

      # Show realip in v2ray access.log
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
    }

}

# 域名指向

  1. chitaner.com 管理在阿里云【购买,续期】
  2. 域名定向到IP, 在cloudfare: https://dash.cloudflare.com/48a40874f17c3b248236c08b3588680a
  3. 把chitaner.com的picsee.chitaner.com, blog.chitaner.com, blog.chitaner.com指向207.148.118.58

# 服务配置[版本升级提示服务]

  1. 参考Picsee-Server目录下的按照指示进行相关服务的按照

# V2RAY配置 【最新的配置】

  1. 参考PDF文档: 搭梯子:V2RAY配置WebSocket + TLS + Web.pdf
  2. Client端配置, 保存成 JSON, 在配置中 import 进来
  3. 服务端修改配置后,重启,systemctl restart v2ray
  4. 配置文件位置:/usr/local/etc/
  5. 使用的是:https://github.com/v2fly/fhs-install-v2ray/blob/master/README.md 参照 fhs-install-v2ray_README.md at master · v2fly_fhs-install-v2ray.pdf文件
  6. installed: /usr/local/bin/v2ray installed: /usr/local/bin/v2ctl installed: /usr/local/share/v2ray/geoip.dat installed: /usr/local/share/v2ray/geosite.dat installed: /usr/local/etc/v2ray/config.json installed: /var/log/v2ray/ installed: /var/log/v2ray/access.log installed: /var/log/v2ray/error.log installed: /etc/systemd/system/v2ray.service installed: /etc/systemd/system/[email protected]

nginx -s reload

{
  "log": {
    "access": "/Users/kzhiquan/.V2rayU/v2ray-core.log",
    "loglevel": "info",
    "error": "/Users/kzhiquan/.V2rayU/v2ray-core.log"
  },
  "inbounds": [
    {
      "listen": "127.0.0.1",
      "settings": {
        "auth": "noauth",
        "udp": false
      },
      "protocol": "socks",
      "port": "1081"
    },
    {
      "listen": "127.0.0.1",
      "port": "8001",
      "protocol": "http",
      "settings": {
        "timeout": 360
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "vmess",
      "settings": {
        "vnext": [
          {
            "port": 443,
            "users": [
              {
                "level": 1,
                "security": "auto",
                "alterId": 0,
                "id": "ffbe15b7-12f2-442b-a024-7d0383aee5fe"
              }
            ],
            "address": "chitaner.com"
          }
        ]
      },
      "mux": {
        "enabled": false,
        "concurrency": 8
      },
      "tag": "proxy",
      "streamSettings": {
        "security": "tls",
        "network": "ws",
        "wsSettings": {
          "path": "/ray",
          "headers": {
            "host": "chitaner.com"
          }
        },
        "tlsSettings": {
          "serverName": "",
          "allowInsecure": true,
          "fingerprint": "chrome"
        }
      }
    },
    {
      "protocol": "freedom",
      "settings": {
        "userLevel": 0,
        "domainStrategy": "UseIP"
      },
      "tag": "direct"
    },
    {
      "settings": {
        "response": {
          "type": "none"
        }
      },
      "protocol": "blackhole",
      "tag": "block"
    }
  ],
  "dns": {},
  "routing": {
    "balancers": [],
    "rules": [],
    "domainStrategy": "AsIs"
  }
}
  1. Server端配置,
{
  "inbounds": [{
    "port": 9000,
    "protocol": "vmess",
    "settings": {
      "clients": [
        {
          "id": "ffbe15b7-12f2-442b-a024-7d0383aee5fe",
          "level": 1,
          "alterId": 0
        }
      ]
    },
    "streamSettings":{
        "network":"ws",
        "wsSettings":{
                "path":"/ray"
        }
    }
  }],
  "outbounds": [{
    "protocol": "freedom",
    "settings": {}
  },{
    "protocol": "blackhole",
    "settings": {},
    "tag": "blocked"
  }],
  "routing": {
    "rules": [
      {
        "type": "field",
        "ip": ["geoip:private"],
        "outboundTag": "blocked"
      }
    ]
  }
}

#############################################################################