diff --git a/antigravity/maintenance/setup-node2-cn-relay.sh b/antigravity/maintenance/setup-node2-cn-relay.sh index ec12713e..ff5262d8 100755 --- a/antigravity/maintenance/setup-node2-cn-relay.sh +++ b/antigravity/maintenance/setup-node2-cn-relay.sh @@ -34,8 +34,9 @@ if ! command -v gost &>/dev/null; then ARCH=$(uname -m) [ "$ARCH" = "x86_64" ] && GARCH="amd64" || GARCH="arm64" LATEST=$(curl -sf https://api.github.com/repos/go-gost/gost/releases/latest | grep '"tag_name"' | cut -d'"' -f4) + VER="${LATEST#v}" wget -qO /tmp/gost.tar.gz \ - "https://github.com/go-gost/gost/releases/download/${LATEST}/gost_linux_${GARCH}.tar.gz" + "https://github.com/go-gost/gost/releases/download/${LATEST}/gost_${VER}_linux_${GARCH}.tar.gz" tar xzf /tmp/gost.tar.gz -C /tmp/ mv /tmp/gost /usr/local/bin/gost chmod +x /usr/local/bin/gost @@ -46,16 +47,16 @@ ok "GOST $(gost -V 2>/dev/null | head -1 || echo '已安装')" # 中转机职责: # - 接收上海 sub2api 发来的 relay+tls 连接(:3456) # - 将流量通过 relay+tls 转发到美国落地机(:8443) -cat > /etc/systemd/system/gost-relay.service << EOF +cat > /etc/systemd/system/gost-sub2api-relay.service << EOF [Unit] -Description=GOST CN Relay - 接收上海转发到美国落地 +Description=GOST sub2api CN Relay - 接收上海转发到美国落地 After=network.target [Service] Type=simple User=nobody ExecStart=/usr/local/bin/gost \\ - -L "relay+tls://${GOST_USER}:${GOST_PASS}@:${LISTEN_PORT_FROM_SH}" \\ + -L "http://${GOST_USER}:${GOST_PASS}@:${LISTEN_PORT_FROM_SH}" \\ -F "relay+tls://${GOST_USER}:${GOST_PASS}@${US_LANDING_IP}:${LISTEN_PORT_TO_US}" Restart=always RestartSec=5 @@ -66,10 +67,10 @@ WantedBy=multi-user.target EOF systemctl daemon-reload -systemctl enable gost-relay -systemctl restart gost-relay +systemctl enable gost-sub2api-relay +systemctl restart gost-sub2api-relay sleep 2 -ok "GOST 中转服务已启动" +ok "GOST 中转服务已启动(服务名: gost-sub2api-relay,不影响现有 gost-relay)" # ── 3. 防火墙开放端口 ─────────────────────────────── if command -v ufw &>/dev/null; then @@ -93,4 +94,4 @@ echo "【GOST 认证信息(勿泄露)】" echo " 用户名: ${GOST_USER}" echo " 密码: ${GOST_PASS}" echo "" -systemctl status gost-relay --no-pager -l | tail -5 +systemctl status gost-sub2api-relay --no-pager -l | tail -5 diff --git a/antigravity/maintenance/setup-node3-us-landing.sh b/antigravity/maintenance/setup-node3-us-landing.sh index 626d9456..5521a5f2 100755 --- a/antigravity/maintenance/setup-node3-us-landing.sh +++ b/antigravity/maintenance/setup-node3-us-landing.sh @@ -71,8 +71,9 @@ if ! command -v gost &>/dev/null; then [ "$ARCH" = "x86_64" ] && GARCH="amd64" || GARCH="arm64" LATEST=$(curl -sf https://api.github.com/repos/go-gost/gost/releases/latest \ | grep '"tag_name"' | cut -d'"' -f4) + VER="${LATEST#v}" wget -qO /tmp/gost.tar.gz \ - "https://github.com/go-gost/gost/releases/download/${LATEST}/gost_linux_${GARCH}.tar.gz" + "https://github.com/go-gost/gost/releases/download/${LATEST}/gost_${VER}_linux_${GARCH}.tar.gz" tar xzf /tmp/gost.tar.gz -C /tmp/ mv /tmp/gost /usr/local/bin/gost chmod +x /usr/local/bin/gost @@ -86,9 +87,9 @@ fi # ── 6. 创建 GOST 出口服务 ────────────────────────── # 落地机职责:监听 CN中转机 relay+tls 连接,直接出口到 Anthropic/Google -cat > /etc/systemd/system/gost-exit.service << EOF +cat > /etc/systemd/system/gost-sub2api-exit.service << EOF [Unit] -Description=GOST US Landing Exit - 接收中转,直连 Anthropic/Google +Description=GOST sub2api US Landing Exit - 接收中转,直连 Anthropic/Google After=network.target [Service] @@ -105,8 +106,8 @@ WantedBy=multi-user.target EOF systemctl daemon-reload -systemctl enable gost-exit -systemctl restart gost-exit +systemctl enable gost-sub2api-exit +systemctl restart gost-sub2api-exit sleep 2 ok "GOST 出口服务已启动" @@ -131,7 +132,7 @@ echo " 时区: $(timedatectl show -p Timezone --value)" echo " 当前时间: $(date)" echo "" echo "【GOST 服务状态】" -systemctl status gost-exit --no-pager -l | tail -5 +systemctl status gost-sub2api-exit --no-pager -l | tail -5 echo "" echo "【出口 IP 信息】" curl -sf ipinfo.io 2>/dev/null | python3 -c " diff --git a/backend/internal/service/ops_cleanup_service.go b/backend/internal/service/ops_cleanup_service.go index 1cae6fe5..36068c4a 100644 --- a/backend/internal/service/ops_cleanup_service.go +++ b/backend/internal/service/ops_cleanup_service.go @@ -166,7 +166,7 @@ type opsCleanupDeletedCounts struct { func (c opsCleanupDeletedCounts) String() string { return fmt.Sprintf( - "error_logs=%d retry_attempts=%d alert_events=%d system_logs=%d log_audits=%d system_metrics=%d hourly_preagg=%d daily_preagg=%d", + "err_logs=%d retry_attempts=%d alert_events=%d sys_logs=%d log_audits=%d sys_metrics=%d hourly_preagg=%d daily_preagg=%d", c.errorLogs, c.retryAttempts, c.alertEvents, diff --git a/deploy/docker-compose.tls-proxy.yml b/deploy/docker-compose.tls-proxy.yml index 5aca3df7..4f1711b4 100644 --- a/deploy/docker-compose.tls-proxy.yml +++ b/deploy/docker-compose.tls-proxy.yml @@ -22,6 +22,10 @@ services: - GATEWAY_NODE_TLS_PROXY_LISTEN_PORT=3456 - GATEWAY_NODE_TLS_PROXY_LISTEN_HOST=node-tls-proxy - GATEWAY_NODE_TLS_PROXY_UPSTREAM_HOST=api.anthropic.com + # 全局代理:OAuth/GitHub 等外部请求走 GOST 中转 + - HTTPS_PROXY=${HTTPS_PROXY:-} + - HTTP_PROXY=${HTTP_PROXY:-} + - NO_PROXY=localhost,127.0.0.1,node-tls-proxy,postgres,redis depends_on: node-tls-proxy: condition: service_healthy diff --git a/gost-socks5.service b/gost-socks5.service new file mode 100644 index 00000000..b4e59a30 --- /dev/null +++ b/gost-socks5.service @@ -0,0 +1,14 @@ +[Unit] +Description=GOST SOCKS5 Proxy +After=network.target + +[Service] +Type=simple +User=nobody +ExecStart=/usr/local/bin/gost -L socks5://gostuser:fastapipwd@:1080 +Restart=always +RestartSec=5 +LimitNOFILE=65536 + +[Install] +WantedBy=multi-user.target diff --git a/reset-password.sh b/reset-password.sh new file mode 100644 index 00000000..263d33ca --- /dev/null +++ b/reset-password.sh @@ -0,0 +1,51 @@ +#!/usr/bin/env bash +# 重置用户密码脚本 +# 用法: bash reset-password.sh +set -euo pipefail + +EMAIL="zfc9393@163.com" +PASSWORD="zfc123.." +DB_USER="sub2api" +DB_NAME="sub2api" + +# 自动查找 docker-compose 文件所在目录 +SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" +COMPOSE_DIR="$SCRIPT_DIR/deploy" +if [ ! -f "$COMPOSE_DIR/docker-compose.yml" ]; then + COMPOSE_DIR="$SCRIPT_DIR" +fi + +cd "$COMPOSE_DIR" +echo "=== 重置密码: $EMAIL ===" + +# 1. 确保 pgcrypto 扩展存在 +docker compose exec -T postgres psql -U "$DB_USER" -d "$DB_NAME" -c \ + "CREATE EXTENSION IF NOT EXISTS pgcrypto;" 2>/dev/null + +# 2. 检查用户是否存在 +EXISTS=$(docker compose exec -T postgres psql -U "$DB_USER" -d "$DB_NAME" -t -A -c \ + "SELECT COUNT(1) FROM users WHERE email = '$EMAIL';") + +if [ "$EXISTS" -gt 0 ]; then + # 用户存在 → 更新密码 + docker compose exec -T postgres psql -U "$DB_USER" -d "$DB_NAME" -c \ + "UPDATE users SET password_hash = crypt('$PASSWORD', gen_salt('bf', 10)), updated_at = NOW() WHERE email = '$EMAIL';" + echo "✅ 密码已重置" +else + # 用户不存在 → 创建管理员 + docker compose exec -T postgres psql -U "$DB_USER" -d "$DB_NAME" -c \ + "INSERT INTO users (email, password_hash, role, balance, concurrency, status, created_at, updated_at) + VALUES ('$EMAIL', crypt('$PASSWORD', gen_salt('bf', 10)), 'admin', 0, 5, 'active', NOW(), NOW());" + echo "✅ 管理员用户已创建" +fi + +# 3. 验证 +echo "" +echo "=== 用户信息 ===" +docker compose exec -T postgres psql -U "$DB_USER" -d "$DB_NAME" -c \ + "SELECT id, email, role, status FROM users WHERE email = '$EMAIL';" + +echo "" +echo "登录信息:" +echo " 邮箱: $EMAIL" +echo " 密码: $PASSWORD"