Compare commits

...

11 Commits

Author SHA1 Message Date
zbuse
1f6980355c
Merge fc6bb8cf34 into d3bc8ff8fe 2025-01-16 21:00:20 +07:00
Xboard
d3bc8ff8fe
Merge pull request #192 from yushum/patch-1
Some checks are pending
Docker Build and Publish / build (push) Waiting to run
Update websocket settings
2025-01-16 12:52:30 +08:00
Xboard
ea6a2d8fc6
Merge pull request #317 from linusxiong/patch-1
修复Stripe支付方式中导致400的小Bug
2025-01-16 12:48:58 +08:00
xboard
f6af7313d0 update docs 2025-01-16 10:13:53 +08:00
xboard
4877866fe8 update docs 2025-01-16 09:58:04 +08:00
xboard
18c90a0aee update docker-publish.yml 2025-01-16 09:50:45 +08:00
大大白
4d2b442885
Update StripeALLInOne.php
fix a bug that causes 400: https://support.stripe.com/questions/use-of-the-statement-descriptor-parameter-on-paymentintents-for-card-charges
2025-01-14 14:43:52 -05:00
Yusum
42542725f7
Update Shadowrocket.php 2024-08-01 21:56:49 +08:00
Yusum
ab34ef327a
Update SingBox.php 2024-08-01 21:21:36 +08:00
Yusum
60ed240e66
Update ClashMeta.php 2024-08-01 21:16:56 +08:00
zbuse
fc6bb8cf34
Create EpusdtPay.php 2024-01-24 17:53:03 +08:00
10 changed files with 263 additions and 126 deletions

View File

@ -1,89 +1,91 @@
name: Docker
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Docker Build and Publish
on:
push:
branches: [ "dev" ]
# Publish semver tags as releases.
tags: [ 'v*.*.*' ]
workflow_dispatch: # Enable manual trigger
branches: ["legacy"]
workflow_dispatch:
env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- uses: satackey/action-docker-layer-caching@v0.0.11
continue-on-error: true
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: 'arm64,amd64'
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
platforms: linux/amd64,linux/arm64
driver-opts: |
image=moby/buildkit:latest
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=sha,format=long
type=raw,value=new
- name: Get version
id: get_version
run: echo "version=$(git describe --tags --always)" >> $GITHUB_OUTPUT
- name: Update version in app.php
run: |
VERSION=$(date '+%Y%m%d')-$(git rev-parse --short HEAD)
sed -i "s/'version' => '.*'/'version' => '$VERSION'/g" config/app.php
echo "Updated version to: $VERSION"
- name: Build and push
id: build-and-push
uses: docker/build-push-action@v5
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
tags: |
${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:legacy
${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:${{ steps.get_version.outputs.version }}
build-args: |
BUILDKIT_INLINE_CACHE=1
provenance: false
- name: Install cosign
uses: sigstore/cosign-installer@v3.4.0
with:
cosign-release: 'v2.2.2'
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.2.0
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
uses: docker/login-action@v3.1.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5.5.1
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Get version
id: get_version
run: echo "version=$(git describe --tags --always)" >> $GITHUB_OUTPUT
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v5.3.0
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:latest,${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard,${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:${{ steps.get_version.outputs.version }}
# Sign the resulting Docker image digest except on PRs.
# This will only write to the public Rekor transparency log when the Docker
# repository is public to avoid leaking data. If you would like to publish
# transparency data even for private images, pass --force to cosign below.
# https://github.com/sigstore/cosign
- name: Sign the published Docker image
- name: Sign image
if: steps.build-and-push.outputs.digest != ''
env:
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
TAGS: ${{ steps.meta.outputs.tags }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
COSIGN_EXPERIMENTAL: 1
run: |
echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --yes "{}@${{ steps.build-and-push.outputs.digest }}"

View File

@ -0,0 +1,97 @@
<?php
//author by GoodGoodStudy
namespace App\Payments;
use \Curl\Curl;
class EpusdtPay {
public function __construct($config)
{
$this->config = $config;
}
public function form()
{
return [
'epusdt_pay_url' => [
'label' => 'API 地址',
'description' => '您的 EpusdtPay API 接口地址(例如: https://epusdt-pay.xxx.com)',
'type' => 'input',
],
'epusdt_pay_apitoken' => [
'label' => 'API Token',
'description' => '您的 EpusdtPay API Token',
'type' => 'input',
]
];
}
public function pay($order)
{
$params = [
"amount" => round($order['total_amount']/100,2),
"order_id" => $order['trade_no'],
'redirect_url' => $order['return_url'],
'notify_url' => $order['notify_url'],
];
$params['signature'] = $this->sign($params);
$curl = new Curl();
$curl->setUserAgent('EpusdtPay');
$curl->setOpt(CURLOPT_SSL_VERIFYPEER, 0);
$curl->setOpt(CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
$curl->post($this->config['epusdt_pay_url'] . '/api/v1/order/create-transaction', json_encode($params));
$result = $curl->response;
$curl->close();
if (!isset($result->status_code) || $result->status_code != 200) {
abort(500, "Failed to create order. Error: {$result->message}");
}
return [
'type' => 1, // 0:qrcode 1:url
'data' => $result->data->payment_url
];
}
public function notify($params)
{
$status = $params['status'];
// 1等待支付2支付成功3已过期
if ($status != 2) {
die('failed');
}
//不合法的数据
if (!$this->verify($params)) {
die('cannot pass verification');
}
return [
'trade_no' => $params['order_id'],
'callback_no' => $params['trade_id'],
'custom_result' => 'ok'
];
}
public function verify($params) {
return $params['signature'] === $this->sign($params);
}
protected function sign(array $params)
{
ksort($params);
reset($params); //内部指针指向数组中的第一个元素
$sign = '';
$urls = '';
foreach ($params as $key => $val) {
if ($val == '') continue;
if ($key != 'signature') {
if ($sign != '') {
$sign .= "&";
$urls .= "&";
}
$sign .= "$key=$val"; //拼接为url参数形式
$urls .= "$key=" . urlencode($val); //拼接为url参数形式
}
}
$sign = md5($sign . $this->config['epusdt_pay_apitoken']);//密码追加进入开始MD5签名
return $sign;
}
}

View File

@ -66,7 +66,7 @@ class StripeALLInOne {
'confirm' => true,
'payment_method' => $stripePaymentMethod->id,
'automatic_payment_methods' => ['enabled' => true],
'statement_descriptor' => 'sub-' . $order['user_id'] . '-' . substr($order['trade_no'], -8),
'statement_descriptor_suffix' => 'sub-' . $order['user_id'] . '-' . substr($order['trade_no'], -8),
'description' => $this->config['description'],
'metadata' => [
'user_id' => $order['user_id'],

View File

@ -195,8 +195,6 @@ class ClashMeta
$array['server'] = $server['host'];
$array['port'] = $server['port'];
$array['uuid'] = $password;
$array['alterId'] = 0;
$array['cipher'] = 'auto';
$array['udp'] = true;
// XTLS流控算法
@ -243,10 +241,8 @@ class ClashMeta
$array['ws-opts']['path'] = $wsSettings['path'];
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$array['ws-opts']['headers'] = ['Host' => $wsSettings['headers']['Host']];
if (isset($wsSettings['path']) && !empty($wsSettings['path']))
$array['ws-path'] = $wsSettings['path'];
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$array['ws-headers'] = ['Host' => $wsSettings['headers']['Host']];
$array['ws-opts']['max-early-data'] = 2560;
$array['ws-opts']['early-data-header-name'] = 'Sec-WebSocket-Protocol';
}
}
if ($server['network'] === 'grpc') {

View File

@ -190,7 +190,7 @@ class Shadowrocket
if ($server['network_settings']) {
$wsSettings = $server['network_settings'];
if (isset($wsSettings['path']) && !empty($wsSettings['path']))
$config['path'] = $wsSettings['path'];
$config['path'] = $wsSettings['path'] . '?ed=2560';
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$config['obfsParam'] = $wsSettings['headers']['Host'];
}

View File

@ -149,7 +149,7 @@ class SingBox
$array['transport']['path'] = $wsSettings['path'];
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$array['transport']['headers'] = ['Host' => array($wsSettings['headers']['Host'])];
$array['transport']['max_early_data'] = 2048;
$array['transport']['max_early_data'] = 2560;
$array['transport']['early_data_header_name'] = 'Sec-WebSocket-Protocol';
}
}
@ -217,7 +217,7 @@ class SingBox
$array['transport']['path'] = $wsSettings['path'];
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$array['transport']['headers'] = ['Host' => array($wsSettings['headers']['Host'])];
$array['transport']['max_early_data'] = 2048;
$array['transport']['max_early_data'] = 2560;
$array['transport']['early_data_header_name'] = 'Sec-WebSocket-Protocol';
}
}
@ -272,7 +272,7 @@ class SingBox
if (isset($server['network_settings']['headers']['Host'])) {
$array['transport']['headers'] = ['Host' => array($server['network_settings']['headers']['Host'])];
}
$array['transport']['max_early_data'] = 2048;
$array['transport']['max_early_data'] = 2560;
$array['transport']['early_data_header_name'] = 'Sec-WebSocket-Protocol';
}
}

View File

@ -3,7 +3,7 @@ services:
xboard:
# build:
# context: .
image: ghcr.io/cedar2025/xboard:latest
image: ghcr.io/cedar2025/xboard:legacy
volumes:
- ./:/www/
# - ./.env:/www/.env

View File

@ -39,7 +39,7 @@ rm -rf .htaccess 404.html 502.html index.html .user.ini
```
> 执行命令从 Github 克隆到当前目录。
```
git clone https://github.com/cedar2025/Xboard.git ./
git clone -b legacy https://github.com/cedar2025/Xboard.git ./
```
> 复制一份docker-compose.yaml文件
```

View File

@ -48,7 +48,7 @@ rm -rf .htaccess 404.html 502.html index.html .user.ini
```
> 执行命令从 Github 克隆到当前目录。
```
git clone https://github.com/cedar2025/Xboard.git ./
git clone -b legacy https://github.com/cedar2025/Xboard.git ./
```
> 执行命令安装依赖包以及V2board
```

View File

@ -1,77 +1,119 @@
## Docker-Compose 部署教程
本文教你如何在命令行使用docker-compose + sqlite来快速部署Xboard
如果你需要使用Mysql你需要自行处理好Mysql的安装。
### 部署 (使用docker-compose 2分钟部署)
> 在此提供Xboard安装、快速体验Xboard的步骤。
使用docker compose + sqlite 快速部署站点(**无需安装Mysql以及redis**
1. 安装docker
```
## Docker-Compose 快速部署指南
### 环境要求
- Docker (最新稳定版)
- 至少 1GB 可用内存
- 至少 10GB 可用磁盘空间
- 系统支持: Linux/macOS/Windows
- 开放端口: 7001 (默认)
### 部署步骤
#### 1. 安装 Docker
```bash
# 安装 Docker
curl -sSL https://get.docker.com | bash
```
Centos系统可能需要执行下面命令来启动Docker。
```
# CentOS 系统需要执行以下命令启动 Docker
systemctl enable docker
systemctl start docker
```
2. 获取Docker compose 文件
```
git clone -b docker-compose --depth 1 https://github.com/cedar2025/Xboard
#### 2. 获取部署文件
```bash
git clone -b docker-compose --depth 1 https://github.com/cedar2025/Xboard
cd Xboard
```
3. 执行数据库安装命令
> 选择 **启用sqlite** 和 **Docker内置的Redis**
```
docker compose run -it --rm -e enable_sqlite=true -e enable_redis=true -e admin_account=your_admin_email@example.com xboard php artisan xboard:install
```
> 或者根据自己的需要在运行时选择
#### 3. 初始化安装
> 提供两种安装方式,选择其一即可:
**方式一:快速安装** (推荐)
```bash
# 使用 SQLite + Docker内置Redis
docker compose run -it --rm \
-e enable_sqlite=true \
-e enable_redis=true \
-e admin_account=admin@demo.com \
xboard php artisan xboard:install
```
**方式二:自定义安装**
```bash
# 根据提示自定义配置
docker compose run -it --rm xboard php artisan xboard:install
```
> 执行这条命令之后,会返回你的后台地址和管理员账号密码(你需要记录下来)
> 你需要执行下面的 **启动xborad** 步骤之后才能访问后台
4. 启动Xboard
```
> **重要提示:**
> - 安装完成后会显示后台地址和管理员账号密码,请务必保存
> - 如需使用 MySQL请先自行安装并配置 MySQL 后再部署
#### 4. 启动服务
```bash
docker compose up -d
```
> 安装完成之后即可访问你的站点
5. 访问站点
> 启动之后网站端口默认为7001, 你可以配置nginx反向代理使用80端口
网站地址: http://你的IP:7001/
在此你已经成功部署了, 你可以访问网址体验Xboard的完整功能
#### 5. 访问站点
- 网站地址:`http://服务器IP:7001`
- 后台地址:安装时提供的地址
> 如果你需要使用mysql请自行安装Mysql后重新部署
### 更新指南
### **更新**
1. 修改版本
```
#### 方式一:快速更新(保持最新版本)
```bash
cd Xboard
vi docker-compose.yaml
```
> 修改docker-compose.yaml 当中image后面的版本号为你需要的版本
> 如果为版本为latest 则可以忽略这一步,直接进行第二步
2. 更新数据库(可以执行多次都是安全的)
```
docker compose pull
docker compose down
docker compose run -it --rm xboard php artisan xboard:update
docker compose up -d
```
> 即可更新成功
### **回滚**
> 此回滚不回滚数据库,是否回滚数据库请查看相关文档
1. 回退版本
```
#### 方式二:更新至指定版本
1. 修改版本号
```bash
# 编辑 docker-compose.yaml修改 image 的版本号
vi docker-compose.yaml
```
> 修改docker-compose.yaml 当中image后面的版本号为更新前的版本号
2. 启动
```
2. 执行更新
```bash
docker compose pull
docker compose down
docker compose run -it --rm xboard php artisan xboard:update
docker compose up -d
```
### 注意
启用webman后做的任何代码修改都需要重启生效
### 版本回滚
```bash
# 1. 修改 docker-compose.yaml 中的版本号为目标版本
vi docker-compose.yaml
# 2. 重启服务
docker compose up -d
```
### 常见问题
1. **端口配置**
- 默认端口为 7001
- 可通过 Nginx 反向代理使用 80/443 端口
- 如需修改端口,请编辑 docker-compose.yaml
2. **数据持久化**
- 数据默认存储在 ./data 目录
- 建议定期备份 data 目录
3. **性能优化**
- 启用 webman 后的代码修改需要重启服务才能生效
- 可根据实际需求调整容器资源限制
### 安全建议
1. 及时更新到最新版本
2. 修改默认管理员账号
3. 使用强密码
4. 建议配置 SSL 证书
5. 定期备份数据
### 技术支持
- GitHub Issues: https://github.com/cedar2025/Xboard/issues
- 官方文档:[文档链接]