mirror of
https://github.com/cedar2025/Xboard.git
synced 2025-01-22 10:38:14 -05:00
Compare commits
11 Commits
8b88d4fa8a
...
1f6980355c
Author | SHA1 | Date | |
---|---|---|---|
|
1f6980355c | ||
|
d3bc8ff8fe | ||
|
ea6a2d8fc6 | ||
|
f6af7313d0 | ||
|
4877866fe8 | ||
|
18c90a0aee | ||
|
4d2b442885 | ||
|
42542725f7 | ||
|
ab34ef327a | ||
|
60ed240e66 | ||
|
fc6bb8cf34 |
126
.github/workflows/docker-publish.yml
vendored
126
.github/workflows/docker-publish.yml
vendored
@ -1,89 +1,91 @@
|
||||
name: Docker
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
name: Docker Build and Publish
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "dev" ]
|
||||
# Publish semver tags as releases.
|
||||
tags: [ 'v*.*.*' ]
|
||||
workflow_dispatch: # Enable manual trigger
|
||||
branches: ["legacy"]
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
# Use docker.io for Docker Hub if empty
|
||||
REGISTRY: ghcr.io
|
||||
# github.repository as <account>/<repo>
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
# This is used to complete the identity challenge
|
||||
# with sigstore/fulcio when running outside of PRs.
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
- uses: satackey/action-docker-layer-caching@v0.0.11
|
||||
continue-on-error: true
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
with:
|
||||
platforms: 'arm64,amd64'
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
with:
|
||||
platforms: linux/amd64,linux/arm64
|
||||
driver-opts: |
|
||||
image=moby/buildkit:latest
|
||||
|
||||
- name: Login to registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Extract metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=sha,format=long
|
||||
type=raw,value=new
|
||||
|
||||
- name: Get version
|
||||
id: get_version
|
||||
run: echo "version=$(git describe --tags --always)" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Update version in app.php
|
||||
run: |
|
||||
VERSION=$(date '+%Y%m%d')-$(git rev-parse --short HEAD)
|
||||
sed -i "s/'version' => '.*'/'version' => '$VERSION'/g" config/app.php
|
||||
echo "Updated version to: $VERSION"
|
||||
|
||||
- name: Build and push
|
||||
id: build-and-push
|
||||
uses: docker/build-push-action@v5
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
platforms: linux/amd64,linux/arm64
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
tags: |
|
||||
${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:legacy
|
||||
${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:${{ steps.get_version.outputs.version }}
|
||||
build-args: |
|
||||
BUILDKIT_INLINE_CACHE=1
|
||||
provenance: false
|
||||
|
||||
- name: Install cosign
|
||||
uses: sigstore/cosign-installer@v3.4.0
|
||||
with:
|
||||
cosign-release: 'v2.2.2'
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3.2.0
|
||||
|
||||
# Login against a Docker registry except on PR
|
||||
# https://github.com/docker/login-action
|
||||
- name: Log into registry ${{ env.REGISTRY }}
|
||||
uses: docker/login-action@v3.1.0
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Extract Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5.5.1
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
|
||||
- name: Get version
|
||||
id: get_version
|
||||
run: echo "version=$(git describe --tags --always)" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Build and push Docker image
|
||||
id: build-and-push
|
||||
uses: docker/build-push-action@v5.3.0
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
platforms: linux/amd64,linux/arm64
|
||||
tags: ${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:latest,${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard,${{ env.REGISTRY }}/${{ github.repository_owner }}/xboard:${{ steps.get_version.outputs.version }}
|
||||
# Sign the resulting Docker image digest except on PRs.
|
||||
# This will only write to the public Rekor transparency log when the Docker
|
||||
# repository is public to avoid leaking data. If you would like to publish
|
||||
# transparency data even for private images, pass --force to cosign below.
|
||||
# https://github.com/sigstore/cosign
|
||||
- name: Sign the published Docker image
|
||||
- name: Sign image
|
||||
if: steps.build-and-push.outputs.digest != ''
|
||||
env:
|
||||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
|
||||
TAGS: ${{ steps.meta.outputs.tags }}
|
||||
DIGEST: ${{ steps.build-and-push.outputs.digest }}
|
||||
# This step uses the identity token to provision an ephemeral certificate
|
||||
# against the sigstore community Fulcio instance.
|
||||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
|
||||
COSIGN_EXPERIMENTAL: 1
|
||||
run: |
|
||||
echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --yes "{}@${{ steps.build-and-push.outputs.digest }}"
|
97
app/Payments/EpusdtPay.php
Normal file
97
app/Payments/EpusdtPay.php
Normal file
@ -0,0 +1,97 @@
|
||||
<?php
|
||||
//author by GoodGoodStudy
|
||||
namespace App\Payments;
|
||||
|
||||
use \Curl\Curl;
|
||||
|
||||
class EpusdtPay {
|
||||
public function __construct($config)
|
||||
{
|
||||
$this->config = $config;
|
||||
}
|
||||
|
||||
public function form()
|
||||
{
|
||||
return [
|
||||
'epusdt_pay_url' => [
|
||||
'label' => 'API 地址',
|
||||
'description' => '您的 EpusdtPay API 接口地址(例如: https://epusdt-pay.xxx.com)',
|
||||
'type' => 'input',
|
||||
],
|
||||
'epusdt_pay_apitoken' => [
|
||||
'label' => 'API Token',
|
||||
'description' => '您的 EpusdtPay API Token',
|
||||
'type' => 'input',
|
||||
]
|
||||
];
|
||||
}
|
||||
|
||||
public function pay($order)
|
||||
{
|
||||
$params = [
|
||||
"amount" => round($order['total_amount']/100,2),
|
||||
"order_id" => $order['trade_no'],
|
||||
'redirect_url' => $order['return_url'],
|
||||
'notify_url' => $order['notify_url'],
|
||||
];
|
||||
$params['signature'] = $this->sign($params);
|
||||
|
||||
$curl = new Curl();
|
||||
$curl->setUserAgent('EpusdtPay');
|
||||
$curl->setOpt(CURLOPT_SSL_VERIFYPEER, 0);
|
||||
$curl->setOpt(CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
|
||||
$curl->post($this->config['epusdt_pay_url'] . '/api/v1/order/create-transaction', json_encode($params));
|
||||
$result = $curl->response;
|
||||
$curl->close();
|
||||
if (!isset($result->status_code) || $result->status_code != 200) {
|
||||
abort(500, "Failed to create order. Error: {$result->message}");
|
||||
}
|
||||
return [
|
||||
'type' => 1, // 0:qrcode 1:url
|
||||
'data' => $result->data->payment_url
|
||||
];
|
||||
}
|
||||
|
||||
public function notify($params)
|
||||
{
|
||||
$status = $params['status'];
|
||||
// 1:等待支付,2:支付成功,3:已过期
|
||||
if ($status != 2) {
|
||||
die('failed');
|
||||
}
|
||||
//不合法的数据
|
||||
if (!$this->verify($params)) {
|
||||
die('cannot pass verification');
|
||||
}
|
||||
return [
|
||||
'trade_no' => $params['order_id'],
|
||||
'callback_no' => $params['trade_id'],
|
||||
'custom_result' => 'ok'
|
||||
];
|
||||
}
|
||||
|
||||
public function verify($params) {
|
||||
return $params['signature'] === $this->sign($params);
|
||||
}
|
||||
|
||||
protected function sign(array $params)
|
||||
{
|
||||
ksort($params);
|
||||
reset($params); //内部指针指向数组中的第一个元素
|
||||
$sign = '';
|
||||
$urls = '';
|
||||
foreach ($params as $key => $val) {
|
||||
if ($val == '') continue;
|
||||
if ($key != 'signature') {
|
||||
if ($sign != '') {
|
||||
$sign .= "&";
|
||||
$urls .= "&";
|
||||
}
|
||||
$sign .= "$key=$val"; //拼接为url参数形式
|
||||
$urls .= "$key=" . urlencode($val); //拼接为url参数形式
|
||||
}
|
||||
}
|
||||
$sign = md5($sign . $this->config['epusdt_pay_apitoken']);//密码追加进入开始MD5签名
|
||||
return $sign;
|
||||
}
|
||||
}
|
@ -66,7 +66,7 @@ class StripeALLInOne {
|
||||
'confirm' => true,
|
||||
'payment_method' => $stripePaymentMethod->id,
|
||||
'automatic_payment_methods' => ['enabled' => true],
|
||||
'statement_descriptor' => 'sub-' . $order['user_id'] . '-' . substr($order['trade_no'], -8),
|
||||
'statement_descriptor_suffix' => 'sub-' . $order['user_id'] . '-' . substr($order['trade_no'], -8),
|
||||
'description' => $this->config['description'],
|
||||
'metadata' => [
|
||||
'user_id' => $order['user_id'],
|
||||
|
@ -195,8 +195,6 @@ class ClashMeta
|
||||
$array['server'] = $server['host'];
|
||||
$array['port'] = $server['port'];
|
||||
$array['uuid'] = $password;
|
||||
$array['alterId'] = 0;
|
||||
$array['cipher'] = 'auto';
|
||||
$array['udp'] = true;
|
||||
|
||||
// XTLS流控算法
|
||||
@ -243,10 +241,8 @@ class ClashMeta
|
||||
$array['ws-opts']['path'] = $wsSettings['path'];
|
||||
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
|
||||
$array['ws-opts']['headers'] = ['Host' => $wsSettings['headers']['Host']];
|
||||
if (isset($wsSettings['path']) && !empty($wsSettings['path']))
|
||||
$array['ws-path'] = $wsSettings['path'];
|
||||
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
|
||||
$array['ws-headers'] = ['Host' => $wsSettings['headers']['Host']];
|
||||
$array['ws-opts']['max-early-data'] = 2560;
|
||||
$array['ws-opts']['early-data-header-name'] = 'Sec-WebSocket-Protocol';
|
||||
}
|
||||
}
|
||||
if ($server['network'] === 'grpc') {
|
||||
|
@ -190,7 +190,7 @@ class Shadowrocket
|
||||
if ($server['network_settings']) {
|
||||
$wsSettings = $server['network_settings'];
|
||||
if (isset($wsSettings['path']) && !empty($wsSettings['path']))
|
||||
$config['path'] = $wsSettings['path'];
|
||||
$config['path'] = $wsSettings['path'] . '?ed=2560';
|
||||
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
|
||||
$config['obfsParam'] = $wsSettings['headers']['Host'];
|
||||
}
|
||||
|
@ -149,7 +149,7 @@ class SingBox
|
||||
$array['transport']['path'] = $wsSettings['path'];
|
||||
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
|
||||
$array['transport']['headers'] = ['Host' => array($wsSettings['headers']['Host'])];
|
||||
$array['transport']['max_early_data'] = 2048;
|
||||
$array['transport']['max_early_data'] = 2560;
|
||||
$array['transport']['early_data_header_name'] = 'Sec-WebSocket-Protocol';
|
||||
}
|
||||
}
|
||||
@ -217,7 +217,7 @@ class SingBox
|
||||
$array['transport']['path'] = $wsSettings['path'];
|
||||
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
|
||||
$array['transport']['headers'] = ['Host' => array($wsSettings['headers']['Host'])];
|
||||
$array['transport']['max_early_data'] = 2048;
|
||||
$array['transport']['max_early_data'] = 2560;
|
||||
$array['transport']['early_data_header_name'] = 'Sec-WebSocket-Protocol';
|
||||
}
|
||||
}
|
||||
@ -272,7 +272,7 @@ class SingBox
|
||||
if (isset($server['network_settings']['headers']['Host'])) {
|
||||
$array['transport']['headers'] = ['Host' => array($server['network_settings']['headers']['Host'])];
|
||||
}
|
||||
$array['transport']['max_early_data'] = 2048;
|
||||
$array['transport']['max_early_data'] = 2560;
|
||||
$array['transport']['early_data_header_name'] = 'Sec-WebSocket-Protocol';
|
||||
}
|
||||
}
|
||||
|
@ -3,7 +3,7 @@ services:
|
||||
xboard:
|
||||
# build:
|
||||
# context: .
|
||||
image: ghcr.io/cedar2025/xboard:latest
|
||||
image: ghcr.io/cedar2025/xboard:legacy
|
||||
volumes:
|
||||
- ./:/www/
|
||||
# - ./.env:/www/.env
|
||||
|
@ -39,7 +39,7 @@ rm -rf .htaccess 404.html 502.html index.html .user.ini
|
||||
```
|
||||
> 执行命令从 Github 克隆到当前目录。
|
||||
```
|
||||
git clone https://github.com/cedar2025/Xboard.git ./
|
||||
git clone -b legacy https://github.com/cedar2025/Xboard.git ./
|
||||
```
|
||||
> 复制一份docker-compose.yaml文件
|
||||
```
|
||||
|
@ -48,7 +48,7 @@ rm -rf .htaccess 404.html 502.html index.html .user.ini
|
||||
```
|
||||
> 执行命令从 Github 克隆到当前目录。
|
||||
```
|
||||
git clone https://github.com/cedar2025/Xboard.git ./
|
||||
git clone -b legacy https://github.com/cedar2025/Xboard.git ./
|
||||
```
|
||||
> 执行命令安装依赖包以及V2board
|
||||
```
|
||||
|
@ -1,77 +1,119 @@
|
||||
## Docker-Compose 部署教程
|
||||
本文教你如何在命令行使用docker-compose + sqlite来快速部署Xboard
|
||||
如果你需要使用Mysql,你需要自行处理好Mysql的安装。
|
||||
### 部署 (使用docker-compose 2分钟部署)
|
||||
> 在此提供Xboard安装、快速体验Xboard的步骤。
|
||||
使用docker compose + sqlite 快速部署站点(**无需安装Mysql以及redis**)
|
||||
1. 安装docker
|
||||
```
|
||||
## Docker-Compose 快速部署指南
|
||||
|
||||
### 环境要求
|
||||
- Docker (最新稳定版)
|
||||
- 至少 1GB 可用内存
|
||||
- 至少 10GB 可用磁盘空间
|
||||
- 系统支持: Linux/macOS/Windows
|
||||
- 开放端口: 7001 (默认)
|
||||
|
||||
### 部署步骤
|
||||
|
||||
#### 1. 安装 Docker
|
||||
```bash
|
||||
# 安装 Docker
|
||||
curl -sSL https://get.docker.com | bash
|
||||
```
|
||||
Centos系统可能需要执行下面命令来启动Docker。
|
||||
```
|
||||
|
||||
# CentOS 系统需要执行以下命令启动 Docker
|
||||
systemctl enable docker
|
||||
systemctl start docker
|
||||
```
|
||||
2. 获取Docker compose 文件
|
||||
```
|
||||
git clone -b docker-compose --depth 1 https://github.com/cedar2025/Xboard
|
||||
|
||||
#### 2. 获取部署文件
|
||||
```bash
|
||||
git clone -b docker-compose --depth 1 https://github.com/cedar2025/Xboard
|
||||
cd Xboard
|
||||
```
|
||||
3. 执行数据库安装命令
|
||||
> 选择 **启用sqlite** 和 **Docker内置的Redis**
|
||||
```
|
||||
docker compose run -it --rm -e enable_sqlite=true -e enable_redis=true -e admin_account=your_admin_email@example.com xboard php artisan xboard:install
|
||||
```
|
||||
> 或者根据自己的需要在运行时选择
|
||||
|
||||
#### 3. 初始化安装
|
||||
> 提供两种安装方式,选择其一即可:
|
||||
|
||||
**方式一:快速安装** (推荐)
|
||||
```bash
|
||||
# 使用 SQLite + Docker内置Redis
|
||||
docker compose run -it --rm \
|
||||
-e enable_sqlite=true \
|
||||
-e enable_redis=true \
|
||||
-e admin_account=admin@demo.com \
|
||||
xboard php artisan xboard:install
|
||||
```
|
||||
|
||||
**方式二:自定义安装**
|
||||
```bash
|
||||
# 根据提示自定义配置
|
||||
docker compose run -it --rm xboard php artisan xboard:install
|
||||
```
|
||||
> 执行这条命令之后,会返回你的后台地址和管理员账号密码(你需要记录下来)
|
||||
> 你需要执行下面的 **启动xborad** 步骤之后才能访问后台
|
||||
|
||||
4. 启动Xboard
|
||||
```
|
||||
> **重要提示:**
|
||||
> - 安装完成后会显示后台地址和管理员账号密码,请务必保存
|
||||
> - 如需使用 MySQL,请先自行安装并配置 MySQL 后再部署
|
||||
|
||||
#### 4. 启动服务
|
||||
```bash
|
||||
docker compose up -d
|
||||
```
|
||||
> 安装完成之后即可访问你的站点
|
||||
5. 访问站点
|
||||
> 启动之后网站端口默认为7001, 你可以配置nginx反向代理使用80端口
|
||||
|
||||
网站地址: http://你的IP:7001/
|
||||
在此你已经成功部署了, 你可以访问网址体验Xboard的完整功能,
|
||||
#### 5. 访问站点
|
||||
- 网站地址:`http://服务器IP:7001`
|
||||
- 后台地址:安装时提供的地址
|
||||
|
||||
> 如果你需要使用mysql,请自行安装Mysql后重新部署
|
||||
### 更新指南
|
||||
|
||||
### **更新**
|
||||
1. 修改版本
|
||||
```
|
||||
#### 方式一:快速更新(保持最新版本)
|
||||
```bash
|
||||
cd Xboard
|
||||
vi docker-compose.yaml
|
||||
```
|
||||
> 修改docker-compose.yaml 当中image后面的版本号为你需要的版本
|
||||
> 如果为版本为latest 则可以忽略这一步,直接进行第二步
|
||||
|
||||
2. 更新数据库(可以执行多次都是安全的)
|
||||
```
|
||||
docker compose pull
|
||||
docker compose down
|
||||
docker compose run -it --rm xboard php artisan xboard:update
|
||||
docker compose up -d
|
||||
```
|
||||
> 即可更新成功
|
||||
|
||||
### **回滚**
|
||||
> 此回滚不回滚数据库,是否回滚数据库请查看相关文档
|
||||
1. 回退版本
|
||||
```
|
||||
#### 方式二:更新至指定版本
|
||||
1. 修改版本号
|
||||
```bash
|
||||
# 编辑 docker-compose.yaml,修改 image 的版本号
|
||||
vi docker-compose.yaml
|
||||
```
|
||||
> 修改docker-compose.yaml 当中image后面的版本号为更新前的版本号
|
||||
2. 启动
|
||||
```
|
||||
|
||||
2. 执行更新
|
||||
```bash
|
||||
docker compose pull
|
||||
docker compose down
|
||||
docker compose run -it --rm xboard php artisan xboard:update
|
||||
docker compose up -d
|
||||
```
|
||||
|
||||
### 注意
|
||||
启用webman后做的任何代码修改都需要重启生效
|
||||
### 版本回滚
|
||||
```bash
|
||||
# 1. 修改 docker-compose.yaml 中的版本号为目标版本
|
||||
vi docker-compose.yaml
|
||||
|
||||
# 2. 重启服务
|
||||
docker compose up -d
|
||||
```
|
||||
|
||||
### 常见问题
|
||||
|
||||
1. **端口配置**
|
||||
- 默认端口为 7001
|
||||
- 可通过 Nginx 反向代理使用 80/443 端口
|
||||
- 如需修改端口,请编辑 docker-compose.yaml
|
||||
|
||||
2. **数据持久化**
|
||||
- 数据默认存储在 ./data 目录
|
||||
- 建议定期备份 data 目录
|
||||
|
||||
3. **性能优化**
|
||||
- 启用 webman 后的代码修改需要重启服务才能生效
|
||||
- 可根据实际需求调整容器资源限制
|
||||
|
||||
### 安全建议
|
||||
1. 及时更新到最新版本
|
||||
2. 修改默认管理员账号
|
||||
3. 使用强密码
|
||||
4. 建议配置 SSL 证书
|
||||
5. 定期备份数据
|
||||
|
||||
### 技术支持
|
||||
- GitHub Issues: https://github.com/cedar2025/Xboard/issues
|
||||
- 官方文档:[文档链接]
|
||||
|
Loading…
Reference in New Issue
Block a user