From f4dc959bbef3f6312865f3ed4212e1fbde02a80f Mon Sep 17 00:00:00 2001 From: AnthonyDuan Date: Sat, 22 Nov 2025 21:36:55 +0800 Subject: [PATCH] =?UTF-8?q?chore:=20=E7=9B=B4=E6=8E=A5=E7=9B=91=E5=90=AC?= =?UTF-8?q?=2080=20=E7=AB=AF=E5=8F=A3=EF=BC=8C=E7=A7=BB=E9=99=A4=20Nginx?= =?UTF-8?q?=20=E5=8F=8D=E4=BB=A3=EF=BC=9B=E6=8E=88=E4=BA=88=E7=BB=91?= =?UTF-8?q?=E5=AE=9A=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- setup.sh | 32 +++++++------------------------- 1 file changed, 7 insertions(+), 25 deletions(-) diff --git a/setup.sh b/setup.sh index d6d2255..2220339 100644 --- a/setup.sh +++ b/setup.sh @@ -10,7 +10,7 @@ VERSION=${VERSION_ID:-} echo "更新系统软件源..." apt-get update -y echo "安装基础依赖..." -apt-get install -y python3 python3-venv python3-pip nginx git ffmpeg rsync curl gnupg +apt-get install -y python3 python3-venv python3-pip git ffmpeg rsync curl gnupg libcap2-bin echo "安装并启动 MongoDB..." if ! command -v mongod >/dev/null 2>&1; then @@ -47,6 +47,9 @@ fi chown -R www-data:www-data /srv/taiko-web +echo "为 Python 进程授予 80 端口绑定权限..." +setcap 'cap_net_bind_service=+ep' /srv/taiko-web/.venv/bin/python3 || true + echo "创建 systemd 服务..." cat >/etc/systemd/system/taiko-web.service <<'EOF' [Unit] @@ -57,7 +60,7 @@ After=network.target mongod.service redis-server.service Type=simple WorkingDirectory=/srv/taiko-web Environment=PYTHONUNBUFFERED=1 -ExecStart=/srv/taiko-web/.venv/bin/gunicorn -b 127.0.0.1:8000 app:app +ExecStart=/srv/taiko-web/.venv/bin/gunicorn -b 0.0.0.0:80 app:app Restart=always User=www-data Group=www-data @@ -70,29 +73,8 @@ systemctl daemon-reload systemctl enable taiko-web systemctl restart taiko-web -echo "配置 Nginx 站点..." -cat >/etc/nginx/sites-available/taiko-web <<'EOF' -server { - listen 80 default_server; - server_name _; - - location / { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:8000; - } -} -EOF - -ln -sf /etc/nginx/sites-available/taiko-web /etc/nginx/sites-enabled/taiko-web -rm -f /etc/nginx/sites-enabled/default || true -nginx -t -systemctl restart nginx - if command -v ufw >/dev/null 2>&1; then - ufw allow 'Nginx Full' || true + ufw allow 80/tcp || true fi -echo "部署完成" \ No newline at end of file +echo "部署完成(直接监听 80 端口)" \ No newline at end of file