forked from james-6-23/codex2api
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdeploy.sh
More file actions
675 lines (589 loc) · 19.3 KB
/
deploy.sh
File metadata and controls
675 lines (589 loc) · 19.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
#!/usr/bin/env bash
# ============================================================
# codex2api 交互式部署脚本
# 用法: bash deploy.sh
# ============================================================
set -euo pipefail
# ---------- 颜色 ----------
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
BOLD='\033[1m'
NC='\033[0m'
# ---------- 工具函数 ----------
info() { printf "${CYAN}▸ %s${NC}\n" "$*"; }
success() { printf "${GREEN}✔ %s${NC}\n" "$*"; }
warn() { printf "${YELLOW}⚠ %s${NC}\n" "$*"; }
error() { printf "${RED}✘ %s${NC}\n" "$*"; exit 1; }
banner() {
printf "\n${BOLD}${CYAN}"
cat << 'EOF'
___ _ ____ _ ____ ___
/ __\ ___ __| | _____ _|___ \ / \ | _ \_ _|
/ / / _ \/ _` |/ _ \ \/ / __) |/ _ \ | |_) | |
/ /___| (_) | (_| | __/> < / __// ___ \| __/| |
\____/ \___/ \__,_|\___/_/\_\_____/_/ \_\_| |___|
EOF
printf "${NC}"
echo " 交互式部署脚本 v1.1"
echo " ────────────────────────────────────────"
echo ""
}
# 输入源:兼容 `bash <(curl ...)` / 管道执行场景,强制从终端读取
_INPUT_FD="/dev/tty"
if [[ ! -r "$_INPUT_FD" ]]; then
_INPUT_FD="/dev/stdin"
fi
# 读取用户输入,支持默认值
ask() {
local prompt="$1" default="$2" varname="$3"
if [[ -n "$default" ]]; then
printf "${BOLD}%s${NC} [${GREEN}%s${NC}]: " "$prompt" "$default"
else
printf "${BOLD}%s${NC}: " "$prompt"
fi
read -r input < "$_INPUT_FD"
printf -v "$varname" "%s" "${input:-$default}"
}
# 读取密码(不回显)
ask_secret() {
local prompt="$1" default="$2" varname="$3"
if [[ -n "$default" ]]; then
printf "${BOLD}%s${NC} [${GREEN}%s${NC}]: " "$prompt" "(已设置)"
else
printf "${BOLD}%s${NC} (留空则自动生成): " "$prompt"
fi
read -rs input < "$_INPUT_FD"
echo ""
printf -v "$varname" "%s" "${input:-$default}"
}
# 生成随机密钥
gen_secret() {
if command -v openssl &>/dev/null; then
openssl rand -hex 16
elif [[ -r /dev/urandom ]]; then
head -c 32 /dev/urandom | od -An -tx1 | tr -d ' \n' | head -c 32
else
date +%s%N | sha256sum | head -c 32
fi
}
# ---------- 自举:确保位于 codex2api 仓库目录 ----------
# 触发条件:
# 1) 通过 `bash <(curl ...)` 远程拉起 (BASH_SOURCE 不是真实文件)
# 2) 或当前目录缺少必要的 compose / deploy.sh 文件
# 行为:
# - 若已在仓库目录: 直接返回
# - 否则: clone 仓库到 ./codex2api,切入并 exec ./deploy.sh
REPO_URL="${CODEX2API_REPO_URL:-https://github.com/james-6-23/codex2api.git}"
REPO_BRANCH="${CODEX2API_REPO_BRANCH:-main}"
REPO_DIR_NAME="${CODEX2API_DIR_NAME:-codex2api}"
EXISTING_ENV_FILE=".env"
env_default() {
local key="$1" fallback="${2:-}" value=""
if [[ -f "$EXISTING_ENV_FILE" ]]; then
value="$(awk -v target="$key" '
/^[[:space:]]*($|#)/ { next }
{
line=$0
sub(/^[[:space:]]*export[[:space:]]+/, "", line)
pos=index(line, "=")
if (pos == 0) next
key=substr(line, 1, pos - 1)
gsub(/^[[:space:]]+|[[:space:]]+$/, "", key)
if (key != target) next
value=substr(line, pos + 1)
sub(/\r$/, "", value)
gsub(/^[[:space:]]+|[[:space:]]+$/, "", value)
first=substr(value, 1, 1)
last=substr(value, length(value), 1)
quote=sprintf("%c", 39)
if ((first == "\"" && last == "\"") || (first == quote && last == quote)) {
value=substr(value, 2, length(value) - 2)
}
print value
exit
}
' "$EXISTING_ENV_FILE")"
fi
printf "%s" "${value:-$fallback}"
}
known_compose_service_exists() {
local compose_file
for compose_file in docker-compose.yml docker-compose.sqlite.yml docker-compose.local.yml docker-compose.sqlite.local.yml; do
[[ -f "$compose_file" ]] || continue
if [[ -n "$($COMPOSE_CMD -f "$compose_file" ps -q codex2api 2>/dev/null || true)" ]]; then
EXISTING_COMPOSE_FILE="$compose_file"
return 0
fi
done
return 1
}
detect_deployment_state() {
DEPLOYMENT_STATE="first"
DEPLOYMENT_REASON="未检测到 .env 或已创建的 compose 服务"
EXISTING_COMPOSE_FILE=""
if [[ -f "$EXISTING_ENV_FILE" ]]; then
DEPLOYMENT_STATE="existing"
DEPLOYMENT_REASON="检测到已有 .env"
fi
if known_compose_service_exists; then
DEPLOYMENT_STATE="existing"
if [[ -f "$EXISTING_ENV_FILE" ]]; then
DEPLOYMENT_REASON="检测到已有 .env 和 compose 服务 ($EXISTING_COMPOSE_FILE)"
else
DEPLOYMENT_REASON="检测到已有 compose 服务 ($EXISTING_COMPOSE_FILE)"
fi
fi
}
step_deployment_route() {
detect_deployment_state
echo ""
printf "${BOLD}${CYAN}━━━ 部署状态检查 ━━━${NC}\n"
echo ""
if [[ "$DEPLOYMENT_STATE" == "first" ]]; then
success "检测结果: 首次部署"
info "$DEPLOYMENT_REASON"
success "部署线路: 完整部署向导"
return 0
fi
success "检测结果: 已有部署"
info "$DEPLOYMENT_REASON"
if [[ -f "$EXISTING_ENV_FILE" ]]; then
success "已有 .env 将作为交互默认值"
fi
success "部署线路: 完整部署向导"
}
is_codex2api_repo() {
[[ -f "docker-compose.yml" ]] && [[ -f "deploy.sh" ]] \
&& grep -q '^name: codex2api' docker-compose.yml 2>/dev/null
}
bootstrap_repo() {
# 已经在仓库目录里:什么都不做
if is_codex2api_repo; then
success "检测到当前目录为 codex2api 仓库"
return 0
fi
warn "当前目录不是 codex2api 仓库,进入自动拉取流程"
if ! command -v git >/dev/null 2>&1; then
error "未找到 git,请先安装 git 后重试"
fi
# 如果同名目录已存在且是仓库,直接复用
if [[ -d "$REPO_DIR_NAME/.git" ]]; then
info "发现已有目录 $REPO_DIR_NAME,尝试更新到最新代码..."
(cd "$REPO_DIR_NAME" && git fetch --depth=1 origin "$REPO_BRANCH" && git reset --hard "origin/$REPO_BRANCH") \
|| warn "拉取更新失败,将沿用已有代码继续部署"
elif [[ -e "$REPO_DIR_NAME" ]]; then
error "目录 $REPO_DIR_NAME 已存在但不是 git 仓库,请手动处理后重试"
else
info "克隆仓库: $REPO_URL ($REPO_BRANCH) → ./$REPO_DIR_NAME"
git clone --depth=1 --branch "$REPO_BRANCH" "$REPO_URL" "$REPO_DIR_NAME" \
|| error "git clone 失败,请检查网络或仓库地址"
fi
cd "$REPO_DIR_NAME" || error "无法进入 $REPO_DIR_NAME 目录"
if ! is_codex2api_repo; then
error "克隆后仍未识别为 codex2api 仓库,请手动检查"
fi
success "已切换到 $(pwd)"
info "重新运行 ./deploy.sh 完成部署..."
echo ""
# exec 掉本进程,避免远程脚本/旧上下文继续运行
exec bash ./deploy.sh "$@"
}
update_repo_code() {
if [[ "${CODEX2API_SKIP_GIT_PULL:-}" == "1" || "${CODEX2API_SKIP_GIT_PULL:-}" == "true" ]]; then
warn "已跳过自动拉取最新代码 (CODEX2API_SKIP_GIT_PULL=${CODEX2API_SKIP_GIT_PULL})"
return 0
fi
if ! command -v git >/dev/null 2>&1 || ! git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
warn "当前目录不是 git 仓库,跳过自动拉取最新代码"
return 0
fi
if ! git diff --quiet 2>/dev/null || ! git diff --cached --quiet 2>/dev/null; then
warn "检测到本地已跟踪文件存在未提交更改,跳过自动拉取最新代码,避免覆盖本地修改"
return 0
fi
local branch="${REPO_BRANCH:-main}"
if [[ -z "$branch" ]]; then
branch="$(git branch --show-current 2>/dev/null || true)"
fi
if [[ -z "$branch" ]]; then
warn "无法识别当前分支,跳过自动拉取最新代码"
return 0
fi
info "拉取最新代码: origin/$branch"
if git fetch origin "$branch" && git pull --ff-only origin "$branch"; then
success "代码已更新到最新可快进版本"
else
warn "自动拉取最新代码失败,将沿用当前代码继续部署"
fi
}
# ---------- 前置检查 ----------
preflight() {
info "检查运行环境..."
if ! command -v docker &>/dev/null; then
error "未找到 docker,请先安装 Docker"
fi
if docker compose version &>/dev/null; then
COMPOSE_CMD="docker compose"
elif command -v docker-compose &>/dev/null; then
COMPOSE_CMD="docker-compose"
else
error "未找到 docker compose,请安装 Docker Compose v2+"
fi
success "Docker 环境就绪 ($COMPOSE_CMD)"
}
# ---------- 第一步:端口 ----------
step_port() {
echo ""
printf "${BOLD}${CYAN}━━━ 1/6 服务端口 ━━━${NC}\n"
ask "服务监听端口" "$(env_default CODEX_PORT "$(env_default PORT "8080")")" PORT
if ! [[ "$PORT" =~ ^[0-9]+$ ]] || (( PORT < 1 || PORT > 65535 )); then
error "无效端口号: $PORT"
fi
success "端口: $PORT"
}
# ---------- 第二步:监听范围 ----------
step_bind() {
echo ""
printf "${BOLD}${CYAN}━━━ 2/6 监听范围 ━━━${NC}\n"
echo ""
echo " 1) 仅本机访问 — 绑定 127.0.0.1,外部无法访问 (内网/反向代理后端推荐)"
echo " 2) 全部网络 — 绑定 0.0.0.0,可通过内网/公网 IP 访问 (默认)"
echo ""
local bind_default bind_choice_default
bind_default="$(env_default BIND_HOST "0.0.0.0")"
case "$bind_default" in
127.*|localhost)
bind_choice_default="1"
;;
*)
bind_choice_default="2"
;;
esac
ask "请选择 (1 或 2)" "$bind_choice_default" BIND_CHOICE
case "$BIND_CHOICE" in
1|local|loopback|127*)
BIND_HOST="127.0.0.1"
BIND_MODE="loopback"
success "监听范围: 仅本机 (127.0.0.1)"
;;
2|all|public|0*)
BIND_HOST="0.0.0.0"
BIND_MODE="all"
success "监听范围: 全部网络 (0.0.0.0)"
;;
*)
error "无效选择: $BIND_CHOICE"
;;
esac
}
# ---------- 第三步:数据库模式 ----------
step_database() {
echo ""
printf "${BOLD}${CYAN}━━━ 3/6 数据库模式 ━━━${NC}\n"
echo ""
echo " 1) SQLite — 轻量单文件,适合个人 / 测试"
echo " 2) PG+Redis — PostgreSQL + Redis,适合生产 / 多并发"
echo ""
local db_default db_choice_default
db_default="$(env_default DATABASE_DRIVER "sqlite")"
db_default="$(printf "%s" "$db_default" | tr '[:upper:]' '[:lower:]')"
case "$db_default" in
postgres|postgresql|pg)
db_choice_default="2"
;;
*)
db_choice_default="1"
;;
esac
ask "请选择 (1 或 2)" "$db_choice_default" DB_CHOICE
case "$DB_CHOICE" in
1|sqlite|SQLite)
DB_MODE="sqlite"
success "数据库模式: SQLite (轻量)"
step_sqlite_config
;;
2|pg|postgres|PG)
DB_MODE="postgres"
success "数据库模式: PostgreSQL + Redis"
step_pg_config
;;
*)
error "无效选择: $DB_CHOICE"
;;
esac
}
step_sqlite_config() {
echo ""
ask "SQLite 数据文件路径 (容器内)" "$(env_default DATABASE_PATH "/data/codex2api.db")" SQLITE_PATH
}
step_pg_config() {
echo ""
info "PostgreSQL 配置 (Docker 内置,通常保持默认即可)"
ask "数据库用户名" "$(env_default DATABASE_USER "$(env_default POSTGRES_USER "codex2api")")" PG_USER
ask "数据库名称" "$(env_default DATABASE_NAME "$(env_default POSTGRES_DB "codex2api")")" PG_DB
echo ""
ask_secret "数据库密码" "$(env_default DATABASE_PASSWORD "$(env_default POSTGRES_PASSWORD "")")" PG_PASS
if [[ -z "$PG_PASS" ]]; then
PG_PASS=$(gen_secret)
success "已自动生成数据库密码"
fi
echo ""
info "Redis 配置"
ask_secret "Redis 密码 (留空则无密码)" "$(env_default REDIS_PASSWORD "")" REDIS_PASS
}
# ---------- 第四步:密钥 ----------
step_secrets() {
echo ""
printf "${BOLD}${CYAN}━━━ 4/6 安全密钥 ━━━${NC}\n"
echo ""
ask_secret "管理后台密钥 (ADMIN_SECRET)" "$(env_default ADMIN_SECRET "")" ADMIN_SECRET
if [[ -z "$ADMIN_SECRET" ]]; then
ADMIN_SECRET=$(gen_secret)
success "已自动生成管理密钥"
fi
echo ""
ask "下游 API 密钥 (CODEX_API_KEYS, 多个用逗号分隔, 留空不启用)" "$(env_default CODEX_API_KEYS "")" API_KEYS
}
# ---------- 第五步:构建方式 ----------
step_build_mode() {
echo ""
printf "${BOLD}${CYAN}━━━ 5/6 构建方式 ━━━${NC}\n"
echo ""
echo " 1) 拉取镜像 — 使用预构建镜像 (ghcr.io),部署快"
echo " 2) 本地构建 — 从源码编译,适合自定义修改"
echo ""
ask "请选择 (1 或 2)" "1" BUILD_CHOICE
case "$BUILD_CHOICE" in
1|pull|image)
BUILD_MODE="image"
success "构建方式: 拉取预构建镜像"
;;
2|local|build)
BUILD_MODE="local"
success "构建方式: 本地源码构建"
;;
*)
error "无效选择: $BUILD_CHOICE"
;;
esac
}
# ---------- 第六步:确认 ----------
step_confirm() {
echo ""
printf "${BOLD}${CYAN}━━━ 6/6 配置确认 ━━━${NC}\n"
echo ""
echo " 端口: $PORT"
if [[ "$BIND_MODE" == "loopback" ]]; then
echo " 监听范围: 127.0.0.1 (仅本机访问)"
else
echo " 监听范围: 0.0.0.0 (全部网络)"
fi
echo " 数据库: $DB_MODE"
if [[ "$DB_MODE" == "sqlite" ]]; then
echo " 数据路径: $SQLITE_PATH"
echo " 缓存: memory"
else
echo " PG 用户: $PG_USER"
echo " PG 数据库: $PG_DB"
echo " Redis: 内置容器"
fi
echo " 构建方式: $( [[ "$BUILD_MODE" == "image" ]] && echo "拉取镜像" || echo "本地构建" )"
echo " 管理密钥: ${ADMIN_SECRET}"
if [[ -n "${API_KEYS:-}" ]]; then
echo " API 密钥: 已设置"
else
echo " API 密钥: 未启用"
fi
echo ""
ask "确认部署? (y/n)" "y" CONFIRM
if [[ "$CONFIRM" != "y" && "$CONFIRM" != "Y" ]]; then
warn "已取消部署"
exit 0
fi
}
# ---------- 生成 .env ----------
generate_env() {
info "生成 .env 文件..."
# 备份已有 .env
if [[ -f .env ]]; then
cp .env ".env.bak.$(date +%Y%m%d%H%M%S)"
warn "已备份原 .env 文件"
fi
if [[ "$DB_MODE" == "sqlite" ]]; then
cat > .env << EOF
# ============================
# codex2api 配置 (SQLite 模式)
# 由 deploy.sh 自动生成于 $(date '+%Y-%m-%d %H:%M:%S')
# ============================
# 服务端口
CODEX_PORT=${PORT}
# 端口绑定地址 (127.0.0.1=仅本机, 0.0.0.0=全部网络)
BIND_HOST=${BIND_HOST}
# 管理后台密钥
ADMIN_SECRET=${ADMIN_SECRET}
# 数据库 — SQLite
DATABASE_DRIVER=sqlite
DATABASE_PATH=${SQLITE_PATH}
# 缓存 — 内存
CACHE_DRIVER=memory
# 时区
TZ=Asia/Shanghai
EOF
else
cat > .env << EOF
# ============================
# codex2api 配置 (PG + Redis 模式)
# 由 deploy.sh 自动生成于 $(date '+%Y-%m-%d %H:%M:%S')
# ============================
# 服务端口
CODEX_PORT=${PORT}
# 端口绑定地址 (127.0.0.1=仅本机, 0.0.0.0=全部网络)
BIND_HOST=${BIND_HOST}
# 管理后台密钥
ADMIN_SECRET=${ADMIN_SECRET}
# 数据库 — PostgreSQL
DATABASE_DRIVER=postgres
DATABASE_HOST=postgres
DATABASE_PORT=5432
DATABASE_USER=${PG_USER}
DATABASE_PASSWORD=${PG_PASS}
DATABASE_NAME=${PG_DB}
DATABASE_SSLMODE=disable
POSTGRES_USER=${PG_USER}
POSTGRES_PASSWORD=${PG_PASS}
POSTGRES_DB=${PG_DB}
# 缓存 — Redis
CACHE_DRIVER=redis
REDIS_ADDR=redis:6379
REDIS_USERNAME=
REDIS_PASSWORD=${REDIS_PASS:-}
REDIS_DB=0
REDIS_TLS=false
REDIS_INSECURE_SKIP_VERIFY=false
# 时区
TZ=Asia/Shanghai
EOF
fi
# 追加 API Keys
if [[ -n "${API_KEYS:-}" ]]; then
echo "" >> .env
echo "# 下游 API 密钥鉴权" >> .env
echo "CODEX_API_KEYS=${API_KEYS}" >> .env
fi
success ".env 已生成"
}
# ---------- 选择 compose 文件 ----------
resolve_compose_file() {
if [[ "$DB_MODE" == "sqlite" && "$BUILD_MODE" == "local" ]]; then
COMPOSE_FILE="docker-compose.sqlite.local.yml"
elif [[ "$DB_MODE" == "sqlite" ]]; then
COMPOSE_FILE="docker-compose.sqlite.yml"
elif [[ "$BUILD_MODE" == "local" ]]; then
COMPOSE_FILE="docker-compose.local.yml"
else
COMPOSE_FILE="docker-compose.yml"
fi
if [[ ! -f "$COMPOSE_FILE" ]]; then
error "找不到 $COMPOSE_FILE,请确认在项目根目录下运行"
fi
success "Compose 文件: $COMPOSE_FILE"
COMPOSE_FILE_ARGS=(-f "$COMPOSE_FILE")
}
compose_cmd_display() {
local display="$COMPOSE_CMD"
local arg
for arg in "${COMPOSE_FILE_ARGS[@]}"; do
display+=" $arg"
done
printf "%s" "$display"
}
# ---------- 部署 ----------
deploy() {
echo ""
info "开始部署..."
if [[ "$BUILD_MODE" == "local" ]]; then
info "本地构建并启动..."
$COMPOSE_CMD "${COMPOSE_FILE_ARGS[@]}" up -d --build
else
info "拉取最新镜像..."
$COMPOSE_CMD "${COMPOSE_FILE_ARGS[@]}" pull
info "启动服务..."
$COMPOSE_CMD "${COMPOSE_FILE_ARGS[@]}" up -d
fi
echo ""
success "部署完成!"
echo ""
local PUBLIC_IP="" LAN_IP=""
if [[ "$BIND_MODE" == "all" ]]; then
# 仅在对外开放时才探测/展示对外 IP
PUBLIC_IP=$(curl -fsS4 --max-time 3 https://ifconfig.me 2>/dev/null \
|| curl -fsS4 --max-time 3 https://api.ipify.org 2>/dev/null \
|| curl -fsS4 --max-time 3 https://ipinfo.io/ip 2>/dev/null \
|| true)
PUBLIC_IP=$(echo "$PUBLIC_IP" | tr -d '[:space:]')
if command -v hostname >/dev/null 2>&1; then
LAN_IP=$(hostname -I 2>/dev/null | awk '{print $1}' || true)
fi
if [[ -z "$LAN_IP" ]] && command -v ip >/dev/null 2>&1; then
LAN_IP=$(ip -4 route get 1.1.1.1 2>/dev/null | awk '{for(i=1;i<=NF;i++) if($i=="src"){print $(i+1); exit}}')
fi
if [[ -z "$LAN_IP" ]] && command -v ifconfig >/dev/null 2>&1; then
LAN_IP=$(ifconfig 2>/dev/null | awk '/inet /{print $2}' | grep -v '^127\.' | head -n1)
fi
fi
echo " ┌──────────────────────────────────────────┐"
echo " │ 部署信息 │"
echo " └──────────────────────────────────────────┘"
echo ""
if [[ "$BIND_MODE" == "loopback" ]]; then
echo " 监听范围 : 127.0.0.1 (仅本机访问)"
echo ""
echo " 本地访问 : http://127.0.0.1:${PORT}"
echo " http://127.0.0.1:${PORT}/admin"
else
echo " 监听范围 : 0.0.0.0 (全部网络)"
echo ""
echo " 本地访问 : http://localhost:${PORT}"
echo " http://localhost:${PORT}/admin"
if [[ -n "$LAN_IP" ]]; then
echo " 内网访问 : http://${LAN_IP}:${PORT}"
echo " http://${LAN_IP}:${PORT}/admin"
fi
if [[ -n "$PUBLIC_IP" ]]; then
echo " 公网访问 : http://${PUBLIC_IP}:${PORT}"
echo " http://${PUBLIC_IP}:${PORT}/admin"
fi
fi
echo ""
echo " 管理密钥 : ${ADMIN_SECRET}"
echo " 查看日志 : $(compose_cmd_display) logs -f"
echo " 停止服务 : $(compose_cmd_display) down"
echo ""
if [[ "$BIND_MODE" == "all" && -n "$PUBLIC_IP" ]]; then
warn "服务对外开放,请确认防火墙/安全组已放行 ${PORT} 端口"
fi
if [[ "$BIND_MODE" == "loopback" ]]; then
info "如需对外暴露,可重新运行 deploy.sh 选择「全部网络」,或在 .env 中将 BIND_HOST 改为 0.0.0.0"
fi
echo ""
}
# ---------- 主流程 ----------
main() {
banner
bootstrap_repo "$@"
preflight
update_repo_code
step_deployment_route
step_port
step_bind
step_database
step_secrets
step_build_mode
step_confirm
generate_env
resolve_compose_file
deploy
}
main "$@"