[ ntfy ] 新增ntfy-消息通知服务器的内容

.idea/Shell.iml

@@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module type="JAVA_MODULE" version="4">
+  <component name="Go" enabled="true" />
   <component name="NewModuleRootManager" inherit-compiler-output="true">
     <exclude-output />
     <content url="file://$MODULE_DIR$" />

v2ray示例/v2ray-Socks5/http-to-seoul1.json

@@ -0,0 +1,56 @@
+{
+  "inbounds": [
+    {
+      "protocol": "http",
+      "port": 58888,
+      "listen": "192.168.11.241"
+    }
+  ,
+    {
+      "protocol": "socks",
+      "port": 58889,
+      "listen": "192.168.11.241",
+      "settings": {
+        "auth": "noauth",
+        "udp": true,
+        "userLevel": 0
+      }
+    }
+  ],
+  "dns": {
+    "network": "udp",
+    "address": "223.5.5.5",
+    "port": 53
+  },
+  "outbounds": [
+    {
+      "tag": "proxy",
+      "protocol": "trojan",
+      "settings": {
+        "servers": [
+          {
+            "address": "140.238.14.103",
+            "method": "chacha20",
+            "ota": false,
+            "password": "V2ryStr0ngP0ss",
+            "port": 443,
+            "level": 1
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "tcp",
+        "security": "tls",
+        "tlsSettings": {
+          "allowInsecure": false,
+          "serverName": "xx.s4.cc.hh.107421.xyz",
+          "show": false
+        }
+      },
+      "mux": {
+        "enabled": false,
+        "concurrency": -1
+      }
+    }
+  ]
+}

部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-acl-user.txt

@@ -0,0 +1,27 @@
+
+docker exec -it ntfy /bin/sh
+
+
+ntfy tier add \
+  --name="ultimate" \
+  --message-limit=100000 \
+  --message-expiry-duration=48h \
+  --email-limit=5000 \
+  --call-limit=1000 \
+  --reservation-limit=10000 \
+  --attachment-file-size-limit=5G \
+  --attachment-total-size-limit=25G \
+  --attachment-expiry-duration=48h \
+  --attachment-bandwidth-limit=25G \
+  ultimate
+
+ntfy user add --role=admin wdd
+lovemm.23
+
+ntfy user change-tier wdd ultimate
+
+ntfy token add wdd
+tk_zvdb67fwj1hrjivkq3ga9z7u63av5
+
+
+ntfy token list wdd

部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-docker-compose.yaml

@@ -0,0 +1,23 @@
+version: "2.3"
+
+services:
+  ntfy:
+    image: binwiederhier/ntfy
+    container_name: ntfy
+    command:
+      - serve
+    environment:
+      - TZ=UTC+8
+    user: 0:0
+    volumes:
+      - /var/cache/ntfy:/var/cache/ntfy
+      - /etc/ntfy:/etc/ntfy
+    ports:
+      - 8800:80
+    healthcheck: # optional: remember to adapt the host:port to your environment
+      test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:8800/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
+      interval: 60s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+    restart: unless-stopped

部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-nginx.conf

@@ -0,0 +1,54 @@
+server {
+  listen 80;
+  server_name push.107421.xyz;
+
+  location / {
+    return 302 https://$http_host$request_uri$is_args$query_string;
+
+    proxy_pass http://129.146.65.80:8800;
+    proxy_http_version 1.1;
+
+    proxy_set_header Host $http_host;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+    proxy_connect_timeout 3m;
+    proxy_send_timeout 3m;
+    proxy_read_timeout 3m;
+
+    client_max_body_size 0; # Stream request body to backend
+  }
+}
+
+server {
+  listen 443 ssl http2;
+  server_name push.107421.xyz;
+
+  ssl_session_timeout 1d;
+  ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
+  ssl_session_tickets off;
+  ssl_protocols TLSv1.2 TLSv1.3;
+  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+  ssl_prefer_server_ciphers off;
+
+  ssl_certificate    /etc/nginx/conf.d/ssl_key/push.107421.xyz.cert.pem;
+  ssl_certificate_key    /etc/nginx/conf.d/ssl_key/push.107421.xyz.key.pem;
+
+  location / {
+
+    proxy_http_version 1.1;
+
+    proxy_set_header Host $http_host;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+    proxy_connect_timeout 3m;
+    proxy_send_timeout 3m;
+    proxy_read_timeout 3m;
+
+    client_max_body_size 0; # Stream request body to backend
+    proxy_pass http://129.146.65.80:8800;
+  }
+}

部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-server.yaml

@@ -0,0 +1,364 @@
+# ntfy server config file
+#
+# Please refer to the documentation at https://ntfy.sh/docs/config/ for details.
+# All options also support underscores (_) instead of dashes (-) to comply with the YAML spec.
+
+# Public facing base URL of the service (e.g. https://ntfy.sh or https://ntfy.example.com)
+#
+# This setting is required for any of the following features:
+# - attachments (to return a download URL)
+# - e-mail sending (for the topic URL in the email footer)
+# - iOS push notifications for self-hosted servers (to calculate the Firebase poll_request topic)
+# - Matrix Push Gateway (to validate that the pushkey is correct)
+#
+base-url: https://push.107421.xyz
+
+# Listen address for the HTTP & HTTPS web server. If "listen-https" is set, you must also
+# set "key-file" and "cert-file". Format: [<ip>]:<port>, e.g. "1.2.3.4:8080".
+#
+# To listen on all interfaces, you may omit the IP address, e.g. ":443".
+# To disable HTTP, set "listen-http" to "-".
+#
+listen-http: ":80"
+# listen-https:
+
+# Listen on a Unix socket, e.g. /etc/ntfy/ntfy.sock
+# This can be useful to avoid port issues on local systems, and to simplify permissions.
+#
+# listen-unix: <socket-path>
+# listen-unix-mode: <linux permissions, e.g. 0700>
+
+# Path to the private key & cert file for the HTTPS web server. Not used if "listen-https" is not set.
+#
+# key-file: <filename>
+# cert-file: <filename>
+
+# If set, also publish messages to a Firebase Cloud Messaging (FCM) topic for your app.
+# This is optional and only required to save battery when using the Android app.
+#
+# firebase-key-file: <filename>
+
+# If "cache-file" is set, messages are cached in a local SQLite database instead of only in-memory.
+# This allows for service restarts without losing messages in support of the since= parameter.
+#
+# The "cache-duration" parameter defines the duration for which messages will be buffered
+# before they are deleted. This is required to support the "since=..." and "poll=1" parameter.
+# To disable the cache entirely (on-disk/in-memory), set "cache-duration" to 0.
+# The cache file is created automatically, provided that the correct permissions are set.
+#
+# The "cache-startup-queries" parameter allows you to run commands when the database is initialized,
+# e.g. to enable WAL mode (see https://phiresky.github.io/blog/2020/sqlite-performance-tuning/)).
+# Example:
+cache-startup-queries: |
+   pragma journal_mode = WAL;
+   pragma synchronous = normal;
+   pragma temp_store = memory;
+   pragma busy_timeout = 15000;
+   vacuum;
+#
+# “cache-batch-size”和“cache-batch-timeout”参数允许启用异步批量写入消息数量。如果设置，消息将排队并按给定的批次写入数据库
+# 大小，或者在给定的超时之后。这仅适用于大容量服务器。
+#
+# Debian/RPM package users:
+#   Use /var/cache/ntfy/cache.db as cache file to avoid permission issues. The package
+#   creates this folder for you.
+#
+# Check your permissions:
+#   If you are running ntfy with systemd, make sure this cache file is owned by the
+#   ntfy user and group by running: chown ntfy.ntfy <filename>.
+#
+# put it in memoroy
+#cache-file: "/var/cache/ntfy/cache.db"
+cache-duration: "48h"
+cache-batch-size: 0
+cache-batch-timeout: "0ms"
+
+# If set, access to the ntfy server and API can be controlled on a granular level using
+# the 'ntfy user' and 'ntfy access' commands. See the --help pages for details, or check the docs.
+#
+# - auth-file 是 SQLite 用户/访问数据库；如果它尚不存在，则会自动创建
+# - auth-default-access 定义未找到访问控制条目时的默认/后备访问权限；有可能
+# 设置为“读写”（默认）、“只读”、“只写”或“全部拒绝”。
+# - auth-startup-queries 允许您在数据库初始化时运行命令，例如启用
+# WAL 模式。这类似于缓存启动查询。详情请参阅上文。
+#
+# Debian/RPM package users:
+#   Use /etc/ntfy/user.db as user database to avoid permission issues. The package
+#   creates this folder for you.
+#
+# Check your permissions:
+#   If you are running ntfy with systemd, make sure this user database file is owned by the
+#   ntfy user and group by running: chown ntfy.ntfy <filename>.
+#
+auth-file: "/etc/ntfy/user.db"
+auth-default-access: "deny-all"
+#auth-startup-queries: ""
+
+# If set, the X-Forwarded-For header is used to determine the visitor IP address
+# instead of the remote address of the connection.
+#
+# WARNING: If you are behind a proxy, you must set this, otherwise all visitors are rate limited
+#          as if they are one.
+#
+behind-proxy: true
+
+# If enabled, clients can attach files to notifications as attachments. Minimum settings to enable attachments
+# are "attachment-cache-dir" and "base-url".
+#
+# - attachment-cache-dir is the cache directory for attached files
+# - attachment-total-size-limit is the limit of the on-disk attachment cache directory (total size)
+# - attachment-file-size-limit is the per-file attachment size limit (e.g. 300k, 2M, 100M)
+# - attachment-expiry-duration is the duration after which uploaded attachments will be deleted (e.g. 3h, 20h)
+#
+attachment-cache-dir: "/var/cache/ntfy/attachments"
+attachment-total-size-limit: "25G"
+attachment-file-size-limit: "2G"
+attachment-expiry-duration: "24h"
+visitor-attachment-total-size-limit: "100M"
+visitor-attachment-daily-bandwidth-limit: "500M"
+
+# If enabled, allow outgoing e-mail notifications via the 'X-Email' header. If this header is set,
+# messages will additionally be sent out as e-mail using an external SMTP server.
+#
+# As of today, only SMTP servers with plain text auth (or no auth at all), and STARTLS are supported.
+# Please also refer to the rate limiting settings below (visitor-email-limit-burst & visitor-email-limit-burst).
+#
+# - smtp-sender-addr is the hostname:port of the SMTP server
+# - smtp-sender-from is the e-mail address of the sender
+# - smtp-sender-user/smtp-sender-pass are the username and password of the SMTP user (leave blank for no auth)
+#
+# smtp-sender-addr:
+# smtp-sender-from:
+# smtp-sender-user:
+# smtp-sender-pass:
+
+# If enabled, ntfy will launch a lightweight SMTP server for incoming messages. Once configured, users can send
+# emails to a topic e-mail address to publish messages to a topic.
+#
+# - smtp-server-listen defines the IP address and port the SMTP server will listen on, e.g. :25 or 1.2.3.4:25
+# - smtp-server-domain is the e-mail domain, e.g. ntfy.sh
+# - smtp-server-addr-prefix is an optional prefix for the e-mail addresses to prevent spam. If set to "ntfy-",
+#   for instance, only e-mails to ntfy-$topic@ntfy.sh will be accepted. If this is not set, all emails to
+#   $topic@ntfy.sh will be accepted (which may obviously be a spam problem).
+#
+# smtp-server-listen:
+# smtp-server-domain:
+# smtp-server-addr-prefix:
+
+# Web Push support (background notifications for browsers)
+#
+# If enabled, allows ntfy to receive push notifications, even when the ntfy web app is closed. When enabled, users
+# can enable background notifications in the web app. Once enabled, ntfy will forward published messages to the push
+# endpoint, which will then forward it to the browser.
+#
+# You must configure web-push-public/private key, web-push-file, and web-push-email-address below to enable Web Push.
+# Run "ntfy webpush keys" to generate the keys.
+#
+# - web-push-public-key is the generated VAPID public key, e.g. AA1234BBCCddvveekaabcdfqwertyuiopasdfghjklzxcvbnm1234567890
+# - web-push-private-key is the generated VAPID private key, e.g. AA2BB1234567890abcdefzxcvbnm1234567890
+# - web-push-file is a database file to keep track of browser subscription endpoints, e.g. `/var/cache/ntfy/webpush.db`
+# - web-push-email-address is the admin email address send to the push provider, e.g. `sysadmin@example.com`
+# - web-push-startup-queries is an optional list of queries to run on startup`
+#
+# web-push-public-key:
+# web-push-private-key:
+# web-push-file:
+# web-push-email-address:
+# web-push-startup-queries:
+
+# If enabled, ntfy can perform voice calls via Twilio via the "X-Call" header.
+#
+# - twilio-account is the Twilio account SID, e.g. AC12345beefbeef67890beefbeef122586
+# - twilio-auth-token is the Twilio auth token, e.g. affebeef258625862586258625862586
+# - twilio-phone-number is the outgoing phone number you purchased, e.g. +18775132586
+# - twilio-verify-service is the Twilio Verify service SID, e.g. VA12345beefbeef67890beefbeef122586
+#
+# twilio-account:
+# twilio-auth-token:
+# twilio-phone-number:
+# twilio-verify-service:
+
+# Interval in which keepalive messages are sent to the client. This is to prevent
+# intermediaries closing the connection for inactivity.
+#
+# Note that the Android app has a hardcoded timeout at 77s, so it should be less than that.
+#
+# keepalive-interval: "45s"
+
+# Interval in which the manager prunes old messages, deletes topics
+# and prints the stats.
+#
+# manager-interval: "1m"
+
+# Defines topic names that are not allowed, because they are otherwise used. There are a few default topics
+# that cannot be used (e.g. app, account, settings, ...). To extend the default list, define them here.
+#
+# Example:
+#   disallowed-topics:
+#     - about
+#     - pricing
+#     - contact
+#
+# disallowed-topics:
+
+# Defines the root path of the web app, or disables the web app entirely.
+#
+# Can be any simple path, e.g. "/", "/app", or "/ntfy". For backwards-compatibility reasons,
+# the values "app" (maps to "/"), "home" (maps to "/app"), or "disable" (maps to "") to disable
+# the web app entirely.
+#
+# web-root: /
+
+# Various feature flags used to control the web app, and API access, mainly around user and
+# account management.
+#
+# - enable-signup allows users to sign up via the web app, or API
+# - enable-login allows users to log in via the web app, or API
+# - enable-reservations allows users to reserve topics (if their tier allows it)
+#
+# enable-signup: false
+# enable-login: false
+# enable-reservations: false
+
+# Server URL of a Firebase/APNS-connected ntfy server (likely "https://ntfy.sh").
+#
+# iOS users:
+#   If you use the iOS ntfy app, you MUST configure this to receive timely notifications. You'll like want this:
+#   upstream-base-url: "https://ntfy.sh"
+#
+# If set, all incoming messages will publish a "poll_request" message to the configured upstream server, containing
+# the message ID of the original message, instructing the iOS app to poll this server for the actual message contents.
+# This is to prevent the upstream server and Firebase/APNS from being able to read the message.
+#
+# - upstream-base-url is the base URL of the upstream server. Should be "https://ntfy.sh".
+# - upstream-access-token is the token used to authenticate with the upstream server. This is only required
+#   if you exceed the upstream rate limits, or the uptream server requires authentication.
+#
+# upstream-base-url:
+# upstream-access-token:
+
+# Rate limiting: Total number of topics before the server rejects new topics.
+#
+# global-topic-limit: 15000
+
+# Rate limiting: Number of subscriptions per visitor (IP address)
+#
+# visitor-subscription-limit: 30
+
+# Rate limiting: Allowed GET/PUT/POST requests per second, per visitor:
+# - visitor-request-limit-burst is the initial bucket of requests each visitor has
+# - visitor-request-limit-replenish is the rate at which the bucket is refilled
+# - visitor-request-limit-exempt-hosts is a comma-separated list of hostnames, IPs or CIDRs to be
+#   exempt from request rate limiting. Hostnames are resolved at the time the server is started.
+#   Example: "1.2.3.4,ntfy.example.com,8.7.6.0/24"
+#
+# visitor-request-limit-burst: 60
+# visitor-request-limit-replenish: "5s"
+# visitor-request-limit-exempt-hosts: ""
+
+# Rate limiting: Hard daily limit of messages per visitor and day. The limit is reset
+# every day at midnight UTC. If the limit is not set (or set to zero), the request
+# limit (see above) governs the upper limit.
+#
+# visitor-message-daily-limit: 0
+
+# Rate limiting: Allowed emails per visitor:
+# - visitor-email-limit-burst is the initial bucket of emails each visitor has
+# - visitor-email-limit-replenish is the rate at which the bucket is refilled
+#
+# visitor-email-limit-burst: 16
+# visitor-email-limit-replenish: "1h"
+
+# Rate limiting: Attachment size and bandwidth limits per visitor:
+# - visitor-attachment-total-size-limit is the total storage limit used for attachments per visitor
+# - visitor-attachment-daily-bandwidth-limit is the total daily attachment download/upload traffic limit per visitor
+#
+# visitor-attachment-total-size-limit: "100M"
+# visitor-attachment-daily-bandwidth-limit: "500M"
+
+# Rate limiting: Enable subscriber-based rate limiting (mostly used for UnifiedPush)
+#
+# If enabled, subscribers may opt to have published messages counted against their own rate limits, as opposed
+# to the publisher's rate limits. This is especially useful to increase the amount of messages that high-volume
+# publishers (e.g. Matrix/Mastodon servers) are allowed to send.
+#
+# Once enabled, a client may send a "Rate-Topics: <topic1>,<topic2>,..." header when subscribing to topics via
+# HTTP stream, or websockets, thereby registering itself as the "rate visitor", i.e. the visitor whose rate limits
+# to use when publishing on this topic. Note: Setting the rate visitor requires READ-WRITE permission on the topic.
+#
+# UnifiedPush only: If this setting is enabled, publishing to UnifiedPush topics will lead to a HTTP 507 response if
+# no "rate visitor" has been previously registered. This is to avoid burning the publisher's "visitor-message-daily-limit".
+#
+# visitor-subscriber-rate-limiting: false
+
+# Payments integration via Stripe
+#
+# - stripe-secret-key is the key used for the Stripe API communication. Setting this values
+#   enables payments in the ntfy web app (e.g. Upgrade dialog). See https://dashboard.stripe.com/apikeys.
+# - stripe-webhook-key is the key required to validate the authenticity of incoming webhooks from Stripe.
+#   Webhooks are essential up keep the local database in sync with the payment provider. See https://dashboard.stripe.com/webhooks.
+# - billing-contact is an email address or website displayed in the "Upgrade tier" dialog to let people reach
+#   out with billing questions. If unset, nothing will be displayed.
+#
+# stripe-secret-key:
+# stripe-webhook-key:
+# billing-contact:
+
+# Metrics
+#
+# ntfy can expose Prometheus-style metrics via a /metrics endpoint, or on a dedicated listen IP/port.
+# Metrics may be considered sensitive information, so before you enable them, be sure you know what you are
+# doing, and/or secure access to the endpoint in your reverse proxy.
+#
+# - enable-metrics enables the /metrics endpoint for the default ntfy server (i.e. HTTP, HTTPS and/or Unix socket)
+# - metrics-listen-http exposes the metrics endpoint via a dedicated [IP]:port. If set, this option implicitly
+#   enables metrics as well, e.g. "10.0.1.1:9090" or ":9090"
+#
+# enable-metrics: false
+# metrics-listen-http:
+
+# Profiling
+#
+# ntfy can expose Go's net/http/pprof endpoints to support profiling of the ntfy server. If enabled, ntfy will listen
+# on a dedicated listen IP/port, which can be accessed via the web browser on http://<ip>:<port>/debug/pprof/.
+# This can be helpful to expose bottlenecks, and visualize call flows. See https://pkg.go.dev/net/http/pprof for details.
+#
+# profile-listen-http:
+
+# Logging options
+#
+# By default, ntfy logs to the console (stderr), with an "info" log level, and in a human-readable text format.
+# ntfy supports five different log levels, can also write to a file, log as JSON, and even supports granular
+# log level overrides for easier debugging. Some options (log-level and log-level-overrides) can be hot reloaded
+# by calling "kill -HUP $pid" or "systemctl reload ntfy".
+#
+# - log-format defines the output format, can be "text" (default) or "json"
+# - log-file is a filename to write logs to. If this is not set, ntfy logs to stderr.
+# - log-level defines the default log level, can be one of "trace", "debug", "info" (default), "warn" or "error".
+#   Be aware that "debug" (and particularly "trace") can be VERY CHATTY. Only turn them on briefly for debugging purposes.
+# - log-level-overrides lets you override the log level if certain fields match. This is incredibly powerful
+#   for debugging certain parts of the system (e.g. only the account management, or only a certain visitor).
+#   This is an array of strings in the format:
+#      - "field=value -> level" to match a value exactly, e.g. "tag=manager -> trace"
+#      - "field -> level" to match any value, e.g. "time_taken_ms -> debug"
+#   Warning: Using log-level-overrides has a performance penalty. Only use it for temporary debugging.
+#
+# Check your permissions:
+#   If you are running ntfy with systemd, make sure this log file is owned by the
+#   ntfy user and group by running: chown ntfy.ntfy <filename>.
+#
+# Example (good for production):
+#   log-level: info
+#   log-format: json
+#   log-file: /var/log/ntfy.log
+#
+# Example level overrides (for debugging, only use temporarily):
+#   log-level-overrides:
+#      - "tag=manager -> trace"
+#      - "visitor_ip=1.2.3.4 -> debug"
+#      - "time_taken_ms -> debug"
+#
+# log-level: info
+# log-level-overrides:
+# log-format: text
+# log-file:

部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/docker-compose.yaml

@@ -0,0 +1,44 @@
+
+version: '2.1'
+services:
+  mariadb:
+    image: 'mariadb:10.5.8-focal'
+    healthcheck:
+      test: ["CMD", "mysqladmin", "ping", "--silent","--password=$$MYSQL_ROOT_PASSWORD"]
+      timeout: 10s
+      retries: 3
+    volumes:
+      - 'mariadb_data:/var/lib/mysql'
+    environment:
+      - MYSQL_ROOT_PASSWORD=theVeryp@ssw0rd
+      - MYSQL_DATABASE=pushdeer
+  redis:
+    image: 'bitnami/redis:6.0.16'
+    healthcheck:
+      test: ["CMD", "redis-cli","ping"]
+    environment:
+      - ALLOW_EMPTY_PASSWORD=yes
+  app:
+    image: 'pushdeer-app'
+    ports:
+      - '8800:80'
+    volumes:
+      - './:/app'
+    depends_on:
+      mariadb:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+    environment:
+      - DB_HOST=mariadb
+      - DB_PORT=3306
+      - DB_USERNAME=root
+      - DB_DATABASE=pushdeer
+      - DB_PASSWORD=theVeryp@ssw0rd
+      - GO_PUSH_IOS_TOPIC=com.pushdeer.self.ios
+      - GO_PUSH_IOS_CLIP_TOPIC=com.pushdeer.self.ios.Clip
+      - APP_DEBUG=false
+      - MQTT_API_KEY=9LKo3
+      - MQTT_ON=false
+volumes:
+  mariadb_data:

部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/push-deer-反向代理.conf

@@ -0,0 +1,40 @@
+server {
+    server_name push.107421.xyz;
+    listen 80 ;
+    return 301 https://push.107421.xyz$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name    push.107421.xyz;
+
+    ssl_certificate    /etc/nginx/conf.d/ssl_key/push.107421.xyz.cert.pem;
+    ssl_certificate_key    /etc/nginx/conf.d/ssl_key/push.107421.xyz.key.pem;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:MozSSL:10m;
+    ssl_session_tickets off;
+
+    ssl_protocols   TLSv1.2 TLSv1.3;
+    ssl_ciphers    ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+
+    location / {
+        access_log /var/log/nginx/access.log main;
+        client_max_body_size 5120m;
+        client_body_buffer_size 5120m;
+        client_body_timeout 6000s;
+        proxy_send_timeout 10000s;
+        proxy_read_timeout 10000s;
+        proxy_connect_timeout 600s;
+        proxy_max_temp_file_size 5120m;
+        proxy_request_buffering on;
+        proxy_buffering off;
+        proxy_buffer_size 4k;
+        proxy_buffers 4 12k;
+
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_pass http://129.146.65.80:8800;
+    }
+
+}

部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/消息推送说明.txt

@@ -0,0 +1,4 @@
+
+安装方式 https://www.pushdeer.com/selfhosted.html
+安装时间 2024年1月15日
+服务器 Osaka-amd64-01

部署应用/证书申请/证书申请模板.sh

@@ -1,6 +1,7 @@
 #!/bin/bash
 
-export DOMAIN_NAME=chat.107421.xyz
+#export DOMAIN_NAME=chat.107421.xyz
+export DOMAIN_NAME=push.107421.xyz
 
 export CF_Token="oXJRP5XI8Zhipa_PtYtB_jy6qWL0I9BosrJEYE8p"
 export CF_Account_ID="dfaadeb83406ef5ad35da02617af9191"