From 02022603ed2caa67d6452b5a380427431df3ee35 Mon Sep 17 00:00:00 2001 From: zeaslity Date: Fri, 19 Jan 2024 11:35:13 +0800 Subject: [PATCH] =?UTF-8?q?[=20ntfy=20]=20=E6=96=B0=E5=A2=9Entfy-=E6=B6=88?= =?UTF-8?q?=E6=81=AF=E9=80=9A=E7=9F=A5=E6=9C=8D=E5=8A=A1=E5=99=A8=E7=9A=84?= =?UTF-8?q?=E5=86=85=E5=AE=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .idea/Shell.iml | 1 + v2ray示例/v2ray-Socks5/http-to-seoul1.json | 56 +++ .../ntfy-acl-user.txt | 27 ++ .../ntfy-docker-compose.yaml | 23 ++ .../ntfy-nginx.conf | 54 +++ .../ntfy-server.yaml | 364 ++++++++++++++++++ .../pushDeer消息推送中心-废弃/docker-compose.yaml | 44 +++ .../push-deer-反向代理.conf | 40 ++ .../pushDeer消息推送中心-废弃/消息推送说明.txt | 4 + 部署应用/证书申请/证书申请模板.sh | 3 +- 10 files changed, 615 insertions(+), 1 deletion(-) create mode 100644 v2ray示例/v2ray-Socks5/http-to-seoul1.json create mode 100644 部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-acl-user.txt create mode 100644 部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-docker-compose.yaml create mode 100644 部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-nginx.conf create mode 100644 部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-server.yaml create mode 100644 部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/docker-compose.yaml create mode 100644 部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/push-deer-反向代理.conf create mode 100644 部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/消息推送说明.txt diff --git a/.idea/Shell.iml b/.idea/Shell.iml index d6ebd48..25ed3f6 100644 --- a/.idea/Shell.iml +++ b/.idea/Shell.iml @@ -1,5 +1,6 @@ + diff --git a/v2ray示例/v2ray-Socks5/http-to-seoul1.json b/v2ray示例/v2ray-Socks5/http-to-seoul1.json new file mode 100644 index 0000000..774e834 --- /dev/null +++ b/v2ray示例/v2ray-Socks5/http-to-seoul1.json @@ -0,0 +1,56 @@ +{ + "inbounds": [ + { + "protocol": "http", + "port": 58888, + "listen": "192.168.11.241" + } + , + { + "protocol": "socks", + "port": 58889, + "listen": "192.168.11.241", + "settings": { + "auth": "noauth", + "udp": true, + "userLevel": 0 + } + } + ], + "dns": { + "network": "udp", + "address": "223.5.5.5", + "port": 53 + }, + "outbounds": [ + { + "tag": "proxy", + "protocol": "trojan", + "settings": { + "servers": [ + { + "address": "140.238.14.103", + "method": "chacha20", + "ota": false, + "password": "V2ryStr0ngP0ss", + "port": 443, + "level": 1 + } + ] + }, + "streamSettings": { + "network": "tcp", + "security": "tls", + "tlsSettings": { + "allowInsecure": false, + "serverName": "xx.s4.cc.hh.107421.xyz", + "show": false + } + }, + "mux": { + "enabled": false, + "concurrency": -1 + } + } + ] +} \ No newline at end of file diff --git a/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-acl-user.txt b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-acl-user.txt new file mode 100644 index 0000000..3fd6628 --- /dev/null +++ b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-acl-user.txt @@ -0,0 +1,27 @@ + +docker exec -it ntfy /bin/sh + + +ntfy tier add \ + --name="ultimate" \ + --message-limit=100000 \ + --message-expiry-duration=48h \ + --email-limit=5000 \ + --call-limit=1000 \ + --reservation-limit=10000 \ + --attachment-file-size-limit=5G \ + --attachment-total-size-limit=25G \ + --attachment-expiry-duration=48h \ + --attachment-bandwidth-limit=25G \ + ultimate + +ntfy user add --role=admin wdd +lovemm.23 + +ntfy user change-tier wdd ultimate + +ntfy token add wdd +tk_zvdb67fwj1hrjivkq3ga9z7u63av5 + + +ntfy token list wdd \ No newline at end of file diff --git a/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-docker-compose.yaml b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-docker-compose.yaml new file mode 100644 index 0000000..07e949f --- /dev/null +++ b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-docker-compose.yaml @@ -0,0 +1,23 @@ +version: "2.3" + +services: + ntfy: + image: binwiederhier/ntfy + container_name: ntfy + command: + - serve + environment: + - TZ=UTC+8 + user: 0:0 + volumes: + - /var/cache/ntfy:/var/cache/ntfy + - /etc/ntfy:/etc/ntfy + ports: + - 8800:80 + healthcheck: # optional: remember to adapt the host:port to your environment + test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:8800/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"] + interval: 60s + timeout: 10s + retries: 3 + start_period: 40s + restart: unless-stopped \ No newline at end of file diff --git a/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-nginx.conf b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-nginx.conf new file mode 100644 index 0000000..0bb89b5 --- /dev/null +++ b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-nginx.conf @@ -0,0 +1,54 @@ +server { + listen 80; + server_name push.107421.xyz; + + location / { + return 302 https://$http_host$request_uri$is_args$query_string; + + proxy_pass http://129.146.65.80:8800; + proxy_http_version 1.1; + + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + proxy_connect_timeout 3m; + proxy_send_timeout 3m; + proxy_read_timeout 3m; + + client_max_body_size 0; # Stream request body to backend + } +} + +server { + listen 443 ssl http2; + server_name push.107421.xyz; + + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; # about 40000 sessions + ssl_session_tickets off; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + ssl_certificate /etc/nginx/conf.d/ssl_key/push.107421.xyz.cert.pem; + ssl_certificate_key /etc/nginx/conf.d/ssl_key/push.107421.xyz.key.pem; + + location / { + + proxy_http_version 1.1; + + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + proxy_connect_timeout 3m; + proxy_send_timeout 3m; + proxy_read_timeout 3m; + + client_max_body_size 0; # Stream request body to backend + proxy_pass http://129.146.65.80:8800; + } +} \ No newline at end of file diff --git a/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-server.yaml b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-server.yaml new file mode 100644 index 0000000..e2d1d6e --- /dev/null +++ b/部署应用/Oracle-Cloud/ntfy-apprise共同构建消息推送中心/ntfy-server.yaml @@ -0,0 +1,364 @@ +# ntfy server config file +# +# Please refer to the documentation at https://ntfy.sh/docs/config/ for details. +# All options also support underscores (_) instead of dashes (-) to comply with the YAML spec. + +# Public facing base URL of the service (e.g. https://ntfy.sh or https://ntfy.example.com) +# +# This setting is required for any of the following features: +# - attachments (to return a download URL) +# - e-mail sending (for the topic URL in the email footer) +# - iOS push notifications for self-hosted servers (to calculate the Firebase poll_request topic) +# - Matrix Push Gateway (to validate that the pushkey is correct) +# +base-url: https://push.107421.xyz + +# Listen address for the HTTP & HTTPS web server. If "listen-https" is set, you must also +# set "key-file" and "cert-file". Format: []:, e.g. "1.2.3.4:8080". +# +# To listen on all interfaces, you may omit the IP address, e.g. ":443". +# To disable HTTP, set "listen-http" to "-". +# +listen-http: ":80" +# listen-https: + +# Listen on a Unix socket, e.g. /etc/ntfy/ntfy.sock +# This can be useful to avoid port issues on local systems, and to simplify permissions. +# +# listen-unix: +# listen-unix-mode: + +# Path to the private key & cert file for the HTTPS web server. Not used if "listen-https" is not set. +# +# key-file: +# cert-file: + +# If set, also publish messages to a Firebase Cloud Messaging (FCM) topic for your app. +# This is optional and only required to save battery when using the Android app. +# +# firebase-key-file: + +# If "cache-file" is set, messages are cached in a local SQLite database instead of only in-memory. +# This allows for service restarts without losing messages in support of the since= parameter. +# +# The "cache-duration" parameter defines the duration for which messages will be buffered +# before they are deleted. This is required to support the "since=..." and "poll=1" parameter. +# To disable the cache entirely (on-disk/in-memory), set "cache-duration" to 0. +# The cache file is created automatically, provided that the correct permissions are set. +# +# The "cache-startup-queries" parameter allows you to run commands when the database is initialized, +# e.g. to enable WAL mode (see https://phiresky.github.io/blog/2020/sqlite-performance-tuning/)). +# Example: +cache-startup-queries: | + pragma journal_mode = WAL; + pragma synchronous = normal; + pragma temp_store = memory; + pragma busy_timeout = 15000; + vacuum; +# +# “cache-batch-size”和“cache-batch-timeout”参数允许启用异步批量写入消息数量。如果设置,消息将排队并按给定的批次写入数据库 +# 大小,或者在给定的超时之后。这仅适用于大容量服务器。 +# +# Debian/RPM package users: +# Use /var/cache/ntfy/cache.db as cache file to avoid permission issues. The package +# creates this folder for you. +# +# Check your permissions: +# If you are running ntfy with systemd, make sure this cache file is owned by the +# ntfy user and group by running: chown ntfy.ntfy . +# +# put it in memoroy +#cache-file: "/var/cache/ntfy/cache.db" +cache-duration: "48h" +cache-batch-size: 0 +cache-batch-timeout: "0ms" + +# If set, access to the ntfy server and API can be controlled on a granular level using +# the 'ntfy user' and 'ntfy access' commands. See the --help pages for details, or check the docs. +# +# - auth-file 是 SQLite 用户/访问数据库;如果它尚不存在,则会自动创建 +# - auth-default-access 定义未找到访问控制条目时的默认/后备访问权限;有可能 +# 设置为“读写”(默认)、“只读”、“只写”或“全部拒绝”。 +# - auth-startup-queries 允许您在数据库初始化时运行命令,例如启用 +# WAL 模式。这类似于缓存启动查询。详情请参阅上文。 +# +# Debian/RPM package users: +# Use /etc/ntfy/user.db as user database to avoid permission issues. The package +# creates this folder for you. +# +# Check your permissions: +# If you are running ntfy with systemd, make sure this user database file is owned by the +# ntfy user and group by running: chown ntfy.ntfy . +# +auth-file: "/etc/ntfy/user.db" +auth-default-access: "deny-all" +#auth-startup-queries: "" + +# If set, the X-Forwarded-For header is used to determine the visitor IP address +# instead of the remote address of the connection. +# +# WARNING: If you are behind a proxy, you must set this, otherwise all visitors are rate limited +# as if they are one. +# +behind-proxy: true + +# If enabled, clients can attach files to notifications as attachments. Minimum settings to enable attachments +# are "attachment-cache-dir" and "base-url". +# +# - attachment-cache-dir is the cache directory for attached files +# - attachment-total-size-limit is the limit of the on-disk attachment cache directory (total size) +# - attachment-file-size-limit is the per-file attachment size limit (e.g. 300k, 2M, 100M) +# - attachment-expiry-duration is the duration after which uploaded attachments will be deleted (e.g. 3h, 20h) +# +attachment-cache-dir: "/var/cache/ntfy/attachments" +attachment-total-size-limit: "25G" +attachment-file-size-limit: "2G" +attachment-expiry-duration: "24h" +visitor-attachment-total-size-limit: "100M" +visitor-attachment-daily-bandwidth-limit: "500M" + +# If enabled, allow outgoing e-mail notifications via the 'X-Email' header. If this header is set, +# messages will additionally be sent out as e-mail using an external SMTP server. +# +# As of today, only SMTP servers with plain text auth (or no auth at all), and STARTLS are supported. +# Please also refer to the rate limiting settings below (visitor-email-limit-burst & visitor-email-limit-burst). +# +# - smtp-sender-addr is the hostname:port of the SMTP server +# - smtp-sender-from is the e-mail address of the sender +# - smtp-sender-user/smtp-sender-pass are the username and password of the SMTP user (leave blank for no auth) +# +# smtp-sender-addr: +# smtp-sender-from: +# smtp-sender-user: +# smtp-sender-pass: + +# If enabled, ntfy will launch a lightweight SMTP server for incoming messages. Once configured, users can send +# emails to a topic e-mail address to publish messages to a topic. +# +# - smtp-server-listen defines the IP address and port the SMTP server will listen on, e.g. :25 or 1.2.3.4:25 +# - smtp-server-domain is the e-mail domain, e.g. ntfy.sh +# - smtp-server-addr-prefix is an optional prefix for the e-mail addresses to prevent spam. If set to "ntfy-", +# for instance, only e-mails to ntfy-$topic@ntfy.sh will be accepted. If this is not set, all emails to +# $topic@ntfy.sh will be accepted (which may obviously be a spam problem). +# +# smtp-server-listen: +# smtp-server-domain: +# smtp-server-addr-prefix: + +# Web Push support (background notifications for browsers) +# +# If enabled, allows ntfy to receive push notifications, even when the ntfy web app is closed. When enabled, users +# can enable background notifications in the web app. Once enabled, ntfy will forward published messages to the push +# endpoint, which will then forward it to the browser. +# +# You must configure web-push-public/private key, web-push-file, and web-push-email-address below to enable Web Push. +# Run "ntfy webpush keys" to generate the keys. +# +# - web-push-public-key is the generated VAPID public key, e.g. AA1234BBCCddvveekaabcdfqwertyuiopasdfghjklzxcvbnm1234567890 +# - web-push-private-key is the generated VAPID private key, e.g. AA2BB1234567890abcdefzxcvbnm1234567890 +# - web-push-file is a database file to keep track of browser subscription endpoints, e.g. `/var/cache/ntfy/webpush.db` +# - web-push-email-address is the admin email address send to the push provider, e.g. `sysadmin@example.com` +# - web-push-startup-queries is an optional list of queries to run on startup` +# +# web-push-public-key: +# web-push-private-key: +# web-push-file: +# web-push-email-address: +# web-push-startup-queries: + +# If enabled, ntfy can perform voice calls via Twilio via the "X-Call" header. +# +# - twilio-account is the Twilio account SID, e.g. AC12345beefbeef67890beefbeef122586 +# - twilio-auth-token is the Twilio auth token, e.g. affebeef258625862586258625862586 +# - twilio-phone-number is the outgoing phone number you purchased, e.g. +18775132586 +# - twilio-verify-service is the Twilio Verify service SID, e.g. VA12345beefbeef67890beefbeef122586 +# +# twilio-account: +# twilio-auth-token: +# twilio-phone-number: +# twilio-verify-service: + +# Interval in which keepalive messages are sent to the client. This is to prevent +# intermediaries closing the connection for inactivity. +# +# Note that the Android app has a hardcoded timeout at 77s, so it should be less than that. +# +# keepalive-interval: "45s" + +# Interval in which the manager prunes old messages, deletes topics +# and prints the stats. +# +# manager-interval: "1m" + +# Defines topic names that are not allowed, because they are otherwise used. There are a few default topics +# that cannot be used (e.g. app, account, settings, ...). To extend the default list, define them here. +# +# Example: +# disallowed-topics: +# - about +# - pricing +# - contact +# +# disallowed-topics: + +# Defines the root path of the web app, or disables the web app entirely. +# +# Can be any simple path, e.g. "/", "/app", or "/ntfy". For backwards-compatibility reasons, +# the values "app" (maps to "/"), "home" (maps to "/app"), or "disable" (maps to "") to disable +# the web app entirely. +# +# web-root: / + +# Various feature flags used to control the web app, and API access, mainly around user and +# account management. +# +# - enable-signup allows users to sign up via the web app, or API +# - enable-login allows users to log in via the web app, or API +# - enable-reservations allows users to reserve topics (if their tier allows it) +# +# enable-signup: false +# enable-login: false +# enable-reservations: false + +# Server URL of a Firebase/APNS-connected ntfy server (likely "https://ntfy.sh"). +# +# iOS users: +# If you use the iOS ntfy app, you MUST configure this to receive timely notifications. You'll like want this: +# upstream-base-url: "https://ntfy.sh" +# +# If set, all incoming messages will publish a "poll_request" message to the configured upstream server, containing +# the message ID of the original message, instructing the iOS app to poll this server for the actual message contents. +# This is to prevent the upstream server and Firebase/APNS from being able to read the message. +# +# - upstream-base-url is the base URL of the upstream server. Should be "https://ntfy.sh". +# - upstream-access-token is the token used to authenticate with the upstream server. This is only required +# if you exceed the upstream rate limits, or the uptream server requires authentication. +# +# upstream-base-url: +# upstream-access-token: + +# Rate limiting: Total number of topics before the server rejects new topics. +# +# global-topic-limit: 15000 + +# Rate limiting: Number of subscriptions per visitor (IP address) +# +# visitor-subscription-limit: 30 + +# Rate limiting: Allowed GET/PUT/POST requests per second, per visitor: +# - visitor-request-limit-burst is the initial bucket of requests each visitor has +# - visitor-request-limit-replenish is the rate at which the bucket is refilled +# - visitor-request-limit-exempt-hosts is a comma-separated list of hostnames, IPs or CIDRs to be +# exempt from request rate limiting. Hostnames are resolved at the time the server is started. +# Example: "1.2.3.4,ntfy.example.com,8.7.6.0/24" +# +# visitor-request-limit-burst: 60 +# visitor-request-limit-replenish: "5s" +# visitor-request-limit-exempt-hosts: "" + +# Rate limiting: Hard daily limit of messages per visitor and day. The limit is reset +# every day at midnight UTC. If the limit is not set (or set to zero), the request +# limit (see above) governs the upper limit. +# +# visitor-message-daily-limit: 0 + +# Rate limiting: Allowed emails per visitor: +# - visitor-email-limit-burst is the initial bucket of emails each visitor has +# - visitor-email-limit-replenish is the rate at which the bucket is refilled +# +# visitor-email-limit-burst: 16 +# visitor-email-limit-replenish: "1h" + +# Rate limiting: Attachment size and bandwidth limits per visitor: +# - visitor-attachment-total-size-limit is the total storage limit used for attachments per visitor +# - visitor-attachment-daily-bandwidth-limit is the total daily attachment download/upload traffic limit per visitor +# +# visitor-attachment-total-size-limit: "100M" +# visitor-attachment-daily-bandwidth-limit: "500M" + +# Rate limiting: Enable subscriber-based rate limiting (mostly used for UnifiedPush) +# +# If enabled, subscribers may opt to have published messages counted against their own rate limits, as opposed +# to the publisher's rate limits. This is especially useful to increase the amount of messages that high-volume +# publishers (e.g. Matrix/Mastodon servers) are allowed to send. +# +# Once enabled, a client may send a "Rate-Topics: ,,..." header when subscribing to topics via +# HTTP stream, or websockets, thereby registering itself as the "rate visitor", i.e. the visitor whose rate limits +# to use when publishing on this topic. Note: Setting the rate visitor requires READ-WRITE permission on the topic. +# +# UnifiedPush only: If this setting is enabled, publishing to UnifiedPush topics will lead to a HTTP 507 response if +# no "rate visitor" has been previously registered. This is to avoid burning the publisher's "visitor-message-daily-limit". +# +# visitor-subscriber-rate-limiting: false + +# Payments integration via Stripe +# +# - stripe-secret-key is the key used for the Stripe API communication. Setting this values +# enables payments in the ntfy web app (e.g. Upgrade dialog). See https://dashboard.stripe.com/apikeys. +# - stripe-webhook-key is the key required to validate the authenticity of incoming webhooks from Stripe. +# Webhooks are essential up keep the local database in sync with the payment provider. See https://dashboard.stripe.com/webhooks. +# - billing-contact is an email address or website displayed in the "Upgrade tier" dialog to let people reach +# out with billing questions. If unset, nothing will be displayed. +# +# stripe-secret-key: +# stripe-webhook-key: +# billing-contact: + +# Metrics +# +# ntfy can expose Prometheus-style metrics via a /metrics endpoint, or on a dedicated listen IP/port. +# Metrics may be considered sensitive information, so before you enable them, be sure you know what you are +# doing, and/or secure access to the endpoint in your reverse proxy. +# +# - enable-metrics enables the /metrics endpoint for the default ntfy server (i.e. HTTP, HTTPS and/or Unix socket) +# - metrics-listen-http exposes the metrics endpoint via a dedicated [IP]:port. If set, this option implicitly +# enables metrics as well, e.g. "10.0.1.1:9090" or ":9090" +# +# enable-metrics: false +# metrics-listen-http: + +# Profiling +# +# ntfy can expose Go's net/http/pprof endpoints to support profiling of the ntfy server. If enabled, ntfy will listen +# on a dedicated listen IP/port, which can be accessed via the web browser on http://:/debug/pprof/. +# This can be helpful to expose bottlenecks, and visualize call flows. See https://pkg.go.dev/net/http/pprof for details. +# +# profile-listen-http: + +# Logging options +# +# By default, ntfy logs to the console (stderr), with an "info" log level, and in a human-readable text format. +# ntfy supports five different log levels, can also write to a file, log as JSON, and even supports granular +# log level overrides for easier debugging. Some options (log-level and log-level-overrides) can be hot reloaded +# by calling "kill -HUP $pid" or "systemctl reload ntfy". +# +# - log-format defines the output format, can be "text" (default) or "json" +# - log-file is a filename to write logs to. If this is not set, ntfy logs to stderr. +# - log-level defines the default log level, can be one of "trace", "debug", "info" (default), "warn" or "error". +# Be aware that "debug" (and particularly "trace") can be VERY CHATTY. Only turn them on briefly for debugging purposes. +# - log-level-overrides lets you override the log level if certain fields match. This is incredibly powerful +# for debugging certain parts of the system (e.g. only the account management, or only a certain visitor). +# This is an array of strings in the format: +# - "field=value -> level" to match a value exactly, e.g. "tag=manager -> trace" +# - "field -> level" to match any value, e.g. "time_taken_ms -> debug" +# Warning: Using log-level-overrides has a performance penalty. Only use it for temporary debugging. +# +# Check your permissions: +# If you are running ntfy with systemd, make sure this log file is owned by the +# ntfy user and group by running: chown ntfy.ntfy . +# +# Example (good for production): +# log-level: info +# log-format: json +# log-file: /var/log/ntfy.log +# +# Example level overrides (for debugging, only use temporarily): +# log-level-overrides: +# - "tag=manager -> trace" +# - "visitor_ip=1.2.3.4 -> debug" +# - "time_taken_ms -> debug" +# +# log-level: info +# log-level-overrides: +# log-format: text +# log-file: \ No newline at end of file diff --git a/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/docker-compose.yaml b/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/docker-compose.yaml new file mode 100644 index 0000000..4d14e7a --- /dev/null +++ b/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/docker-compose.yaml @@ -0,0 +1,44 @@ + +version: '2.1' +services: + mariadb: + image: 'mariadb:10.5.8-focal' + healthcheck: + test: ["CMD", "mysqladmin", "ping", "--silent","--password=$$MYSQL_ROOT_PASSWORD"] + timeout: 10s + retries: 3 + volumes: + - 'mariadb_data:/var/lib/mysql' + environment: + - MYSQL_ROOT_PASSWORD=theVeryp@ssw0rd + - MYSQL_DATABASE=pushdeer + redis: + image: 'bitnami/redis:6.0.16' + healthcheck: + test: ["CMD", "redis-cli","ping"] + environment: + - ALLOW_EMPTY_PASSWORD=yes + app: + image: 'pushdeer-app' + ports: + - '8800:80' + volumes: + - './:/app' + depends_on: + mariadb: + condition: service_healthy + redis: + condition: service_healthy + environment: + - DB_HOST=mariadb + - DB_PORT=3306 + - DB_USERNAME=root + - DB_DATABASE=pushdeer + - DB_PASSWORD=theVeryp@ssw0rd + - GO_PUSH_IOS_TOPIC=com.pushdeer.self.ios + - GO_PUSH_IOS_CLIP_TOPIC=com.pushdeer.self.ios.Clip + - APP_DEBUG=false + - MQTT_API_KEY=9LKo3 + - MQTT_ON=false +volumes: + mariadb_data: \ No newline at end of file diff --git a/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/push-deer-反向代理.conf b/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/push-deer-反向代理.conf new file mode 100644 index 0000000..523f3db --- /dev/null +++ b/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/push-deer-反向代理.conf @@ -0,0 +1,40 @@ +server { + server_name push.107421.xyz; + listen 80 ; + return 301 https://push.107421.xyz$request_uri; +} + +server { + listen 443 ssl; + server_name push.107421.xyz; + + ssl_certificate /etc/nginx/conf.d/ssl_key/push.107421.xyz.cert.pem; + ssl_certificate_key /etc/nginx/conf.d/ssl_key/push.107421.xyz.key.pem; + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; + ssl_session_tickets off; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + location / { + access_log /var/log/nginx/access.log main; + client_max_body_size 5120m; + client_body_buffer_size 5120m; + client_body_timeout 6000s; + proxy_send_timeout 10000s; + proxy_read_timeout 10000s; + proxy_connect_timeout 600s; + proxy_max_temp_file_size 5120m; + proxy_request_buffering on; + proxy_buffering off; + proxy_buffer_size 4k; + proxy_buffers 4 12k; + + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_pass http://129.146.65.80:8800; + } + +} diff --git a/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/消息推送说明.txt b/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/消息推送说明.txt new file mode 100644 index 0000000..578de58 --- /dev/null +++ b/部署应用/Oracle-Cloud/pushDeer消息推送中心-废弃/消息推送说明.txt @@ -0,0 +1,4 @@ + +安装方式 https://www.pushdeer.com/selfhosted.html +安装时间 2024年1月15日 +服务器 Osaka-amd64-01 \ No newline at end of file diff --git a/部署应用/证书申请/证书申请模板.sh b/部署应用/证书申请/证书申请模板.sh index 3b67cb6..5d41a63 100644 --- a/部署应用/证书申请/证书申请模板.sh +++ b/部署应用/证书申请/证书申请模板.sh @@ -1,6 +1,7 @@ #!/bin/bash -export DOMAIN_NAME=chat.107421.xyz +#export DOMAIN_NAME=chat.107421.xyz +export DOMAIN_NAME=push.107421.xyz export CF_Token="oXJRP5XI8Zhipa_PtYtB_jy6qWL0I9BosrJEYE8p" export CF_Account_ID="dfaadeb83406ef5ad35da02617af9191"