acepanel/acepanel.github.io
2
0
Fork 0
mirror of https://github.com/acepanel/acepanel.github.io.git synced 2026-02-04 12:47:13 +08:00
Code Issues Activity

feat: 添加中文翻译

Browse Source
This commit is contained in:
耗子
2025-05-26 22:49:17 +08:00
parent 5e1a7cc123
commit 5285d2f904
36 changed files with 1450 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.vitepress/config/en.ts
View File

@@ -1,4 +1,4 @@
import {defineConfig, type DefaultTheme} from 'vitepress'
import {type DefaultTheme, defineConfig} from 'vitepress'
const resp = await (await fetch('https://panel.haozi.net/api/versions')).json()
const versions = resp.data.slice(0, 10).map((item: any) => {
@@ -7,7 +7,8 @@ const versions = resp.data.slice(0, 10).map((item: any) => {
export const config = defineConfig({
lang: 'en-US',
description: "Goravel is a web application framework with complete functions and excellent scalability. As a starting scaffolding to help Gopher quickly build their own applications.",
title: 'RatPanel',
description: "Simple · lightweight · efficient",
themeConfig: {
nav: nav(),
@@ -15,12 +16,12 @@ export const config = defineConfig({
sidebar: [
{
text: "Quickstart",
base: '/quickstart/',
base: '/quickstart',
items: sidebarQuickstart()
},
{
text: "Advanced",
base: '/advanced/',
base: '/advanced',
items: sidebarAdvanced()
},
{
@@ -42,7 +43,7 @@ export const config = defineConfig({
text: 'Edit this page on GitHub'
},
footer: {
message: 'Released under the MIT License',
message: '<b style="font-size: larger">It is strictly forbidden to use Rat Panel for illegal activities, and our company does not provide any services to violators</b>',
copyright: `Copyright © 2022-${new Date().getFullYear()} Tianjin Rat Technology Co., Ltd All Rights Reserved`
},
docFooter: {

8
.vitepress/config/index.ts
View File

@@ -1,6 +1,7 @@
import { defineConfig } from 'vitepress'
import { shared } from './shared'
import { config as en } from './en'
import {defineConfig} from 'vitepress'
import {shared} from './shared'
import {config as en} from './en'
import {config as zh_CN} from './zh_CN'
// https://vitepress.dev/reference/site-config
@@ -8,5 +9,6 @@ export default defineConfig({
...shared,
locales: {
root: { label: 'English', ...en },
zh_CN: {label: '简体中文', ...zh_CN},
},
})

2
.vitepress/config/shared.ts
View File

@@ -27,7 +27,7 @@ export const shared = defineConfig({
md.use(groupIconMdPlugin);
md.use(timeline);
},
languages: ['go', 'bash', 'shell']
languages: ['go', 'bash', 'shell', 'nginx', 'ini', 'docker', 'dockerfile', 'json', 'yml', 'yaml']
},
themeConfig: {

133
.vitepress/config/zh_CN.ts Normal file
View File

@@ -0,0 +1,133 @@
import {type DefaultTheme, defineConfig} from 'vitepress';
const resp = await (await fetch('https://panel.haozi.net/api/versions')).json()
const versions = resp.data.slice(0, 10).map((item: any) => {
return item.version
})
export const config = defineConfig({
lang: "zh-CN",
title: "耗子面板",
description: "简单轻量 • 高效运维",
themeConfig: {
nav: nav(),
sidebar: [
{
text: "快速开始",
base: '/zh_CN/quickstart',
items: sidebarQuickstart()
},
{
text: "进阶指南",
base: '/zh_CN/advanced',
items: sidebarAdvanced()
},
{
text: "版本历史",
base: '/zh_CN',
collapsed: true,
items: [
...versions.map((version: string) => {
return {
text: version,
link: `/version-${version}`
}
})
]
},
],
editLink: {
pattern: 'https://github.com/ratpanel/ratpanel.github.io/edit/main/:path',
text: "在 GitHub 上编辑此页面"
},
footer: {
message: '<b style="font-size: larger">严禁使用耗子面板从事违法活动,我司不对违规用户提供任何服务</b>',
copyright: `© 2022-${new Date().getFullYear()} 天津耗子科技有限公司 版权所有丨<a target="_blank" href="https://beian.miit.gov.cn/" rel="noreferrer">津ICP备2022009678号-1</a>丨<a target="_blank" href="https://beian.mps.gov.cn/#/query/webSearch?code=12011502000848" rel="noreferrer">津公网安备12011502000848号</a>`
},
docFooter: {
prev: "上一页",
next: "下一页"
},
outline: {
label: "页面导航"
},
lastUpdated: {
text: "最后更新于",
formatOptions: {
dateStyle: 'short',
timeStyle: 'medium'
}
},
langMenuLabel: "切换语言",
returnToTopLabel: "回到顶部",
sidebarMenuLabel: "菜单",
darkModeSwitchLabel: "主题",
lightModeSwitchTitle: "切换到浅色主题",
darkModeSwitchTitle: "切换到深色主题",
skipToContentLabel: "跳转到内容"
}
});
function nav(): DefaultTheme.NavItem[] {
return [
{text: '首页', link: '/zh_CN/'},
{text: '文档', link: '/zh_CN/quickstart/install'},
{text: '支持', link: '/zh_CN/support'},
{text: '🔥证书', link: '/zh_CN/cert'},
{text: '关于', link: '/zh_CN/about'},
]
}
function sidebarQuickstart(): DefaultTheme.SidebarItem[] {
return [
{
text: '安装面板',
link: '/install'
},
{
text: '挂载分区',
link: '/disk'
},
{
text: '管理面板',
link: '/panel'
},
{
text: '管理容器',
link: '/container'
},
]
}
function sidebarAdvanced(): DefaultTheme.SidebarItem[] {
return [
{
text: '面板 API',
link: '/api'
},
{
text: '配置容器镜像加速',
link: '/hub-mirror'
},
{
text: '配置反向代理',
link: '/proxy'
},
{
text: '配置进程守护',
link: '/supervisor'
},
{
text: '配置 QUICHTTP3',
link: '/quic'
},
{
text: '配置 TLSv1.1 TLSv1',
link: '/tls'
},
{
text: '安全性建议',
link: '/safe'
},
]
}

5
en/about.md
View File

@@ -30,10 +30,7 @@ const members = [
# About
## About RatPanel
RatPanel is a professional server operation and maintenance management panel dedicated to providing users with simple,
efficient, and secure server management solutions.
RatPanel is a professional server operation and maintenance management panel dedicated to providing users with simple, efficient, and secure server management solutions.
| Vision | Mission | Values |
|----------------------------------------------------------|---------------------------------------------|---------------------------------------------------|

9
en/advanced/api.md
View File

@@ -2,8 +2,7 @@
## Overview
RatPanel provides a secure RESTful interface for interacting with the panel system. All API requests require HMAC-SHA256
signature authentication to ensure the security and integrity of communications.
RatPanel provides a secure RESTful interface for interacting with the panel system. All API requests require HMAC-SHA256 signature authentication to ensure the security and integrity of communications.
## Basic Information
@@ -13,8 +12,7 @@ signature authentication to ensure the security and integrity of communications.
## Authentication Mechanism
The API uses the HMAC-SHA256 signature algorithm for authentication. Each request must include the following HTTP
headers:
The API uses the HMAC-SHA256 signature algorithm for authentication. Each request must include the following HTTP headers:
| Header Name | Description |
|-----------------|------------------------------------------------------------------------------------------|
@@ -652,8 +650,7 @@ sendApiRequest();
If you encounter signature verification failures, check:
- Ensure you are using the correct API token and ID
- Check that the client and server times are accurate; timestamp differences greater than 300 seconds will cause
verification to fail
- Check that the client and server times are accurate; timestamp differences greater than 300 seconds will cause verification to fail
- Ensure the request body hasn't been modified before or after signature calculation
- Ensure the URL path is handled correctly; remember to remove the entry prefix when normalizing the path

9
en/advanced/hub-mirror.md
View File

@@ -1,7 +1,6 @@
# Configure Container Image Acceleration
Due to certain reasons, domestic users in China may be unable to connect to Docker Hub to pull container images, thus
requiring image acceleration configuration.
Due to certain reasons, domestic users in China may be unable to connect to Docker Hub to pull container images, thus requiring image acceleration configuration.
## For Podman
@@ -16,8 +15,7 @@ location = "docker.io"
location = "docker.1ms.run"
```
Where docker.1ms.run is the configured image acceleration address. You can refer to other tutorials to set up and use
it.
Where docker.1ms.run is the configured image acceleration address. You can refer to other tutorials to set up and use it.
## For Docker
@@ -31,5 +29,4 @@ Add the following configuration and save:
}
```
Where https://docker.1ms.run is the configured image acceleration address. You can refer to other tutorials to set up
and use it.
Where https://docker.1ms.run is the configured image acceleration address. You can refer to other tutorials to set up and use it.

6
en/advanced/proxy.md
View File

@@ -1,7 +1,5 @@
# Configure Reverse Proxy
RatPanel v2.4.10+ comes with a built-in reverse proxy configuration generator, which you can access through the top
right corner of the site rewrite configuration page.
RatPanel v2.4.10+ comes with a built-in reverse proxy configuration generator, which you can access through the top right corner of the site rewrite configuration page.
Note: If you encounter issues with static resources like CSS/JS not loading properly after setting up a reverse proxy,
please remove the **Do not log static files** section from the site's main configuration file.
Note: If you encounter issues with static resources like CSS/JS not loading properly after setting up a reverse proxy, please remove the **Do not log static files** section from the site's main configuration file.

10
en/advanced/quic.md
View File

@@ -1,17 +1,15 @@
# Configure QUIC (HTTP3)
RatPanel currently supports automatic QUIC configuration, but for compatibility reasons, the `Alt-Svc` header is not
added by default. Browsers will not attempt to use QUIC connections without detecting the `Alt-Svc` header.
RatPanel currently supports automatic QUIC configuration, but for compatibility reasons, the `Alt-Svc` header is not added by default. Browsers will not attempt to use QUIC connections without detecting the `Alt-Svc` header.
If you are not using a CDN, you can add the configuration below to your website's rewrite rules to let browsers know
that the website supports and uses QUIC connections.
If you are not using a CDN, you can add the configuration below to your website's rewrite rules to let browsers know that the website supports and uses QUIC connections.
```
add_header Alt-Svc 'h3=":$server_port"; ma=2592000';
```
If you are using a CDN or there are proxy servers in front, then QUIC needs to be enabled on the CDN / frontend.
If the configuration still doesn't work, please check your browser version and the availability of UDP port 443.
* According to Nginx's git commit history, all QUIC draft versions have been removed in version 1.25, so there's no need
to add draft version numbers to `Alt-Svc`.
* According to Nginx's git commit history, all QUIC draft versions have been removed in version 1.25, so there's no need to add draft version numbers to `Alt-Svc`.

33
en/advanced/safe.md
View File

@@ -4,15 +4,11 @@ With the following security measures, almost all hacking/malware issues can be p
### Website Aspects
Based on past experience, most hacking and malware incidents are caused by program vulnerabilities, unrelated to the
Panel or environment. For website security, you should:
Based on experience, most hacking and malware incidents are caused by program vulnerabilities, unrelated to the Panel or environment. For website security, you should:
1. Avoid using pirated programs or software, especially when you cannot determine if they have been tampered with.
2. Regularly update website programs and software environments; don't use outdated software due to inconvenience, as
their security cannot be guaranteed.
3. Never use weak passwords for website admin areas. Passwords are strongly recommended to be generated using a random
generator with more than 20 mixed characters and stored in a secure location. If possible, enable multi-factor
authentication (2FA) for your programs.
2. Regularly update website programs and software environments; don't use outdated software due to inconvenience, as their security cannot be guaranteed.
3. Never use weak passwords for website admin areas. Passwords are strongly recommended to be generated using a random generator with more than 20 mixed characters and stored in a secure location. If possible, enable 2FA for your programs.
4. Set up scheduled backups of all site data; don't operate without backups.
5. PHP has disabled some high-risk functions by default; don't remove these restrictions unless absolutely necessary.
@@ -21,25 +17,16 @@ Panel or environment. For website security, you should:
The probability of serious security vulnerabilities in modern systems is low, but you should still:
1. Regularly update system software. (Use `yum update` or `apt upgrade`).
2. Prohibit weak passwords and the default port 22 for SSH. Passwords are strongly recommended to be generated using a
random generator with more than 20 mixed characters and stored in a secure location. If possible, consider installing
Fail2ban for targeted protection.
3. Don't arbitrarily assign 777 permissions or execution permissions to the www user, as this may cause major security
risks.
2. Prohibit weak passwords and the default port 22 for SSH. Passwords are strongly recommended to be generated using a random generator with more than 20 mixed characters and stored in a secure location. If possible, consider installing Fail2ban for targeted protection.
3. Don't arbitrarily assign 777 permissions or execution permissions to the www user, as this may cause major security risks.
4. If your service provider offers VNC server management, consider disabling SSH to solve the problem at the source.
### Panel Aspects
RatPanel has the same privileges as root, and improper management can cause serious security problems. You should:
1. Regularly update the Panel and applications installed through it. We recommend following our channel or group to
receive various update messages promptly.
2. Prohibit weak passwords and the default 8888 port for the Panel. Passwords are strongly recommended to be generated
using a random generator with more than 20 mixed characters and stored in a secure location.
3. Consider modifying the Panel entry point and enabling HTTPS for the Panel to prevent scanner detection and
man-in-the-middle attacks.
4. Unless necessary, do not allow firewall access to internal service ports (Redis 6379, MySQL 3306, PostgreSQL 5432,
etc.), as this may cause serious security risks. (Local website connections don't require firewall access; connection
issues are program problems).
5. For high-security requirements, consider stopping the Panel operation routinely and starting it only when needed (
stopping the Panel will not affect websites, scheduled tasks, etc.).
1. Regularly update the Panel and applications installed through it. We recommend following our channel or group to receive various update messages promptly.
2. Prohibit weak passwords and the default 8888 port for the Panel. Passwords are strongly recommended to be generated using a random generator with more than 20 mixed characters and stored in a secure location.
3. Consider modifying the Panel entry point and enabling HTTPS for the Panel to prevent scanner detection and man-in-the-middle attacks.
4. Unless necessary, do not allow firewall access to internal service ports (Redis 6379, MySQL 3306, PostgreSQL 5432, etc.), as this may cause serious security risks. (Local website connections don't require firewall access; connection issues are program problems).
5. For high-security requirements, consider stopping the Panel operation routinely and starting it only when needed (stopping the Panel will not affect websites, scheduled tasks, etc.).

3
en/advanced/supervisor.md
View File

@@ -1,6 +1,5 @@
# Configure Process Monitoring
1. Install Supervisor manager and open it.
2. Create processes that need to be monitored in the Supervisor manager (it's not recommended to use root as the running
user).
2. Create processes that need to be monitored in the Supervisor manager (it's not recommended to use root as the running user).
3. Common issues: [https://tom.moe/t/supervisor/3112](https://tom.moe/t/supervisor/3112)

5
en/advanced/tls.md
View File

@@ -1,7 +1,6 @@
# Configure TLSv1.1 TLSv1
The current Panel OpenResty is compiled with OpenSSL 3.5, which by default disables the deprecated TLSv1.1 and TLSv1
protocols.
The current Panel OpenResty is compiled with OpenSSL 3.5, which by default disables the deprecated TLSv1.1 and TLSv1 protocols.
Of course, if your business must use these two protocols, you can enable them using the SSL configuration below.
@@ -9,4 +8,4 @@ Of course, if your business must use these two protocols, you can enable them us
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:@SECLEVEL=0;
ssl_prefer_server_ciphers on;
```
```

6
en/cert.md
View File

@@ -6,11 +6,9 @@ next: false
# Certificates
If the 3-month free certificate cannot meet your needs, you can choose to purchase higher-level certificates. We offer
DV single-domain certificates and DV wildcard certificates for your selection.
If the 3-month free certificate cannot meet your needs, you can choose to purchase higher-level certificates. We offer DV single-domain certificates and DV wildcard certificates for your selection.
Due to pricing policy restrictions, please contact our sales team directly through the group link in the upper right
corner for specific prices and purchases.
Due to pricing policy restrictions, please contact our sales team directly through the group link in the upper right corner for specific prices and purchases.
<style>
.cert-cards-container {

6
en/index.md
View File

@@ -1,5 +1,4 @@
---
# https://vitepress.dev/reference/default-theme-home-page
layout: home
hero:
@@ -13,10 +12,7 @@ hero:
target: _blank
- theme: alt
text: Quick install
link: /install
- theme: alt
text: Browse docs
link: /docs
link: /quickstart/install
features:
- icon: ✨

13
en/quickstart/container.md
View File

@@ -2,11 +2,9 @@
Before starting, you need to install the Docker / Podman container engine.
After the container engine is installed, you can go to the Panel's container management section to create containers (
pgadmin4 is used as an example here).
After the container engine is installed, you can go to the Panel's container management section to create containers (pgadmin4 is used as an example here).
First, navigate to the Images tab to pull the required images. This may take several minutes to tens of minutes
depending on your network environment.
First, navigate to the Images tab to pull the required images. This may take several minutes to tens of minutes depending on your network environment.
![Pull Image](/container1.png)
@@ -14,15 +12,14 @@ After the image is pulled, navigate to the Containers tab to start creating a co
![Create Container](/container2.png)
Fill in the form according to the container's instructions. The pgadmin4 image used here needs to map port 80 and
configure 2 default environment variables, with no need to map directories.
Fill in the form according to the container's instructions. The pgadmin4 image used here needs to map port 80 and configure 2 default environment variables, with no need to map directories.
After the container is created, you can click the refresh button in the upper right corner and the log button on the
right side of the container to check if it has started properly.
After the container is created, you can click the refresh button in the upper right corner and the log button on the right side of the container to check if it has started properly.
![Container Start](/container3.png)
If the container fails to start, please make corrections according to the logs.
If you have mapped external ports, you need to go to the firewall menu to allow the corresponding ports.
![Creation Successful](/container4.png)

6
en/quickstart/disk.md
View File

@@ -1,11 +1,9 @@
# Mount Partitions
If your server has unmounted data disks, you can log in as `root` user before installation and run the following command
to automatically mount them. Cross-directory migration is not supported after Panel installation.
If your server has unmounted data disks, you can log in as `root` user before installation and run the following command to automatically mount them. Cross-directory migration is not supported after Panel installation.
```shell
curl -fsLm 10 -o auto_mount.sh https://dl.cdn.haozi.net/panel/auto_mount.sh && bash auto_mount.sh
```
You can also contact your server provider via ticket to request assistance with mounting partitions, or mount the
partitions yourself before installing the Panel.
You can also contact your server provider via ticket to request assistance with mounting partitions, or mount the partitions yourself before installing the Panel.

12
en/quickstart/install.md
View File

@@ -1,13 +1,10 @@
# Install Panel
The Panel supports mainstream systems under `amd64` | `arm64` architectures. LNMP environment installation has been
tested on all systems listed in the table below.
The Panel supports mainstream systems under `amd64` | `arm64` architectures. LNMP environment installation has been tested on all systems listed in the table below.
It is recommended to use systems marked as **recommended**. Unless there are special circumstances, it is not
recommended to use systems marked as **not recommended**.
It is recommended to use systems marked as **recommended**. Unless there are special circumstances, it is not recommended to use systems marked as **not recommended**.
For systems not listed in the table below, you can try installing on your own, but no free technical support will be
provided.
For systems not listed in the table below, you can try installing on your own, but no free technical support will be provided.
| System | Version | Note |
|---------------------|---------|-----------------|
@@ -28,8 +25,7 @@ provided.
| Anolis | 8 | Not Recommended |
| openEuler | 22 | Not Recommended |
As system versions continue to update, we may also terminate support for some overly outdated systems to ensure the
robustness of the Panel.
As system versions continue to update, we may also terminate support for some overly outdated systems to ensure the robustness of the Panel.
## Start Installation

6
en/quickstart/panel.md
View File

@@ -18,12 +18,10 @@ Follow the prompts to complete the necessary commands for operation.
It is primarily recommended to back up data and reinstall the system, as this ensures a clean system.
If you are unable to reinstall the system, please log in to the server as `root` user and execute the following command
to uninstall the Panel:
If you are unable to reinstall the system, please log in to the server as `root` user and execute the following command to uninstall the Panel:
```shell
curl -fsLm 10 -o uninstall.sh https://dl.cdn.haozi.net/panel/uninstall.sh && bash uninstall.sh
```
Before uninstalling the Panel, be sure to back up all data and uninstall all Panel applications in advance. Data will be
**unrecoverable** after uninstallation!
Before uninstalling the Panel, be sure to back up all data and uninstall all Panel applications in advance. Data will be **unrecoverable** after uninstallation!

3
en/support.md
View File

@@ -14,8 +14,7 @@ We provide a free forum service where you can ask questions, discuss, and share
## Paid Remote Service
Website errors, slow speed, malware infections? High server resource usage, configuration optimization, intrusion
tracing? We provide all these services in one place.
Website errors, slow speed, malware infections? High server resource usage, configuration optimization, intrusion tracing? We provide all these services in one place.
### Remote Service Price List

64
zh_CN/about.md Normal file
View File

@@ -0,0 +1,64 @@
---
sidebar: false
prev: false
next: false
---
<script setup>
import { VPTeamMembers } from 'vitepress/theme'
const members = [
{
avatar: 'https://weavatar.com/avatar/18e77debb1bc0000c0b50757b8f1bebb2c3e4df3d494124f776c15dbc1ebe8a5',
name: '耗子',
desc: '创始人 & CEO',
links: [
{ icon: 'github', link: 'https://github.com/devhaozi' },
{ icon: 'bilibili', link: 'https://space.bilibili.com/8067' }
]
},
{
avatar: 'https://weavatar.com/avatar/f6b23deadaa481f0b3ea75ad94f246881ed2326117efebad6f2799ea165779b9',
name: '靓仔',
desc: '技术负责人',
links: [
{ icon: 'github', link: 'https://github.com/205125' }
]
},
]
</script>
# 关于
耗子面板是一款专业的服务器运维管理面板,致力于为用户提供简单、高效、安全的服务器管理解决方案。
| 愿景 | 使命 | 价值观 |
|-------------------|---------------|----------------|
| 成为领先的服务器管理解决方案提供商 | 让服务器管理变得简单而高效 | 用户至上、创新驱动、专业专注 |
## 团队介绍
<VPTeamMembers size="small" :members="members" />
## 发展历程
::: timeline 2024 - 全新起航
面板得到了众多赞助商的支持2024 年下半年发布了全新的 2.3 版本
:::
::: timeline 2023 - 技术积累
使用 Go 对面板进行重写,发布 2.0 2.1 系列版本,积累了大量开发经验
:::
::: timeline 2022 - 项目立项
2022 年中项目立项,年末发布 1.0 版本
:::
## 联系我们
| 名称 | 联系方式 |
|------|--------------------------------------------------------------------------|
| 企业微信 | [点击联系](https://work.weixin.qq.com/kfid/kfc20ea8e38b5a4e73a) |
| QQ | [826896000](https://wpa.qq.com/msgrd?v=3&uin=826896000&site=qq&menu=yes) |
| 电子邮件 | [admin@haozi.net](mailto:admin@haozi.net) |
| 公司地址 | 天津市武清区黄庄街道泉里路1号智库大厦206室 |

661
zh_CN/advanced/api.md Normal file
View File

@@ -0,0 +1,661 @@
# API 参考文档
## 概述
耗子面板提供了一套安全的 RESTful 接口,用于与面板系统进行交互。所有 API 请求都需要进行 HMAC-SHA256 签名认证以确保通信的安全性和完整性。
## 基础信息
- **基础 URL**: `http(s)://your-panel-domain/{entry}/api/`
- **内容类型**: 所有请求和响应均使用 `application/json`
- **字符编码**: UTF-8
## 认证机制
API 使用 HMAC-SHA256 签名算法进行认证。每个请求必须包含以下 HTTP 头:
| 头部名称 | 描述 |
|-----------------|-----------------------------------------------------------------|
| `Content-Type` | 设置为 `application/json` |
| `X-Timestamp` | 当前 UNIX 时间戳(秒) |
| `Authorization` | 身份验证信息,格式为 `HMAC-SHA256 Credential={id}, Signature={signature}` |
## 签名算法
签名过程包含四个主要步骤:
### 1. 构造规范化请求
规范化请求字符串由以下部分组成,各部分之间使用换行符(\n分隔
```
HTTP方法
规范化路径
规范化查询字符串
请求体的SHA256哈希值
```
**注意**:规范化路径应始终使用 `/api/` 开头的路径部分,忽略入口前缀。
### 2. 构造待签名字符串
待签名字符串包含以下部分,各部分使用换行符(\n分隔
```
"HMAC-SHA256"
时间戳
规范化请求的SHA256哈希值
```
### 3. 计算签名
使用您的令牌token对待签名字符串进行 HMAC-SHA256 计算,然后将结果转换为十六进制字符串。
### 4. 构造授权头
将计算得到的签名添加到 `Authorization` 头:
```
Authorization: HMAC-SHA256 Credential={id}, Signature={signature}
```
## Go 示例
```go
package main
import (
"bytes"
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
"fmt"
"io"
"net/http"
"strings"
"time"
)
func main() {
// 创建一个获取用户信息的请求
req, err := http.NewRequest("GET", "http://example.com/entrance/api/user/info", nil)
if err != nil {
fmt.Println("Error creating request:", err)
return
}
// 设置内容类型
req.Header.Set("Content-Type", "application/json")
// 签名请求 - 传入您的用户ID和API令牌
if err = SignReq(req, uint(16), "YourSecretToken"); err != nil {
fmt.Println("Error signing request:", err)
return
}
// 发送请求
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println("Error sending request:", err)
return
}
defer resp.Body.Close()
// 处理响应
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println("Error reading response:", err)
return
}
fmt.Println("Response Status:", resp.Status)
fmt.Println("Response Body:", string(body))
}
// SignReq 对HTTP请求进行签名
func SignReq(req *http.Request, id uint, token string) error {
// 步骤一:构造规范化请求
var body []byte
var err error
if req.Body != nil {
// 读取并保存请求体
body, err = io.ReadAll(req.Body)
if err != nil {
return err
}
// 恢复请求体以便后续使用
req.Body = io.NopCloser(bytes.NewReader(body))
}
// 规范化路径
canonicalPath := req.URL.Path
if !strings.HasPrefix(canonicalPath, "/api") {
index := strings.Index(canonicalPath, "/api")
if index != -1 {
canonicalPath = canonicalPath[index:]
}
}
canonicalRequest := fmt.Sprintf("%s\n%s\n%s\n%s",
req.Method,
canonicalPath,
req.URL.Query().Encode(),
SHA256(string(body)))
// 步骤二:设置时间戳和构造待签名字符串
timestamp := time.Now().Unix()
req.Header.Set("X-Timestamp", fmt.Sprintf("%d", timestamp))
stringToSign := fmt.Sprintf("%s\n%d\n%s",
"HMAC-SHA256",
timestamp,
SHA256(canonicalRequest))
// 步骤三:计算签名
signature := HMACSHA256(stringToSign, token)
// 步骤四设置Authorization头
authHeader := fmt.Sprintf("HMAC-SHA256 Credential=%d, Signature=%s", id, signature)
req.Header.Set("Authorization", authHeader)
return nil
}
func SHA256(str string) string {
sum := sha256.Sum256([]byte(str))
dst := make([]byte, hex.EncodedLen(len(sum)))
hex.Encode(dst, sum[:])
return string(dst)
}
func HMACSHA256(data string, secret string) string {
h := hmac.New(sha256.New, []byte(secret))
h.Write([]byte(data))
return hex.EncodeToString(h.Sum(nil))
}
```
## PHP 示例
```php
<?php
/**
* 耗子面板 API 请求示例 (PHP)
*/
function signRequest($method, $url, $body, $id, $token) {
// 解析URL并获取路径
$parsedUrl = parse_url($url);
$path = $parsedUrl['path'];
$query = isset($parsedUrl['query']) ? $parsedUrl['query'] : '';
// 规范化路径
$canonicalPath = $path;
if (strpos($path, '/api') !== 0) {
$apiPos = strpos($path, '/api');
if ($apiPos !== false) {
$canonicalPath = substr($path, $apiPos);
}
}
// 计算请求体的SHA256哈希值
$bodySha256 = hash('sha256', $body ?: '');
// 构造规范化请求
$canonicalRequest = implode("\n", [
$method,
$canonicalPath,
$query,
$bodySha256
]);
// 获取当前时间戳
$timestamp = time();
// 构造待签名字符串
$stringToSign = implode("\n", [
'HMAC-SHA256',
$timestamp,
hash('sha256', $canonicalRequest)
]);
// 计算签名
$signature = hash_hmac('sha256', $stringToSign, $token);
// 返回签名和时间戳
return [
'timestamp' => $timestamp,
'signature' => $signature,
'id' => $id
];
}
// 示例请求
$apiUrl = 'http://example.com/entrance/api/user/info';
$method = 'GET';
$body = ''; // 对于GET请求通常没有请求体
$id = 16;
$token = 'YourSecretToken';
// 生成签名信息
$signingData = signRequest($method, $apiUrl, $body, $id, $token);
// 准备HTTP请求头
$headers = [
'Content-Type: application/json',
'X-Timestamp: ' . $signingData['timestamp'],
'Authorization: HMAC-SHA256 Credential=' . $signingData['id'] . ', Signature=' . $signingData['signature']
];
// 使用cURL发送请求
$ch = curl_init($apiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
if (!empty($body)) {
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
}
// 执行请求并获取响应
$response = curl_exec($ch);
$statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
// 输出结果
echo "响应状态码: " . $statusCode . PHP_EOL;
echo "响应内容: " . $response . PHP_EOL;
```
## Python 示例
```python
import hashlib
import hmac
import json
import requests
import time
from urllib.parse import urlparse, parse_qs
def sha256_hash(text):
"""计算字符串的SHA256哈希值"""
return hashlib.sha256(text.encode('utf-8')).hexdigest()
def hmac_sha256(key, message):
"""使用HMAC-SHA256算法计算签名"""
return hmac.new(key.encode('utf-8'), message.encode('utf-8'), hashlib.sha256).hexdigest()
def sign_request(method, url, body, user_id, token):
"""为API请求生成签名"""
# 解析URL
parsed_url = urlparse(url)
path = parsed_url.path
query = parsed_url.query
# 规范化路径
canonical_path = path
if not path.startswith('/api'):
api_pos = path.find('/api')
if api_pos != -1:
canonical_path = path[api_pos:]
# 构造规范化请求
body_str = body if body else ""
canonical_request = "\n".join([
method,
canonical_path,
query,
sha256_hash(body_str)
])
# 获取当前时间戳
timestamp = int(time.time())
# 构造待签名字符串
string_to_sign = "\n".join([
"HMAC-SHA256",
str(timestamp),
sha256_hash(canonical_request)
])
# 计算签名
signature = hmac_sha256(token, string_to_sign)
return {
"timestamp": timestamp,
"signature": signature,
"id": user_id
}
# 示例请求
api_url = "http://example.com/entrance/api/user/info"
method = "GET"
body = "" # GET请求通常没有请求体
user_id = 16
token = "YourSecretToken"
# 生成签名信息
signing_data = sign_request(method, api_url, body, user_id, token)
# 准备HTTP请求头
headers = {
"Content-Type": "application/json",
"X-Timestamp": str(signing_data["timestamp"]),
"Authorization": f"HMAC-SHA256 Credential={signing_data['id']}, Signature={signing_data['signature']}"
}
# 发送请求
response = requests.request(
method=method,
url=api_url,
headers=headers,
data=body
)
# 输出结果
print(f"响应状态码: {response.status_code}")
print(f"响应内容: {response.text}")
```
## Java 示例
```java
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.time.Instant;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;
/**
* 耗子面板 API 请求示例 (Java)
*/
public class RatPanelApiExample {
public static void main(String[] args) {
try {
// 示例请求
String apiUrl = "http://example.com/entrance/api/user/info";
String method = "GET";
String body = ""; // 对于GET请求通常没有请求体
int id = 16;
String token = "YourSecretToken";
// 生成签名信息
SigningData signingData = signRequest(method, apiUrl, body, id, token);
// 准备HTTP请求
HttpClient client = HttpClient.newHttpClient();
HttpRequest.Builder requestBuilder = HttpRequest.newBuilder()
.uri(URI.create(apiUrl))
.header("Content-Type", "application/json")
.header("X-Timestamp", String.valueOf(signingData.timestamp))
.header("Authorization", "HMAC-SHA256 Credential=" + signingData.id +
", Signature=" + signingData.signature);
// 设置请求方法和请求体
if (method.equals("GET")) {
requestBuilder.GET();
} else {
requestBuilder.method(method, HttpRequest.BodyPublishers.ofString(body));
}
HttpRequest request = requestBuilder.build();
// 发送请求
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
// 输出结果
System.out.println("响应状态码: " + response.statusCode());
System.out.println("响应内容: " + response.body());
} catch (Exception e) {
e.printStackTrace();
}
}
static class SigningData {
long timestamp;
String signature;
int id;
SigningData(long timestamp, String signature, int id) {
this.timestamp = timestamp;
this.signature = signature;
this.id = id;
}
}
public static SigningData signRequest(String method, String url, String body, int id, String token) throws Exception {
// 解析URL
URI uri = new URI(url);
String path = uri.getPath();
String query = uri.getQuery() != null ? uri.getQuery() : "";
// 规范化路径
String canonicalPath = path;
if (!path.startsWith("/api")) {
int apiPos = path.indexOf("/api");
if (apiPos != -1) {
canonicalPath = path.substring(apiPos);
}
}
// 计算请求体的SHA256哈希值
String bodySha256 = sha256Hash(body != null ? body : "");
// 构造规范化请求
String canonicalRequest = String.join("\n",
method,
canonicalPath,
query,
bodySha256);
// 获取当前时间戳
long timestamp = Instant.now().getEpochSecond();
// 构造待签名字符串
String stringToSign = String.join("\n",
"HMAC-SHA256",
String.valueOf(timestamp),
sha256Hash(canonicalRequest));
// 计算签名
String signature = hmacSha256(token, stringToSign);
// 返回签名和时间戳
return new SigningData(timestamp, signature, id);
}
private static String sha256Hash(String text) throws Exception {
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(text.getBytes(StandardCharsets.UTF_8));
return bytesToHex(hash);
}
private static String hmacSha256(String key, String message) throws Exception {
Mac mac = Mac.getInstance("HmacSHA256");
SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
mac.init(secretKeySpec);
byte[] hash = mac.doFinal(message.getBytes(StandardCharsets.UTF_8));
return bytesToHex(hash);
}
private static String bytesToHex(byte[] bytes) {
StringBuilder hexString = new StringBuilder();
for (byte b : bytes) {
String hex = Integer.toHexString(0xff & b);
if (hex.length() == 1) {
hexString.append('0');
}
hexString.append(hex);
}
return hexString.toString();
}
}
```
## Node.js 示例
```javascript
const crypto = require('crypto');
const axios = require('axios');
const url = require('url');
/**
* 计算字符串的SHA256哈希值
* @param {string} text 待哈希的字符串
* @returns {string} 哈希结果(十六进制)
*/
function sha256Hash(text) {
return crypto.createHash('sha256').update(text || '').digest('hex');
}
/**
* 使用HMAC-SHA256算法计算签名
* @param {string} key 密钥
* @param {string} message 待签名的消息
* @returns {string} 签名结果(十六进制)
*/
function hmacSha256(key, message) {
return crypto.createHmac('sha256', key).update(message).digest('hex');
}
/**
* 为API请求生成签名
* @param {string} method HTTP方法
* @param {string} apiUrl API地址
* @param {string} body 请求体
* @param {number} id 用户ID
* @param {string} token 密钥
* @returns {object} 包含签名、时间戳和ID的对象
*/
function signRequest(method, apiUrl, body, id, token) {
// 解析URL
const parsedUrl = new url.URL(apiUrl);
const path = parsedUrl.pathname;
const query = parsedUrl.search.slice(1); // 移除开头的'?'
// 规范化路径
let canonicalPath = path;
if (!path.startsWith('/api')) {
const apiPos = path.indexOf('/api');
if (apiPos !== -1) {
canonicalPath = path.slice(apiPos);
}
}
// 构造规范化请求
const canonicalRequest = [
method,
canonicalPath,
query,
sha256Hash(body || '')
].join('\n');
// 获取当前时间戳
const timestamp = Math.floor(Date.now() / 1000);
// 构造待签名字符串
const stringToSign = [
'HMAC-SHA256',
timestamp,
sha256Hash(canonicalRequest)
].join('\n');
// 计算签名
const signature = hmacSha256(token, stringToSign);
return {
timestamp,
signature,
id
};
}
/**
* 发送API请求
*/
async function sendApiRequest() {
// 示例请求参数
const apiUrl = 'http://example.com/entrance/api/user/info';
const method = 'GET';
const body = ''; // GET请求通常没有请求体
const id = 16;
const token = 'YourSecretToken';
try {
// 生成签名信息
const signingData = signRequest(method, apiUrl, body, id, token);
// 准备HTTP请求头
const headers = {
'Content-Type': 'application/json',
'X-Timestamp': signingData.timestamp,
'Authorization': `HMAC-SHA256 Credential=${signingData.id}, Signature=${signingData.signature}`
};
// 发送请求
const response = await axios({
method,
url: apiUrl,
headers,
data: body || undefined
});
// 输出结果
console.log(`响应状态码: ${response.status}`);
console.log(`响应内容: ${JSON.stringify(response.data)}`);
} catch (error) {
console.error('请求出错:', error.message);
if (error.response) {
console.error(`响应状态码: ${error.response.status}`);
console.error(`响应内容: ${JSON.stringify(error.response.data)}`);
}
}
}
// 执行请求
sendApiRequest();
```
## 常见响应码
| HTTP 状态码 | 描述 |
|----------|---------|
| 200 | 请求成功 |
| 401 | 身份验证失败 |
| 403 | 权限不足 |
| 404 | 资源不存在 |
| 422 | 请求参数错误 |
| 500 | 服务器内部错误 |
## 安全建议
1. **保护您的 API 令牌**:不要在客户端代码中硬编码或公开您的 API 令牌
2. **定期轮换令牌**:定期更改您的 API 令牌以提高安全性
3. **配置 IP 白名单**:在生产环境中使用 IP 白名单限制访问
## 常见问题解答
### 签名验证失败
如果遇到签名验证失败,请检查:
- 确保使用了正确的 API 令牌和 ID
- 检查客户端与服务器的时间是否准确,时间戳偏差大于 300 秒会导致验证失败
- 确保请求体在计算签名前后没有被修改
- 确保 URL 路径处理正确,注意规范化路径时需要移除入口前缀
### 请求超时
- 检查网络连接
- 确认服务器状态
- 考虑增加客户端的超时设置

32
zh_CN/advanced/hub-mirror.md Normal file
View File

@@ -0,0 +1,32 @@
# 配置容器镜像加速
由于一些原因国内可能无法连接到 Docker Hub 拉取容器镜像,因此需要配置镜像加速。
## 对于 Podman
在面板打开 Podman 设置页面,导航到注册表配置选项卡。
滚动到配置文件底部,添加如下配置并保存:
```
[[registry]]
location = "docker.io"
[[registry.mirror]]
location = "docker.1ms.run"
```
其中 docker.1ms.run 为配置的镜像加速地址,可自行参考其他教程搭建使用。
## 对于 Docker
在面板打开 Docker 设置页面,导航到配置选项卡。
添加如下配置并保存:
```
{
"registry-mirrors": ["https://docker.1ms.run"]
}
```
其中 https://docker.1ms.run 为配置的镜像加速地址,可自行参考其他教程搭建使用。

5
zh_CN/advanced/proxy.md Normal file
View File

@@ -0,0 +1,5 @@
# 配置反向代理
面板 v2.4.10+ 自带反向代理配置生成器,你可以通过站点伪静态配置页面的右上角打开使用。
注意:如果设置反向代理后出现 CSS/JS 等静态资源无法正常加载的问题,请移除站点主配置文件中的**不记录静态文件日志**部分。

15
zh_CN/advanced/quic.md Normal file
View File

@@ -0,0 +1,15 @@
# 配置 QUICHTTP3
面板目前已支持自动 QUIC 配置,但是出于兼容性考虑,默认未添加 `Alt-Svc` 标头,浏览器在未检测到 `Alt-Svc` 标头时不会尝试使用
QUIC 连接。
如果你不使用 CDN可添加下述配置到网站伪静态中即可让浏览器知晓网站支持并使用 QUIC 连接。
```
add_header Alt-Svc 'h3=":$server_port"; ma=2592000';
```
如果你使用 CDN 或者前端还存在代理服务器,则 QUIC 需要在 CDN / 前端开启。
如果配置后仍不生效,请检查浏览器版本和 UDP 443 端口的可用性。
* 根据 Nginx 的 git 提交记录1.25 版本下所有 QUIC 草案版本已经移除,因此 `Alt-Svc` 无需添加草案版本号。

33
zh_CN/advanced/safe.md Normal file
View File

@@ -0,0 +1,33 @@
# 安全性建议
通过以下安全措施,几乎可以杜绝一切被黑/挂马问题。
### 网站方面
根据以往经验大多数被黑挂马都是程序漏洞造成的,与面板等环境无关,为了网站安全,你应该做到:
1. 不要使用盗版程序、软件,特别是在你无法确定有没有被人加过料的情况下。
2. 定期更新网站程序和软件环境,不要怕麻烦使用过时的软件程序,它们的安全性无法保证。
3. 网站后台禁止使用弱密码,密码强烈建议使用随机生成器生成大于 20 位的混合密码并保存在安全位置有条件建议开启程序的多因素身份验证2FA
4. 设置定时备份全站数据,不要裸奔。
5. PHP 默认禁用了部分高危函数,非必要请勿删除。
### 系统方面
现代系统出现严重安全漏洞的概率是很低的,但是你仍应该做到:
1. 定期更新系统软件。(使用 `yum update``apt upgrade`)。
2. SSH 禁止使用弱密码和默认 22 端口,密码强烈建议使用随机生成器生成大于 20 位的混合密码并保存在安全位置,如果可以建议安装
Fail2ban 针对性保护。
3. 不要随意给 777 权限和 www 用户的执行权限,可能造成极大安全隐患。
4. 如果运营商提供 VNC 管理服务器,也可以考虑关闭 SSH从源头上解决问题。
### 面板方面
面板拥有和 root 一样的权限,管理不当亦会造成严重安全问题,你应该做到:
1. 定期更新面板及面板安装的应用。同时推荐关注我们的频道或者群,以第一时间接收各类更新消息。
2. 面板禁止使用弱密码和默认 8888 端口,密码强烈建议使用随机生成器生成大于 20 位的混合密码并保存在安全位置。
3. 建议修改添加面板入口和开启面板 HTTPS防止被扫描器扫描和中间人攻击。
4. 防火墙无必要请不要放行内部服务的端口Redis 6379、MySQL 3306、PostgreSQL 5432等可能造成严重安全隐患。网站本地连接不需要放行连不上是程序的问题
5. 对安全性要求较高的情况下,可以考虑日常停止面板的运行,按需启动(面板停止运行不会影响网站、计划任务等的运行)。

5
zh_CN/advanced/supervisor.md Normal file
View File

@@ -0,0 +1,5 @@
# 配置进程守护
1. 安装 Supervisor 管理器并打开。
2. Supervisor 管理器中创建需要守护的进程(运行用户不建议使用 root
3. 常见问题:[https://tom.moe/t/supervisor/3112](https://tom.moe/t/supervisor/3112)

11
zh_CN/advanced/tls.md Normal file
View File

@@ -0,0 +1,11 @@
# 配置 TLSv1.1 TLSv1
当前面板OpenResty使用OpenSSL 3.0版本编译默认禁用已弃用的TLSv1.1 TLSv1协议。
当然如果你的业务必须要使用这两个协议的话可以使用下述SSL配置启用。
```
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:@SECLEVEL=0;
ssl_prefer_server_ciphers on;
```

212
zh_CN/cert.md Normal file
View File

@@ -0,0 +1,212 @@
---
sidebar: false
prev: false
next: false
---
# 证书
若 3 个月免费证书无法满足您的需求,您可以选择购买更高级别的证书。我们提供 DV 单域名证书和 DV 通配符证书可供选择。
受限价政策,具体价格及购买请直接通过右上角加群联系销售。
<style>
.cert-cards-container {
display: flex;
gap: 20px;
margin-bottom: 40px;
}
.cert-card {
flex: 1;
padding: 24px;
border-radius: 8px;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.1);
display: flex;
flex-direction: column;
}
.cert-card-header {
display: flex;
align-items: center;
gap: 8px;
margin-bottom: 16px;
}
.cert-card-title {
margin: 0!important;
border-top: unset!important;
padding-top: unset!important;
min-height: 60px;
display: flex;
align-items: center;
}
.cert-subtitle {
margin-bottom: 8px;
}
.cert-price {
font-size: 24px;
font-weight: bold;
margin-bottom: 24px;
}
.cert-price span {
font-size: 14px;
}
.cert-features {
margin-bottom: 24px;
flex-grow: 1;
}
.cert-feature-item {
display: flex;
align-items: center;
gap: 8px;
margin-bottom: 12px;
}
.cert-buy-button {
color: white;
width: 100%;
padding: 12px;
background: #4080ff;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 16px;
margin-top: auto;
}
.cert-buy-button:hover {
background: #3570e0;
}
.cert-features-section {
margin-top: 40px;
}
.cert-features-grid {
display: grid;
grid-template-columns: repeat(2, 1fr);
gap: 24px;
}
.cert-feature-card {
display: flex;
gap: 16px;
align-items: flex-start;
}
.cert-feature-icon {
width: 40px;
height: 40px;
display: flex;
align-items: center;
justify-content: center;
font-size: 24px;
}
.cert-feature-content h3 {
margin: 8px 0!important;
font-size: 18px;
}
.cert-feature-content p {
line-height: 1.5;
}
</style>
## 选购证书
<div class="cert-cards-container">
<div class="cert-card">
<div class="cert-card-header">
<h2 class="cert-card-title">DV 单域名证书</h2>
</div>
<div class="cert-subtitle">国际知名品牌证书</div>
<div class="cert-price">¥ 1X<span>/年</span></div>
<div class="cert-features">
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>域名型证书DV</span>
</div>
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>支持一个域名</span>
</div>
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>一年有效期</span>
</div>
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>快速颁发</span>
</div>
</div>
<button class="cert-buy-button">右上角联系销售购买</button>
</div>
<div class="cert-card">
<div class="cert-card-header">
<h2 class="cert-card-title">DV 通配符证书</h2>
</div>
<div class="cert-subtitle">国际知名品牌证书</div>
<div class="cert-price">¥ 1XX<span>/年</span></div>
<div class="cert-features">
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>域名型证书DV</span>
</div>
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>通配所有子域</span>
</div>
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>一年有效期</span>
</div>
<div class="cert-feature-item">
<span class="cert-check-icon">✓</span>
<span>快速颁发</span>
</div>
</div>
<button class="cert-buy-button">右上角联系销售购买</button>
</div>
</div>
## 证书特点
<div class="cert-features-section">
<div class="cert-features-grid">
<div class="cert-feature-card">
<div class="cert-feature-icon">🛡️</div>
<div class="cert-feature-content">
<h3>安全可靠</h3>
<p>采用国际标准,保护网站安全</p>
</div>
</div>
<div class="cert-feature-card">
<div class="cert-feature-icon">⚡</div>
<div class="cert-feature-content">
<h3>快速签发</h3>
<p>简化签发流程,快速颁发证书</p>
</div>
</div>
<div class="cert-feature-card">
<div class="cert-feature-icon">💳</div>
<div class="cert-feature-content">
<h3>灵活付费</h3>
<p>多种规格可选,满足不同需求</p>
</div>
</div>
<div class="cert-feature-card">
<div class="cert-feature-icon">👨‍💻</div>
<div class="cert-feature-content">
<h3>专业服务</h3>
<p>专业技术支持,保障使用无忧</p>
</div>
</div>
</div>
</div>

62
zh_CN/index.md Normal file
View File

@@ -0,0 +1,62 @@
---
layout: home
hero:
name: "耗子面板"
text: "简单轻量 • 高效运维"
tagline: 全能服务器运维管理面板
actions:
- theme: brand
text: 🌟 点亮 Star
link: https://github.com/tnb-labs/panel
target: _blank
- theme: alt
text: 快速安装
link: /zh_CN/quickstart/install
features:
- icon: ✨
title: 极低占用
details: Go 语言开发,安装包小,占用低,单文件运行,不会对系统性能造成影响
- icon: 🛠
title: 低破坏性
details: 设计为尽可能减少对系统的额外修改,在同类产品中,我们对系统的修改最少
- icon: 📅
title: 追随时代
details: 整体设计走在时代前沿,对新系统兼容性好,在同类产品中处于领先地位
- icon: 🚀
title: 高效运维
details: 功能完善,自定义能力强,既可快速部署小型网站,也可基于定制化需求部署复杂应用
- icon: ⛓️‍💥
title: 离线运行
details: 支持离线模式,甚至可以在部署完成后停止面板进程,不会对已有服务造成任何影响
- icon: 🛡
title: 安全稳定
details: 面板采用业界多种技术保障本体安全性,已在我们的多个生产环境中长期稳定运行
- icon: 💽
title: 全面开源
details: 少有的全开源面板,您可以在遵守开源协议的前提下对面板自由修改、二次开发
- icon: 🆓
title: 永久免费
details: 承诺面板本体未来不会引入任何收费/授权功能,永久免费使用
---
## 合作伙伴
<div style="display: flex; justify-content: space-around; align-items: center; flex-wrap: wrap;">
<a href="https://www.weixiaoduo.com/" style="padding: 1rem;">
<img width="160" src="/wxd.png" alt="微晓朵">
</a>
<a href="https://www.dkdun.cn/aff/MQZZNVHQ" style="padding: 1rem;">
<img width="160" src="/dk.png" alt="林枫云">
</a>
<a href="https://waf.pro/">
<img width="160" src="/wafpro.png" alt="WAFPRO" style="padding: 1rem;">
</a>
<a href="https://scdn.ddunyun.com/">
<img width="160" src="/ddunyun.png" alt="盾云SCDN" style="padding: 1rem;">
</a>
<a href="https://1ms.run/" style="padding: 1rem;">
<img width="160" src="/1ms.svg" alt="毫秒镜像">
</a>
</div>

24
zh_CN/quickstart/container.md Normal file
View File

@@ -0,0 +1,24 @@
# 管理容器
开始前需安装 Docker / Podman 容器引擎。
容器引擎安装完毕后,即可前往面板容器管理处创建容器(此处以 pgadmin4 为例)。
首先导航到镜像选项卡拉取需要的镜像,视网络环境可能需要数分钟到数十分钟。
![拉取镜像](/container1.png)
镜像拉取完成后,导航到容器选项卡开始创建容器。
![创建容器](/container2.png)
表单内容按容器的说明填写,此处使用的 pgadmin4 镜像需要映射 80 端口及配置 2 个默认环境变量,无需映射目录。
容器创建完成后可点击右上角刷新按钮和容器右侧的日志按钮检查是否正常启动。
![容器启动](/container3.png)
若容器未能启动,请根据日志进行修正。
如果映射了外部端口,需要到防火墙菜单放行相应的端口。
![创建成功](/container4.png)

9
zh_CN/quickstart/disk.md Normal file
View File

@@ -0,0 +1,9 @@
# 挂载分区
如果您的服务器有未挂载的数据盘,可在安装前以 `root` 用户登录服务器运行以下命令自动挂载,面板安装后不支持跨目录迁移。
```shell
curl -fsLm 10 -o auto_mount.sh https://dl.cdn.haozi.net/panel/auto_mount.sh && bash auto_mount.sh
```
也可工单联系服务器提供商要求协助挂载分区,或者自行挂载分区后再安装面板。

40
zh_CN/quickstart/install.md Normal file
View File

@@ -0,0 +1,40 @@
# 安装面板
面板支持 `amd64` | `arm64` 架构下的主流系统,下表中的系统均已测试 LNMP 环境安装。
优先建议使用标注**推荐**的系统,无特殊情况不建议使用标注**不推荐**的系统。
不在下表中的其他系统,可自行尝试安装,但不提供无偿技术支持。
| 系统 | 版本 | 备注 |
|---------------------|-----|-----|
| AlmaLinux | 9 | 推荐 |
| AlmaLinux | 8 | 不推荐 |
| RockyLinux | 9 | 支持 |
| RockyLinux | 8 | 不推荐 |
| CentOS Stream | 9 | 不推荐 |
| CentOS Stream | 8 | 不推荐 |
| Ubuntu | 24 | 推荐 |
| Ubuntu | 22 | 支持 |
| Debian | 12 | 推荐 |
| Debian | 11 | 支持 |
| OpenCloudOS | 9 | 支持 |
| TencentOS Server | 4 | 支持 |
| TencentOS Server | 3.1 | 不推荐 |
| Alibaba Cloud Linux | 3.2 | 不推荐 |
| Anolis | 8 | 不推荐 |
| openEuler | 22 | 不推荐 |
随着系统版本的不断更新,我们亦可能会终止部分过于老旧的系统的支持,以保证面板的健壮性。
## 开始安装
> 如需挂载分区,请在安装面板前完成,面板安装后不支持跨目录迁移。
`root` 用户登录服务器,运行以下命令安装面板:
```shell
curl -fsLm 10 -o install.sh https://dl.cdn.haozi.net/panel/install.sh && bash install.sh
```
一般 2 分钟内即可完成安装,安装过程中请勿关闭终端。

27
zh_CN/quickstart/panel.md Normal file
View File

@@ -0,0 +1,27 @@
# 管理面板
请勿在面板仍有任务运行时操作停止 / 重启面板,否则可能会造成问题。
* 启动面板:`systemctl start panel`
* 停止面板:`systemctl stop panel`
* 重启面板:`systemctl restart panel`
## 面板命令行
```bash
panel-cli
```
可根据提示补全需要的命令进行操作。
## 卸载面板
优先建议备份数据重装系统,这样可以保证系统纯净。
如果您无法重装系统,请以`root`用户登录服务器,执行以下命令卸载面板:
```shell
curl -fsLm 10 -o uninstall.sh https://dl.cdn.haozi.net/panel/uninstall.sh && bash uninstall.sh
```
卸载面板前请务必备份好所有数据,提前卸载面板全部应用。卸载后数据将**无法恢复**

37
zh_CN/support.md Normal file
View File

@@ -0,0 +1,37 @@
---
sidebar: false
prev: false
next: false
---
# 支持
## 免费论坛服务
我们提供免费的论坛服务,您可以在论坛中提问、交流、分享面板使用中的问题。
- [Moe Tom](https://tom.moe)
## 付费远程服务
网站报错、速度慢、被挂马?服务器资源占用高、配置调优、入侵朔源?我们统统一站式服务。
### 远程服务价格表
远程服务是指我们通过远程协助的方式,帮助您解决问题。
| 名称 | 介绍 | 价格 |
|------|------------------|-------|
| 单次服务 | 仅限一次服务,问题解决服务即结束 | ¥50 起 |
### 服务流程
1. 提前联系我们,说明问题
2. 我们评估问题,确认是否可以解决及给出预估价格
3. 您确认价格后,支付 50% 预付款,服务开始
4. 服务完成后,您确认无误并支付剩余款项
## 联系我们
- [企业微信](https://work.weixin.qq.com/kfid/kfc20ea8e38b5a4e73a)
- [QQ 826896000](https://wpa.qq.com/msgrd?v=3&uin=826896000&site=qq&menu=yes)

8
zh_CN/version-[version].md Normal file
View File

@@ -0,0 +1,8 @@
# v{{ $params.version }}
- 版本类型:{{ $params.type == 'stable' ? '稳定版' : '测试版' }}
- 发布时间:{{ $params.time }}
## 更新内容
<!-- @content -->

17
zh_CN/version-[version].paths.ts Normal file
View File

@@ -0,0 +1,17 @@
export default {
async paths() {
const resp = await (await fetch('https://panel.haozi.net/api/versions')).json()
if (!resp.message || resp.message !== 'success') return []
return resp.data.slice(0, 10).map((item: any) => {
return {
params: {
version: item.version,
type: item.type,
time: item.updated_at.replace('T', ' ').slice(0, 19)
},
content: item.description
}
})
}
}