chore: restore initial vtuber source snapshot

This commit is contained in:
ogt
2026-07-03 00:36:01 +08:00
commit 17f0c8c8ff
85 changed files with 7677 additions and 0 deletions

View File

@@ -0,0 +1,138 @@
#!/usr/bin/env bash
set -euo pipefail
DOMAIN="${1:-vtuber.wooo.work}"
TARGET_IP="${2:-114.32.151.246}"
DNS_RESOLVER="${3:-8.8.8.8}"
STRICT_MODE="${4:-1}"
strict_mode="${CHECK_STRICT_MODE:-${STRICT_MODE}}"
fail_count=0
resolved_count=0
need_cmd() {
if ! command -v "$1" >/dev/null 2>&1; then
echo "❌ 缺少指令:$1"
exit 1
fi
}
need_cmd dig
need_cmd openssl
need_cmd curl
echo "===== DNS 解析檢查 ====="
echo "網域:${DOMAIN}"
echo "預期 A 紀錄指向:${TARGET_IP}"
echo "採用解析器:${DNS_RESOLVER}"
echo "嚴格檢查:${strict_mode}"
a_records="$(dig +short A "${DOMAIN}" @"${DNS_RESOLVER}" | awk 'NF {print $1}' | sort -u)"
aaaa_records="$(dig +short AAAA "${DOMAIN}" @"${DNS_RESOLVER}" | awk 'NF {print $1}' | sort -u)"
if [ -z "${a_records}" ] && [ -z "${aaaa_records}" ]; then
echo "⚠️ 無法解析到 A/AAAA請檢查 DNS zone 是否有建立 ${DOMAIN} 的 A/AAAA 紀錄。"
fail_count=$((fail_count + 1))
else
echo "A 紀錄:${a_records:-(未設定)}"
echo "AAAA 紀錄:${aaaa_records:-(未設定)}"
if printf '%s\n' "${a_records}" | grep -Fxq "${TARGET_IP}"; then
echo "✅ A 紀錄包含 ${TARGET_IP}"
resolved_count=$((resolved_count + 1))
else
echo "⚠️ ${DOMAIN} 的 A 紀錄未看到 ${TARGET_IP}"
echo " 請檢查 DNSA Record (${DOMAIN}) = ${TARGET_IP}"
echo " 修正指引:在 DNS 面板把 vtuber.wooo.work 的 A Record 指到 ${TARGET_IP}"
fail_count=$((fail_count + 1))
fi
fi
if command -v host >/dev/null 2>&1; then
host "${DOMAIN}" | sed -n '1,4p' || true
else
echo "(已略過 host 查詢,未安裝 host 指令)"
fi
echo
echo "===== HTTPS 憑證檢查 ====="
cert_pem="$(echo | openssl s_client -connect "${DOMAIN}:443" -servername "${DOMAIN}" 2>/dev/null | openssl x509 2>/dev/null || true)"
if [ -z "${cert_pem}" ]; then
echo "❌ 無法抓到 TLS 憑證(連線或憑證有問題)"
fail_count=$((fail_count + 1))
else
subject="$(printf '%s\n' "${cert_pem}" | openssl x509 -noout -subject)"
issuer="$(printf '%s\n' "${cert_pem}" | openssl x509 -noout -issuer)"
start_date="$(printf '%s\n' "${cert_pem}" | openssl x509 -noout -startdate)"
end_date="$(printf '%s\n' "${cert_pem}" | openssl x509 -noout -enddate)"
san="$(printf '%s\n' "${cert_pem}" | openssl x509 -noout -ext subjectAltName 2>/dev/null || true)"
echo "Subject: ${subject}"
echo "Issuer: ${issuer}"
echo "起始: ${start_date}"
echo "到期: ${end_date}"
echo "SAN: ${san:-(未提供)}"
if printf '%s\n' "${san}" | grep -q "DNS:${DOMAIN}"; then
echo "✅ 憑證 SAN 包含 ${DOMAIN}"
else
echo "⚠️ 憑證 SAN 未明確列出 ${DOMAIN}"
fail_count=$((fail_count + 1))
fi
if printf '%s\n' "${cert_pem}" | openssl x509 -checkend $((7*24*60*60)) >/dev/null 2>&1; then
echo "✅ 憑證未於 7 日內到期"
else
echo "⚠️ 憑證疑似 7 日內到期"
fail_count=$((fail_count + 1))
fi
fi
echo
echo "===== 路徑可達性檢查 ====="
check_url() {
local label="$1"
local url="$2"
local expect_http="${3:-200}"
local output
shift 3
output="$(curl -ksS -m 12 -o /dev/null -w 'HTTP %{http_code} | total=%{time_total}s | remote=%{remote_ip}' "$@" "$url" || true)"
local http_code
http_code="$(printf '%s\n' "${output}" | awk '{print $2}')"
if [ -z "${output}" ] || [ "${http_code}" = "000" ] || [ -z "${http_code}" ]; then
echo "${label}:連線失敗"
fail_count=$((fail_count + 1))
elif [ "${http_code}" != "${expect_http}" ]; then
echo "${label}HTTP ${http_code}(預期 ${expect_http}"
fail_count=$((fail_count + 1))
else
echo "${label}${output}"
fi
}
check_url "域名直連" "https://${DOMAIN}/live/demo" 200
check_url "域名繁中直連" "https://${DOMAIN}/zh-TW/live/demo" 200
check_url "SNI 直定向到 ${TARGET_IP}" "https://${DOMAIN}/live/demo" \
--resolve "${DOMAIN}:443:${TARGET_IP}" 200
check_url "IP + Host 直走 (防止 host 漏配)" "http://${TARGET_IP}/live/demo" \
-H "Host: ${DOMAIN}" 200
check_url "純 IP 訪問(不帶 Host" "http://${TARGET_IP}/live/demo" 200
echo
if [ "${fail_count}" -eq 0 ]; then
echo "總結:✅ 全部檢查通過。"
else
echo "總結:⚠️ ${fail_count} 項提醒,需先補上對應修正。"
fi
if [ "${strict_mode}" != "0" ] && [ "${fail_count}" -gt 0 ]; then
echo "部署門檻:❌ 因嚴格模式,非 0 值結果將阻止後續流程。"
exit 1
fi
if [ "${fail_count}" -gt 0 ] && [ "${resolved_count}" -eq 0 ]; then
echo "DNS 門檻:❌ 外網無法直接導向目標主機,這通常代表流量仍在舊站。"
fi
exit 0

View File

@@ -0,0 +1,44 @@
#!/usr/bin/env bash
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ROOT_DIR="$(cd "${SCRIPT_DIR}/.." && pwd)"
ENV_FILE="${ROOT_DIR}/deploy/.env.prod"
DEFAULT_ENV_FILE="${ROOT_DIR}/deploy/.env.prod.example"
if [ ! -f "${ENV_FILE}" ]; then
if [ -f "${DEFAULT_ENV_FILE}" ]; then
echo "⚠️ 找不到 deploy/.env.prod先複製並填寫預設值"
echo "cp deploy/.env.prod.example deploy/.env.prod"
else
echo "❌ 找不到 deploy/.env.prod"
fi
exit 1
fi
source "${ENV_FILE}"
TARGET_DOMAIN="${APP_DOMAIN:-vtuber.wooo.work}"
TARGET_HOST="${DEPLOY_HOST:-114.32.151.246}"
cd "${ROOT_DIR}"
echo "=== Step 1: 正式版推版到 ${DEPLOY_USER}@${TARGET_HOST} ==="
./deploy/deploy-prod.sh
echo
echo "=== Step 2: 內網服務健康檢查 ==="
curl -ksS -o /dev/null -w "[內網] /live/demo => HTTP %{http_code} | 花費 %{time_total}s\n" "http://${TARGET_HOST}:3200/live/demo"
if [ -n "${TARGET_DOMAIN}" ]; then
echo
echo "=== Step 3: 外網導向一致性檢查 ==="
./scripts/check-vtuber-offline-110.sh "${TARGET_DOMAIN}" "${TARGET_HOST}" 8.8.8.8 1
else
echo
echo "=== Step 3: 外網導向檢查已略過(缺少 APP_DOMAIN ==="
fi
echo
echo "✅ 推版+驗證流程完成。"

View File

@@ -0,0 +1,33 @@
#!/usr/bin/env bash
set -euo pipefail
DOMAIN="${1:-vtuber.wooo.work}"
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ROOT_DIR="$(cd "${SCRIPT_DIR}/.." && pwd)"
cd "${ROOT_DIR}"
echo "=== Step 1: 執行正式站推版+外網可用性基礎檢查 ==="
./scripts/deploy-and-verify-vtuber110.sh
echo
echo "=== Step 2: 正式網域直播頁路由逐一驗證 ==="
for path in "/live/demo" "/zh-TW/live/demo"; do
url="https://${DOMAIN}${path}"
http_code="$(curl -ksS -m 12 -o /dev/null -w '%{http_code}' "$url" || true)"
if [ -z "${http_code}" ] || [ "${http_code}" = "000" ]; then
echo "${url}:連線失敗"
exit 1
elif [ "${http_code}" != "200" ]; then
echo "${url}HTTP ${http_code}(預期 200"
exit 1
else
echo "${url}HTTP ${http_code}"
fi
done
echo
echo "✅ 所有正式網域直播路由驗證通過。"