Originals/ViGent2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 42 Wiki Activity

更新

Browse Source
This commit is contained in:
Kevin Wong
2026-01-26 16:38:30 +08:00
parent f99bd336c9
commit c6c4b2313f
8 changed files with 415 additions and 441 deletions
Download Patch File Download Diff File Expand all files Collapse all files

222
Docs/AUTH_DEPLOY.md
View File

@@ -1,222 +0,0 @@
# 用户认证系统部署指南
## 📋 概述
本文档描述如何在 Ubuntu 服务器上部署 ViGent2 用户认证系统。
| 组件 | 技术 | 说明 |
|------|------|------|
| 数据库 | Supabase (PostgreSQL) | 云端免费版 |
| 认证 | FastAPI + JWT | HttpOnly Cookie |
| 密码 | bcrypt | 单向哈希 |
---
## 步骤 1: 配置 Supabase
### 1.1 创建项目
1. 访问 [supabase.com](https://supabase.com)
2. 创建免费项目
3. 记录以下信息:
- **Project URL**: `https://xxx.supabase.co`
- **anon public key**: `eyJhbGciOiJIUzI1NiIs...`
### 1.2 创建数据库表
1. 进入 **SQL Editor**
2. 执行以下 SQL
```sql
-- 1. 创建 users 表
CREATE TABLE IF NOT EXISTS users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
email TEXT UNIQUE NOT NULL,
password_hash TEXT NOT NULL,
username TEXT,
role TEXT DEFAULT 'pending' CHECK (role IN ('pending', 'user', 'admin')),
is_active BOOLEAN DEFAULT FALSE,
expires_at TIMESTAMP WITH TIME ZONE,
created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
);
-- 2. 创建 user_sessions 表
CREATE TABLE IF NOT EXISTS user_sessions (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID REFERENCES users(id) ON DELETE CASCADE UNIQUE,
session_token TEXT UNIQUE NOT NULL,
device_info TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
);
-- 3. 创建 social_accounts 表
CREATE TABLE IF NOT EXISTS social_accounts (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID REFERENCES users(id) ON DELETE CASCADE,
platform TEXT NOT NULL CHECK (platform IN ('bilibili', 'douyin', 'xiaohongshu')),
logged_in BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
UNIQUE(user_id, platform)
);
-- 4. 创建索引
CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
CREATE INDEX IF NOT EXISTS idx_sessions_user_id ON user_sessions(user_id);
CREATE INDEX IF NOT EXISTS idx_social_user_platform ON social_accounts(user_id, platform);
```
---
## 步骤 2: 配置后端环境变量
编辑 `/home/rongye/ProgramFiles/ViGent2/backend/.env`
```env
# =============== Supabase 配置 ===============
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_KEY=eyJhbGciOiJIUzI1NiIs...
# =============== JWT 配置 ===============
JWT_SECRET_KEY=随机生成的32位以上字符串
JWT_ALGORITHM=HS256
JWT_EXPIRE_HOURS=168 # 7天
# =============== 管理员配置 ===============
ADMIN_EMAIL=admin@example.com
ADMIN_PASSWORD=YourSecurePassword123!
```
### 生成 JWT 密钥
```bash
python3 -c "import secrets; print(secrets.token_urlsafe(32))"
```
---
## 步骤 3: 安装依赖
```bash
cd /home/rongye/ProgramFiles/ViGent2/backend
source venv/bin/activate
pip install supabase python-jose[cryptography] passlib[bcrypt]
```
---
## 步骤 4: 启动服务
```bash
# 重启后端服务
pm2 restart vigent2-backend
```
首次启动时,管理员账号会自动创建。查看日志确认:
```bash
pm2 logs vigent2-backend | grep "管理员"
```
应该看到:`管理员账号已创建: admin@example.com`
---
## 步骤 5: 验证
### API 测试
```bash
# 健康检查
curl http://localhost:8006/health
# 注册测试
curl -X POST http://localhost:8006/api/auth/register \
-H "Content-Type: application/json" \
-d '{"email":"test@example.com","password":"123456"}'
# 登录测试 (管理员)
curl -X POST http://localhost:8006/api/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"admin@example.com","password":"YourSecurePassword123!"}'
```
---
## 步骤 6: 防止 Supabase 7 天暂停
Supabase 免费版 7 天无活动会暂停。推荐使用服务器 crontab 方案。
### 方案 A: 服务器 crontab推荐
在 Ubuntu 服务器上执行:
```bash
crontab -e
```
添加以下行(每天凌晨 1 点执行):
```cron
0 1 * * * curl -s -X GET "https://zcmitzlqlyzxlgwagouf.supabase.co/rest/v1/" -H "apikey: YOUR_SUPABASE_ANON_KEY" > /dev/null
```
> 将 `YOUR_SUPABASE_ANON_KEY` 替换为实际的 anon key
### 方案 B: GitHub Actions
如果服务器可能长期关闭,可使用 GitHub Actions。
1. 创建独立仓库:`supabase-keep-alive`
2. 上传 `.github/workflows/keep-supabase-alive.yml`
3. 配置 Secrets`SUPABASE_URL`, `SUPABASE_KEY`
> ⚠️ 需要 GitHub 账户有付款信息(免费计划也需要)
---
## 📁 文件结构
```
backend/
├── app/
│ ├── api/
│ │ ├── auth.py # 注册/登录/登出
│ │ └── admin.py # 用户管理
│ └── core/
│ ├── supabase.py # Supabase 客户端
│ ├── security.py # JWT + 密码
│ ├── paths.py # Cookie 路径隔离
│ └── deps.py # 认证依赖
├── database/
│ └── schema.sql # 数据库表定义
└── user_data/ # 用户 Cookie (按 user_id 隔离)
└── {user-uuid}/
└── cookies/
```
---
## 🔑 用户管理
### 在 Supabase Dashboard 中管理
1. 进入 **Table Editor > users**
2. 激活用户:设置 `is_active = true`, `role = user`
3. 设置过期时间:填写 `expires_at` 字段
### 使用 API 管理
需要管理员 Cookie
```bash
# 获取用户列表
curl http://localhost:8006/api/admin/users -b "access_token=..."
# 激活用户 (30天有效期)
curl -X POST http://localhost:8006/api/admin/users/{user_id}/activate \
-H "Content-Type: application/json" \
-b "access_token=..." \
-d '{"expires_days": 30}'
```

34
Docs/DevLogs/Day10.md
View File

@@ -86,3 +86,37 @@
}}
```
- **部署**:已同步代码并重建前端。
---
## 🚢 Supabase 服务部署 (16:10)
### 需求
由于需要多用户隔离和更完善的权限管理,决定从纯本地文件存储迁移到 Supabase BaaS 架构。
### 实施步骤
1. **Docker 部署 (Ubuntu)**
- 使用官方 `docker-compose.yml`。
- **端口冲突解决**
- `Moodist` 占用 4000 -> 迁移 Analytics 到 **4004**。
- `code-server` 占用 8443 -> 迁移 Kong HTTPS 到 **8444**。
- 自定义端口Studio (**3003**), API (**8008**)。
2. **安全加固 (Aliyun Nginx)**
- **双域名策略**
- `supabase.hbyrkj.top` -> Studio (3003)
- `api.hbyrkj.top` -> API (8008)
- **SSL**:配置 Let's Encrypt 证书。
- **访问控制**:为 Studio 域名添加 `auth_basic` (htpasswd),防止未授权访问管理后台。
- **WebSocket**Nginx 配置 `Upgrade` 头支持 Realtime 功能。
3. **数据库初始化**
- 使用 `backend/database/schema.sql` 初始化了 `users`, `social_accounts` 等表结构。
### 下一步计划 (Storage Migration)
目前文件仍存储在本地磁盘,无法通过 RLS 进行隔离。
**计划改造 LatentSync 流程**
1. 后端集成 Supabase Storage SDK。
2. 实现 `Download (Storage) -> Local Process (LatentSync) -> Upload (Storage)` 闭环。
3. 前端改为请求 Signed URL 进行播放。

233
Docs/Logs.md
View File

@@ -1,204 +1,29 @@
rongye@r730-ubuntu:~/ProgramFiles/ViGent2$ pm2 logs vigent2-latentsync
[TAILING] Tailing last 15 lines for [vigent2-latentsync] process (change the value with --lines option)
/home/rongye/.pm2/logs/vigent2-latentsync-out.log last 15 lines:
/home/rongye/.pm2/logs/vigent2-latentsync-error.log last 15 lines:
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | SyntaxError: Non-UTF-8 code starting with '\x80' in file /usr/bin/python on line 2, but no encoding declared; see https://python.org/dev/peps/pep-0263/ for details
15|vigent2 | INFO: Started server process [1437489]
15|vigent2 | INFO: Waiting for application startup.
15|vigent2 | INFO: Application startup complete.
15|vigent2 | INFO: Uvicorn running on http://0.0.0.0:8007 (Press CTRL+C to quit)
rongye@r730-ubuntu:~/ProgramFiles/ViGent2$ pm2 logs vigent2-frontend
[TAILING] Tailing last 15 lines for [vigent2-frontend] process (change the value with --lines option)
/home/rongye/.pm2/logs/vigent2-frontend-error.log last 15 lines:
11|vigent2 | at ignore-listed frames
11|vigent2 | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2 | at ignore-listed frames
11|vigent2 | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2 | at ignore-listed frames
11|vigent2 | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2 | at ignore-listed frames
11|vigent2 | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2 | at ignore-listed frames
11|vigent2 | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2 | at ignore-listed frames
11|vigent2 | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2 | at ignore-listed frames
11|vigent2 | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2 | at ignore-listed frames
/home/rongye/.pm2/logs/vigent2-frontend-out.log last 15 lines:
11|vigent2 |
11|vigent2 | ✓ Starting...
11|vigent2 |
11|vigent2 | > frontend@0.1.0 start
11|vigent2 | > next start -p 3002 -p 3002
11|vigent2 |
11|vigent2 | ▲ Next.js 16.1.1
11|vigent2 | - Local: http://localhost:3002
11|vigent2 | - Network: http://192.168.110.200:3002
11|vigent2 |
11|vigent2 | ✓ Starting...
11|vigent2 |
11|vigent2 | > frontend@0.1.0 start
11|vigent2 | > next start -p 3002 -p 3002
11|vigent2 |
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
11|vigent2-frontend | > frontend@0.1.0 start
11|vigent2-frontend | > next start -p 3002 -p 3002
11|vigent2-frontend | ▲ Next.js 16.1.1
11|vigent2-frontend | - Local: http://localhost:3002
11|vigent2-frontend | - Network: http://192.168.110.200:3002
11|vigent2-frontend | ✓ Starting...
11|vigent2-frontend | Error: Could not find a production build in the '.next' directory. Try building your app with 'next build' before starting the production server. https://nextjs.org/docs/messages/production-start-no-build-id
11|vigent2-frontend | at ignore-listed frames
rongye@r730-ubuntu:~/ProgramFiles/Supabase$ docker compose up -d
[+] up 136/136
✔ Image timberio/vector:0.28.1-alpine Pulled 63.3ss
✔ Image supabase/storage-api:v1.33.0 Pulled 78.6ss
✔ Image darthsim/imgproxy:v3.30.1 Pulled 151.9s
✔ Image supabase/postgres-meta:v0.95.1 Pulled 87.5ss
✔ Image supabase/logflare:1.27.0 Pulled 229.2s
✔ Image supabase/postgres:15.8.1.085 Pulled 268.3s
✔ Image supabase/supavisor:2.7.4 Pulled 101.6s
✔ Image supabase/realtime:v2.68.0 Pulled 56.5ss
✔ Image postgrest/postgrest:v14.1 Pulled 201.8s
✔ Image supabase/edge-runtime:v1.69.28 Pulled 254.0s
✔ Network supabase_default Created 0.1s
✔ Volume supabase_db-config Created 0.1s
✔ Container supabase-vector Healthy 16.9s
✔ Container supabase-imgproxy Created 7.4s
✔ Container supabase-db Healthy 20.6s
✔ Container supabase-analytics Created 0.4s
✔ Container supabase-edge-functions Created 1.8s
✔ Container supabase-auth Created 1.7s
✔ Container supabase-studio Created 2.0s
✔ Container realtime-dev.supabase-realtime Created 1.7s
✔ Container supabase-pooler Created 1.8s
✔ Container supabase-kong Created 1.7s
✔ Container supabase-meta Created 2.0s
✔ Container supabase-rest Created 0.9s
✔ Container supabase-storage Created 1.4s
Error response from daemon: failed to set up container networking: driver failed programming external connectivity on endpoint supabase-analytics (2fd60a510a1f16bf29f8f5140f14ef457a284c5b65a2567b7be250a4f9708f34): failed to bind host port 0.0.0.0:4000/tcp: address already in use
[ble: exit 1]

210
Docs/SUPABASE_DEPLOY.md Normal file
View File

@@ -0,0 +1,210 @@
# Supabase 全栈部署指南 (Infrastructure + Auth)
本文档涵盖了 Supabase 基础设施的 Docker 部署、密钥配置、Nginx 安全加固以及用户认证系统的数据库初始化。
---
## 第一部分:基础设施部署 (Infrastructure)
### 1. 准备 Docker 环境 (Ubuntu)
Supabase 严重依赖官方目录结构(挂载配置文件),**必须包含完整的 `docker` 目录**。
```bash
# 1. 创建目录
mkdir -p /home/rongye/ProgramFiles/Supabase
cd /home/rongye/ProgramFiles/Supabase
# 2. 获取官方配置
# 克隆仓库并提取 docker 目录
git clone --depth 1 https://github.com/supabase/supabase.git temp_repo
mv temp_repo/docker/* .
rm -rf temp_repo
# 3. 复制环境变量模板
cp .env.example .env
```
### 2. 生成安全密钥
**警告**:官方模板使用的是公开的弱密钥。生产环境必须重新生成。
使用项目提供的脚本自动生成全套强密钥:
```bash
# 在 ViGent2 项目目录下
cd /home/rongye/ProgramFiles/ViGent2/backend
python generate_keys.py
```
将脚本生成的输出(包括 `JWT_SECRET`, `ANON_KEY`, `SERVICE_ROLE_KEY` 等)复制并**覆盖** `/home/rongye/ProgramFiles/Supabase/.env` 中的对应内容。
### 3. 配置端口与冲突解决
编辑 Supabase 的 `.env` 文件修改以下端口以避免与现有服务Code-Server, Moodist冲突
```ini
# --- Port Configuration ---
# 避免与 Code-Server (8443) 冲突
KONG_HTTPS_PORT=8444
# 自定义 API 端口 (默认 8000)
KONG_HTTP_PORT=8008
# 自定义管理后台端口 (默认 3000)
STUDIO_PORT=3003
# 外部访问 URL (重要:填入你的公网 API 域名/IP)
# 如果配置了 Nginx 反代: https://api.hbyrkj.top
# 如果直连: http://8.148.25.142:8008
API_EXTERNAL_URL=https://api.hbyrkj.top
```
### 4. 启动服务
```bash
docker compose up -d
```
---
## 第二部分:安全访问配置 (Nginx)
建议在阿里云公网网关上配置 Nginx 反向代理,通过 Frp 隧道连接内网服务。
### 1. 域名规划
- **管理后台**: `https://supabase.hbyrkj.top` -> 内网 3003
- **API 接口**: `https://api.hbyrkj.top` -> 内网 8008
### 2. Nginx 配置示例
```nginx
# Studio (需要密码保护)
server {
server_name supabase.hbyrkj.top;
# SSL 配置略...
location / {
# Basic Auth 保护后台
auth_basic "Restricted Studio";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://127.0.0.1:3003;
# WebSocket 支持 (Realtime 必须)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
# API (公开访问)
server {
server_name api.hbyrkj.top;
# SSL 配置略...
location / {
proxy_pass http://127.0.0.1:8008;
# 允许 WebSocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
```
---
## 第三部分:数据库与认证配置 (Database & Auth)
### 1. 初始化表结构 (Schema)
访问管理后台 (Studio) 的 **SQL Editor**,执行以下 SQL 来初始化 ViGent2 所需的表结构:
```sql
-- 1. 用户表 (扩展 auth.users 或独立存储)
-- 注意:这里使用独立表设计,与 FastAPI 逻辑解耦
CREATE TABLE IF NOT EXISTS users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
email TEXT UNIQUE NOT NULL,
password_hash TEXT NOT NULL,
username TEXT,
role TEXT DEFAULT 'pending' CHECK (role IN ('pending', 'user', 'admin')),
is_active BOOLEAN DEFAULT FALSE,
expires_at TIMESTAMP WITH TIME ZONE,
created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
);
-- 2. 会话表 (单设备登录控制)
CREATE TABLE IF NOT EXISTS user_sessions (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID REFERENCES users(id) ON DELETE CASCADE UNIQUE,
session_token TEXT UNIQUE NOT NULL,
device_info TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
);
-- 3. 社交媒体账号绑定表
CREATE TABLE IF NOT EXISTS social_accounts (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID REFERENCES users(id) ON DELETE CASCADE,
platform TEXT NOT NULL CHECK (platform IN ('bilibili', 'douyin', 'xiaohongshu')),
logged_in BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
UNIQUE(user_id, platform)
);
-- 4. 性能索引
CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
CREATE INDEX IF NOT EXISTS idx_sessions_user_id ON user_sessions(user_id);
CREATE INDEX IF NOT EXISTS idx_social_user_platform ON social_accounts(user_id, platform);
```
### 2. 后端集成配置 (FastAPI)
修改 `ViGent2/backend/.env` 以连接到自托管的 Supabase
```ini
# =============== Supabase 配置 ===============
# 指向 Docker 部署的 API 端口 (内网直连推荐用 Localhost)
SUPABASE_URL=http://localhost:8008
# 使用生成的 SERVICE_ROLE_KEY (后端需要管理员权限)
SUPABASE_KEY=eyJhbGciOiJIUzI1Ni...
# =============== JWT 配置 ===============
# 必须与 Supabase .env 中的 JWT_SECRET 保持一致!
JWT_SECRET_KEY=填入_generate_keys.py_生成的_JWT_SECRET
JWT_ALGORITHM=HS256
JWT_EXPIRE_HOURS=168
```
---
## 第四部分:常用维护命令
**查看服务状态**:
```bash
cd /home/rongye/ProgramFiles/Supabase
docker compose ps
```
**查看密钥**:
```bash
grep -E "ANON|SERVICE|SECRET" .env
```
**重启服务**:
```bash
docker compose restart
```
**完全重置数据库 (慎用)**:
```bash
docker compose down -v
rm -rf volumes/db/data
docker compose up -d
```

42
Docs/implementation_plan.md
View File

@@ -141,12 +141,12 @@ backend/
| 端点 | 方法 | 功能 |
|------|------|------|
| `/api/materials` | POST | 上传素材视频 |
| `/api/materials` | GET | 获取素材列表 |
| `/api/videos/generate` | POST | 创建视频生成任务 |
| `/api/tasks/{id}` | GET | 查询任务状态 |
| `/api/videos/{id}/download` | GET | 下载生成的视频 |
| `/api/publish` | POST | 发布到社交平台 |
| `/api/materials` | POST | 上传素材视频 | ✅ |
| `/api/materials` | GET | 获取素材列表 | ✅ |
| `/api/videos/generate` | POST | 创建视频生成任务 | ✅ |
| `/api/tasks/{id}` | GET | 查询任务状态 | ✅ |
| `/api/videos/{id}/download` | GET | 下载生成的视频 | ✅ |
| `/api/publish` | POST | 发布到社交平台 | ✅ |
#### 2.3 Celery 任务定义
@@ -221,7 +221,7 @@ cp -r SuperIPAgent/social-auto-upload backend/social_upload
| **声音克隆** | 集成 GPT-SoVITS用自己的声音 |
| **批量生成** | 上传 Excel/CSV批量生成视频 |
| **字幕编辑器** | 可视化调整字幕样式、位置 |
| **Docker 部署** | 一键部署到云服务器 |
| **Docker 部署** | 一键部署到云服务器 | ✅ |
---
@@ -295,6 +295,34 @@ cp -r SuperIPAgent/social-auto-upload backend/social_upload
- [x] 超时保护 (消除无限循环)
- [x] 完整类型提示
### 阶段十四:用户认证系统 (Day 9) ✅
> **目标**:实现安全、隔离的多用户认证体系
- [x] Supabase 云数据库集成 (本地自托管)
- [x] JWT + HttpOnly Cookie 认证架构
- [x] 用户表与权限表设计 (RLS 准备)
- [x] 认证部署文档 (Docs/SUPABASE_DEPLOY.md)
### 阶段十五:部署稳定性优化 (Day 9) ✅
> **目标**:确保生产环境服务长期稳定
- [x] 依赖冲突修复 (bcrypt)
- [x] 前端构建修复 (Production Build)
- [x] PM2 进程守护配置
- [x] 部署手册更新 (Docs/DEPLOY_MANUAL.md)
### 阶段十六HTTPS 全栈部署 (Day 10) ✅
> **目标**:实现安全的公网 HTTPS 访问
- [x] 阿里云 Nginx 反向代理配置
- [x] Let's Encrypt SSL 证书集成
- [x] Supabase 自托管部署 (Docker)
- [x] 端口冲突解决 (3003/8008/8444)
- [x] Basic Auth 管理后台保护
---
## 项目目录结构 (最终)

3
Docs/task_complete.md
View File

@@ -144,6 +144,9 @@
- [x] Nginx HTTPS 配置 (反向代理 + SSL)
- [x] 浏览器标题修改 (ViGent)
- [x] 代码自适应 HTTPS 验证
- [x] **Supabase 自托管部署** (Docker, 3003/8008端口)
- [x] **安全加固** (Basic Auth 保护后台)
- [x] **端口冲突解决** (迁移 Analytics/Kong)
---