marketing-shibata50/9router
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9router/gitbook/content/vi/deployment/cloud.md
decolua fd92af77a0 Feat : Gitbook
2026-05-11 11:50:24 +07:00

473 lines
8.5 KiB
Markdown
Raw Blame History

# ☁️ Triển khai Cloud
Triển khai 9Router trên VPS hoặc Docker để truy cập từ xa và dùng trong production.
---
## 🖥️ Triển khai VPS
### Yêu cầu
- Ubuntu 20.04+ hoặc distro Linux tương tự
- Node.js 20+
- Git
- Quyền root hoặc sudo
### Bước 1: Clone Repository
```bash
git clone https://github.com/decolua/9router.git
cd 9router/app
```
### Bước 2: Cài đặt Dependencies
```bash
npm install
```
### Bước 3: Build Application
```bash
npm run build
```
### Bước 4: Cấu hình biến môi trường
Tạo file `.env` hoặc export biến:
```bash
export JWT_SECRET="your-secure-secret-change-this-to-random-string"
export INITIAL_PASSWORD="your-secure-password"
export DATA_DIR="/var/lib/9router"
export NODE_ENV="production"
```
**Biến môi trường:**
| Biến | Mặc định | Mô tả |
|----------|---------|-------------|
| `JWT_SECRET` | Auto-generated | **PHẢI đổi trong production!** Dùng để ký JWT token |
| `INITIAL_PASSWORD` | `123456` | Mật khẩu đăng nhập Dashboard |
| `DATA_DIR` | `~/.9router` | Đường dẫn lưu database và data |
| `NODE_ENV` | `development` | Đặt `production` cho deployment |
| `ENABLE_REQUEST_LOGS` | `false` | Bật debug request/response logs |
### Bước 5: Tạo Data Directory
```bash
sudo mkdir -p /var/lib/9router
sudo chown $USER:$USER /var/lib/9router
```
### Bước 6: Khởi động Application
```bash
npm run start
```
### Bước 7: Setup PM2 cho Production
PM2 giữ application chạy và tự khởi động lại khi crash:
```bash
# Install PM2 globally
npm install -g pm2
# Start 9Router with PM2
pm2 start npm --name 9router -- start
# Save PM2 configuration
pm2 save
# Setup PM2 to start on system boot
pm2 startup
# Follow the instructions printed by the command above
```
**Lệnh quản lý PM2:**
```bash
# View logs
pm2 logs 9router
# Restart application
pm2 restart 9router
# Stop application
pm2 stop 9router
# View status
pm2 status
# Monitor resources
pm2 monit
```
---
## 🐳 Triển khai Docker
### Cách 1: Dùng Dockerfile
Tạo `Dockerfile` trong thư mục `app`:
```dockerfile
FROM node:20-alpine
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install dependencies
RUN npm ci --only=production
# Copy application files
COPY . .
# Build application
RUN npm run build
# Expose ports
EXPOSE 3000 20128
# Set environment variables
ENV NODE_ENV=production
ENV DATA_DIR=/app/data
# Create data directory
RUN mkdir -p /app/data
# Start application
CMD ["npm", "run", "start"]
```
**Build và Run:**
```bash
# Build image
docker build -t 9router .
# Run container
docker run -d \
--name 9router \
-p 3000:3000 \
-p 20128:20128 \
-e JWT_SECRET="your-secure-secret-change-this" \
-e INITIAL_PASSWORD="your-secure-password" \
-v 9router-data:/app/data \
9router
```
### Cách 2: Docker Compose
Tạo `docker-compose.yml`:
```yaml
version: '3.8'
services:
9router:
build: .
container_name: 9router
ports:
- "3000:3000"
- "20128:20128"
environment:
- NODE_ENV=production
- JWT_SECRET=your-secure-secret-change-this
- INITIAL_PASSWORD=your-secure-password
- DATA_DIR=/app/data
volumes:
- 9router-data:/app/data
restart: unless-stopped
volumes:
9router-data:
```
**Chạy với Docker Compose:**
```bash
# Start services
docker-compose up -d
# View logs
docker-compose logs -f
# Stop services
docker-compose down
# Rebuild and restart
docker-compose up -d --build
```
---
## 🌐 Reverse Proxy với Nginx
### Tại sao dùng Nginx?
- Terminate SSL/TLS
- Map domain
- Load balancing
- Bảo mật tốt hơn
### Bước 1: Cài đặt Nginx
```bash
sudo apt update
sudo apt install nginx
```
### Bước 2: Cấu hình Nginx
Tạo `/etc/nginx/sites-available/9router`:
```nginx
server {
listen 80;
server_name your-domain.com;
# Redirect HTTP to HTTPS
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name your-domain.com;
# SSL certificates (use certbot to generate)
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
# SSL configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Proxy to 9Router
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
# SSE support - CRITICAL for streaming
proxy_buffering off;
proxy_read_timeout 86400;
}
# API endpoint
location /v1 {
proxy_pass http://localhost:20128;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# SSE support - CRITICAL for streaming
proxy_buffering off;
proxy_read_timeout 86400;
}
}
```
### Bước 3: Enable Site
```bash
# Create symbolic link
sudo ln -s /etc/nginx/sites-available/9router /etc/nginx/sites-enabled/
# Test configuration
sudo nginx -t
# Reload Nginx
sudo systemctl reload nginx
```
### Bước 4: Setup SSL với Let's Encrypt
```bash
# Install certbot
sudo apt install certbot python3-certbot-nginx
# Obtain SSL certificate
sudo certbot --nginx -d your-domain.com
# Auto-renewal is configured automatically
# Test renewal
sudo certbot renew --dry-run
```
---
## 🔒 Cân nhắc về Bảo mật
### 1. Đổi credentials mặc định
**QUAN TRỌNG:** Đổi `JWT_SECRET``INITIAL_PASSWORD` trước khi deploy:
```bash
# Generate secure JWT secret
openssl rand -base64 32
# Use this value for JWT_SECRET
export JWT_SECRET="generated-secret-here"
```
### 2. Cấu hình Firewall
```bash
# Allow SSH
sudo ufw allow 22/tcp
# Allow HTTP/HTTPS (if using Nginx)
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# If NOT using reverse proxy, allow 9Router ports
sudo ufw allow 3000/tcp
sudo ufw allow 20128/tcp
# Enable firewall
sudo ufw enable
```
### 3. Giới hạn truy cập Dashboard
Nếu chỉ cần truy cập API, giới hạn port dashboard:
```bash
# Only allow localhost access to dashboard
sudo ufw deny 3000/tcp
```
Truy cập dashboard qua SSH tunnel:
```bash
ssh -L 3000:localhost:3000 user@your-server.com
# Then open http://localhost:3000 in your browser
```
### 4. Cập nhật định kỳ
```bash
# Update system packages
sudo apt update && sudo apt upgrade -y
# Update 9Router
cd /path/to/9router/app
git pull
npm install
npm run build
pm2 restart 9router
```
### 5. Chiến lược Backup
```bash
# Backup data directory
tar -czf 9router-backup-$(date +%Y%m%d).tar.gz /var/lib/9router
# Automated daily backup (add to crontab)
0 2 * * * tar -czf /backups/9router-$(date +\%Y\%m\%d).tar.gz /var/lib/9router
```
---
## 📊 Giám sát
### Kiểm tra trạng thái Application
```bash
# PM2 status
pm2 status
# View logs
pm2 logs 9router --lines 100
# Monitor resources
pm2 monit
```
### Nginx Logs
```bash
# Access logs
sudo tail -f /var/log/nginx/access.log
# Error logs
sudo tail -f /var/log/nginx/error.log
```
### Tài nguyên hệ thống
```bash
# CPU and memory usage
htop
# Disk usage
df -h
# Network connections
netstat -tulpn | grep -E '3000|20128'
```
---
## 🚨 Troubleshooting
### Application không khởi động
```bash
# Check logs
pm2 logs 9router
# Check if ports are in use
sudo lsof -i :3000
sudo lsof -i :20128
# Check environment variables
pm2 env 9router
```
### Nginx 502 Bad Gateway
```bash
# Check if 9Router is running
pm2 status
# Check Nginx error logs
sudo tail -f /var/log/nginx/error.log
# Test Nginx configuration
sudo nginx -t
```
### SSE Streaming không hoạt động
Đảm bảo `proxy_buffering off` được set trong cấu hình Nginx để hỗ trợ SSE.
### Lỗi Permission Denied
```bash
# Fix data directory permissions
sudo chown -R $USER:$USER /var/lib/9router
chmod 755 /var/lib/9router
```
---
## 🔗 Bước tiếp theo
- [Kết nối Providers](/providers/subscription.md)
- [Setup Combos](/features/combos.md)
- [Tích hợp với Tools](/integration/cursor.md)
Reference in a new issue View git blame Copy permalink