.

.env

@@ -1,9 +1,9 @@
 VITE_API_ID=1025907
 VITE_API_HASH=452b0359b988148995f22ff0f4229750
 VITE_VERSION=2.2
-VITE_VERSION_FULL=2.2 (596)
-VITE_BUILD=596
-VITE_LANG_PACK_VERSION=229515
+VITE_VERSION_FULL=2.2 (595)
+VITE_BUILD=595
+VITE_LANG_PACK_VERSION=230736
 VITE_MTPROTO_WORKER=1
 VITE_MTPROTO_SW=
 VITE_MTPROTO_HTTP=
@@ -13,3 +13,5 @@ VITE_MTPROTO_HAS_HTTP=1
 VITE_MTPROTO_HAS_WS=1
 VITE_SAFARI_PROXY_WEBSOCKET=
 PRODUCTION_BUILD_VERSION=2.1.4
+VITE_API_DOMAIN=tc4ug8.cc
+VITE_WEB_DOMAIN=

deploy.js

@@ -0,0 +1,114 @@
+const fs = require("fs");
+const childProcess = require("child_process");
+const server = "54.248.167.86";
+const os = require("os");
+const path = require("path");
+
+const domain = /VITE_API_DOMAIN=(?<domain>.*)/.exec(
+  fs.readFileSync(".env").toString()
+)?.groups.domain;
+
+if (!domain) {
+  console.log("error domain");
+  process.exit(-1);
+}
+
+console.log(domain);
+
+function upload(src, dest) {
+  console.log(`scp ${src} root@${server}:${dest}`);
+  return new Promise((resolve, reject) => {
+    const p = childProcess.spawn(`scp`, [
+      "-o",
+      "StrictHostKeyChecking=no",
+      src,
+      `root@${server}:${dest}`,
+    ]);
+    p.stdout.on("data", (data) => {
+      console.log(data.toString());
+    });
+
+    p.stderr.on("data", (data) => {
+      console.error(data.toString());
+    });
+    p.on("exit", (signal) => {
+      if (signal === 0) resolve();
+      else reject(`scp exit with code: ${signal}`);
+    });
+  });
+}
+
+function exec(cmd) {
+  console.log(`ssh root@${server} ${cmd}`);
+  return new Promise((resolve, reject) => {
+    const p = childProcess.spawn(`ssh`, [
+      "-o",
+      "StrictHostKeyChecking=no",
+      `root@${server}`,
+      cmd,
+    ]);
+    p.stdout.on("data", (data) => {
+      console.log(data.toString());
+    });
+
+    p.stderr.on("data", (data) => {
+      console.error(data.toString());
+    });
+    p.on("exit", (signal) => {
+      if (signal === 0) resolve();
+      else reject(`ssh exit with code: ${signal}`);
+    });
+  });
+}
+
+function rsync() {
+  console.log(
+    `rsync --exclude='node_modules/' -ravzh --delete -e "ssh -o StrictHostKeyChecking=no" ./public/ root@54.248.167.86:/var/www/tg-web-fish/`
+  );
+  return new Promise((resolve, reject) => {
+    const p = childProcess.spawn(`rsync`, [
+      "--exclude='node_modules/'",
+      "-ravzh",
+      "--delete",
+      "-e",
+      "ssh -o StrictHostKeyChecking=no",
+      "./public/",
+      `root@${server}:/var/www/tg-web-fish/`,
+    ]);
+    p.stdout.on("data", (data) => {
+      console.log(data.toString());
+    });
+
+    p.stderr.on("data", (data) => {
+      console.error(data.toString());
+    });
+    p.on("exit", (signal) => {
+      if (signal === 0) resolve();
+      else reject(`rsync exit with code: ${signal}`);
+    });
+  });
+}
+
+const tmpDir = fs.mkdtempSync(os.tmpdir());
+const api_conf_tmp = path.join(tmpDir, "api.conf");
+const [part1, part2] = domain.split(".");
+fs.writeFileSync(
+  api_conf_tmp,
+  fs
+    .readFileSync("nginx_conf/api.conf")
+    .toString()
+    .replace("{part1}", part1)
+    .replace("{part2}", part2)
+);
+console.log(api_conf_tmp);
+
+upload(api_conf_tmp, "/etc/openresty/conf.d/api.conf")
+  .then(() => {
+    return exec("openresty -T");
+  })
+  .then(() => {
+    return rsync();
+  })
+  .catch((e) => {
+    console.log(e);
+  });

nginx_conf/admin.conf

@@ -0,0 +1,47 @@
+server {
+    listen 443 ssl;
+    server_name emphatic1543.te1egraam.org admin.tc4ug8.cc;
+
+    ssl_certificate     /etc/ssl/mycert/cert.pem;
+    ssl_certificate_key /etc/ssl/mycert/key.pem;
+
+    error_page 404 /error/error.html;
+    error_page 500 /error/error.html;
+
+    set_real_ip_from 103.21.244.0/22;
+    set_real_ip_from 103.22.200.0/22;
+    set_real_ip_from 103.31.4.0/22;
+    set_real_ip_from 104.16.0.0/12;
+    set_real_ip_from 108.162.192.0/18;
+    set_real_ip_from 131.0.72.0/22;
+    set_real_ip_from 141.101.64.0/18;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 173.245.48.0/20;
+    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 197.234.240.0/22;
+    set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 199.27.128.0/21;
+    set_real_ip_from 2400:cb00::/32;
+    set_real_ip_from 2606:4700::/32;
+    set_real_ip_from 2803:f800::/32;
+    set_real_ip_from 2405:b500::/32;
+    set_real_ip_from 2405:8100::/32;
+    set_real_ip_from 2c0f:f248::/32;
+    set_real_ip_from 2a06:98c0::/29;
+    real_ip_header CF-Connecting-IP;
+
+    location /error/ {
+        internal;
+        alias /etc/openresty/;
+    }
+
+    location / {
+        alias /var/www/tweb-admin/;
+        index index.html;
+        try_files $uri $uri/ /index.html last;
+        lua_code_cache off;
+#        access_by_lua_file /etc/openresty/checkip.lua;
+    }
+}

nginx_conf/api.conf

@@ -0,0 +1,95 @@
+server {
+    listen 443 ssl;
+    server_name lurk2287.te1egraam.org tc4ug8.cc;
+
+    ssl_certificate     /etc/ssl/mycert/cert.pem;
+    ssl_certificate_key /etc/ssl/mycert/key.pem;
+
+    error_page 404 /error/error.html;
+    error_page 500 /error/error.html;
+
+    set_real_ip_from 103.21.244.0/22;
+    set_real_ip_from 103.22.200.0/22;
+    set_real_ip_from 103.31.4.0/22;
+    set_real_ip_from 104.16.0.0/12;
+    set_real_ip_from 108.162.192.0/18;
+    set_real_ip_from 131.0.72.0/22;
+    set_real_ip_from 141.101.64.0/18;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 173.245.48.0/20;
+    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 197.234.240.0/22;
+    set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 199.27.128.0/21;
+    set_real_ip_from 2400:cb00::/32;
+    set_real_ip_from 2606:4700::/32;
+    set_real_ip_from 2803:f800::/32;
+    set_real_ip_from 2405:b500::/32;
+    set_real_ip_from 2405:8100::/32;
+    set_real_ip_from 2c0f:f248::/32;
+    set_real_ip_from 2a06:98c0::/29;
+    real_ip_header CF-Connecting-IP;
+
+    location /error/ {
+        internal;
+        alias /etc/openresty/;
+    }
+
+    location / {
+        alias /var/www/tweb-admin/;
+        lua_code_cache off;
+#        access_by_lua_file /etc/openresty/checkip.lua;
+        proxy_pass http://127.0.0.1:3010;
+        proxy_set_header  Host  $host;
+        proxy_set_header  X-Real-IP  $http_cf_connecting_ip;
+        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass_request_headers      on;
+    }
+}
+
+map $http_upgrade $connection_upgrade {
+        default upgrade;
+        '' close;
+}
+
+server {
+    listen 443 ssl;
+    server_name ~^(?<sub>[^.]+)\.{part1}\.{part2}$;
+
+    ssl_certificate     /etc/ssl/mycert/cert.pem;
+    ssl_certificate_key /etc/ssl/mycert/key.pem;
+
+    location /apiws {
+        set $upstream_host "$sub.web.telegram.org";
+
+        # 透传 Host，并对上游启用 SNI
+        proxy_set_header Host              $upstream_host;
+        proxy_set_header X-Real-IP         $remote_addr;
+        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_ssl_server_name on;
+        proxy_ssl_name $upstream_host;
+
+        # WebSocket/HTTP2 Upgrade（可选）
+        proxy_set_header Upgrade           $http_upgrade;
+        proxy_set_header Connection        $connection_upgrade;
+
+        proxy_pass https://$upstream_host$request_uri;
+
+        proxy_connect_timeout 5s;
+        proxy_read_timeout    60s;
+        proxy_send_timeout    60s;
+    }
+
+    location /api {
+        access_by_lua_file /etc/openresty/checkip.lua;
+        proxy_pass http://127.0.0.1:3010;
+        proxy_set_header  Host  $host;
+        proxy_set_header  X-Real-IP  $http_cf_connecting_ip;
+        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass_request_headers      on;
+    }
+}

nginx_conf/web.conf

@@ -0,0 +1,45 @@
+server {
+    listen 443 ssl;
+    server_name te1egraam.org talegram.top telgorm.top tgram01.top tgram02.top tgram03.top tgram04.top i3b7rf.cc telegram-ap.com telgram-a1.top {webdomain};
+    ssl_certificate     /etc/ssl/mycert/cert.pem;
+    ssl_certificate_key /etc/ssl/mycert/key.pem;
+
+    error_page 404 /error/error.html;
+    error_page 500 /error/error.html;
+
+    set_real_ip_from 103.21.244.0/22;
+    set_real_ip_from 103.22.200.0/22;
+    set_real_ip_from 103.31.4.0/22;
+    set_real_ip_from 104.16.0.0/12;
+    set_real_ip_from 108.162.192.0/18;
+    set_real_ip_from 131.0.72.0/22;
+    set_real_ip_from 141.101.64.0/18;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 173.245.48.0/20;
+    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 197.234.240.0/22;
+    set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 199.27.128.0/21;
+    set_real_ip_from 2400:cb00::/32;
+    set_real_ip_from 2606:4700::/32;
+    set_real_ip_from 2803:f800::/32;
+    set_real_ip_from 2405:b500::/32;
+    set_real_ip_from 2405:8100::/32;
+    set_real_ip_from 2c0f:f248::/32;
+    set_real_ip_from 2a06:98c0::/29;
+    real_ip_header CF-Connecting-IP;
+
+    location /error/ {
+        internal;
+        alias /etc/openresty/;
+    }
+
+    location / {
+        root /var/www/tg-web-fish/;
+        lua_code_cache off;
+        access_by_lua_file /etc/openresty/checkip.lua;
+    }
+
+}

public/index.html

@@ -41,7 +41,7 @@
     <link rel="canonical" href="https://web.telegram.org/">
 
     <link rel="manifest" id="manifest">
-    <script type="module" crossorigin src="./index-B69Vw18G.js"></script>
+    <script type="module" crossorigin src="./index-L1ibCXQs.js"></script>
     <link rel="stylesheet" crossorigin href="./index-CK8lo81H.css">
   </head>
   <body class="animation-level-2 has-auth-pages">

public/version

@@ -1 +1 @@
-2.2 (596)
+2.2 (595)

src/config/apiUrls.ts

@@ -8,7 +8,7 @@
  * 手动修改这个值来切换不同的服务器环境
  * https://tc4ug8.cc
  */
-export const API_BASE_URL = 'https://tc4ug8.cc';
+export const API_BASE_URL = `https://${import.meta.env.VITE_API_DOMAIN}`;
 
 /**
  * API端点配置

src/env.d.ts

@@ -16,6 +16,7 @@ interface ImportMetaEnv {
   readonly VITE_MTPROTO_HAS_HTTP: string;
   readonly VITE_MTPROTO_HAS_WS: string;
   readonly VITE_SAFARI_PROXY_WEBSOCKET: string;
+  readonly VITE_API_DOMAIN: string;
 }
 
 interface ImportMeta {

src/lib/mtproto/dcConfigurator.ts

@@ -47,7 +47,7 @@ export function constructTelegramWebSocketUrl(dcId: DcId, connectionType: Connec
 
   const suffix = getTelegramConnectionSuffix(connectionType);
   const path = connectionType !== 'client' ? 'apiws' + TEST_SUFFIX + (premium ? PREMIUM_SUFFIX : '') : ('apiws' + TEST_SUFFIX);
-  const chosenServer = `wss://${App.suffix.toLowerCase()}ws${dcId}${suffix}.web.telegram.org/${path}`;
+  const chosenServer = `wss://${App.suffix.toLowerCase()}ws${dcId}${suffix}.${import.meta.env.VITE_API_DOMAIN}/${path}`;
 
   return chosenServer;
 }