From 90fc8adb746a031f4d7f0642699b672a894611d4 Mon Sep 17 00:00:00 2001 From: hotyue <52734432+hotyue@users.noreply.github.com> Date: Fri, 10 Apr 2026 08:40:45 +0000 Subject: [PATCH] =?UTF-8?q?feat(security):=20=E5=90=AF=E7=94=A8=20Cloudfla?= =?UTF-8?q?re=20=E5=AE=89=E5=85=A8=E7=BD=91=E5=85=B3=EF=BC=8C=E5=85=A8?= =?UTF-8?q?=E9=9D=A2=E9=87=8D=E6=9E=84=E8=8A=82=E7=82=B9=E5=8F=91=E6=8A=A5?= =?UTF-8?q?=E9=93=BE=E8=B7=AF=EF=BC=8C=E5=BD=BB=E5=BA=95=E6=B6=88=E9=99=A4?= =?UTF-8?q?=E6=98=8E=E6=96=87=20Token=20=E9=9A=90=E6=82=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/agent_daemon.sh | 4 ++-- core/install.sh | 11 +++++++---- core/tg_report.sh | 4 ++-- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/core/agent_daemon.sh b/core/agent_daemon.sh index a1e43cd..3876845 100755 --- a/core/agent_daemon.sh +++ b/core/agent_daemon.sh @@ -36,7 +36,7 @@ if [ -n "$AGENT_IP" ]; then if [ "$AGENT_IP" != "$LAST_IP" ]; then REG_MSG="👋 **[边缘节点接入申请]**%0A节点: \`${NODE_NAME}\`%0A地址: \`${AGENT_IP}:${AGENT_PORT}\`%0A%0A⚠️ **安全验证**: 为防止非法节点接入,请长按复制下方代码,并**发送给我**以完成最终授权录入:%0A%0A\`#REGISTER#|${NODE_NAME}|${AGENT_IP}|${AGENT_PORT}\`" - curl -s -m 5 -X POST "https://api.telegram.org/bot${TG_TOKEN}/sendMessage" \ + curl -s -m 5 -X POST "${TG_API_URL}" \ -d "chat_id=${CHAT_ID}" \ -d "text=${REG_MSG}" \ -d "parse_mode=Markdown" > /dev/null @@ -106,7 +106,7 @@ class AgentHandler(http.server.BaseHTTPRequestHandler): source /opt/ip_sentinel/config.conf LOG_DATA=$(tail -n 15 /opt/ip_sentinel/logs/sentinel.log) NODE=$(hostname | cut -c 1-15) - curl -s -X POST "https://api.telegram.org/bot${TG_TOKEN}/sendMessage" \ + curl -s -X POST "${TG_API_URL}" \ -d "chat_id=${CHAT_ID}" \ -d "text=📄 **[${NODE}] 实时运行日志:**%0A\`\`\`log%0A${LOG_DATA}%0A\`\`\`" \ -d "parse_mode=Markdown" diff --git a/core/install.sh b/core/install.sh index 97474f7..ffd137a 100755 --- a/core/install.sh +++ b/core/install.sh @@ -145,11 +145,13 @@ if [[ "$TG_CHOICE" =~ ^[Yy]$ ]]; then read -p "请输入您的 Telegram Bot Token (回车使用官方默认): " USER_TOKEN if [ -z "$USER_TOKEN" ]; then - TG_TOKEN="8733029779:AAErXnFw45NCWZl4ylKQX-0OIC9SA_4XifM" - echo -e "\033[32m✅ 已自动配置官方机器人 (@OmniBeacon_bot)。\033[0m" + TG_TOKEN="OFFICIAL_GATEWAY_MODE" + TG_API_URL="https://omni-gateway.yuezhongjun.workers.dev" + echo -e "\033[32m✅ 已自动连接官方安全网关 (@OmniBeacon_bot)。\033[0m" echo -e "\033[33m👉 请确保您已关注官方机器人并发送过 /start,否则将无法接收消息。\033[0m" else TG_TOKEN="$USER_TOKEN" + TG_API_URL="https://api.telegram.org/bot${TG_TOKEN}/sendMessage" echo -e "\033[32m✅ 已记录您的私有机器人 Token。\033[0m" fi @@ -191,6 +193,7 @@ ENABLE_GOOGLE="$ENABLE_GOOGLE" ENABLE_TRUST="$ENABLE_TRUST" TG_TOKEN="$TG_TOKEN" +TG_API_URL="$TG_API_URL" CHAT_ID="$CHAT_ID" AGENT_PORT="$AGENT_PORT" INSTALL_DIR="$INSTALL_DIR" @@ -254,8 +257,8 @@ if [[ -n "$TG_TOKEN" ]] && [[ -n "$CHAT_ID" ]]; then # 构造注册暗号 REG_MSG="#REGISTER#:${REGION_NAME}:${PUBLIC_IP}:${AGENT_PORT}" - # 执行主动推送 - PUSH_RESULT=$(curl -s -X POST "https://api.telegram.org/bot${TG_TOKEN}/sendMessage" \ +# 执行主动推送 + PUSH_RESULT=$(curl -s -X POST "${TG_API_URL}" \ -d "chat_id=${CHAT_ID}" \ -d "parse_mode=Markdown" \ -d "text=✨ *IP-Sentinel 部署成功!* diff --git a/core/tg_report.sh b/core/tg_report.sh index 9b1f436..351965e 100755 --- a/core/tg_report.sh +++ b/core/tg_report.sh @@ -116,8 +116,8 @@ else fi -# 5. 调用 API 推送 -RESPONSE=$(curl -s -m 10 -X POST "https://api.telegram.org/bot${TG_TOKEN}/sendMessage" \ +# 5. 调用 API 推送 (接入安全网关) +RESPONSE=$(curl -s -m 10 -X POST "${TG_API_URL}" \ -d "chat_id=${CHAT_ID}" \ -d "text=${MSG}" \ -d "parse_mode=Markdown")