GithubBackup/IP-Sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
303 Commits 2 Branches 42 Tags
92a65d8308b95ba6dd9ed8dd6ad9557dfd1c729f
Commit Graph

142 Commits

Author SHA1 Message Date
hotyue
7081aa77cc fix(core): 废除 OnBootSec 相对开机时间,改用高兼容性的 OnActiveSec,彻底修复老内核系统下自动巡逻瘫痪的 Bug 2026-04-22 12:42:04 +00:00
hotyue
5e48edb030 fix(core): 废除物理阉割,全量下载模块脚本,彻底修复动态启用模块后提示 403 文件不存在的 Bug 2026-04-22 11:53:20 +00:00
hotyue
c03f6ca9ba chore: 准备 v3.6.3 正式发布,将所有云端资源路由切换回 main 主干分支 2026-04-21 09:48:14 +00:00
hotyue
511ba90378 perf(core): 优化包管理器安装参数,拒绝冗余依赖捆绑,实现 Agent 节点极致轻量化部署 2026-04-21 09:30:04 +00:00
hotyue
01806d20dd fix(core): 引入智能网卡生存探测机制,彻底解决多 IP 站群机因 IP 漂移导致的 curl 死锁断网问题 2026-04-21 09:20:55 +00:00
hotyue
f283a8a4c6 fix(master): 完善向下兼容机制,对未升级老节点自动降级回退至 HTTP 通讯,确保私有司令部平滑过渡 2026-04-21 06:47:02 +00:00
hotyue
0d2433d850 feat(security): 引入动态 TLS 降级机制与自签名证书,全域 Webhook 通讯升级为强加密 HTTPS,彻底阻断明文嗅探风险并完美兼容官方网关 2026-04-21 06:27:58 +00:00
hotyue
a6b01bd8d5 chore(core): 恢复 install.sh 语法完整性,完成 OTA 防砖机制实弹演习 2026-04-21 06:12:38 +00:00
hotyue
8f2279b7e2 chore(core): 破坏 install.sh 语法完整性,用于 OTA 防砖机制实弹演习 2026-04-21 06:09:48 +00:00
hotyue
d37d26708d chore(core): 恢复 install.sh 语法完整性,完成 OTA 防砖机制实弹演习 2026-04-21 06:07:50 +00:00
hotyue
6234d7c49a fix(ota): 重构 Agent 防砖机制,引入双重 Base64 隔离,彻底杜绝 Shell 注入与换行截断,并实现失败主动告警 2026-04-21 06:05:39 +00:00
hotyue
f9a7bba32a Update install.sh 
test
 2026-04-21 13:52:06 +08:00
hotyue
068734da16 fix(ota): 引入 bash -n 语法树完整性校验,彻底阻断因网络波动下载不全导致的单点死机风险 2026-04-21 05:45:50 +00:00
hotyue
a7f08ec7a7 chore(release): 解除测试沙箱 URL 劫持,跃升至 v3.6.2,正式开启 Systemd 与智能双栈纪元 2026-04-21 02:42:04 +00:00
hotyue
0bb96169e5 fix(core): 引入 Ceasefire Protocol (停火协议),彻底解决 Systemd 架构下 OTA 升级引发的无限重启风暴 2026-04-21 02:21:43 +00:00
hotyue
34320b2385 refactor(core): 手工融合 Systemd 引擎与 Root 权限校验 (提取自 PR #25),修复 Cgroup 误杀与交互逻辑陷阱,构建灰度测试候选版 2026-04-21 02:00:10 +00:00
hotyue
c04a4c41e4 fix(core): 修复内核级禁用 IPv6 时 Python Webhook 假死的问题,引入智能 IPv4 降级回退机制 (Resolves #23) 2026-04-20 17:41:17 +00:00
hotyue
3b28ead0e4 chore: 战略撤退,代码全量回滚至 9a38fb6 (PR 引入前的纯净状态) 2026-04-20 17:37:47 +00:00
hotyue
34f2c7e123 fix(core): 引入 systemd-run 逃逸机制,彻底修复 OTA 升级时因子进程被 Cgroup 误杀导致的假死漏洞 2026-04-20 17:13:48 +00:00
hotyue
1e150f26f1 fix(core): 修复内核级禁用 IPv6 时 Python Webhook 假死的问题,引入智能 IPv4 降级回退机制 (Resolves #23) 2026-04-20 16:59:28 +00:00
hotyue
011c1faad4 fix(core): 移除 agent_daemon.sh 尾部的 nohup 后台逻辑,适配 Systemd Type=simple 的前台阻塞监听,修复 cgroup 误杀导致的无限重启死循环 2026-04-20 16:46:45 +00:00
hotyue
2325a8abdf fix(core): 修复节点部署多城市选择分支下 CITY_NAME 变量未赋值导致播报为空的 UI 瑕疵 2026-04-20 16:41:00 +00:00
hotyue
201df489db refactor(core): 缝合 Systemd 架构,修复 PR #25 中的管道符闪退及 oneshot 守护进程死锁漏洞 2026-04-20 16:24:32 +00:00
IcySteam
2d680c5fc7 refactor(core): Enable Systemd and upgrade Sentinel service orchestration 
The legacy crontabs have been superseded by Systemd to fortify orchestration of our global fleet of Sentinels.

While cron relies on timed, fire-and-forget execution, Systemd elevates our operations into natively integrated, state-aware OS daemons. This paradigm shift unlocks precise lifecycle management, unified logging (inspect all service logs with `journalctl -t ip-sentinel`), and absolute control over module deployment.

- Battle-Hardened: Sentinels now auto-resurrect upon failure, bypassing minute-long cron wait times.
- Zero-Impact Missions: Sentinels now operate under strict `idle` CPU/IO scheduling. This guarantees that automated maintenance cycles yield to high-priority user interactions, and never impact primary server workloads.
- Field Intelligence Auto-Stagger: Service-level `RandomizedDelaySec` natively staggers Agent check-ins to protect the Command Center.
- Legacy Fallback: OS interrogation on deployment ensures a seamless fallback to cron for Sentinels operating in Alpine/OpenRC environments.

The fleet is more resilient than ever, but the architecture is always evolving. I highly welcome any reviews/suggestions from the original Author/Commander to perfect this pull request!
 2026-04-21 00:27:01 +10:00
IcySteam
e77b7c0319 fix(telemetry): Implement dual-write logging for Systemd integration 
This commit refactors the internal logging functions across all core modules to guarantee telemetry reaches the Systemd journal. Sentinels now mirror their physical log outputs directly to the OS `logger`, ensuring flawless `journalctl` visibility even when modules are spawned in detached subshells.
 2026-04-21 00:12:03 +10:00
IcySteam
4a28f7f395 fix(core): Mandate root privileges for all setup scripts 
The old setup scripts assume root privileges. We are fixing this by explicitly requiring an `$EUID` root check before execution so that no borked, non-root installations happen.
 2026-04-20 19:46:30 +10:00
IcySteam
cd5160d1ea core(AU): Add AU flag to TG menu 2026-04-19 01:05:28 +10:00
hotyue
5dfaa19cca chore: 移除测试期 dev-v3.6.0 专属锚点,全系组件直链恢复至 main 主分支,准备发布正式版 2026-04-17 15:07:45 +00:00
hotyue
722db9f6d1 style(core): 引入终端 OSC 8 超链接特性,重构教程链接交互为点击即达,提升终端沉浸式体验 2026-04-17 14:35:55 +00:00
hotyue
3e9a82a657 chore: 临时将各组件拉取直链指向 dev-v3.6.0 分支,修复跨分支拉取导致的数据解析错位 2026-04-17 13:27:20 +00:00
hotyue
898349d22e feat(core): Webhook 通讯引擎新增 /trigger_ota 高危路由,实装本地与网关双重熔断校验,并支持后台剥离交互的静默热重载 2026-04-17 13:06:44 +00:00
hotyue
9ea188cb6d feat(core): 部署向导新增静默接管模式 (SILENT_OTA),并实现基于双轨网关的 OTA 权限物理熔断与配置下发 2026-04-17 13:06:37 +00:00
hotyue
45475f14b7 feat(core): 优化中枢接入交互引导,将私有独立部署设为首选默认项,为后续 OTA 远程平滑升级铺路 2026-04-17 07:06:45 +00:00
hotyue
30f396aefe fix(core): 升级智能包管理器嗅探器,彻底修复 Alpine/Arch 依赖安装失败 Bug,并重构 Master 接入交互逻辑防止误触跳过 (Resolves #21) 2026-04-17 06:49:16 +00:00
hotyue
7cf7117615 fix(core): 增强安装引擎容错能力,加固 Cron 清理逻辑并严格限制底层物理标识符格式 2026-04-17 05:32:19 +00:00
hotyue
062305d126 fix(core): Webhook 引擎引入 fcntl 排他写锁防配置文件损坏,强制清洗底层物理主键 2026-04-17 05:32:15 +00:00
hotyue
f451aea643 fix(core): 优化战报日志提取逻辑,改用精确截断替代全量扫描,大幅降低 I/O 消耗 2026-04-17 05:32:09 +00:00
hotyue
d96b6e769a fix(core): 引入 flock 排他锁,彻底解决 Cron 任务重入导致的内存雪崩与 Fork 炸弹 2026-04-17 05:31:58 +00:00
hotyue
f5aa68a8dc feat(core): [v3.5.3] Webhook 引擎新增模块动态启停(Toggle)路由,支持安全重写本地配置 (Resolves #19) 2026-04-17 02:40:19 +00:00
hotyue
63bbbd549e feat(agent): [v3.5.3] 优化安装向导,默认全量部署养护模块以支持远端动态控制 (Resolves #19) 2026-04-17 02:40:14 +00:00
hotyue
5e40ed426b chore: revert failed v3.6.0 attempts, rollback to safe state 2026-04-17 02:24:07 +00:00
hotyue
aebf3a9e90 fix(core): [v3.6.0] 终极修复 OTA 死锁:解决 curl 管道吞噬脚本 Bug,并应用底层网络脱壳机制 2026-04-17 02:17:32 +00:00
hotyue
8a3d7c305b fix(core): [v3.6.0] 彻底重构 OTA 升级调度,引入外挂延时脚本实现 100% 的网络脱壳与静默重启 2026-04-17 02:09:05 +00:00
hotyue
2d580eaea2 fix(core): [v3.6.0] 彻底解决 OTA 升级 TCP 通讯超时 Bug,引入 close_fds 剥离套接字继承机制 2026-04-17 01:59:29 +00:00
hotyue
d7ab695372 fix(core): [v3.6.0] 彻底解决 OTA 升级 TCP 通讯超时 Bug,引入异步守护线程与套接字剥离机制 2026-04-17 01:48:46 +00:00
hotyue
0c250dfd17 fix(core): [v3.6.0] 修复 OTA 升级时的竞态自杀 Bug,引入 TCP 强制刷新与 3 秒延迟脱壳机制 2026-04-17 01:44:40 +00:00
hotyue
46e418dfd0 feat(core): [v3.6.0] Webhook 引擎新增 OTA 升级与动态启停路由,实装底层权限物理熔断机制 (Resolves #17, Resolves #19) 2026-04-17 01:19:13 +00:00
hotyue
673e0ce3e6 feat(agent): [v3.6.0] 重构安装向导,引入静默 OTA 嗅探机制与双端授权防线,默认全量部署养护模块 (Resolves #17, Resolves #19) 2026-04-17 01:19:06 +00:00
hotyue
c4faa102cf fix(installer): [v3.5.2] 修复交互向导首选项的默认值丢失问题,防止直接回车导致平滑升级失效被误删档 2026-04-16 07:52:45 +00:00
hotyue
e6c6e66e4b feat(agent): [v3.5.2] 剥除改名后的冗余 TG 推送报文,实现静默修改配置与底层 HTTP 回执 2026-04-16 05:51:04 +00:00