Skip to content

Commit 7d8afa0

Browse files
committed
Improve bilingual documentation
1 parent f9d6410 commit 7d8afa0

3 files changed

Lines changed: 377 additions & 131 deletions

File tree

DEPLOYMENT.md

Lines changed: 165 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,165 @@
1+
# Deployment Guide / 部署指南
2+
3+
[English](#english) | [中文](#中文)
4+
5+
## English
6+
7+
This guide covers a practical production deployment for API Hub Mobile.
8+
9+
### 1. Requirements
10+
11+
- Node.js 18 or later
12+
- A persistent `data/` directory
13+
- HTTPS reverse proxy for public access
14+
- Strong admin password and encryption secret
15+
16+
### 2. Environment Variables
17+
18+
| Variable | Recommended | Description |
19+
| --- | --- | --- |
20+
| `PORT` | `4173` | HTTP listen port |
21+
| `APIHUB_ADMIN_USER` | `admin` | Admin username |
22+
| `APIHUB_ADMIN_PASSWORD` | Required | Admin login password |
23+
| `APIHUB_SECRET` | Required | Secret used to derive the AES-GCM encryption key |
24+
| `APIHUB_COOKIE_SECURE` | `true` with HTTPS | Adds `Secure` to the session cookie |
25+
| `APIHUB_ENABLE_MOCKS` | `false` in production | Disables local mock remote endpoints |
26+
27+
### 3. Start the App
28+
29+
Linux / macOS:
30+
31+
```bash
32+
PORT=4173 \
33+
APIHUB_ADMIN_USER=admin \
34+
APIHUB_ADMIN_PASSWORD=replace-with-a-strong-password \
35+
APIHUB_SECRET=replace-with-a-long-random-secret \
36+
APIHUB_COOKIE_SECURE=true \
37+
APIHUB_ENABLE_MOCKS=false \
38+
node server.js
39+
```
40+
41+
Windows PowerShell:
42+
43+
```powershell
44+
$env:PORT="4173"
45+
$env:APIHUB_ADMIN_USER="admin"
46+
$env:APIHUB_ADMIN_PASSWORD="replace-with-a-strong-password"
47+
$env:APIHUB_SECRET="replace-with-a-long-random-secret"
48+
$env:APIHUB_COOKIE_SECURE="true"
49+
$env:APIHUB_ENABLE_MOCKS="false"
50+
node server.js
51+
```
52+
53+
### 4. Reverse Proxy
54+
55+
Put the app behind Nginx, Caddy, Traefik, or a platform gateway.
56+
57+
Production checklist:
58+
59+
- Serve the public site over HTTPS.
60+
- Set `APIHUB_COOKIE_SECURE=true`.
61+
- Do not expose `data/` as static files.
62+
- Keep request logs free of credentials.
63+
- Persist and back up `data/store.json`.
64+
- Keep `APIHUB_SECRET` stable. Changing it will make existing encrypted credentials unreadable.
65+
66+
### 5. Data Files
67+
68+
`data/` may contain:
69+
70+
- `store.json`: local app data and encrypted credentials
71+
- `secret.key`: generated local encryption key when `APIHUB_SECRET` is not set
72+
- `initial-admin-password.txt`: generated first-run password when `APIHUB_ADMIN_PASSWORD` is not set
73+
74+
Never commit these files.
75+
76+
### 6. Pre-Deployment Checks
77+
78+
```bash
79+
node --check server.js
80+
node --check public/app.js
81+
git status --short --ignored
82+
```
83+
84+
Confirm that `data/` and `verification/` are ignored.
85+
86+
## 中文
87+
88+
这份文档用于说明 API Hub Mobile 的生产部署方式。
89+
90+
### 1. 运行要求
91+
92+
- Node.js 18 或更高版本
93+
- 持久化 `data/` 目录
94+
- 公开访问时建议使用 HTTPS 反向代理
95+
- 强管理员密码和加密密钥
96+
97+
### 2. 环境变量
98+
99+
| 变量 | 建议值 | 说明 |
100+
| --- | --- | --- |
101+
| `PORT` | `4173` | HTTP 监听端口 |
102+
| `APIHUB_ADMIN_USER` | `admin` | 管理员用户名 |
103+
| `APIHUB_ADMIN_PASSWORD` | 必填 | 管理员登录密码 |
104+
| `APIHUB_SECRET` | 必填 | 用于派生 AES-GCM 加密密钥 |
105+
| `APIHUB_COOKIE_SECURE` | HTTPS 下设为 `true` | 为会话 Cookie 添加 `Secure` |
106+
| `APIHUB_ENABLE_MOCKS` | 生产设为 `false` | 关闭本地 mock 远端接口 |
107+
108+
### 3. 启动应用
109+
110+
Linux / macOS:
111+
112+
```bash
113+
PORT=4173 \
114+
APIHUB_ADMIN_USER=admin \
115+
APIHUB_ADMIN_PASSWORD=replace-with-a-strong-password \
116+
APIHUB_SECRET=replace-with-a-long-random-secret \
117+
APIHUB_COOKIE_SECURE=true \
118+
APIHUB_ENABLE_MOCKS=false \
119+
node server.js
120+
```
121+
122+
Windows PowerShell:
123+
124+
```powershell
125+
$env:PORT="4173"
126+
$env:APIHUB_ADMIN_USER="admin"
127+
$env:APIHUB_ADMIN_PASSWORD="replace-with-a-strong-password"
128+
$env:APIHUB_SECRET="replace-with-a-long-random-secret"
129+
$env:APIHUB_COOKIE_SECURE="true"
130+
$env:APIHUB_ENABLE_MOCKS="false"
131+
node server.js
132+
```
133+
134+
### 4. 反向代理
135+
136+
建议使用 Nginx、Caddy、Traefik 或平台网关提供 HTTPS。
137+
138+
生产检查清单:
139+
140+
- 对外使用 HTTPS。
141+
- 设置 `APIHUB_COOKIE_SECURE=true`
142+
- 不要把 `data/` 作为静态文件暴露。
143+
- 请求日志不要记录凭证。
144+
- 持久化并备份 `data/store.json`
145+
- 保持 `APIHUB_SECRET` 稳定。更换后,已有加密凭证将无法解密。
146+
147+
### 5. 数据文件
148+
149+
`data/` 可能包含:
150+
151+
- `store.json`:本地应用数据和加密凭证
152+
- `secret.key`:未设置 `APIHUB_SECRET` 时生成的本地加密密钥
153+
- `initial-admin-password.txt`:未设置 `APIHUB_ADMIN_PASSWORD` 时生成的首次登录密码
154+
155+
不要提交这些文件。
156+
157+
### 6. 部署前检查
158+
159+
```bash
160+
node --check server.js
161+
node --check public/app.js
162+
git status --short --ignored
163+
```
164+
165+
确认 `data/``verification/` 被忽略。

0 commit comments

Comments
 (0)