Skip to content

docs: Tailscale 多站 CTOS 部署指南#124

Open
yazelin wants to merge 3 commits intomainfrom
feat/tailscale-multi-site
Open

docs: Tailscale 多站 CTOS 部署指南#124
yazelin wants to merge 3 commits intomainfrom
feat/tailscale-multi-site

Conversation

@yazelin
Copy link
Owner

@yazelin yazelin commented Feb 24, 2026

Summary

  • 新增 Tailscale 多站 CTOS 架構設計文件與正式部署指南
  • 新增 nginx 反向代理設定範本,讓遠端 CTOS 實例可透過主站 nginx 對外服務
  • 更新 module-index 加入遠端站點部署速查

產出物

  • docs/plans/2026-02-25-tailscale-multi-site-design.md — 架構設計文件
  • docs/tailscale-multi-site.md — 正式部署指南
  • scripts/nginx/ctos-remote-site.conf.template — nginx 設定範本
  • docs/module-index.md — 新增速查項目

備註

純文件變更,不涉及任何程式碼修改。

🤖 Generated with Claude Code

copilot-ci and others added 3 commits February 25, 2026 02:17
@claude
docs: 新增 Tailscale 多站 CTOS 架構設計文件
99c1d12 
規劃透過 Tailscale VPN 讓遠端 CTOS 實例連回主站,
由主站 nginx 統一對外提供 Web UI 和 Line Bot webhook 服務。

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
docs: 新增 Tailscale 多站 CTOS 部署指南
e70c387 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
docs: 新增 nginx 設定範本、module-index 加入遠端站點速查
f1ce0d1 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@gemini-code-assist
Copy link

gemini-code-assist bot commented Feb 24, 2026

Summary of Changes

Hello @yazelin, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

此拉取請求引入了全面的文件和一個 Nginx 設定範本,旨在支援透過 Tailscale VPN 部署多站點 CTOS 實例。這使得主站 Nginx 能夠統一對外提供服務,將請求反向代理到位於不同地點的遠端 CTOS 實例,從而簡化了多個 CTOS 部署的管理和外部存取。

Highlights

  • 新增 Tailscale 多站 CTOS 架構設計文件: 此文件詳細說明了透過 Tailscale VPN 部署多站點 CTOS 的目的、架構概覽、角色分工及設計決策。
  • 新增 Tailscale 多站 CTOS 正式部署指南: 提供了一份全面的部署指南,涵蓋主站設定、新增客戶 SOP、遠端主機部署步驟、Line Bot webhook 設定及驗證除錯。
  • 新增 Nginx 反向代理設定範本: 提供了一個 Nginx 設定範本,用於主站反向代理遠端 CTOS 實例的完整應用和 Line Bot Webhook 請求。
  • 更新 module-index.md: 在模組索引中加入了「新增遠端 CTOS 站點(Tailscale)」的速查項目,方便快速參考相關部署步驟。

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog
  • docs/module-index.md
    • 新增了關於「新增遠端 CTOS 站點(Tailscale)」的速查指南,包含安裝 Tailscale、設定主站 Nginx 和 Line Developer Console 的步驟。
  • docs/plans/2026-02-25-tailscale-multi-site-design.md
    • 新增了詳細的 Tailscale 多站 CTOS 架構設計文件,涵蓋目的、架構概覽、角色分工、設計決策、主站設定、遠端主機部署、Line Bot 設定、驗證與除錯以及未來規劃。
  • docs/tailscale-multi-site.md
    • 新增了 Tailscale 多站 CTOS 的正式部署指南,提供了從概覽、主站設定、新增客戶 SOP、遠端主機部署步驟、Line Bot webhook 設定到驗證與除錯的詳細說明。
  • scripts/nginx/ctos-remote-site.conf.template
    • 新增了 Nginx 設定範本,用於配置主站 Nginx 以反向代理遠端 CTOS 應用和 Line Bot Webhook 請求。
Activity
  • 此拉取請求目前沒有任何評論或審閱活動。
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Feb 24, 2026
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

這份 PR 提供了完整的 Tailscale 多站點部署指南與相關配置範本,對於系統擴展性有很大幫助。然而,文檔中關於「不需修改程式碼」的描述與現有的 frontend/js/config.js 實作存在衝突,這會導致遠端站點的 API 請求失敗。此外,部署腳本中的硬編碼路徑與強制性檢查也建議進一步優化以提升通用性。

docs/plans/2026-02-25-tailscale-multi-site-design.md
- **路徑區分客戶**:每個客戶一個 URL 路徑前綴,只需一個域名 + 一張 SSL 憑證
- **固定 Tailscale IP**:每台遠端的 Tailscale IP 固定,直接寫在 nginx 設定中
- **nginx strip prefix**:主站 nginx 去掉路徑前綴後轉發,遠端 CTOS 跑在根路徑 `/`,不需要知道自己的子路徑
- **CTOS 程式碼不改**:前端 `config.js` 已有子路徑自動偵測機制,現有架構足以支援
Copy link

@gemini-code-assist gemini-code-assist bot Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

文檔中提到「CTOS 程式碼不改」,但根據 frontend/js/config.js 的實作,子路徑偵測依賴於 knownBasePaths 白名單。如果新增的 <CLIENT_ID> 不在該名單中,basePath 將會失效,導致前端 API 請求導向錯誤的根路徑。建議修正此處說明。

Suggested change
- **CTOS 程式碼不改**前端 `config.js` 已有子路徑自動偵測機制,現有架構足以支援
- **CTOS 程式碼需微調**需在前端 `config.js` `knownBasePaths` 中加入新的路徑前綴,或優化偵測邏輯以支援動態路徑

docs/tailscale-multi-site.md
- **路徑區分客戶**:每個客戶一個 URL 路徑前綴,只需一個域名與一張 SSL 憑證。
- **固定 Tailscale IP**:每台遠端主機的 Tailscale IP 固定,直接寫在 nginx 設定中。
- **nginx strip prefix**:主站 nginx 去掉路徑前綴後轉發,遠端 CTOS 不需要知道自己的子路徑。
- **程式碼不需修改**:前端 `config.js` 已有子路徑自動偵測機制,現有架構直接支援。
Copy link

@gemini-code-assist gemini-code-assist bot Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

同設計文件的問題,目前的 config.js 實作中有硬編碼的 knownBasePaths。若不修改程式碼增加新的 CLIENT_ID,遠端站點的前端將無法正確發送 API 請求。

Suggested change
- **程式碼不需修改**前端 `config.js` 已有子路徑自動偵測機制,現有架構直接支援
- **程式碼需微調**需在前端 `js/config.js` `knownBasePaths` 陣列中加入新的 `<CLIENT_ID>`,或將偵測邏輯改為動態匹配,以確保子路徑偵測機制運作正常

docs/tailscale-multi-site.md
|-----------|--------|---------|
| `PROJECT_DIR`(第 12 行) | `/home/ct/SDD/ching-tech-os` | 改為遠端主機上的實際 clone 路徑 |
| `User` / `Group`(systemd unit) | `ct` | 改為遠端主機的使用者名稱 |
| node 路徑(第 248 行附近) | `v24.13.0` | 改為遠端實際的 node 版本,或在不需要前端建置時移除 |
Copy link

@gemini-code-assist gemini-code-assist bot Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

腳本中硬編碼了特定的 Node.js 版本路徑 (v24.13.0),這會增加跨環境部署的難度。建議在 install-service.sh 中改用 $(which node) 或透過環境變數傳遞,以提高腳本的通用性。

docs/tailscale-multi-site.md
| `PROJECT_DIR`(第 12 行) | `/home/ct/SDD/ching-tech-os` | 改為遠端主機上的實際 clone 路徑 |
| `User` / `Group`(systemd unit) | `ct` | 改為遠端主機的使用者名稱 |
| node 路徑(第 248 行附近) | `v24.13.0` | 改為遠端實際的 node 版本,或在不需要前端建置時移除 |
| NAS 設定檢查(第 34-43 行) | 必填 | 若遠端主機無 NAS,註解掉 NAS 相關段落(約第 34-209 行) |
Copy link

@gemini-code-assist gemini-code-assist bot Feb 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

目前 install-service.sh 的 NAS 檢查邏輯是強制性的(第 39-43 行),若不滿足條件會直接退出。對於不需要 NAS 的遠端站點,這會導致安裝失敗。建議優化腳本邏輯,將 NAS 設為選配功能。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yazelin