laoxong/nofx
1
0
Fork 0
mirror of https://github.com/laoxong/nofx.git synced 2026-06-04 09:58:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
553 Commits 1 Branch 0 Tags
89085173f94cb24d779820eadf6bc16d74f4389d
Commit Graph

14 Commits

Author SHA1 Message Date
Icyoung 89085173f9 Dev Crypto (#730) 
* feat: remove admin mode
* feat: bugfix
* feat(crypto): 添加RSA-OAEP + AES-GCM混合加密服务
- 实现CryptoService加密服务,支持RSA-OAEP-2048 + AES-256-GCM混合加密
- 集成数据库层加密,自动加密存储敏感字段(API密钥、私钥等)
- 支持环境变量DATA_ENCRYPTION_KEY配置数据加密密钥
- 适配SQLite数据库加密存储(从PostgreSQL移植)
- 保持Hyperliquid代理钱包处理兼容性
- 更新.gitignore以正确处理crypto模块代码
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* feat(scripts): 添加加密环境一键设置脚本
- setup_encryption.sh: 一键生成RSA密钥对+数据加密密钥+JWT密钥
- generate_rsa_keys.sh: 专业的RSA-2048密钥对生成工具
- generate_data_key.sh: 生成AES-256数据加密密钥和JWT认证密钥
- ENCRYPTION_README.md: 详细的加密系统说明文档
- 支持自动检测现有密钥并只生成缺失的密钥
- 完善的权限管理和安全验证
- 兼容macOS和Linux的跨平台支持
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* feat(api): 添加加密API端点和Gin框架集成
- 新增CryptoHandler处理加密相关API请求
- 提供/api/crypto/public-key端点获取RSA公钥
- 提供/api/crypto/decrypt端点解密敏感数据
- 适配Gin框架的HTTP处理器格式
- 集成CryptoService到API服务器
- 支持前端加密数据传输和解密
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* feat(web): 添加前端加密服务和两阶段密钥输入组件
- CryptoService: Web Crypto API集成,支持RSA-OAEP加密
- TwoStageKeyModal: 安全的两阶段私钥输入组件,支持剪贴板混淆
- 完善国际化翻译支持加密相关UI文本
- 修复TypeScript类型错误和编译问题
- 支持前端敏感数据加密传输到后端
- 增强用户隐私保护和数据安全
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* feat(auth): 增强JWT认证安全性
- 优先使用环境变量JWT_SECRET而不是数据库配置
- 支持通过.env文件安全配置JWT认证密钥
- 保留数据库配置作为回退机制
- 改进JWT密钥来源日志显示
- 增强系统启动时的安全配置检查
- 支持运行时动态JWT密钥切换
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* feat(docker): 集成加密环境变量到Docker部署
- 添加DATA_ENCRYPTION_KEY环境变量传递到容器
- 添加JWT_SECRET环境变量支持
- 挂载secrets目录使容器可访问RSA密钥文件
- 确保容器内加密服务正常工作
- 解决容器启动失败和加密初始化问题
- 完善Docker Compose加密环境配置
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* feat(start): 集成自动加密环境检测和设置
- 增强check_encryption()函数检测JWT_SECRET和DATA_ENCRYPTION_KEY
- 自动运行setup_encryption.sh当检测到缺失密钥时
- 改进加密状态显示,包含RSA+AES+JWT全套加密信息
- 优化用户体验,提供清晰的加密配置反馈
- 支持一键设置完整加密环境
- 确保容器启动前加密环境就绪
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* feat: format fix
* fix(security): 修复前端模型和交易所配置敏感数据明文传输
- 在handleSaveModelConfig中对API密钥进行RSA-OAEP加密
- 在handleSaveExchangeConfig中对API密钥、Secret密钥和Aster私钥进行加密
- 只有非空敏感数据才进行加密处理
- 添加加密失败错误处理和用户友好提示
- 增加encryptionFailed翻译键的中英文支持
- 使用用户ID和会话ID作为加密上下文增强安全性
这修复了之前敏感数据在网络传输中以明文形式发送的安全漏洞。
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
* fix(crypto): 修复后端加密服务集成和缺失的加密端点
- 添加Server结构体缺少的cryptoService字段
- 实现handleUpdateModelConfigsEncrypted处理器用于模型配置加密传输
- 修复handleUpdateExchangeConfigsEncrypted中的函数调用
- 在前端API中添加updateModelConfigsEncrypted方法
- 统一RSA密钥路径从secrets/rsa_key改为keys/rsa_private.key
- 确保前端可以使用加密端点安全传输敏感数据
- 兼容原有加密通信模式和二段输入私钥功能
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
---------
Co-authored-by: icy <icyoung520@gmail.com>
Co-authored-by: tinkle-community <tinklefund@gmail.com>
 2025-11-08 02:03:09 +08:00
Sue d0c3fc3c12 fix: validate config.db is file not directory (#586) 
修复 config.db 验证逻辑,处理误创建为目录的情况:
- 检测 config.db 是否为目录,如果是则删除并重建为文件
- 保留已存在的数据库文件不受影响
- 修复 Docker volume 挂载可能导致的目录创建问题
Co-authored-by: tinkle-community <tinklefund@gmail.com>
 2025-11-06 10:38:53 +08:00
ZhouYongyou 7b43fc4072 fix: 修復首次運行時數據庫初始化失敗問題 
問題:
- 用戶首次運行報錯:unable to open database file: is a directory
- 原因:Docker volume 掛載時,如果 config.db 不存在,會創建目錄而非文件
- 影響:新用戶無法正常啟動系統
修復:
- 在 start.sh 啟動前檢查 config.db 是否存在
- 如不存在則創建空文件(touch config.db)
- 確保 Docker 掛載為文件而非目錄
測試:
- 首次運行:./start.sh start → 正常初始化 ✓
- 現有用戶:無影響,向後兼容 ✓
 2025-11-04 17:35:26 +08:00
icy 8d93a8a095 Fixed health check; Fixed dex config; Add rank trader info view; 2025-11-01 18:58:32 +08:00
icy 5d0097715e Fix docker compose bug for config.db 2025-10-31 15:53:48 +08:00
icy 0f9978ec6b Sync config.json to config.db for manual modify admin_mode and other configs 2025-10-31 15:24:18 +08:00
icy c7106bd256 start scrip fix 2025-10-31 14:41:45 +08:00
icy 98735631d5 start scrpit fix 2025-10-31 14:39:04 +08:00
icy 45345c6d47 start script fix about config.json 2025-10-31 14:16:47 +08:00
icy 55ead0e6e5 Restore config.json.example 2025-10-31 14:09:28 +08:00
icy a96076856a Fix start script 2025-10-31 12:46:16 +08:00
d0lwl0b e564392eb9 chore: update .dockerignore to exclude lock files 2025-10-30 00:28:39 +08:00
d0lwl0b 0c599ba70b chore: add environment variable support and enhance startup script 
- Add .env.example template for configurable Docker deployment settings
- Update docker-compose.yml to support environment-driven port/timezone configuration
- Refactor start.sh with improved Docker Compose detection, environment validation, and automated frontend building
- Enhance script documentation and error handling for better maintainability
 2025-10-29 22:35:01 +08:00
tinkle-community a7d0ca8835 Docs: Add Docker one-click deployment support for all languages 
Complete Docker deployment solution with beginner-friendly documentation:
**New Docker Files:**
- `Dockerfile` - Multi-stage Go backend build with health checks
- `web/Dockerfile` - Frontend build with Nginx and API proxy
- `docker-compose.yml` - Full orchestration with service dependencies
- `.dockerignore` & `web/.dockerignore` - Build optimization
- `start.sh` - Convenient management script (start/stop/logs/status)
**Comprehensive Documentation:**
- `DOCKER_DEPLOY.md` (中文) - Complete Chinese deployment guide
- `DOCKER_DEPLOY.en.md` (English) - Complete English deployment guide
  - Prerequisites & Docker installation (macOS/Windows/Linux)
  - 3-step quick start (config → start → access)
  - Service management commands
  - Advanced configuration (ports, resources, env vars)
  - Data persistence & backups
  - Comprehensive troubleshooting
  - Security recommendations
  - Production deployment (Nginx, HTTPS, Docker Swarm)
  - Monitoring & logging setup
**README Updates (All 4 Languages):**
- README.md (English)
- README.zh-CN.md (中文)
- README.uk.md (Українська)
- README.ru.md (Русский)
Added prominent "Option A: Docker One-Click Deployment" section at the
beginning of Quick Start in all languages. Clearly marked as EASIEST
method for beginners. Shows 3 simple steps with command examples and
links to detailed DOCKER_DEPLOY docs.
**Key Features:**
- One-command deployment: `./start.sh start --build`
- Auto-handles all dependencies (Go, Node.js, TA-Lib)
- Health checks for both services
- Data persistence (logs, cache, config)
- Log rotation (10MB × 3 files)
- Easy service management
- Beginner-friendly for complete newcomers
**User Benefits:**
- No need to install Go, Node.js, or TA-Lib manually
- Works on macOS, Windows, Linux
- Perfect for non-developers
- Production-ready with best practices
This makes NOFX truly accessible to beginners as requested: "真就让小白都能一键开始"
Co-Authored-By: tinkle-community <tinklefund@gmail.com>
 2025-10-29 18:29:49 +08:00