diff --git a/.gitea/workflows/docker.yml b/.gitea/workflows/docker.yml
index 5513e75..7c734e5 100644
--- a/.gitea/workflows/docker.yml
+++ b/.gitea/workflows/docker.yml
@@ -63,19 +63,16 @@ jobs:
             echo "为其他分支 (${{ github.ref_name }}) 设置环境变量"
           fi
         
-      # 步骤3: 安装系统工具 (Docker, curl, jq)
-      - name: 🔧 安装系统工具 (Docker, curl, jq)
+      # 步骤3: 安装系统工具 (curl, jq) 并升级 Docker CLI 到 1.44+
+      - name: 🔧 安装系统工具并升级 Docker CLI
         run: |
           set -e
           export DEBIAN_FRONTEND=noninteractive
           echo "等待 apt/dpkg 锁释放 (unattended-upgrades)..."
-          # 等待最多 300 秒让 unattended-upgrades/apt/dpkg 锁释放
           end=$((SECONDS+300))
           while true; do
             LOCKS_BUSY=0
-            # 如果 unattended-upgrades 正在运行，标记为忙碌
             if pgrep -x unattended-upgrades >/dev/null 2>&1; then LOCKS_BUSY=1; fi
-            # 如果 fuser 存在，检查常见的锁文件
             if command -v fuser >/dev/null 2>&1; then
               if fuser /var/lib/dpkg/lock >/dev/null 2>&1 \
                 || fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1 \
@@ -83,20 +80,36 @@ jobs:
                 LOCKS_BUSY=1
               fi
             fi
-            # 如果不忙碌则跳出循环
             if [ "$LOCKS_BUSY" -eq 0 ]; then break; fi
-            # 超时后约 5 分钟
             if [ $SECONDS -ge $end ]; then
               echo "等待 apt/dpkg 锁超时，使用 Dpkg::Lock::Timeout 继续..."
               break
             fi
             echo "仍在等待锁释放..."; sleep 5
           done
+
+          # 基础工具
           apt-get update -y -o Dpkg::Lock::Timeout=600
-          apt-get install -y -o Dpkg::Lock::Timeout=600 jq curl ca-certificates docker.io
-          docker --version
-          jq --version
-          curl --version
+          apt-get install -y -o Dpkg::Lock::Timeout=600 jq curl ca-certificates gnupg lsb-release
+
+          # 移除旧版 docker.io，避免客户端过旧 (API 1.41)
+          if dpkg -s docker.io >/dev/null 2>&1; then
+            apt-get remove -y docker.io || true
+          fi
+
+          # 安装 Docker 官方仓库的 CLI (确保 API >= 1.44)
+          distro_codename=$(. /etc/os-release && echo "$VERSION_CODENAME")
+          install_repo="deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian ${distro_codename} stable"
+          mkdir -p /etc/apt/keyrings
+          curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+          echo "$install_repo" > /etc/apt/sources.list.d/docker.list
+          apt-get update -y -o Dpkg::Lock::Timeout=600
+          apt-get install -y -o Dpkg::Lock::Timeout=600 docker-ce-cli docker-buildx-plugin
+
+          # 版本检查
+          docker --version || true
+          docker version || true
+          echo "客户端 API 版本:" $(docker version --format '{{.Client.APIVersion}}')
         
       # 步骤4: 构建并发布到镜像仓库
       - name: 📤 构建并发布到镜像仓库