feat(telegram): 添加Telegram启用检查逻辑

fix(trace): 移除服务中的trace初始化代码并优化agent日志

feat(docker): 添加docker-compose.yaml配置文件

refactor(trace): 为agent添加超时设置和启动日志

chore: 添加nginx配置文件示例

aaa.txt

@@ -0,0 +1,111 @@
+server {
+    listen 80;
+    server_name hifastapp.com www.hifastapp.com www.hifastvpn.com hifastvpn.com hifast.biz www.hifast.biz;
+
+    location ^~ /.well-known/acme-challenge/ {
+        root /etc/letsencrypt;
+    }
+
+    # 统一 HTTP 转 HTTPS
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name hifastvpn.com www.hifastvpn.com;
+
+    ssl_certificate /etc/letsencrypt/live/hifastvpn.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/hifastvpn.com/privkey.pem; # managed by Certbot
+
+    # 安全头
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    add_header X-Frame-Options DENY;
+    add_header X-Content-Type-Options nosniff;
+
+    root /var/www/down;
+    index index.html index.htm;
+
+    location /api/ {
+        proxy_pass https://api.hifast.biz/;
+        proxy_set_header Host api.hifast.biz;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+
+    location ^~ /.well-known/acme-challenge/ {
+        root /etc/letsencrypt;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    location /download/ {
+        autoindex_exact_size off;
+        autoindex_localtime on;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name hifastapp.com www.hifastapp.com;
+
+    # 使用 -0001 的新证书（通常包含 www）
+    ssl_certificate /etc/letsencrypt/live/hifastapp.com-0001/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/hifastapp.com-0001/privkey.pem; # managed by Certbot
+
+    # 安全头
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    add_header X-Frame-Options DENY;
+    add_header X-Content-Type-Options nosniff;
+
+    root /var/www/down;
+    index index.html index.htm;
+
+    location /api/ {
+        proxy_pass https://api.hifast.biz/;
+        proxy_set_header Host api.hifast.biz;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+
+    location ^~ /.well-known/acme-challenge/ {
+        root /etc/letsencrypt;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    location /download/ {
+        autoindex_exact_size off;
+        autoindex_localtime on;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name hifast.biz www.hifast.biz;
+
+    ssl_certificate /etc/letsencrypt/live/hifast.biz/hifast.biz.cer;
+    ssl_certificate_key /etc/letsencrypt/live/hifast.biz/hifast.biz.key;
+
+    root /var/www/lp;
+    index index.html index.htm;
+
+    location ^~ /.well-known/acme-challenge/ {
+        root /etc/letsencrypt;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+}

docker-compose.yaml

@@ -0,0 +1,23 @@
+version: '3'
+
+services:
+  jaeger:
+    image: jaegertracing/all-in-one:latest
+    container_name: jaeger
+    ports:
+      - "16686:16686"
+      - "4317:4317"
+      - "4318:4318"
+    environment:
+#      - SPAN_STORAGE_TYPE=elasticsearch
+#      - ES_SERVER_URLS=http://elasticsearch:9200
+      - LOG_LEVEL=debug
+      - COLLECTOR_OTLP_ENABLED=true
+    deploy:
+      resources:
+        limits:
+          cpus: '0.8'
+          memory: 500M
+        reservations:
+          cpus: '0.05'
+          memory: 200M

initialize/telegram.go

@@ -14,6 +14,9 @@ import (
 )
 
 func Telegram(svc *svc.ServiceContext) {
+	if !svc.Config.Telegram.Enable {
+		return
+	}
 
 	// Prefer BotToken from DB auth method, fallback to config file
 	var usedToken string

internal/server.go

@@ -10,9 +10,6 @@ import (
 
 	"github.com/perfect-panel/server/pkg/logger"
 
-	"github.com/perfect-panel/server/pkg/proc"
-	"github.com/perfect-panel/server/pkg/trace"
-
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-contrib/sessions/redis"
 	"github.com/gin-gonic/gin"
@@ -75,14 +72,6 @@ func (m *Service) Start() {
 			MinVersion: tls.VersionTLS12,
 		},
 	}
-	trace.StartAgent(trace.Config{
-		Name:    "ppanel",
-		Sampler: 1.0,
-		Batcher: "",
-	})
-	proc.AddShutdownListener(func() {
-		trace.StopAgent()
-	})
 	m.svc.Restart = m.Restart
 	logger.Infof("server start at %v", serverAddr)
 	if m.svc.Config.TLS.Enable {

pkg/trace/agent.go

@@ -7,6 +7,7 @@ import (
 	"net/url"
 	"os"
 	"sync"
+	"time"
 
 	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/exporters/jaeger"
@@ -54,8 +55,10 @@ func StartAgent(c Config) {
 
 	// if error happens, let later calls run.
 	if err := startAgent(c); err != nil {
+		logger.Errorf("Trace agent start failed: %v", err)
 		return
 	}
+	logger.Infof("Trace agent started successfully. Batcher: %s, Endpoint: %s", c.Batcher, c.Endpoint)
 
 	agents[c.Endpoint] = lang.Placeholder
 }
@@ -92,6 +95,7 @@ func createExporter(c Config) (sdktrace.SpanExporter, error) {
 		opts := []otlptracegrpc.Option{
 			otlptracegrpc.WithInsecure(),
 			otlptracegrpc.WithEndpoint(c.Endpoint),
+			otlptracegrpc.WithTimeout(5 * time.Second), // 5秒超时
 		}
 		if len(c.OtlpHeaders) > 0 {
 			opts = append(opts, otlptracegrpc.WithHeaders(c.OtlpHeaders))