fnvtk/karuo-ai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔄 卡若AI 同步 2026-02-22 07:27 | 更新:金仓、卡木、运营中枢工作台 | 排除 >20MB: 9 个

Browse Source
This commit is contained in:
karuo
2026-02-22 07:27:06 +08:00
parent 2314fcc9a8
commit c30db26dab
9 changed files with 287 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
01_卡资(金)/金仓_存储备份/服务器管理/references/kr宝塔_网络与服务器卡顿_检查与处理.md
View File

@@ -186,7 +186,19 @@ limit_rate 500k; # 单连接限速 500KB/s可按需改
**带宽占比**:当前瞬时连接数较少时,无法单次采样得到稳定占比。请在服务器上运行 **6.4 的脚本** 或执行 `nethogs -t` 采样 1030 秒即可得到各进程的实时带宽占比KB/s 或 %)。
### 6.6 502 Bad Gateway 修复(含 soul.quwanzhi.com/admin
### 6.6 502 Bad Gateway 修复(含 soul、wzdj、word
**Node 项目 502**(如 wzdj.quwanzhi.com、word.quwanzhi.com
```bash
# 本机执行,免 SSH
./01_卡资/金仓_存储备份/服务器管理/scripts/.venv_tx/bin/python \
"01_卡资/金仓_存储备份/服务器管理/scripts/腾讯云_TAT_修复502_Node项目.py" wzdj word
```
若 word 仍 502在宝塔 **Node 项目** 中查看 word 的启动日志,可能是 MODULE_NOT_FOUND 或 Node 版本不匹配,按 `references/Node项目未启动_MODULE_NOT_FOUND修复指南.md` 修正启动命令。
**含 soul 的 502**
**原因**Nginx 能通但上游Node/后端)无响应或挂掉,导致 502。

27
01_卡资(金)/金仓_存储备份/服务器管理/scripts/腾讯云_TAT_Node批量修复.py
View File

@@ -79,16 +79,23 @@ def ports(it):
return sorted(set(ps))
items = post("/project/nodejs/get_project_list").get("data") or post("/project/nodejs/get_project_list").get("list") or []
for it in items:
name = it.get("name")
if not name or it.get("run") is True: continue
for port in ports(it):
for pid in pids(port): subprocess.call("kill -9 %s" % pid, shell=True)
pf = "/www/server/nodejs/vhost/pids/%s.pid" % name
if os.path.exists(pf): open(pf,"w").write("0")
post("/project/nodejs/stop_project", {"project_name": name})
r = post("/project/nodejs/start_project", {"project_name": name})
ok = r.get("status") is True or "成功" in str(r.get("msg",""))
print("%s: %s" % (name, "OK" if ok else "FAIL"))
try:
name = it.get("name")
if not name or it.get("run") is True: continue
for port in ports(it):
for pid in pids(port):
try: subprocess.call("kill -9 %s" % pid, shell=True)
except: pass
pf = "/www/server/nodejs/vhost/pids/%s.pid" % name
if os.path.exists(pf):
try: open(pf,"w").write("0")
except: pass
post("/project/nodejs/stop_project", {"project_name": name})
r = post("/project/nodejs/start_project", {"project_name": name})
ok = r.get("status") is True or "成功" in str(r.get("msg",""))
print("%s: %s" % (name, "OK" if ok else "FAIL"))
except Exception as e:
print("%s: ERR %s" % (name, str(e)[:80]))
time.sleep(1)
time.sleep(4)
items2 = post("/project/nodejs/get_project_list").get("data") or []

101
01_卡资(金)/金仓_存储备份/服务器管理/scripts/腾讯云_TAT_存客宝诊断443.py Normal file
View File

@@ -0,0 +1,101 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""
腾讯云 TAT 在存客宝上执行 443/SSL 诊断,并返回输出
凭证00_账号与API索引.md 或环境变量
"""
import base64
import os
import re
import sys
import time
CKB_INSTANCE_ID = "ins-ciyv2mxa"
REGION = "ap-guangzhou"
CMD = """echo "=== iptables INPUT 80/443 ===" && iptables -L INPUT -n -v 2>/dev/null | head -30 || true
echo "=== firewalld 80/443 ===" && firewall-cmd --list-all 2>/dev/null || true
echo "=== 安全组/防火墙摘要 ===" && echo "服务器内 80/443 均应由 Nginx 监听,若外网 80 通 443 不通,多为腾讯云安全组/轻量防火墙未放行 443"
echo "=== DONE ==="
"""
def _find_root():
d = os.path.dirname(os.path.abspath(__file__))
for _ in range(6):
if os.path.basename(d) == "卡若AI" or (os.path.isdir(os.path.join(d, "运营中枢")) and os.path.isdir(os.path.join(d, "01_卡资"))):
return d
d = os.path.dirname(d)
return None
def _read_creds():
root = _find_root()
if not root:
return None, None
path = os.path.join(root, "运营中枢", "工作台", "00_账号与API索引.md")
if not os.path.isfile(path):
return None, None
with open(path, "r", encoding="utf-8") as f:
text = f.read()
sid = skey = None
in_t = False
for line in text.splitlines():
if "### 腾讯云" in line:
in_t = True
continue
if in_t and line.strip().startswith("###"):
break
if not in_t:
continue
m = re.search(r"\|\s*[^|]*(?:SecretId|密钥)[^|]*\|\s*`([^`]+)`", line, re.I)
if m and m.group(1).strip().startswith("AKID"):
sid = m.group(1).strip()
m = re.search(r"\|\s*SecretKey\s*\|\s*`([^`]+)`", line, re.I)
if m:
skey = m.group(1).strip()
return sid or os.environ.get("TENCENTCLOUD_SECRET_ID"), skey or os.environ.get("TENCENTCLOUD_SECRET_KEY")
def main():
secret_id, secret_key = _read_creds()
if not secret_id or not secret_key:
print("❌ 未配置腾讯云 SecretId/SecretKey")
return 1
try:
from tencentcloud.common import credential
from tencentcloud.tat.v20201028 import tat_client, models
except ImportError:
print("pip install tencentcloud-sdk-python-common tencentcloud-sdk-python-tat")
return 1
cred = credential.Credential(secret_id, secret_key)
client = tat_client.TatClient(cred, REGION)
req = models.RunCommandRequest()
req.Content = base64.b64encode(CMD.encode()).decode()
req.InstanceIds = [CKB_INSTANCE_ID]
req.CommandType = "SHELL"
req.Timeout = 30
req.CommandName = "CKB_443Diagnose"
resp = client.RunCommand(req)
inv_id = resp.InvocationId
print("⏳ TAT 已下发,等待 20s 获取输出...")
time.sleep(20)
try:
req2 = models.DescribeInvocationTasksRequest()
f = models.Filter()
f.Name = "invocation-id"
f.Values = [inv_id]
req2.Filters = [f]
resp2 = client.DescribeInvocationTasks(req2)
for t in (resp2.InvocationTaskSet or []):
status = getattr(t, "TaskStatus", "N/A")
print(" 任务状态:", status)
for attr in ("Output", "OutputUrl", "TaskResult", "ErrorInfo"):
v = getattr(t, attr, None)
if v:
print(" %s:" % attr, str(v)[:2500])
except Exception as e:
print(" 查询异常:", e)
return 0
if __name__ == "__main__":
sys.exit(main())

61
01_卡资(金)/金仓_存储备份/服务器管理/scripts/腾讯云_轻量放行443.py Normal file
View File

@@ -0,0 +1,61 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""若存客宝为轻量应用服务器,放行 443 防火墙"""
import os, re, sys
def _creds():
root = os.path.dirname(os.path.abspath(__file__))
for _ in range(6):
if os.path.basename(root) == "卡若AI":
break
root = os.path.dirname(root)
p = os.path.join(root, "运营中枢", "工作台", "00_账号与API索引.md")
if not os.path.isfile(p):
return None, None
with open(p, "r") as f:
t = f.read()
sid = skey = None
in_t = False
for line in t.splitlines():
if "### 腾讯云" in line: in_t = True
elif in_t and line.strip().startswith("###"): break
elif in_t:
m = re.search(r"SecretId[^|]*\|\s*`([^`]+)`", line, re.I)
if m and "AKID" in m.group(1): sid = m.group(1).strip()
m = re.search(r"SecretKey[^|]*\|\s*`([^`]+)`", line, re.I)
if m: skey = m.group(1).strip()
return sid or os.environ.get("TENCENTCLOUD_SECRET_ID"), skey or os.environ.get("TENCENTCLOUD_SECRET_KEY")
def main():
sid, skey = _creds()
if not sid or not skey:
print("❌ 无凭证"); return 1
try:
from tencentcloud.common import credential
from tencentcloud.lighthouse.v20200324 import lighthouse_client, models
except ImportError:
print("pip install tencentcloud-sdk-python-lighthouse"); return 1
cred = credential.Credential(sid, skey)
c = lighthouse_client.LighthouseClient(cred, "ap-guangzhou")
req = models.DescribeInstancesRequest()
req.Limit = 100
resp = c.DescribeInstances(req)
for ins in (resp.InstanceSet or []):
for ip in (getattr(ins, "PublicAddresses", None) or []):
if ip == "42.194.245.239":
iid = getattr(ins, "InstanceId", None)
print("存客宝为轻量实例:", iid)
req2 = models.CreateFirewallRulesRequest()
req2.InstanceId = iid
r = models.FirewallRule()
r.Protocol = "TCP"
r.Port = "443"
r.CidrBlock = "0.0.0.0/0"
r.Action = "ACCEPT"
req2.FirewallRules = [r]
c.CreateFirewallRules(req2)
print("✅ 已添加 443 防火墙规则"); return 0
print("42.194.245.239 非轻量实例(为 CVM"); return 0
if __name__ == "__main__":
sys.exit(main())