From 6ac8075ba7157b6e57786de3f140d2dcb4474da9 Mon Sep 17 00:00:00 2001
From: hyh <hongyuanhua@changeself.com>
Date: Wed, 26 Nov 2025 10:18:54 +0800
Subject: [PATCH] =?UTF-8?q?=E7=A7=BB=E9=99=A4=E5=A4=9A=E4=BD=99=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 site/docker-compose.https.yml | 35 ----------------
 site/nginx/nginx.conf         | 76 -----------------------------------
 site/ssl/.gitignore           |  9 -----
 site/ssl/README.md            | 62 ----------------------------
 4 files changed, 182 deletions(-)
 delete mode 100644 site/docker-compose.https.yml
 delete mode 100644 site/nginx/nginx.conf
 delete mode 100644 site/ssl/.gitignore
 delete mode 100644 site/ssl/README.md

diff --git a/site/docker-compose.https.yml b/site/docker-compose.https.yml
deleted file mode 100644
index 46ed363d..00000000
--- a/site/docker-compose.https.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-version: '3.8'
-
-services:
-  marketing-site:
-    build:
-      context: .
-      dockerfile: Dockerfile
-    expose:
-      - "3000"
-    environment:
-      - NODE_ENV=production
-    restart: unless-stopped
-    container_name: marketing-site-https
-    networks:
-      - app-network
-
-  nginx:
-    image: nginx:alpine
-    container_name: nginx-https
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
-      - ./ssl:/etc/nginx/ssl:ro
-    depends_on:
-      - marketing-site
-    restart: unless-stopped
-    networks:
-      - app-network
-
-networks:
-  app-network:
-    driver: bridge
-
diff --git a/site/nginx/nginx.conf b/site/nginx/nginx.conf
deleted file mode 100644
index 614a7e0c..00000000
--- a/site/nginx/nginx.conf
+++ /dev/null
@@ -1,76 +0,0 @@
-events {
-    worker_connections 1024;
-}
-
-http {
-    # 上游服务器配置
-    upstream marketing-site {
-        server marketing-site:3000;
-    }
-
-    # HTTP 重定向到 HTTPS
-    server {
-        listen 80;
-        server_name _;
-        
-        # 允许 Let's Encrypt 验证
-        location /.well-known/acme-challenge/ {
-            root /var/www/certbot;
-        }
-        
-        # 其他所有请求重定向到 HTTPS
-        location / {
-            return 301 https://$host$request_uri;
-        }
-    }
-
-    # HTTPS 服务器配置
-    server {
-        listen 443 ssl http2;
-        server_name _;
-
-        # SSL 证书配置
-        ssl_certificate /etc/nginx/ssl/cert.pem;
-        ssl_certificate_key /etc/nginx/ssl/key.pem;
-
-        # SSL 安全配置
-        ssl_protocols TLSv1.2 TLSv1.3;
-        ssl_ciphers HIGH:!aNULL:!MD5;
-        ssl_prefer_server_ciphers on;
-        ssl_session_cache shared:SSL:10m;
-        ssl_session_timeout 10m;
-
-        # 安全头
-        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-        add_header X-Frame-Options "SAMEORIGIN" always;
-        add_header X-Content-Type-Options "nosniff" always;
-        add_header X-XSS-Protection "1; mode=block" always;
-
-        # 代理配置
-        location / {
-            proxy_pass http://marketing-site;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
-            proxy_cache_bypass $http_upgrade;
-            
-            # 超时设置
-            proxy_connect_timeout 60s;
-            proxy_send_timeout 60s;
-            proxy_read_timeout 60s;
-        }
-
-        # 静态文件缓存
-        location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
-            proxy_pass http://marketing-site;
-            proxy_cache_valid 200 30d;
-            expires 30d;
-            add_header Cache-Control "public, immutable";
-        }
-    }
-}
-
diff --git a/site/ssl/.gitignore b/site/ssl/.gitignore
deleted file mode 100644
index 7d251e6d..00000000
--- a/site/ssl/.gitignore
+++ /dev/null
@@ -1,9 +0,0 @@
-*.pem
-*.key
-*.crt
-*.cert
-*.p12
-*.pfx
-!README.md
-!.gitignore
-
diff --git a/site/ssl/README.md b/site/ssl/README.md
deleted file mode 100644
index b92e71c9..00000000
--- a/site/ssl/README.md
+++ /dev/null
@@ -1,62 +0,0 @@
-# SSL 证书目录
-
-此目录用于存放 SSL 证书文件。
-
-## 文件要求
-
-请将以下文件放置在此目录中：
-
-- `cert.pem` - SSL 证书文件（或 `fullchain.pem`）
-- `key.pem` - SSL 私钥文件
-
-## 获取 SSL 证书
-
-### 方式 1: 使用 Let's Encrypt (免费)
-
-1. 安装 certbot:
-```bash
-# Ubuntu/Debian
-sudo apt-get update
-sudo apt-get install certbot
-
-# 或使用 Docker
-docker run -it --rm -v $(pwd)/ssl:/etc/letsencrypt certbot/certbot certonly --standalone
-```
-
-2. 获取证书后，将证书文件复制到此目录：
-```bash
-# Let's Encrypt 证书通常在 /etc/letsencrypt/live/your-domain.com/
-cp /etc/letsencrypt/live/your-domain.com/fullchain.pem ./ssl/cert.pem
-cp /etc/letsencrypt/live/your-domain.com/privkey.pem ./ssl/key.pem
-```
-
-### 方式 2: 使用自签名证书 (仅用于测试)
-
-```bash
-# 生成自签名证书（仅用于开发测试）
-openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-  -keyout ssl/key.pem \
-  -out ssl/cert.pem \
-  -subj "/C=CN/ST=State/L=City/O=Organization/CN=localhost"
-```
-
-### 方式 3: 使用商业证书
-
-将您购买的 SSL 证书文件重命名为：
-- 证书文件 → `cert.pem`
-- 私钥文件 → `key.pem`
-
-## 文件权限
-
-确保私钥文件权限正确（仅所有者可读）：
-```bash
-chmod 600 ssl/key.pem
-chmod 644 ssl/cert.pem
-```
-
-## 注意事项
-
-- ⚠️ **不要将私钥文件提交到版本控制系统**
-- 生产环境请使用有效的 SSL 证书
-- 自签名证书会导致浏览器显示安全警告
-