后端服务部署
admin-api (管理后台 API)
概要
| 项目 | 值 |
|---|---|
| 语言 | Go (Gin) |
| 仓库 | sayclaw/sayclaw-backend |
| 分支 | main |
| 部署目录 | /opt/sayclaw-admin-api/ |
| 端口 | 8081 |
| systemd | sayclaw-admin-api.service |
| 域名 | api.sayclaw.ai |
编译部署
# 1. 克隆代码
cd /opt
git clone https://oauth2:[email protected]/sayclaw/sayclaw-backend.git sayclaw-backend-repo
# 2. 编译 admin-api
cd /opt/sayclaw-backend-repo/admin-api
go build -o /opt/sayclaw-admin-api/admin-api .
# 3. 重启服务
systemctl restart sayclaw-admin-api
systemctl status sayclaw-admin-api
systemd 配置
文件:/etc/systemd/system/sayclaw-admin-api.service
[Unit]
Description=SayClaw Admin API
After=network.target
[Service]
Type=simple
User=root
WorkingDirectory=/opt/sayclaw-admin-api
ExecStart=/opt/sayclaw-admin-api/admin-api
Restart=always
RestartSec=5
Environment=GIN_MODE=release
Environment=JWT_SECRET=SayClaw_JWT_2026_ChangeMe
Environment=GOOGLE_CLIENT_ID=204916387190-f1so9ookndhe8t4k60s3bf221f9lkqha.apps.googleusercontent.com
Environment=GOOGLE_CLIENT_SECRET=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
Environment=GOOGLE_REDIRECT_URI=https://api.sayclaw.ai/api/v1/auth/google/callback
Environment=ADMIN_FRONTEND_URL=https://admin.sayclaw.ai
[email protected]
Environment=LOCAL_SERVER_ID=srv-xialong-01
Environment=LLM_ENCRYPT_KEY=SayClaw_LLM_Encrypt_2026_AES256!
[Install]
WantedBy=multi-user.target
环境变量说明
| 变量 | 说明 |
|---|---|
GIN_MODE | release 生产模式 |
JWT_SECRET | JWT 签名密钥 |
GOOGLE_CLIENT_ID | GCP OAuth Client ID (Admin) |
GOOGLE_CLIENT_SECRET | GCP OAuth Secret (Admin) |
GOOGLE_REDIRECT_URI | OAuth 回调 URL |
ADMIN_FRONTEND_URL | 前端地址(OAuth 回跳) |
ALLOWED_ADMIN_EMAILS | 允许登录的管理员邮箱 |
LOCAL_SERVER_ID | 本机服务器 ID(对应 DB servers 表) |
LLM_ENCRYPT_KEY | API Key Vault AES-256 加密密钥 |
功能模块
- 服务器管理(CRUD + SSH 多服务器路由)
- OC 实例管理(注册、健康检查、配置)
- API Key Vault(AES-256-GCM 加密存储)
- 管理员账号(Google OAuth + 邮箱密码)
- 后台任务队列
- 审计日志(关联 One API PG 请求记录)
portal-api (员工门户 API)
概要
| 项目 | 值 |
|---|---|
| 语言 | Go (Gin) |
| 仓库 | sayclaw/sayclaw-backend |
| 分支 | main |
| 部署目录 | /opt/sayclaw-portal-api/ |
| 端口 | 8082 |
| systemd | sayclaw-portal-api.service |
| 域名 | portal-api.sayclaw.ai |
编译部署
# 编译 portal-api(与 admin-api 同仓库)
cd /opt/sayclaw-backend-repo/portal-api
go build -o /opt/sayclaw-portal-api/portal-api .
# 重启
systemctl restart sayclaw-portal-api
systemd 配置
文件:/etc/systemd/system/sayclaw-portal-api.service
[Unit]
Description=SayClaw Portal API
After=network.target
[Service]
Type=simple
WorkingDirectory=/opt/sayclaw-portal-api
ExecStart=/opt/sayclaw-portal-api/portal-api
Restart=always
RestartSec=5
Environment=PORT=8082
Environment=JWT_SECRET=SayClaw_Portal_JWT_2026
Environment=MYSQL_DSN=root:SayClaw_MySQL_2026!@tcp(127.0.0.1:3306)/sayclaw_portal?parseTime=true&charset=utf8mb4
Environment=GOOGLE_CLIENT_ID=204916387190-28sfgijlhhddhgb93hafouvkct1m3hm8.apps.googleusercontent.com
Environment=GOOGLE_CLIENT_SECRET=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
Environment=GOOGLE_REDIRECT_URI=https://portal-api.sayclaw.ai/api/v1/auth/google/callback
Environment=PORTAL_FRONTEND_URL=https://app.sayclaw.ai
[Install]
WantedBy=multi-user.target
环境变量说明
| 变量 | 说明 |
|---|---|
PORT | 监听端口 |
JWT_SECRET | Portal JWT 签名密钥(与 Admin 不同) |
MYSQL_DSN | MySQL 连接字符串(sayclaw_portal 库) |
GOOGLE_CLIENT_ID | GCP OAuth Client ID (Portal) |
PORTAL_FRONTEND_URL | Portal 前端地址 |
功能模块
- 用户注册/登录(Google OAuth + 邮箱密码)
- 实例领取(限 1 个/人,可扩展)
- Telegram Bot 自助配置(v3:
deployBotToInstance()) - WebChat 会话管理(WS session create / resume / refresh)
- 聊天历史(chat_messages 表)
- 内部 WS 鉴权(
/api/v1/internal/webchat/verify)
常用运维命令
# 查看服务状态
systemctl status sayclaw-admin-api
systemctl status sayclaw-portal-api
# 查看日志
journalctl -u sayclaw-admin-api -f
journalctl -u sayclaw-portal-api -f
# 重启
systemctl restart sayclaw-admin-api
systemctl restart sayclaw-portal-api
# 编译+部署一条龙
cd /opt/sayclaw-backend-repo && git pull
cd admin-api && go build -o /opt/sayclaw-admin-api/admin-api . && systemctl restart sayclaw-admin-api
cd ../portal-api && go build -o /opt/sayclaw-portal-api/portal-api . && systemctl restart sayclaw-portal-api