- 前置准备:
- 端口防火墙开通:
sudo ufw allow 21114:21119/tcpsudo ufw allow 21116/udpsudo ufw reload- 如果云厂商,需要到平台开通
- 端口防火墙开通:
- 部署容器
官方部署
version: '3'
services:
hbbs:
image: rustdesk/rustdesk-server:latest
container_name: rustdesk-hbbs
command: hbbs -r 119.28.106.79:21117
ports:
- "21115:21115" # NAT类型测试
- "21116:21116" # ID服务器 (TCP)
- "21116:21116/udp" # ID服务器 (UDP)
- "21118:21118" # WebSocket
- "21119:21119" # 备用
volumes:
- ./hbbs:/root
restart: unless-stopped
hbbr:
image: rustdesk/rustdesk-server:latest
container_name: rustdesk-hbbr
command: hbbr
ports:
- "21117:21117" # 中继服务器
volumes:
- ./hbbr:/root
restart: unless-stopped镜像部署
- 多了一个 api 能力
- 需要通过
RUSTDESK_API_RUSTDESK_KEY和KEY指定密钥,否则会无法连接,这里的密钥可以手动生成 - 通过:
- http://服务器IP:21114 进入RustDesk 管理面板
docker exec -it rustdesk-server /bin/sh进入容器./apimain -h获取命令操作指南apimain reset-admin-pwd [pwd]重置管理员密码(好像不能特殊字符)
#!/bin/bash
set -e
echo "=== RustDesk 自动捕获与闭环部署脚本 ==="
# --- 1. 配置定义 ---
BASE_DIR="/data/rustdesk"
SERVER_IP="47.97.77.163"
JWT_KEY=$(openssl rand -base64 32 | tr -d '\n=+/')
mkdir -p "$BASE_DIR/server" "$BASE_DIR/api"
cd "$BASE_DIR"
# --- 2. 阶段一:触发 Key 生成 ---
echo "阶段 1:启动临时容器以生成原装密钥..."
cat > compose.yml << EOF
services:
rustdesk:
container_name: rustdesk-server
image: lejianwen/rustdesk-server-s6:latest
environment:
- RELAY=${SERVER_IP}:21117
- TZ=Asia/Shanghai
volumes:
- ./server:/data
restart: "no"
EOF
docker compose up -d
echo "等待镜像初始化文件..."
sleep 12
# --- 3. 阶段二:读取生成的密钥 ---
PUB_KEY_FILE="./server/id_ed25519.pub"
if [ -f "$PUB_KEY_FILE" ]; then
# 读取并去除所有可能的不可见字符
CAPTURED_KEY=$(cat "$PUB_KEY_FILE" | tr -d '\n\r ')
echo "成功捕获密钥: $CAPTURED_KEY"
else
echo "❌ 错误:镜像未能在指定时间内生成密钥文件!"
exit 1
fi
# --- 4. 阶段三:动态重写正式配置 ---
echo "阶段 2:注入捕获的密钥并重新部署正式服务..."
cat > compose.yml << EOF
services:
rustdesk:
container_name: rustdesk-server
image: lejianwen/rustdesk-server-s6:latest
ports:
- "21114:21114"
- "21115:21115"
- "21116:21116"
- "21116:21116/udp"
- "21117:21117"
- "21118:21118"
- "21119:21119"
environment:
- RELAY=${SERVER_IP}:21117
- ENCRYPTED_ONLY=1
- MUST_LOGIN=N
- TZ=Asia/Shanghai
- RUSTDESK_API_RUSTDESK_ID_SERVER=${SERVER_IP}:21116
- RUSTDESK_API_RUSTDESK_RELAY_SERVER=${SERVER_IP}:21117
- RUSTDESK_API_RUSTDESK_API_SERVER=http://${SERVER_IP}:21114
# 核心:自动注入读取到的 Key
- RUSTDESK_API_KEY_FILE=/data/id_ed25519.pub
- KEY=${CAPTURED_KEY}
- RUSTDESK_API_RUSTDESK_KEY=${CAPTURED_KEY}
- RUSTDESK_API_JWT_KEY=${JWT_KEY}
volumes:
- ./server:/data
- ./api:/app/data
restart: unless-stopped
stdin_open: true
tty: true
EOF
# --- 5. 阶段四:正式上线 ---
echo "阶段 3:启动正式服务..."
# 赋予权限确保 API 能够读取新生成的 sqlite 数据库和 Key
chmod -R 777 "$BASE_DIR/server" "$BASE_DIR/api"
docker compose up -d --force-recreate
echo "------------------------------------------------"
echo "✅ 自动闭环部署成功!"
echo "捕获到的 Key: $CAPTURED_KEY"
echo "管理后台: http://${SERVER_IP}:21114"
echo "------------------------------------------------"
# 最终健康检查
sleep 5
if docker exec rustdesk-server netstat -tunlp | grep :21114 >/dev/null; then
echo "状态:API 服务已完美对齐 Key 并启动。"
else
echo "警告:API 未能启动,请检查日志。"
fi