docs: change reserve proxy section to extra (#34)

Author: wuhang2003

pages/docs/extra.mdx

@@ -3,7 +3,203 @@
 import { Callout } from 'nextra/components';
 
 <Callout type="warning" emoji="⚠️">
-此部分内容是可选的，在正常情况，你不需要参考这部分内容。以下部分仅针对有特定需求的用户进行参考。
+此部分内容将说明一些额外的操作流程，根据自己需要进行配置。
+</Callout>
+
+## 反向代理
+
+在这里提供双域名（前端和后端各用一个域名）与单域名（前后端共用一个域名）的配置步骤。
+
+当然不管使用哪种方法，都建议用控制面板（如宝塔、1Panel 等）的使用面板提供的反代功能单独粘贴对应的反代配置部分完成配置（需要删掉开头和结尾的 server 块），手写反代配置的大佬随意。
+
+### 双域名
+
+这里假定前端域名为 `www.example.com`，后端为 `server.example.com`。
+
+以下是后端 `server.example.com` 反代配置部分
+
+```nginx
+server {
+    ## 反向代理开始
+    ## WebSocket
+    location /socket.io {
+      proxy_pass http://127.0.0.1:2333/socket.io; 
+      proxy_set_header Host $host; 
+      proxy_set_header X-Real-IP $remote_addr; 
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
+      proxy_set_header REMOTE-HOST $remote_addr; 
+      proxy_set_header Upgrade $http_upgrade; 
+      proxy_set_header Connection "upgrade"; 
+      proxy_buffering off;
+      proxy_http_version 1.1; 
+      add_header Cache-Control no-cache; 
+    }
+    ## Others
+    location / {
+      proxy_pass http://127.0.0.1:2333; 
+      proxy_set_header Host $host; 
+      proxy_set_header X-Real-IP $remote_addr; 
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
+      proxy_set_header REMOTE-HOST $remote_addr; 
+      add_header X-Cache $upstream_cache_status; 
+    }
+    ## 反向代理结束
+}
+```
+
+前端 `www.example.com` 反代部分
+
+```nginx
+server{
+    location ~* \.(gif|png|jpg|css|js|woff|woff2)$ {
+      proxy_pass http://127.0.0.1:2323;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header REMOTE-HOST $remote_addr;
+      expires 30d;
+    }
+    location ~* \/(feed|sitemap|atom.xml) {
+      proxy_pass http://127.0.0.1:2333/$1;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header REMOTE-HOST $remote_addr;
+      add_header X-Cache $upstream_cache_status;
+      add_header Cache-Control max-age=60;
+    }
+    location / {
+      proxy_pass http://127.0.0.1:2323;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header REMOTE-HOST $remote_addr;
+      add_header X-Cache $upstream_cache_status;
+      add_header Cache-Control no-cache;
+      proxy_intercept_errors on;
+    }
+}
+```
+
+<Callout type="info">
+如果您使用此部分示例配置 Nginx 反向代理，您的：
+- API 地址为 `https://server.example.com/api/v2`
+- 前端（Kami/Shiro）地址为 `https://www.example.com` 
+- GateWay 为 `https://server.example.com`
+- 后台为 `https://server.example.com/qaqdmin`
+- 本地后台为 `https://server.example.com/proxy/qaqdmin`
+</Callout>
+
+### 单域名
+
+以下配置文件以 Nginx 为例，请自行修改 SSL 证书路径以及自己的网站域名。
+
+若使用 Caddy 进行配置可参考 [Caddyfile 文件示例](https://github.com/mx-space/docker/blob/master/Caddyfile.example)进行相应修改。
+
+```nginx
+server {
+    ## 反向代理开始 
+    ## WebSocket 地址
+    location /socket.io {
+        proxy_set_header Upgrade $http_upgrade; 
+        proxy_set_header Connection "Upgrade"; 
+        proxy_buffering off; 
+        proxy_set_header Host $host; 
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
+        proxy_set_header X-Forwarded-Proto $scheme; 
+        proxy_pass http://127.0.0.1:2333/socket.io; 
+    }
+    ## API 地址
+    location /api/v2 {
+        proxy_pass http://127.0.0.1:2333/api/v2; 
+    }
+    ## 简读 render 地址
+    location /render {
+        proxy_pass http://127.0.0.1:2333/render; 
+    }
+    ## Kami 地址
+    location / {
+        proxy_pass http://127.0.0.1:2323; 
+    }
+    ## 后台地址
+    location /qaqdmin {
+        proxy_pass http://127.0.0.1:2333/qaqdmin;
+    }
+    ## 本地后台地址
+    location /proxy {
+        proxy_pass http://127.0.0.1:2333/proxy;
+    }
+    ## RSS 地址
+    location ~* \/(feed|sitemap|atom.xml) {
+        proxy_pass http://127.0.0.1:2333/$1; 
+    }
+    ## 反向代理结束
+}
+``` 
+
+完整示例如下
+
+```nginx
+server {
+    listen 80;
+    listen 443 ssl http2 ; 
+    ## 绑定域名 
+    server_name www.example.com; 
+    index index.html; 
+    proxy_set_header Host $host; 
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
+    proxy_set_header X-Forwarded-Host $server_name; 
+    proxy_set_header Upgrade $http_upgrade; 
+    proxy_set_header Connection "upgrade"; 
+    error_log /www/sites/www.example.com/log/error.log;
+    access_log /www/sites/www.example.com/log/access.log; 
+    location /socket.io {
+        proxy_set_header Upgrade $http_upgrade; 
+        proxy_set_header Connection "Upgrade"; 
+        proxy_set_header Host $host; 
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
+        proxy_set_header X-Forwarded-Proto $scheme; 
+        proxy_pass http://127.0.0.1:2333/socket.io; 
+    }
+    location /api/v2 {
+        proxy_pass http://127.0.0.1:2333/api/v2; 
+    }
+    location /render {
+        proxy_pass http://127.0.0.1:2333/render; 
+    }
+    location / {
+        proxy_pass http://127.0.0.1:2323; 
+    }
+    location /qaqdmin {
+        proxy_pass http://127.0.0.1:2333/qaqdmin;
+    }
+    location /proxy {
+        proxy_pass http://127.0.0.1:2333/proxy;
+    }
+    location ~* \/(feed|sitemap|atom.xml) {
+        proxy_pass http://127.0.0.1:2333/$1; 
+    }
+    ssl_certificate /www/sites/www.example.com/ssl/fullchain.pem; 
+    ssl_certificate_key /www/sites/www.example.com/ssl/privkey.pem; 
+    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1; 
+    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK'; 
+    ssl_prefer_server_ciphers on; 
+    ssl_session_cache shared:SSL:10m; 
+    ssl_session_timeout 10m; 
+    error_page 497 https://$host$request_uri; 
+    limit_conn perserver 300; 
+    limit_conn perip 25; 
+    limit_rate 512k; 
+}
+```
+
+<Callout type="info">
+如果您使用此部分示例配置 Nginx 反向代理，您的：
+- API 地址为 `https://www.example.com/api/v2`
+- 前端（Kami/Shiro）地址为 `https://www.example.com` 
+- GateWay 为 `https://www.example.com`
+- 后台为 `https://www.example.com/qaqdmin`
+- 本地后台为 `https://www.example.com/proxy/qaqdmin`
 </Callout>
 
 ## 配置其他 Redis 服务

pages/themes/kami.mdx

@@ -68,117 +68,6 @@ pnpm build
 pnpm prod:pm2
 ```
 
-### 反向代理
-
-以下配置文件以 Nginx 为例，若使用 Caddy 进行配置可参考 [Caddyfile 文件示例](https://github.com/mx-space/docker/blob/master/Caddyfile.example)进行相应修改。
-
-```nginx
-server {
-    ## 反向代理开始 
-    ## WebSocket 地址
-    location /socket.io {
-        proxy_set_header Upgrade $http_upgrade; 
-        proxy_set_header Connection "Upgrade"; 
-        proxy_buffering off; 
-        proxy_set_header Host $host; 
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
-        proxy_set_header X-Forwarded-Proto $scheme; 
-        proxy_pass http://127.0.0.1:2333/socket.io; 
-    }
-    ## API 地址
-    location /api/v2 {
-        proxy_pass http://127.0.0.1:2333/api/v2; 
-    }
-    ## 简读 render 地址
-    location /render {
-        proxy_pass http://127.0.0.1:2333/render; 
-    }
-    ## Kami 地址
-    location / {
-        proxy_pass http://127.0.0.1:2323; 
-    }
-    ## 后台地址
-    location /qaqdmin {
-        proxy_pass http://127.0.0.1:2333/qaqdmin;
-    }
-    ## 本地后台地址
-    location /proxy {
-        proxy_pass http://127.0.0.1:2333/proxy;
-    }
-    ## RSS 地址
-    location ~* \/(feed|sitemap|atom.xml) {
-        proxy_pass http://127.0.0.1:2333/$1; 
-    }
-    ## 反向代理结束
-}
-``` 
-
-完整示例如下
-
-```nginx
-server {
-    listen 80;
-    listen 443 ssl http2 ; 
-    ## 绑定域名 
-    server_name www.example.com; 
-    index index.html; 
-    proxy_set_header Host $host; 
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
-    proxy_set_header X-Forwarded-Host $server_name; 
-    proxy_set_header Upgrade $http_upgrade; 
-    proxy_set_header Connection "upgrade"; 
-    error_log /www/sites/www.example.com/log/error.log;
-    access_log /www/sites/www.example.com/log/access.log; 
-    location /socket.io {
-        proxy_set_header Upgrade $http_upgrade; 
-        proxy_set_header Connection "Upgrade"; 
-        proxy_set_header Host $host; 
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
-        proxy_set_header X-Forwarded-Proto $scheme; 
-        proxy_pass http://127.0.0.1:2333/socket.io; 
-    }
-    location /api/v2 {
-        proxy_pass http://127.0.0.1:2333/api/v2; 
-    }
-    location /render {
-        proxy_pass http://127.0.0.1:2333/render; 
-    }
-    location / {
-        proxy_pass http://127.0.0.1:2323; 
-    }
-    location /qaqdmin {
-        proxy_pass http://127.0.0.1:2333/qaqdmin;
-    }
-    location /proxy {
-        proxy_pass http://127.0.0.1:2333/proxy;
-    }
-    location ~* \/(feed|sitemap|atom.xml) {
-        proxy_pass http://127.0.0.1:2333/$1; 
-    }
-    ssl_certificate /www/sites/www.example.com/ssl/fullchain.pem; 
-    ssl_certificate_key /www/sites/www.example.com/ssl/privkey.pem; 
-    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1; 
-    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK'; 
-    ssl_prefer_server_ciphers on; 
-    ssl_session_cache shared:SSL:10m; 
-    ssl_session_timeout 10m; 
-    error_page 497 https://$host$request_uri; 
-    limit_conn perserver 300; 
-    limit_conn perip 25; 
-    limit_rate 512k; 
-}
-```
-### 完成
-
-<Callout type="info">
-如果您按照文档示例配置 Nginx 反向代理，您要时刻记住，您的：
-- API 地址为 `https://www.example.com/api/v2`
-- Kami 地址为 `https://www.example.com` 
-- GateWay 为 `https://www.example.com`
-- 后台为 `https://www.example.com/qaqdmin`
-- 本地后台为 `https://www.example.com/proxy/qaqdmin`
-</Callout>
-
 </Steps>
 
 ## 更新