feat: 新增 tty2web 用于替换 Nginx/websocketd 作为 logviewer

[lyimoexiao]

• 新增 setup_tty2web 函数，支持自动下载并启动 tty2web
• 支持多种架构：x86_64, i386, aarch64, arm, mips 等
• 下载失败时自动回退到 websocketd
• 修改 trans.sh 和 debian.cfg 优先使用 tty2web
• tty2web 更轻量也更优雅，自带 Web 界面和 WebSocket 支持

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

此拉取请求引入了 tty2web 作为新的日志查看器，旨在替换现有的 Nginx 和 websocketd 方案。通过自动下载、多架构支持和下载失败回退机制，它提供了一个更轻量、更优雅且功能更强大的日志查看体验，从而优化了系统资源使用并提升了用户体验。

Highlights

• 新增 tty2web 支持: 引入了 setup_tty2web 函数，用于自动下载并启动 tty2web 作为日志查看器。
• 多架构兼容性: tty2web 支持多种系统架构，包括 x86_64, i386, aarch64, arm, mips 等，增强了部署灵活性。
• 健壮的降级机制: 当 tty2web 下载失败时，系统会自动回退到使用 websocketd，确保日志查看功能可用。
• 优先级调整: trans.sh 和 debian.cfg 已修改，优先使用 tty2web，取代 Nginx 和 websocketd。
• 性能与体验优化: tty2web 提供了一个更轻量、更优雅的解决方案，自带 Web 界面和 WebSocket 支持，提升了日志查看体验。

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• debian.cfg
  • 修改了日志查看器的启动逻辑，现在会尝试根据系统架构下载并启动 tty2web。
  • 如果 tty2web 下载或启动失败，将回退到使用 websocketd。
• trans.sh
  • 新增了 setup_tty2web 函数，负责检测架构、下载 tty2web 二进制文件、赋予执行权限并启动服务。
  • 更新了 setup_web_if_enough_ram 函数，使其调用 setup_tty2web 而非 setup_websocketd。

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

本次 Pull Request 主要是引入了 tty2web 来替代 Nginx/websocketd 作为日志查看器，这是一个很好的改进，因为 tty2web 更加轻量。相关的修改包括在 debian.cfg 和 trans.sh 中增加了对 tty2web 的架构检测、下载和启动逻辑，并在下载失败时回退到 websocketd。

代码整体实现清晰，但在几个地方可以进一步完善：

1. 在 debian.cfg 和 trans.sh 中，aarch64 架构的映射存在错误，这会导致在 aarch64 平台上无法下载正确的二进制文件。
2. trans.sh 中的下载重试逻辑存在冗余，可以简化。
3. trans.sh 的 case 语句中有一处冗余代码。

我已经针对这些问题提出了具体的修改建议。

[gemini-code-assist]

aarch64 架构应映射到 linux_arm64 而不是 linux_arm，以确保在 aarch64 系统上能下载到正确的 tty2web 二进制文件。

                aarch64) tty2web_arch="linux_arm64" ;; \

[gemini-code-assist]

aarch64 架构应映射到 linux_arm64 而不是 linux_arm，以确保在 aarch64 系统上能下载到正确的 tty2web 二进制文件。

Suggested change

	aarch64) tty2web_arch="linux_arm" ;;
	aarch64) tty2web_arch="linux_arm64" ;;

[gemini-code-assist]

return 语句会立即退出函数，因此其后的 ;; 是多余的，可以移除以提高代码整洁性。

Suggested change

	return
	;;
	return

[gemini-code-assist]

下载 tty2web 的重试逻辑存在冗余。wget 函数本身已经包含了5次重试的逻辑，而在 setup_tty2web 函数中又进行了一个10次的循环，导致总共可能重试50次，这有些过多。此外，2>/dev/null 会抑制 wget 的错误输出，不利于问题排查。

建议简化此处的下载和权限设置逻辑，直接利用 wget 函数的重试机制，并移除错误抑制，使代码更简洁且易于维护。

Suggested change

	local download_success=false
	for i in $(seq 1 10); do
	if wget "$tty2web_url" -O /tmp/tty2web 2>/dev/null; then
	download_success=true
	break
	fi
	echo "Download attempt $i failed, retrying..."
	sleep 5
	done
	if [ "$download_success" != "true" ]; then
	echo "Failed to download tty2web, falling back to websocketd"
	setup_websocketd
	return
	fi
	# 赋予执行权限
	chmod +x /tmp/tty2web
	if wget "$tty2web_url" -O /tmp/tty2web; then
	chmod +x /tmp/tty2web
	else
	echo "Failed to download tty2web, falling back to websocketd"
	setup_websocketd
	return
	fi

[Copilot]

Pull request overview

This PR switches the “web log viewer” mechanism from websocketd to tty2web, adding runtime download + startup logic and keeping websocketd as a fallback in some cases.

Changes:

• Add setup_tty2web() to download and start tty2web for streaming /reinstall.log.
• Update setup_web_if_enough_ram() to prefer tty2web instead of websocketd.
• Update Debian installer early_command to download/run tty2web for /var/log/syslog, falling back to websocketd if available.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 8 comments.

File	Description
trans.sh	Adds tty2web setup logic and switches the RAM-gated web viewer to use it.
debian.cfg	Updates installer-time log viewer to try tty2web first and then fall back to websocketd.

---

You can also share your feedback on Copilot code review. Take the survey.

[Copilot]

The comment says this uses the GitHub API to fetch the latest release URL, but the code actually hard-codes the releases/latest/download/... URL and makes no API call. This is misleading documentation—either update the comment to match the implementation or implement the API-based lookup that’s described.

Suggested change

	# 使用 GitHub API 获取最新 release 的下载链接
	# 通过 GitHub 的 releases/latest/download 地址获取最新 release 的二进制文件

[Copilot]

This downloads a prebuilt executable from GitHub and then runs it as root (/tmp/tty2web) without any integrity/authenticity verification (no pinned version, checksum, signature, or trusted repository). This is a supply-chain risk; consider pinning an exact version and verifying a checksum/signature before chmod/exec, or installing via a trusted package source instead of executing an arbitrary remote binary.

[Copilot]

This downloads and executes /tmp/tty2web during install without pinning a version or verifying integrity/authenticity (checksum/signature). Since this runs with installer/root privileges, it introduces a supply-chain risk. Prefer pinning a specific release and verifying a published checksum/signature (or sourcing from distro packages) before chmod/exec.

Suggested change

	arch=$(uname -m); \
	case "$arch" in \
	x86_64) tty2web_arch="linux_amd64" ;; \
	i386|i686) tty2web_arch="linux_386" ;; \
	aarch64) tty2web_arch="linux_arm" ;; \
	armv7l|armhf) tty2web_arch="linux_arm" ;; \
	mips) tty2web_arch="linux_mips" ;; \
	mips64) tty2web_arch="linux_mips64" ;; \
	mips64le) tty2web_arch="linux_mips64le" ;; \
	mipsle) tty2web_arch="linux_mipsle" ;; \
	s390x) tty2web_arch="linux_s390x" ;; \
	*) tty2web_arch="" ;; \
	esac; \
	tty2web_url="https://github.com/kost/tty2web/releases/latest/download/tty2web_${tty2web_arch}"; \
	tty2web_downloaded=false; \
	if [ -n "$tty2web_arch" ]; then \
	for _ in {1..10}; do \
	if wget "$tty2web_url" -O /tmp/tty2web; then \
	chmod +x /tmp/tty2web; \
	tty2web_downloaded=true; \
	break; \
	tty2web_version="v3.0.4"; \ # pinned tty2web release version (update as needed) \
	arch=$(uname -m); \
	case "$arch" in \
	x86_64) \
	tty2web_arch="linux_amd64"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_AMD64"; \
	;; \
	i386|i686) \
	tty2web_arch="linux_386"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_386"; \
	;; \
	aarch64) \
	tty2web_arch="linux_arm"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_ARM64"; \
	;; \
	armv7l|armhf) \
	tty2web_arch="linux_arm"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_ARMV7"; \
	;; \
	mips) \
	tty2web_arch="linux_mips"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_MIPS"; \
	;; \
	mips64) \
	tty2web_arch="linux_mips64"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_MIPS64"; \
	;; \
	mips64le) \
	tty2web_arch="linux_mips64le"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_MIPS64LE"; \
	;; \
	mipsle) \
	tty2web_arch="linux_mipsle"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_MIPSLE"; \
	;; \
	s390x) \
	tty2web_arch="linux_s390x"; \
	tty2web_sha256="REPLACE_WITH_ACTUAL_SHA256_FOR_LINUX_S390X"; \
	;; \
	*) \
	tty2web_arch=""; \
	tty2web_sha256=""; \
	;; \
	esac; \
	tty2web_url="https://github.com/kost/tty2web/releases/download/${tty2web_version}/tty2web_${tty2web_arch}"; \
	tty2web_downloaded=false; \
	if [ -n "$tty2web_arch" ] && [ -n "$tty2web_sha256" ] && command -v sha256sum >/dev/null 2>&1; then \
	for _ in {1..10}; do \
	if wget "$tty2web_url" -O /tmp/tty2web; then \
	if printf '%s %s\n' "$tty2web_sha256" "/tmp/tty2web" | sha256sum -c - >/dev/null 2>&1; then \
	chmod +x /tmp/tty2web; \
	tty2web_downloaded=true; \
	break; \
	else \
	echo "tty2web checksum verification failed, retrying..." >&2; \
	rm -f /tmp/tty2web; \
	fi; \

[Copilot]

pkill nginx is very broad and will terminate any nginx running on the host, not just an instance started by this script. That can cause unexpected downtime if the script is run on a system that already uses nginx. Consider managing the specific process you start (pidfile/background PID) or stopping only a known instance/config rather than killing all nginx processes.

Suggested change

	pkill nginx || true
	# 仅在明确要求由本脚本管理 nginx 时才尝试停止 nginx，
	# 避免意外停止系统上其他用途的 nginx 实例
	if [ "${TRANS_MANAGE_NGINX:-false}" = "true" ]; then
	pkill nginx || true
	fi

[Copilot]

aarch64 is mapped to linux_arm, which is typically used for 32-bit ARM. Elsewhere in this repo aarch64 is treated as arm64 (e.g., get_axx64() maps aarch64→arm64). This mismatch likely causes the wrong tty2web binary to be downloaded (or an exec format error) on ARM64 systems; consider mapping aarch64 to an ARM64 asset name and keeping linux_arm for 32-bit ARM variants only.

Suggested change

	aarch64) tty2web_arch="linux_arm" ;;
	aarch64) tty2web_arch="linux_arm64" ;;

[Copilot]

aarch64 is mapped to linux_arm, which is generally a 32-bit ARM designation. In other parts of the repo aarch64 maps to arm64, so this likely downloads the wrong binary (or fails to execute) on ARM64 installers. Consider mapping aarch64 to the ARM64 tty2web asset name and reserving linux_arm for 32-bit ARM.

Suggested change

	aarch64) tty2web_arch="linux_arm" ;; \
	aarch64) tty2web_arch="linux_arm64" ;; \

[Copilot]

The retry loop uses wget without any connection/read timeout, so a single attempt can hang for a long time (making the overall “10 attempts” bound ineffective). Consider adding explicit wget timeouts (and --tries=1 per loop iteration) so the fallback to websocketd happens predictably when GitHub is slow/unreachable.

[Copilot]

The wget retry loop has no explicit timeout, so an individual attempt can block for an extended period and significantly delay the installer. Consider adding wget timeouts (and --tries=1 per iteration) so the loop duration is bounded and fallback behavior is predictable.

[bin456789]

我的建议是换成更轻量的 ttyd
https://github.com/tsl0922/ttyd

还有一点，纯 ipv6 无法从 github release 下载文件

[lyimoexiao]

我的建议是换成更轻量的 ttyd
https://github.com/tsl0922/ttyd

提醒我了，忘了还有这东西了（）

还有一点，纯 ipv6 无法从 github release 下载文件

那咱直接推二进制到仓库吗？也不太合适吧。。。

[bin456789]

可以换成 tty-share
https://pkgs.org/download/tty-share
arch debian ubuntu 有收录
使用他们的镜像源，完美解决 ipv6 和国内下载问题

可能还有合适的软件
https://github.com/xtermjs/xterm.js?tab=readme-ov-file#real-world-uses

不过 tty-share 依赖少
debian installer 可以直接用
alpine 装了 gcompat 也能用

[lyimoexiao]

不过 tty-share 依赖少
debian installer 可以直接用
alpine 装了 gcompat 也能用

确实，晚上测试下

[lyimoexiao]

使用他们的镜像源，完美解决 ipv6 和国内下载问题

我又想了下，既然都用第三方镜像源了，那可信度不就和我们自己推二进制到仓库差不多了吗（

或者就用 ci 做个自动推送，至少透明度和可控性比直接用人家的镜像源要好。

不过 tty-share 依赖少 debian installer 可以直接用 alpine 装了 gcompat 也能用

看了下 tty-share 不支持 readonly session，有安全风险，不太好集成进来。

可能还有合适的软件
https://github.com/xtermjs/xterm.js?tab=readme-ov-file#real-world-uses

目前来看貌似除了 ttyd 没有其他更好的选择了。

[bin456789]

啥？debian/ubuntu 官方镜像源就有 tty-share 啊

tty-share 有个 --readonly 参数

[lyimoexiao]

啥？debian/ubuntu 官方镜像源就有 tty-share 啊

tty-share 有个 --readonly 参数

我翻了 github 的仓库没看到有 readonly （

然后下的 release 也没有（

不过说真，既然都用仓库源了，不如直接自己存吧。至少透明度和可控性比直接用人家的源的要好？

这样能用上更好的 ttyd （）