feat: 实现后台在线更新功能

- 前端添加更新和重启按钮，支持一键更新 Release 构建
- 修复条件判断优先级问题，确保错误/成功状态正确显示
- 后端使用原子文件替换模式，确保更新过程安全可靠
- 在可执行文件同目录创建临时文件，保证 rename 原子性
- 删除未使用的 copyFile 函数，保持代码整洁

.gitignore

@@ -91,4 +91,5 @@ backend/data/
 # ===================
 tests
 CLAUDE.md
-.claude
+.claude
+scripts

README.md

@@ -107,7 +107,7 @@ sudo journalctl -u sub2api -f
 sudo systemctl restart sub2api
 
 # Uninstall
-curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/install.sh | sudo bash -s uninstall
+curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/install.sh | sudo bash -s -- uninstall -y
 ```
 
 ---

README_CN.md

@@ -107,7 +107,7 @@ sudo journalctl -u sub2api -f
 sudo systemctl restart sub2api
 
 # 卸载
-curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/install.sh | sudo bash -s uninstall
+curl -sSL https://raw.githubusercontent.com/Wei-Shaw/sub2api/main/deploy/install.sh | sudo bash -s -- uninstall -y
 ```
 
 ---

backend/internal/handler/admin/system_handler.go

@@ -2,8 +2,10 @@ package admin
 
 import (
 	"net/http"
+	"time"
 
 	"sub2api/internal/pkg/response"
+	"sub2api/internal/pkg/sysutil"
 	"sub2api/internal/service"
 
 	"github.com/gin-gonic/gin"
@@ -72,10 +74,14 @@ func (h *SystemHandler) Rollback(c *gin.Context) {
 // RestartService restarts the systemd service
 // POST /api/v1/admin/system/restart
 func (h *SystemHandler) RestartService(c *gin.Context) {
-	if err := h.updateSvc.RestartService(); err != nil {
-		response.Error(c, http.StatusInternalServerError, err.Error())
-		return
-	}
+	// Schedule service restart in background after sending response
+	// This ensures the client receives the success response before the service restarts
+	go func() {
+		// Wait a moment to ensure the response is sent
+		time.Sleep(500 * time.Millisecond)
+		sysutil.RestartServiceAsync()
+	}()
+
 	response.Success(c, gin.H{
 		"message": "Service restart initiated",
 	})

backend/internal/pkg/sysutil/restart.go

@@ -0,0 +1,47 @@
+package sysutil
+
+import (
+	"log"
+	"os"
+	"runtime"
+	"time"
+)
+
+// RestartService triggers a service restart by gracefully exiting.
+//
+// This relies on systemd's Restart=always configuration to automatically
+// restart the service after it exits. This is the industry-standard approach:
+//   - Simple and reliable
+//   - No sudo permissions needed
+//   - No complex process management
+//   - Leverages systemd's native restart capability
+//
+// Prerequisites:
+//   - Linux OS with systemd
+//   - Service configured with Restart=always in systemd unit file
+func RestartService() error {
+	if runtime.GOOS != "linux" {
+		log.Println("Service restart via exit only works on Linux with systemd")
+		return nil
+	}
+
+	log.Println("Initiating service restart by graceful exit...")
+	log.Println("systemd will automatically restart the service (Restart=always)")
+
+	// Give a moment for logs to flush and response to be sent
+	go func() {
+		time.Sleep(100 * time.Millisecond)
+		os.Exit(0)
+	}()
+
+	return nil
+}
+
+// RestartServiceAsync is a fire-and-forget version of RestartService.
+// It logs errors instead of returning them, suitable for goroutine usage.
+func RestartServiceAsync() {
+	if err := RestartService(); err != nil {
+		log.Printf("Service restart failed: %v", err)
+		log.Println("Please restart the service manually: sudo systemctl restart sub2api")
+	}
+}

backend/internal/service/gateway_service.go

@@ -35,25 +35,25 @@ const (
 
 // allowedHeaders 白名单headers（参考CRS项目）
 var allowedHeaders = map[string]bool{
-	"accept":                                  true,
-	"x-stainless-retry-count":                 true,
-	"x-stainless-timeout":                     true,
-	"x-stainless-lang":                        true,
-	"x-stainless-package-version":             true,
-	"x-stainless-os":                          true,
-	"x-stainless-arch":                        true,
-	"x-stainless-runtime":                     true,
-	"x-stainless-runtime-version":             true,
-	"x-stainless-helper-method":               true,
+	"accept":                                    true,
+	"x-stainless-retry-count":                   true,
+	"x-stainless-timeout":                       true,
+	"x-stainless-lang":                          true,
+	"x-stainless-package-version":               true,
+	"x-stainless-os":                            true,
+	"x-stainless-arch":                          true,
+	"x-stainless-runtime":                       true,
+	"x-stainless-runtime-version":               true,
+	"x-stainless-helper-method":                 true,
 	"anthropic-dangerous-direct-browser-access": true,
-	"anthropic-version":                       true,
-	"x-app":                                   true,
-	"anthropic-beta":                          true,
-	"accept-language":                         true,
-	"sec-fetch-mode":                          true,
-	"accept-encoding":                         true,
-	"user-agent":                              true,
-	"content-type":                            true,
+	"anthropic-version":                         true,
+	"x-app":                                     true,
+	"anthropic-beta":                            true,
+	"accept-language":                           true,
+	"sec-fetch-mode":                            true,
+	"accept-encoding":                           true,
+	"user-agent":                                true,
+	"content-type":                              true,
 }
 
 // ClaudeUsage 表示Claude API返回的usage信息
@@ -418,13 +418,19 @@ func (s *GatewayService) Forward(ctx context.Context, c *gin.Context, account *m
 	}
 
 	// 构建上游请求
-	upstreamReq, err := s.buildUpstreamRequest(ctx, c, account, body, token, tokenType)
+	upstreamResult, err := s.buildUpstreamRequest(ctx, c, account, body, token, tokenType)
 	if err != nil {
 		return nil, err
 	}
 
+	// 选择使用的client：如果有代理则使用独立的client，否则使用共享的httpClient
+	httpClient := s.httpClient
+	if upstreamResult.Client != nil {
+		httpClient = upstreamResult.Client
+	}
+
 	// 发送请求
-	resp, err := s.httpClient.Do(upstreamReq)
+	resp, err := httpClient.Do(upstreamResult.Request)
 	if err != nil {
 		return nil, fmt.Errorf("upstream request failed: %w", err)
 	}
@@ -437,11 +443,16 @@ func (s *GatewayService) Forward(ctx context.Context, c *gin.Context, account *m
 		if err != nil {
 			return nil, fmt.Errorf("token refresh failed: %w", err)
 		}
-		upstreamReq, err = s.buildUpstreamRequest(ctx, c, account, body, token, tokenType)
+		upstreamResult, err = s.buildUpstreamRequest(ctx, c, account, body, token, tokenType)
 		if err != nil {
 			return nil, err
 		}
-		resp, err = s.httpClient.Do(upstreamReq)
+		// 重试时也需要使用正确的client
+		httpClient = s.httpClient
+		if upstreamResult.Client != nil {
+			httpClient = upstreamResult.Client
+		}
+		resp, err = httpClient.Do(upstreamResult.Request)
 		if err != nil {
 			return nil, fmt.Errorf("retry request failed: %w", err)
 		}
@@ -480,7 +491,13 @@ func (s *GatewayService) Forward(ctx context.Context, c *gin.Context, account *m
 	}, nil
 }
 
-func (s *GatewayService) buildUpstreamRequest(ctx context.Context, c *gin.Context, account *model.Account, body []byte, token, tokenType string) (*http.Request, error) {
+// buildUpstreamRequestResult contains the request and optional custom client for proxy
+type buildUpstreamRequestResult struct {
+	Request *http.Request
+	Client  *http.Client // nil means use default s.httpClient
+}
+
+func (s *GatewayService) buildUpstreamRequest(ctx context.Context, c *gin.Context, account *model.Account, body []byte, token, tokenType string) (*buildUpstreamRequestResult, error) {
 	// 确定目标URL
 	targetURL := claudeAPIURL
 	if account.Type == model.AccountTypeApiKey {
@@ -549,7 +566,8 @@ func (s *GatewayService) buildUpstreamRequest(ctx context.Context, c *gin.Contex
 		req.Header.Set("anthropic-beta", s.getBetaHeader(body, c.GetHeader("anthropic-beta")))
 	}
 
-	// 配置代理
+	// 配置代理 - 创建独立的client避免并发修改共享httpClient
+	var customClient *http.Client
 	if account.ProxyID != nil && account.Proxy != nil {
 		proxyURL := account.Proxy.URL()
 		if proxyURL != "" {
@@ -566,12 +584,18 @@ func (s *GatewayService) buildUpstreamRequest(ctx context.Context, c *gin.Contex
 					IdleConnTimeout:       90 * time.Second,
 					ResponseHeaderTimeout: responseHeaderTimeout,
 				}
-				s.httpClient.Transport = transport
+				// 创建独立的client，避免并发时修改共享的s.httpClient.Transport
+				customClient = &http.Client{
+					Transport: transport,
+				}
 			}
 		}
 	}
 
-	return req, nil
+	return &buildUpstreamRequestResult{
+		Request: req,
+		Client:  customClient,
+	}, nil
 }
 
 // getBetaHeader 处理anthropic-beta header

backend/internal/service/update_service.go

@@ -13,7 +13,6 @@ import (
 	"net/http"
 	"net/url"
 	"os"
-	"os/exec"
 	"path/filepath"
 	"runtime"
 	"strings"
@@ -126,6 +125,7 @@ func (s *UpdateService) CheckUpdate(ctx context.Context, force bool) (*UpdateInf
 }
 
 // PerformUpdate downloads and applies the update
+// Uses atomic file replacement pattern for safe in-place updates
 func (s *UpdateService) PerformUpdate(ctx context.Context) error {
 	info, err := s.CheckUpdate(ctx, true)
 	if err != nil {
@@ -174,8 +174,11 @@ func (s *UpdateService) PerformUpdate(ctx context.Context) error {
 		return fmt.Errorf("failed to resolve symlinks: %w", err)
 	}
 
-	// Create temp directory for extraction
-	tempDir, err := os.MkdirTemp("", "sub2api-update-*")
+	exeDir := filepath.Dir(exePath)
+
+	// Create temp directory in the SAME directory as executable
+	// This ensures os.Rename is atomic (same filesystem)
+	tempDir, err := os.MkdirTemp(exeDir, ".sub2api-update-*")
 	if err != nil {
 		return fmt.Errorf("failed to create temp dir: %w", err)
 	}
@@ -200,23 +203,36 @@ func (s *UpdateService) PerformUpdate(ctx context.Context) error {
 		return fmt.Errorf("extraction failed: %w", err)
 	}
 
-	// Backup current binary
-	backupFile := exePath + ".backup"
-	if err := os.Rename(exePath, backupFile); err != nil {
-		return fmt.Errorf("backup failed: %w", err)
-	}
-
-	// Replace with new binary
-	if err := copyFile(newBinaryPath, exePath); err != nil {
-		os.Rename(backupFile, exePath)
-		return fmt.Errorf("replace failed: %w", err)
-	}
-
-	// Make executable
-	if err := os.Chmod(exePath, 0755); err != nil {
+	// Set executable permission before replacement
+	if err := os.Chmod(newBinaryPath, 0755); err != nil {
 		return fmt.Errorf("chmod failed: %w", err)
 	}
 
+	// Atomic replacement using rename pattern:
+	// 1. Rename current -> backup (atomic on Unix)
+	// 2. Rename new -> current (atomic on Unix, same filesystem)
+	// If step 2 fails, restore backup
+	backupPath := exePath + ".backup"
+
+	// Remove old backup if exists
+	os.Remove(backupPath)
+
+	// Step 1: Move current binary to backup
+	if err := os.Rename(exePath, backupPath); err != nil {
+		return fmt.Errorf("backup failed: %w", err)
+	}
+
+	// Step 2: Move new binary to target location (atomic, same filesystem)
+	if err := os.Rename(newBinaryPath, exePath); err != nil {
+		// Restore backup on failure
+		if restoreErr := os.Rename(backupPath, exePath); restoreErr != nil {
+			return fmt.Errorf("replace failed and restore failed: %w (restore error: %v)", err, restoreErr)
+		}
+		return fmt.Errorf("replace failed (restored backup): %w", err)
+	}
+
+	// Success - backup file is kept for rollback capability
+	// It will be cleaned up on next successful update
 	return nil
 }
 
@@ -244,23 +260,6 @@ func (s *UpdateService) Rollback() error {
 	return nil
 }
 
-// RestartService triggers a service restart via systemd
-func (s *UpdateService) RestartService() error {
-	if runtime.GOOS != "linux" {
-		return fmt.Errorf("systemd restart only available on Linux")
-	}
-
-	// Try direct systemctl first (works if running as root or with proper permissions)
-	cmd := exec.Command("systemctl", "restart", "sub2api")
-	if err := cmd.Run(); err != nil {
-		// Try with sudo (requires NOPASSWD sudoers entry)
-		sudoCmd := exec.Command("sudo", "systemctl", "restart", "sub2api")
-		if sudoErr := sudoCmd.Run(); sudoErr != nil {
-			return fmt.Errorf("systemctl restart failed: %w (sudo also failed: %v)", err, sudoErr)
-		}
-	}
-	return nil
-}
 
 func (s *UpdateService) fetchLatestRelease(ctx context.Context) (*UpdateInfo, error) {
 	url := fmt.Sprintf("https://api.github.com/repos/%s/releases/latest", githubRepo)
@@ -533,23 +532,6 @@ func (s *UpdateService) extractBinary(archivePath, destPath string) error {
 	return err
 }
 
-func copyFile(src, dst string) error {
-	in, err := os.Open(src)
-	if err != nil {
-		return err
-	}
-	defer in.Close()
-
-	out, err := os.Create(dst)
-	if err != nil {
-		return err
-	}
-	defer out.Close()
-
-	_, err = io.Copy(out, in)
-	return err
-}
-
 func (s *UpdateService) getFromCache(ctx context.Context) (*UpdateInfo, error) {
 	data, err := s.rdb.Get(ctx, updateCacheKey).Result()
 	if err != nil {

backend/internal/setup/handler.go

@@ -2,17 +2,15 @@ package setup
 
 import (
 	"fmt"
-	"log"
 	"net/http"
 	"net/mail"
-	"os/exec"
 	"regexp"
-	"runtime"
 	"strings"
 	"sync"
 	"time"
 
 	"sub2api/internal/pkg/response"
+	"sub2api/internal/pkg/sysutil"
 
 	"github.com/gin-gonic/gin"
 )
@@ -346,7 +344,7 @@ func install(c *gin.Context) {
 	go func() {
 		// Wait a moment to ensure the response is sent
 		time.Sleep(500 * time.Millisecond)
-		triggerServiceRestart()
+		sysutil.RestartServiceAsync()
 	}()
 
 	response.Success(c, gin.H{
@@ -355,27 +353,3 @@ func install(c *gin.Context) {
 	})
 }
 
-// triggerServiceRestart attempts to restart the service via systemd
-// This is called after setup completes to switch from setup mode to normal mode
-func triggerServiceRestart() {
-	if runtime.GOOS != "linux" {
-		log.Println("Service restart: not on Linux, manual restart required")
-		return
-	}
-
-	log.Println("Setup completed, triggering service restart...")
-
-	// Try direct systemctl first (works if running as root or with proper permissions)
-	cmd := exec.Command("systemctl", "restart", "sub2api")
-	if err := cmd.Run(); err != nil {
-		// Try with sudo (requires NOPASSWD sudoers entry)
-		sudoCmd := exec.Command("sudo", "systemctl", "restart", "sub2api")
-		if sudoErr := sudoCmd.Run(); sudoErr != nil {
-			log.Printf("Service restart failed: %v (sudo also failed: %v)", err, sudoErr)
-			log.Println("Please restart the service manually: sudo systemctl restart sub2api")
-			return
-		}
-	}
-
-	log.Println("Service restart initiated successfully")
-}

deploy/install.sh

@@ -73,9 +73,6 @@ declare -A MSG_ZH=(
     ["dirs_configured"]="目录配置完成"
     ["installing_service"]="正在安装 systemd 服务..."
     ["service_installed"]="systemd 服务已安装"
-    ["setting_up_sudoers"]="正在配置 sudoers..."
-    ["sudoers_configured"]="sudoers 配置完成"
-    ["sudoers_failed"]="sudoers 验证失败，已移除文件"
     ["ready_for_setup"]="准备就绪，可以启动设置向导"
 
     # Completion
@@ -131,6 +128,15 @@ declare -A MSG_ZH=(
     ["server_port_hint"]="建议使用 1024-65535 之间的端口"
     ["server_config_summary"]="服务器配置"
     ["invalid_port"]="无效端口号，请输入 1-65535 之间的数字"
+
+    # Service management
+    ["starting_service"]="正在启动服务..."
+    ["service_started"]="服务已启动"
+    ["service_start_failed"]="服务启动失败，请检查日志"
+    ["enabling_autostart"]="正在设置开机自启..."
+    ["autostart_enabled"]="开机自启已启用"
+    ["getting_public_ip"]="正在获取公网 IP..."
+    ["public_ip_failed"]="无法获取公网 IP，使用本地 IP"
 )
 
 # English strings
@@ -173,9 +179,6 @@ declare -A MSG_EN=(
     ["dirs_configured"]="Directories configured"
     ["installing_service"]="Installing systemd service..."
     ["service_installed"]="Systemd service installed"
-    ["setting_up_sudoers"]="Setting up sudoers..."
-    ["sudoers_configured"]="Sudoers configured"
-    ["sudoers_failed"]="Sudoers validation failed, removing file"
     ["ready_for_setup"]="Ready for Setup Wizard"
 
     # Completion
@@ -231,6 +234,15 @@ declare -A MSG_EN=(
     ["server_port_hint"]="Recommended range: 1024-65535"
     ["server_config_summary"]="Server configuration"
     ["invalid_port"]="Invalid port number, please enter a number between 1-65535"
+
+    # Service management
+    ["starting_service"]="Starting service..."
+    ["service_started"]="Service started"
+    ["service_start_failed"]="Service failed to start, please check logs"
+    ["enabling_autostart"]="Enabling auto-start on boot..."
+    ["autostart_enabled"]="Auto-start enabled"
+    ["getting_public_ip"]="Getting public IP..."
+    ["public_ip_failed"]="Failed to get public IP, using local IP"
 )
 
 # Get message based on current language
@@ -260,9 +272,11 @@ print_error() {
     echo -e "${RED}[$(msg 'error')]${NC} $1"
 }
 
-# Check if running interactively (stdin is a terminal)
+# Check if running interactively (can access terminal)
+# When piped (curl | bash), stdin is not a terminal, but /dev/tty may still be available
 is_interactive() {
-    [ -t 0 ]
+    # Check if /dev/tty is available (works even when piped)
+    [ -e /dev/tty ] && [ -r /dev/tty ] && [ -w /dev/tty ]
 }
 
 # Select language
@@ -282,7 +296,7 @@ select_language() {
     echo "  2) $(msg 'lang_en')"
     echo ""
 
-    read -p "$(msg 'enter_choice'): " lang_input
+    read -p "$(msg 'enter_choice'): " lang_input < /dev/tty
 
     case "$lang_input" in
         2|en|EN|english|English)
@@ -323,7 +337,7 @@ configure_server() {
 
     # Server host
     echo -e "${YELLOW}$(msg 'server_host_hint')${NC}"
-    read -p "$(msg 'server_host_prompt') [${SERVER_HOST}]: " input_host
+    read -p "$(msg 'server_host_prompt') [${SERVER_HOST}]: " input_host < /dev/tty
     if [ -n "$input_host" ]; then
         SERVER_HOST="$input_host"
     fi
@@ -333,7 +347,7 @@ configure_server() {
     # Server port
     echo -e "${YELLOW}$(msg 'server_port_hint')${NC}"
     while true; do
-        read -p "$(msg 'server_port_prompt') [${SERVER_PORT}]: " input_port
+        read -p "$(msg 'server_port_prompt') [${SERVER_PORT}]: " input_port < /dev/tty
         if [ -z "$input_port" ]; then
             # Use default
             break
@@ -483,9 +497,24 @@ download_and_extract() {
 create_user() {
     if id "$SERVICE_USER" &>/dev/null; then
         print_info "$(msg 'user_exists'): $SERVICE_USER"
+        # Fix: Ensure existing user has /bin/sh shell for sudo to work
+        # Previous versions used /bin/false which prevents sudo execution
+        local current_shell
+        current_shell=$(getent passwd "$SERVICE_USER" 2>/dev/null | cut -d: -f7)
+        if [ "$current_shell" = "/bin/false" ] || [ "$current_shell" = "/sbin/nologin" ]; then
+            print_info "Fixing user shell for sudo compatibility..."
+            if usermod -s /bin/sh "$SERVICE_USER" 2>/dev/null; then
+                print_success "User shell updated to /bin/sh"
+            else
+                print_warning "Failed to update user shell. Service restart may not work automatically."
+                print_warning "Manual fix: sudo usermod -s /bin/sh $SERVICE_USER"
+            fi
+        fi
     else
         print_info "$(msg 'creating_user') $SERVICE_USER..."
-        useradd -r -s /bin/false -d "$INSTALL_DIR" "$SERVICE_USER"
+        # Use /bin/sh instead of /bin/false to allow sudo execution
+        # The user still cannot login interactively (no password set)
+        useradd -r -s /bin/sh -d "$INSTALL_DIR" "$SERVICE_USER"
         print_success "$(msg 'user_created')"
     fi
 }
@@ -506,35 +535,6 @@ setup_directories() {
     print_success "$(msg 'dirs_configured')"
 }
 
-# Setup sudoers for service restart
-setup_sudoers() {
-    print_info "$(msg 'setting_up_sudoers')"
-
-    # Check if sudoers file exists in install dir
-    if [ -f "$INSTALL_DIR/sub2api-sudoers" ]; then
-        cp "$INSTALL_DIR/sub2api-sudoers" /etc/sudoers.d/sub2api
-    else
-        # Create sudoers file
-        cat > /etc/sudoers.d/sub2api << 'EOF'
-# Sudoers configuration for Sub2API
-sub2api ALL=(ALL) NOPASSWD: /bin/systemctl restart sub2api
-sub2api ALL=(ALL) NOPASSWD: /bin/systemctl stop sub2api
-sub2api ALL=(ALL) NOPASSWD: /bin/systemctl start sub2api
-EOF
-    fi
-
-    # Set correct permissions (required for sudoers files)
-    chmod 440 /etc/sudoers.d/sub2api
-
-    # Validate sudoers file
-    if visudo -c -f /etc/sudoers.d/sub2api &>/dev/null; then
-        print_success "$(msg 'sudoers_configured')"
-    else
-        print_warning "$(msg 'sudoers_failed')"
-        rm -f /etc/sudoers.d/sub2api
-    fi
-}
-
 # Install systemd service
 install_service() {
     print_info "$(msg 'installing_service')"
@@ -586,13 +586,61 @@ prepare_for_setup() {
     print_success "$(msg 'ready_for_setup')"
 }
 
+# Get public IP address
+get_public_ip() {
+    print_info "$(msg 'getting_public_ip')"
+
+    # Try to get public IP from ipinfo.io
+    local response
+    response=$(curl -s --connect-timeout 5 --max-time 10 "https://ipinfo.io/json" 2>/dev/null)
+
+    if [ -n "$response" ]; then
+        # Extract IP from JSON response using grep and sed (no jq dependency)
+        PUBLIC_IP=$(echo "$response" | grep -o '"ip": *"[^"]*"' | sed 's/"ip": *"\([^"]*\)"/\1/')
+        if [ -n "$PUBLIC_IP" ]; then
+            print_success "Public IP: $PUBLIC_IP"
+            return 0
+        fi
+    fi
+
+    # Fallback to local IP
+    print_warning "$(msg 'public_ip_failed')"
+    PUBLIC_IP=$(hostname -I 2>/dev/null | awk '{print $1}' || echo "YOUR_SERVER_IP")
+    return 1
+}
+
+# Start service
+start_service() {
+    print_info "$(msg 'starting_service')"
+
+    if systemctl start sub2api; then
+        print_success "$(msg 'service_started')"
+        return 0
+    else
+        print_error "$(msg 'service_start_failed')"
+        print_info "sudo journalctl -u sub2api -n 50"
+        return 1
+    fi
+}
+
+# Enable service auto-start
+enable_autostart() {
+    print_info "$(msg 'enabling_autostart')"
+
+    if systemctl enable sub2api 2>/dev/null; then
+        print_success "$(msg 'autostart_enabled')"
+        return 0
+    else
+        print_warning "Failed to enable auto-start"
+        return 1
+    fi
+}
+
 # Print completion message
 print_completion() {
-    local ip_addr
-    ip_addr=$(hostname -I 2>/dev/null | awk '{print $1}' || echo "YOUR_SERVER_IP")
-
+    # Use PUBLIC_IP which was set by get_public_ip()
     # Determine display address
-    local display_host="$ip_addr"
+    local display_host="${PUBLIC_IP:-YOUR_SERVER_IP}"
     if [ "$SERVER_HOST" = "127.0.0.1" ]; then
         display_host="127.0.0.1"
     fi
@@ -606,21 +654,9 @@ print_completion() {
     echo "$(msg 'server_config_summary'): ${SERVER_HOST}:${SERVER_PORT}"
     echo ""
     echo "=============================================="
-    echo "  $(msg 'next_steps')"
+    echo "  $(msg 'step4_open_wizard')"
     echo "=============================================="
     echo ""
-    echo "  1. $(msg 'step1_check_services')"
-    echo "     sudo systemctl status postgresql"
-    echo "     sudo systemctl status redis"
-    echo ""
-    echo "  2. $(msg 'step2_start_service')"
-    echo "     sudo systemctl start sub2api"
-    echo ""
-    echo "  3. $(msg 'step3_enable_autostart')"
-    echo "     sudo systemctl enable sub2api"
-    echo ""
-    echo "  4. $(msg 'step4_open_wizard')"
-    echo ""
     print_info "     http://${display_host}:${SERVER_PORT}"
     echo ""
     echo "     $(msg 'wizard_guide')"
@@ -683,11 +719,11 @@ uninstall() {
     # If not interactive (piped), require -y flag or skip confirmation
     if ! is_interactive; then
         if [ "${FORCE_YES:-}" != "true" ]; then
-            print_error "Non-interactive mode detected. Use 'bash -s -- uninstall -y' to confirm."
+            print_error "Non-interactive mode detected. Use 'curl ... | bash -s -- uninstall -y' to confirm."
             exit 1
         fi
     else
-        read -p "$(msg 'are_you_sure') " -n 1 -r
+        read -p "$(msg 'are_you_sure') " -n 1 -r < /dev/tty
         echo
         if [[ ! $REPLY =~ ^[Yy]$ ]]; then
             print_info "$(msg 'uninstall_cancelled')"
@@ -701,7 +737,6 @@ uninstall() {
 
     print_info "$(msg 'removing_files')"
     rm -f /etc/systemd/system/sub2api.service
-    rm -f /etc/sudoers.d/sub2api
     systemctl daemon-reload
 
     print_info "$(msg 'removing_install_dir')"
@@ -772,8 +807,10 @@ main() {
     create_user
     setup_directories
     install_service
-    setup_sudoers
     prepare_for_setup
+    get_public_ip
+    start_service
+    enable_autostart
     print_completion
 }
 

deploy/sub2api-sudoers

@@ -1,13 +0,0 @@
-# Sudoers configuration for Sub2API
-# This file allows the sub2api service user to restart the service without password
-#
-# Installation:
-#   sudo cp sub2api-sudoers /etc/sudoers.d/sub2api
-#   sudo chmod 440 /etc/sudoers.d/sub2api
-#
-# SECURITY NOTE: This grants limited sudo access only for service management
-
-# Allow sub2api user to restart the service without password
-sub2api ALL=(ALL) NOPASSWD: /bin/systemctl restart sub2api
-sub2api ALL=(ALL) NOPASSWD: /bin/systemctl stop sub2api
-sub2api ALL=(ALL) NOPASSWD: /bin/systemctl start sub2api

frontend/src/api/admin/system.ts

@@ -40,9 +40,42 @@ export async function checkUpdates(force = false): Promise<VersionInfo> {
   return data;
 }
 
+export interface UpdateResult {
+  message: string;
+  need_restart: boolean;
+}
+
+/**
+ * Perform system update
+ * Downloads and applies the latest version
+ */
+export async function performUpdate(): Promise<UpdateResult> {
+  const { data } = await apiClient.post<UpdateResult>('/admin/system/update');
+  return data;
+}
+
+/**
+ * Rollback to previous version
+ */
+export async function rollback(): Promise<UpdateResult> {
+  const { data } = await apiClient.post<UpdateResult>('/admin/system/rollback');
+  return data;
+}
+
+/**
+ * Restart the service
+ */
+export async function restartService(): Promise<{ message: string }> {
+  const { data } = await apiClient.post<{ message: string }>('/admin/system/restart');
+  return data;
+}
+
 export const systemAPI = {
   getVersion,
   checkUpdates,
+  performUpdate,
+  rollback,
+  restartService,
 };
 
 export default systemAPI;

frontend/src/components/common/VersionBadge.vue

@@ -69,8 +69,63 @@
                 </p>
               </div>
 
-              <!-- Update available for source build - show git pull hint -->
-              <div v-if="hasUpdate && !isReleaseBuild" class="space-y-2">
+              <!-- Priority 1: Update error (must check before hasUpdate) -->
+              <div v-if="updateError" class="space-y-2">
+                <div class="flex items-center gap-3 p-3 rounded-lg bg-red-50 dark:bg-red-900/20 border border-red-200 dark:border-red-800/50">
+                  <div class="flex-shrink-0 w-8 h-8 rounded-full bg-red-100 dark:bg-red-900/50 flex items-center justify-center">
+                    <svg class="w-4 h-4 text-red-600 dark:text-red-400" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
+                      <path stroke-linecap="round" stroke-linejoin="round" d="M6 18L18 6M6 6l12 12" />
+                    </svg>
+                  </div>
+                  <div class="flex-1 min-w-0">
+                    <p class="text-sm font-medium text-red-700 dark:text-red-300">{{ t('version.updateFailed') }}</p>
+                    <p class="text-xs text-red-600/70 dark:text-red-400/70 truncate">{{ updateError }}</p>
+                  </div>
+                </div>
+
+                <!-- Retry button -->
+                <button
+                  @click="handleUpdate"
+                  :disabled="updating"
+                  class="w-full flex items-center justify-center gap-2 px-4 py-2 rounded-lg text-sm font-medium text-white bg-red-500 hover:bg-red-600 disabled:opacity-50 disabled:cursor-not-allowed transition-colors"
+                >
+                  {{ t('version.retry') }}
+                </button>
+              </div>
+
+              <!-- Priority 2: Update success - need restart -->
+              <div v-else-if="updateSuccess && needRestart" class="space-y-2">
+                <div class="flex items-center gap-3 p-3 rounded-lg bg-green-50 dark:bg-green-900/20 border border-green-200 dark:border-green-800/50">
+                  <div class="flex-shrink-0 w-8 h-8 rounded-full bg-green-100 dark:bg-green-900/50 flex items-center justify-center">
+                    <svg class="w-4 h-4 text-green-600 dark:text-green-400" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
+                      <path stroke-linecap="round" stroke-linejoin="round" d="M5 13l4 4L19 7" />
+                    </svg>
+                  </div>
+                  <div class="flex-1 min-w-0">
+                    <p class="text-sm font-medium text-green-700 dark:text-green-300">{{ t('version.updateComplete') }}</p>
+                    <p class="text-xs text-green-600/70 dark:text-green-400/70">{{ t('version.restartRequired') }}</p>
+                  </div>
+                </div>
+
+                <!-- Restart button -->
+                <button
+                  @click="handleRestart"
+                  :disabled="restarting"
+                  class="w-full flex items-center justify-center gap-2 px-4 py-2 rounded-lg text-sm font-medium text-white bg-green-500 hover:bg-green-600 disabled:opacity-50 disabled:cursor-not-allowed transition-colors"
+                >
+                  <svg v-if="restarting" class="animate-spin h-4 w-4" fill="none" viewBox="0 0 24 24">
+                    <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                    <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                  </svg>
+                  <svg v-else class="w-4 h-4" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
+                    <path stroke-linecap="round" stroke-linejoin="round" d="M4 4v5h.582m15.356 2A8.001 8.001 0 004.582 9m0 0H9m11 11v-5h-.581m0 0a8.003 8.003 0 01-15.357-2m15.357 2H15" />
+                  </svg>
+                  {{ restarting ? t('version.restarting') : t('version.restartNow') }}
+                </button>
+              </div>
+
+              <!-- Priority 3: Update available for source build - show git pull hint -->
+              <div v-else-if="hasUpdate && !isReleaseBuild" class="space-y-2">
                 <a
                   v-if="releaseInfo?.html_url && releaseInfo.html_url !== '#'"
                   :href="releaseInfo.html_url"
@@ -100,29 +155,53 @@
                 </div>
               </div>
 
-              <!-- Update available for release build - show download link -->
-              <a
-                v-else-if="hasUpdate && isReleaseBuild && releaseInfo?.html_url && releaseInfo.html_url !== '#'"
-                :href="releaseInfo.html_url"
-                target="_blank"
-                rel="noopener noreferrer"
-                class="flex items-center gap-3 p-3 rounded-lg bg-amber-50 dark:bg-amber-900/20 border border-amber-200 dark:border-amber-800/50 hover:bg-amber-100 dark:hover:bg-amber-900/30 transition-colors group"
-              >
-                <div class="flex-shrink-0 w-8 h-8 rounded-full bg-amber-100 dark:bg-amber-900/50 flex items-center justify-center">
-                  <svg class="w-4 h-4 text-amber-600 dark:text-amber-400" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
+              <!-- Priority 4: Update available for release build - show update button -->
+              <div v-else-if="hasUpdate && isReleaseBuild" class="space-y-2">
+                <!-- Update info card -->
+                <div class="flex items-center gap-3 p-3 rounded-lg bg-amber-50 dark:bg-amber-900/20 border border-amber-200 dark:border-amber-800/50">
+                  <div class="flex-shrink-0 w-8 h-8 rounded-full bg-amber-100 dark:bg-amber-900/50 flex items-center justify-center">
+                    <svg class="w-4 h-4 text-amber-600 dark:text-amber-400" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
+                      <path stroke-linecap="round" stroke-linejoin="round" d="M4 16v1a3 3 0 003 3h10a3 3 0 003-3v-1m-4-4l-4 4m0 0l-4-4m4 4V4" />
+                    </svg>
+                  </div>
+                  <div class="flex-1 min-w-0">
+                    <p class="text-sm font-medium text-amber-700 dark:text-amber-300">{{ t('version.updateAvailable') }}</p>
+                    <p class="text-xs text-amber-600/70 dark:text-amber-400/70">v{{ latestVersion }}</p>
+                  </div>
+                </div>
+
+                <!-- Update button -->
+                <button
+                  @click="handleUpdate"
+                  :disabled="updating"
+                  class="w-full flex items-center justify-center gap-2 px-4 py-2 rounded-lg text-sm font-medium text-white bg-primary-500 hover:bg-primary-600 disabled:opacity-50 disabled:cursor-not-allowed transition-colors"
+                >
+                  <svg v-if="updating" class="animate-spin h-4 w-4" fill="none" viewBox="0 0 24 24">
+                    <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                    <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                  </svg>
+                  <svg v-else class="w-4 h-4" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
                     <path stroke-linecap="round" stroke-linejoin="round" d="M4 16v1a3 3 0 003 3h10a3 3 0 003-3v-1m-4-4l-4 4m0 0l-4-4m4 4V4" />
                   </svg>
-                </div>
-                <div class="flex-1 min-w-0">
-                  <p class="text-sm font-medium text-amber-700 dark:text-amber-300">{{ t('version.updateAvailable') }}</p>
-                  <p class="text-xs text-amber-600/70 dark:text-amber-400/70">v{{ latestVersion }}</p>
-                </div>
-                <svg class="w-4 h-4 text-amber-500 dark:text-amber-400 group-hover:translate-x-0.5 transition-transform" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
-                  <path stroke-linecap="round" stroke-linejoin="round" d="M9 5l7 7-7 7" />
-                </svg>
-              </a>
+                  {{ updating ? t('version.updating') : t('version.updateNow') }}
+                </button>
 
-              <!-- GitHub link when up to date -->
+                <!-- View release link -->
+                <a
+                  v-if="releaseInfo?.html_url && releaseInfo.html_url !== '#'"
+                  :href="releaseInfo.html_url"
+                  target="_blank"
+                  rel="noopener noreferrer"
+                  class="flex items-center justify-center gap-1 text-xs text-gray-500 dark:text-dark-400 hover:text-gray-700 dark:hover:text-dark-200 transition-colors"
+                >
+                  {{ t('version.viewChangelog') }}
+                  <svg class="w-3 h-3" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2">
+                    <path stroke-linecap="round" stroke-linejoin="round" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" />
+                  </svg>
+                </a>
+              </div>
+
+              <!-- Priority 5: Up to date - show GitHub link -->
               <a
                 v-else-if="releaseInfo?.html_url && releaseInfo.html_url !== '#'"
                 :href="releaseInfo.html_url"
@@ -155,7 +234,7 @@
 import { ref, computed, onMounted, onBeforeUnmount } from 'vue';
 import { useI18n } from 'vue-i18n';
 import { useAuthStore } from '@/stores';
-import { checkUpdates, type VersionInfo, type ReleaseInfo } from '@/api/admin/system';
+import { checkUpdates, performUpdate, restartService, type VersionInfo, type ReleaseInfo } from '@/api/admin/system';
 
 const { t } = useI18n();
 
@@ -177,6 +256,13 @@ const hasUpdate = ref(false);
 const releaseInfo = ref<ReleaseInfo | null>(null);
 const buildType = ref('source'); // "source" or "release"
 
+// Update process states
+const updating = ref(false);
+const restarting = ref(false);
+const needRestart = ref(false);
+const updateError = ref('');
+const updateSuccess = ref(false);
+
 // Only show update check for release builds (binary/docker deployment)
 const isReleaseBuild = computed(() => buildType.value === 'release');
 
@@ -200,6 +286,10 @@ async function refreshVersion(force = true) {
     // Show update indicator for all build types
     hasUpdate.value = data.has_update;
     releaseInfo.value = data.release_info || null;
+    // Reset update states when refreshing
+    updateError.value = '';
+    updateSuccess.value = false;
+    needRestart.value = false;
   } catch (error) {
     console.error('Failed to check updates:', error);
   } finally {
@@ -207,6 +297,45 @@ async function refreshVersion(force = true) {
   }
 }
 
+async function handleUpdate() {
+  if (updating.value) return;
+
+  updating.value = true;
+  updateError.value = '';
+  updateSuccess.value = false;
+
+  try {
+    const result = await performUpdate();
+    updateSuccess.value = true;
+    needRestart.value = result.need_restart;
+    hasUpdate.value = false;
+  } catch (error: unknown) {
+    const err = error as { response?: { data?: { message?: string } }; message?: string };
+    updateError.value = err.response?.data?.message || err.message || t('version.updateFailed');
+  } finally {
+    updating.value = false;
+  }
+}
+
+async function handleRestart() {
+  if (restarting.value) return;
+
+  restarting.value = true;
+
+  try {
+    await restartService();
+    // Service will restart, page will reload automatically or show disconnected
+  } catch (error) {
+    // Expected - connection will be lost during restart
+    console.log('Service restarting...');
+  }
+
+  // Show restarting state for a while, then reload
+  setTimeout(() => {
+    window.location.reload();
+  }, 3000);
+}
+
 function handleClickOutside(event: MouseEvent) {
   const target = event.target as Node;
   const button = (event.target as Element).closest('button');

frontend/src/i18n/locales/en.ts

@@ -1023,9 +1023,18 @@ export default {
     noReleaseNotes: 'No release notes',
     viewUpdate: 'View Update',
     viewRelease: 'View Release',
+    viewChangelog: 'View Changelog',
     refresh: 'Refresh',
     sourceMode: 'Source Build',
-    sourceModeHint: 'Update detection is disabled for source builds. Use git pull to update.',
+    sourceModeHint: 'Source build, use git pull to update',
+    updateNow: 'Update Now',
+    updating: 'Updating...',
+    updateComplete: 'Update Complete',
+    updateFailed: 'Update Failed',
+    restartRequired: 'Please restart the service to apply the update',
+    restartNow: 'Restart Now',
+    restarting: 'Restarting...',
+    retry: 'Retry',
   },
 
   // User Subscriptions Page

frontend/src/i18n/locales/zh.ts

@@ -1202,9 +1202,18 @@ export default {
     noReleaseNotes: '暂无更新日志',
     viewUpdate: '查看更新',
     viewRelease: '查看发布',
+    viewChangelog: '查看更新日志',
     refresh: '刷新',
     sourceMode: '源码构建',
-    sourceModeHint: '源码构建模式不支持更新检测，请使用 git pull 更新代码。',
+    sourceModeHint: '源码构建请使用 git pull 更新',
+    updateNow: '立即更新',
+    updating: '正在更新...',
+    updateComplete: '更新完成',
+    updateFailed: '更新失败',
+    restartRequired: '请重启服务以应用更新',
+    restartNow: '立即重启',
+    restarting: '正在重启...',
+    retry: '重试',
   },
 
   // User Subscriptions Page

frontend/src/main.ts

@@ -9,4 +9,8 @@ const app = createApp(App)
 app.use(createPinia())
 app.use(router)
 app.use(i18n)
-app.mount('#app')
+
+// 等待路由器完成初始导航后再挂载，避免竞态条件导致的空白渲染
+router.isReady().then(() => {
+  app.mount('#app')
+})