translate chinese comment into english

backend/docker/Dockerfile

@@ -1,27 +1,27 @@
-# 使用 Ubuntu 20.04 镜像作为基础
+# Use Ubuntu 20.04 image as base
 FROM ubuntu:20.04
 
-# 设置环境变量，以避免交互式安装
+# Set environment variables to avoid interactive installation
 ENV DEBIAN_FRONTEND=noninteractive
 
-# 设置清华大学软件源
+# Set Tsinghua University software source
 RUN sed -i 's/archive.ubuntu.com/mirrors.tuna.tsinghua.edu.cn/g' /etc/apt/sources.list
 
 RUN apt-get update && apt-get install -y tzdata
 
-# 设置上海时区
+# Set Shanghai time zone
 RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
 
-# 安装 certbot nginx
+# Install certbot nginx
 RUN apt install -y certbot python3-certbot-nginx
 
-# TURN服务器
+# TURN server
 RUN apt-get install -y vim coturn
 
-# redis服务
+# redis service
 RUN apt-get install -y redis-server
 
-# 安装nodejs 20
+# Install nodejs 20
 RUN apt-get install -y curl
 
 # node.js

backend/docker/Nginx/configure.sh

@@ -1,43 +1,43 @@
 #!/bin/bash
 
-# 定义必需的环境变量
+# Define required environment variables
 declare -A required_vars=(
-    ["NGINX_SERVER_NAME"]="Nginx服务器域名"
-    ["NGINX_SSL_CERT"]="SSL证书路径"
-    ["NGINX_SSL_KEY"]="SSL密钥路径"
-    ["NGINX_FRONTEND_ROOT"]="前端构建文件路径"
-    ["BACKEND_PORT"]="后端服务端口"
+    ["NGINX_SERVER_NAME"]="Nginx server domain"
+    ["NGINX_SSL_CERT"]="SSL certificate path"
+    ["NGINX_SSL_KEY"]="SSL key path"
+    ["NGINX_FRONTEND_ROOT"]="Frontend build file path"
+    ["BACKEND_PORT"]="Backend service port"
 )
 
-# 验证环境变量
+# Validate environment variables
 validate_env_vars() {
     local missing_vars=()
     local env_file=$1
 
-    echo "正在验证 Nginx 环境变量配置..."
+    echo "Verifying Nginx environment variable configuration..."
 
-    # 加载环境变量
+    # Load environment variables
     source "$env_file"
 
-    # 检查必需变量
+    # Check required variables
     for var in "${!required_vars[@]}"; do
         if [ -z "${!var}" ]; then
             missing_vars+=("$var (${required_vars[$var]})")
         fi
     done
 
-    # 如果有缺失的变量，显示错误信息并退出
+    # If there are missing variables, display an error message and exit
     if [ ${#missing_vars[@]} -ne 0 ]; then
-        echo "错误: 以下必需的 Nginx 变量未设置:"
+        echo "Error: The following required Nginx variables are not set:"
         printf '%s\n' "${missing_vars[@]}" | sed 's/^/  - /'
-        echo "请在 $env_file 中设置这些变量后重试。"
+        echo "Please set these variables in $env_file and try again."
         exit 1
     fi
 
-    echo "Nginx 生产环境变量验证通过！"
+    echo "Nginx production environment variables verified successfully!"
 }
 
-# 检查参数
+# Check parameters
 if [ -z "$1" ]; then
     echo "Usage: $0 <env_file_path>"
     exit 1
@@ -47,19 +47,19 @@ ENV_FILE=$1
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 echo "Nginx path: $SCRIPT_DIR"
 
-# 检查环境变量文件是否存在
+# Check if the environment variable file exists
 if [ ! -f "$ENV_FILE" ]; then
     echo "Error: Environment file $ENV_FILE not found"
     exit 1
 fi
 
-# 验证环境变量
+# Validate environment variables
 validate_env_vars "$ENV_FILE"
 
-# 读取环境变量
+# Read environment variables
 source "$ENV_FILE"
 
-# 配置Nginx
+# Configure Nginx
 configure_nginx() {
     echo "Configuring Nginx..."
     
@@ -67,21 +67,21 @@ configure_nginx() {
     echo "reading $NGINX_TEMPLATE ..."
     TEMP_NGINX=$(mktemp)
 
-    # 读取模板并替换变量
+    # Read the template and replace variables
     while IFS= read -r line || [ -n "$line" ]; do
-        # 替换server_name
+        # Replace server_name
         if [[ $line =~ ^[[:space:]]*server_name[[:space:]]+ ]]; then
             echo "    server_name $NGINX_SERVER_NAME www.$NGINX_SERVER_NAME;"
-        # 替换SSL证书路径
+        # Replace SSL certificate path
         elif [[ $line =~ ^[[:space:]]*ssl_certificate[[:space:]]+ ]]; then
             echo "    ssl_certificate $NGINX_SSL_CERT;"
-        # 替换SSL密钥路径
+        # Replace SSL key path
         elif [[ $line =~ ^[[:space:]]*ssl_certificate_key[[:space:]]+ ]]; then
             echo "    ssl_certificate_key $NGINX_SSL_KEY;"
-        # 精确匹配前端构建路径设置行
+        # Exactly match the frontend build path setting line
         elif [[ $line =~ ^[[:space:]]*set[[:space:]]+\$frontend_build_root[[:space:]]+ ]]; then
             echo "    set \$frontend_build_root $NGINX_FRONTEND_ROOT;"
-        # 简单替换端口号
+        # Simple port number replacement
         elif [[ $line =~ localhost:3001 ]]; then
             echo "${line/localhost:3001/localhost:$BACKEND_PORT}"
         else
@@ -89,16 +89,16 @@ configure_nginx() {
         fi
     done < "$NGINX_TEMPLATE" > "$TEMP_NGINX"
 
-    # 复制配置文件到目标位置
+    # Copy the configuration file to the target location
     cp "$TEMP_NGINX" /etc/nginx/sites-available/
     # cp "$TEMP_NGINX" default_temp
     rm "$TEMP_NGINX"
 }
 
-# 执行配置
+# Execute configuration
 configure_nginx
 
-# 测试Nginx配置
+# Test Nginx configuration
 cp nginx.conf /etc/nginx
 nginx -t
 

backend/docker/Nginx/default

@@ -1,59 +1,59 @@
 server {
-    # 将 HTTP 重定向到 HTTPS
+    # Redirect HTTP to HTTPS
     listen 80;
     server_name YourDomain www.YourDomain;
     return 301 https://$server_name$request_uri;
 }
 
 server {
-    listen 443 ssl http2;      # 监听 TCP 端口 443，支持 HTTP/2 和 SSL
-    listen 443 quic reuseport; # 监听 UDP 端口 443，用于 QUIC 和 HTTP/3
-    # 'reuseport' 允许多个 worker 进程共享同一个端口，推荐用于 QUIC
+    listen 443 ssl http2;      # Listen on TCP port 443, supporting HTTP/2 and SSL
+    listen 443 quic reuseport; # Listen on UDP port 443 for QUIC and HTTP/3
+    # 'reuseport' allows multiple worker processes to share the same port, recommended for QUIC
 
-    # 确保 SSL 协议至少包含 TLSv1.3，因为 HTTP/3 要求 TLSv1.3
-    ssl_protocols TLSv1.3 TLSv1.2; # 确保 TLSv1.3 在前面
+    # Ensure that the SSL protocol includes at least TLSv1.3, as HTTP/3 requires TLSv1.3
+    ssl_protocols TLSv1.3 TLSv1.2; # Make sure TLSv1.3 is at the front
 
-    # 添加 HTTP/3 特定的头部，告知浏览器 HTTP/3 可用
-    # Alt-Svc (Alternative Service) 头部
-    # h3=":443" 表示 HTTP/3 在当前域名和 443 端口上可用
-    # ma=86400 表示这个信息缓存 24 小时 (86400 秒)
+    # Add HTTP/3 specific headers to inform the browser that HTTP/3 is available
+    # Alt-Svc (Alternative Service) header
+    # h3=":443" indicates that HTTP/3 is available on the current domain and port 443
+    # ma=86400 means this information is cached for 24 hours (86400 seconds)
     add_header Alt-Svc 'h3=":443"; ma=86400';
 
-    # (可选，但推荐) 启用 0-RTT 数据，可以进一步减少延迟
-    # 需要客户端和服务器都支持
+    # (Optional, but recommended) Enable 0-RTT data to further reduce latency
+    # Requires support from both client and server
     ssl_early_data on;
 
     server_name YourDomain www.YourDomain;
 
-    # SSL 配置
+    # SSL Configuration
     ssl_certificate path/to/your/certFile;
     ssl_certificate_key path/to/your/privkeyFile;
     
-    # SSL 优化
+    # SSL Optimization
     ssl_session_timeout 1d;
     ssl_session_cache shared:SSL:50m;
     ssl_session_tickets off;
 
-    # 现代配置
+    # Modern Configuration
     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
     ssl_prefer_server_ciphers off;
 
-    # HSTS (谨慎启用)
+    # HSTS (Enable with caution)
     # add_header Strict-Transport-Security "max-age=63072000" always;
     
-    # 定义前端构建产物在容器内的根路径
-    # !!! 重要: 请将此路径修改为您的前端项目构建后在Nginx容器内的实际路径 !!!
+    # Define the root path of the frontend build artifacts inside the container
+    # !!! Important: Please modify this path to the actual path of your frontend project build inside the Nginx container !!!
     set $frontend_build_root path/to/your/frontend_build_root;
 
-    # 1. 优先处理 Next.js 的核心静态资源 (_next/static)
+    # 1. Prioritize handling of Next.js core static resources (_next/static)
     location /_next/static/ {
         alias $frontend_build_root/.next/static/;
-        expires 365d;             # 长时间缓存
-        access_log off;           # 关闭此路径的访问日志
-        add_header Cache-Control "public"; # 明确告知浏览器可以公开缓存
+        expires 365d;             # Long-term cache
+        access_log off;           # Disable access log for this path
+        add_header Cache-Control "public"; # Explicitly inform the browser that it can be cached publicly
     }
 
-    # WebSocket 信令服务器配置
+    # WebSocket signaling server configuration
     location /socket.io/ {
         proxy_pass http://localhost:3001/socket.io/;
         proxy_http_version 1.1;
@@ -64,59 +64,59 @@ server {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
         
-        # CORS 配置
+        # CORS Configuration
         add_header 'Access-Control-Allow-Origin' '*' always;
         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
         add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
 
-        # WebSocket 相关优化
+        # WebSocket related optimizations
         proxy_read_timeout 86400;     # 24h
         proxy_send_timeout 86400;     # 24h
         proxy_connect_timeout 7d;
         proxy_buffering off;
     }
-    # 后端API地址--转发
+    # Backend API address -- forward
     location /api/ {
-        proxy_pass http://localhost:3001/api/; # 后端API地址--转发
+        proxy_pass http://localhost:3001/api/; # Backend API address -- forward
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
 
-        # 修改 CORS 配置，只设置一个 Origin
+        # Modify CORS configuration, only set one Origin
         add_header Access-Control-Allow-Origin "https://www.securityshare.xyz" always;
         add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
         add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" always;
         add_header Access-Control-Allow-Credentials "true" always;
         
     }
-    # Next.js 图片优化服务 (通常由 Next.js 应用处理)
+    # Next.js Image Optimization Service (usually handled by the Next.js application)
     location /_next/image {
-        proxy_pass http://localhost:3000; # 指向 Next.js 应用
+        proxy_pass http://localhost:3000; # Point to the Next.js application
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection 'upgrade';
         proxy_set_header Host $host;
         proxy_cache_bypass $http_upgrade;
     }
-    # 2. 处理 public 目录下的静态文件和 Next.js 动态请求
-    #    这个 location 应该在特定代理 (如 /api/, /socket.io/) 之后，
-    #    但在 /_next/static/ 之前或之后都可以，因为它们匹配不同的路径。
-    #    为了清晰，我们把它放在这里。
+    # 2. Handle static files under the public directory and Next.js dynamic requests
+    #    This location should be after specific proxies (like /api/, /socket.io/),
+    #    but it can be before or after /_next/static/ because they match different paths.
+    #    For clarity, we put it here.
     location / {
-        # root 指向 public 目录的父目录，即前端构建产物的根目录
+        # root points to the parent directory of the public directory, which is the root directory of the frontend build artifacts
         root $frontend_build_root/public;
 
-        # 尝试按顺序查找文件:
-        # 1. $uri: 作为 public 目录下的文件 (例如 /image.png -> $frontend_build_root/public/image.png)
-        # 2. $uri/: 作为 public 目录下的目录 (通常不直接用于 Next.js public 文件)
-        # 3. @nextjs: 如果以上都未找到，则将请求传递给 Next.js 应用处理
+        # Try to find files in order:
+        # 1. $uri: as a file in the public directory (e.g., /image.png -> $frontend_build_root/public/image.png)
+        # 2. $uri/: as a directory in the public directory (not typically used for Next.js public files)
+        # 3. @nextjs: If none of the above are found, pass the request to the Next.js application for processing
         try_files $uri $uri/ @nextjs_app;
     }
-    # 命名 location, 用于将请求代理到 Next.js 应用
+    # Named location, used to proxy requests to the Next.js application
     location @nextjs_app {
-        proxy_pass http://localhost:3000; # 指向 Next.js 应用
+        proxy_pass http://localhost:3000; # Point to the Next.js application
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection 'upgrade';

backend/docker/Nginx/nginx.conf

@@ -1,6 +1,6 @@
-#运行用户,需要给文件目录访问权限
+# The user that nginx runs as, needs file directory access permissions
 user root;
-#启动进程,通常设置成和cpu的数量相等
+# The number of worker processes, usually set to be equal to the number of CPUs
 # worker_processes  1;
 worker_processes auto;
 pid /run/nginx.pid;

backend/docker/Nginx/renew_ssl.sh

@@ -1,44 +1,44 @@
 #!/bin/bash
-# 证书监控续期脚本--自动检查，如果少于30天则续期, 手动执行：
+# Certificate monitoring and renewal script--auto-checks, and renews if less than 30 days, manual execution:
 # cd path/to/privydrop/backend/docker/Nginx && bash renew_ssl.sh
-# crontab 自动任务
+# crontab automatic task
 # chmod +x path/to/privydrop/backend/docker/Nginx/renew_ssl.sh
-# crontab -e 打开编辑器
+# crontab -e open editor
 # 0 0 * * * bash path/to/privydrop/backend/docker/Nginx/renew_ssl.sh >> path/to/log/certbot-renew.log 2>&1
 
-# 首先切换到脚本所在目录
+# First switch to the script directory
 cd "$(dirname "$(readlink -f "$0")")" || exit 1
 
-# 定义证书目录
+# Define certificate directory
 CERTBOT_DIR="/etc/letsencrypt/live"
 
-# 遍历所有证书
+# Iterate over all certificates
 for CERT_PATH in "$CERTBOT_DIR"/*/fullchain.pem; do
-    # 获取域名
+    # Get domain name
     DOMAIN=$(basename "$(dirname "$CERT_PATH")")
     
-    # 检查证书有效期
+    # Check certificate validity
     DAYS_REMAINING=$(openssl x509 -enddate -noout -in "$CERT_PATH" | cut -d= -f2 | xargs -I{} date -d "{}" +%s)
     NOW=$(date +%s)
     DAYS=$(( ($DAYS_REMAINING - $NOW) / 86400 ))
 
     echo "Domain: $DOMAIN, Days left: $DAYS days"
 
-    # 如果剩余时间少于 30 天，自动续期
+    # If the remaining time is less than 30 days, renew automatically
     if [ $DAYS -lt 30 ]; then
         echo "Warning: Certificate for $DOMAIN will expire in $DAYS days. Renewing..."
-        # 运行续期命令之前要解除80端口占用--暂停ngnix
+        # Before running the renewal command, release port 80 -- stop nginx
         sudo bash stop_clean-log.sh
-        # 使用 Certbot 自动续期
+        # Use Certbot for automatic renewal
         sudo certbot renew --force-renewal --cert-name "$DOMAIN"
         
-        # 检查续期是否成功
+        # Check if renewal was successful
         if [ $? -eq 0 ]; then
             echo "Renewal successful for $DOMAIN"
         else
             echo "Failed to renew certificate for $DOMAIN"
         fi
-        # 启动ngnix
+        # Start nginx
         sudo bash configure.sh ../../.env.production.local
     fi
 done

backend/docker/TURN/configure.sh

@@ -1,57 +1,57 @@
 #!/bin/bash
 
-# 定义必需的环境变量
+# Define required environment variables
 declare -A required_vars=(
-    ["TURN_EXTERNAL_IP"]="TURN服务器外部IP地址"
-    ["TURN_REALM"]="TURN服务器域名"
-    ["TURN_USERNAME"]="TURN服务器用户名"
-    ["TURN_PASSWORD"]="TURN服务器密码"
+    ["TURN_EXTERNAL_IP"]="TURN server external IP address"
+    ["TURN_REALM"]="TURN server realm"
+    ["TURN_USERNAME"]="TURN server username"
+    ["TURN_PASSWORD"]="TURN server password"
 )
 
-# 生产环境额外的必需变量
+# Additional required variables for production environment
 production_vars=(
     "TURN_CERT_PATH"
     "TURN_KEY_PATH"
 )
 
-# 验证环境变量
+# Validate environment variables
 validate_env_vars() {
     local missing_vars=()
     local env_file=$1
 
-    echo "正在验证 TURN 服务器环境变量配置..."
+    echo "Verifying TURN server environment variable configuration..."
 
-    # 加载环境变量
+    # Load environment variables
     source "$env_file"
 
-    # 检查基本必需变量
+    # Check basic required variables
     for var in "${!required_vars[@]}"; do
         if [ -z "${!var}" ]; then
             missing_vars+=("$var (${required_vars[$var]})")
         fi
     done
 
-    # 如果是生产环境，检查额外的必需变量
+    # If it is a production environment, check additional required variables
     if [[ "$NODE_ENV" == "production" ]]; then
         for var in "${production_vars[@]}"; do
             if [ -z "${!var}" ]; then
-                missing_vars+=("$var (生产环境必需)")
+                missing_vars+=("$var (Required for production)")
             fi
         done
     fi
 
-    # 如果有缺失的变量，显示错误信息并退出
+    # If there are missing variables, display an error message and exit
     if [ ${#missing_vars[@]} -ne 0 ]; then
-        echo "错误: 以下必需的 TURN 服务器变量未设置:"
+        echo "Error: The following required TURN server variables are not set:"
         printf '%s\n' "${missing_vars[@]}" | sed 's/^/  - /'
-        echo "请在 $env_file 中设置这些变量后重试。"
+        echo "Please set these variables in $env_file and try again."
         exit 1
     fi
 
-    echo "TURN 服务器环境变量验证通过！"
+    echo "TURN server environment variables verified successfully!"
 }
 
-# 检查参数
+# Check parameters
 if [ -z "$1" ]; then
     echo "Usage: $0 <env_file_path>"
     exit 1
@@ -60,45 +60,45 @@ fi
 ENV_FILE=$1
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 
-# 检查环境变量文件是否存在
+# Check if the environment variable file exists
 if [ ! -f "$ENV_FILE" ]; then
     echo "Error: Environment file $ENV_FILE not found"
     exit 1
 fi
 
-# 验证环境变量
+# Validate environment variables
 validate_env_vars "$ENV_FILE"
 
-# 读取环境变量
+# Read environment variables
 source "$ENV_FILE"
 
 echo "Configuring TURN server..."
 
-# 确定使用哪个配置模板
+# Determine which configuration template to use
 if [[ "$NODE_ENV" == "development" ]]; then
     TEMPLATE_FILE="$SCRIPT_DIR/turnserver_development.conf"
 else
     TEMPLATE_FILE="$SCRIPT_DIR/turnserver_production.conf"
 fi
 
-# 创建临时配置文件
+# Create a temporary configuration file
 TEMP_CONF=$(mktemp)
 
-# 读取模板并替换变量
+# Read the template and replace variables
 while IFS= read -r line || [ -n "$line" ]; do
-    # 替换external-ip
+    # Replace external-ip
     if [[ $line =~ ^external-ip= ]]; then
         echo "external-ip=$TURN_EXTERNAL_IP"
-    # 替换realm
+    # Replace realm
     elif [[ $line =~ ^realm= ]]; then
         echo "realm=$TURN_REALM"
-    # 替换user credentials
+    # Replace user credentials
     elif [[ $line =~ ^user= ]]; then
         echo "user=$TURN_USERNAME:$TURN_PASSWORD"
-    # 替换证书路径
+    # Replace certificate path
     elif [[ $line =~ ^cert= ]]; then
         echo "cert=$TURN_CERT_PATH"
-    # 替换密钥路径
+    # Replace key path
     elif [[ $line =~ ^pkey= ]]; then
         echo "pkey=$TURN_KEY_PATH"
     else
@@ -107,13 +107,13 @@ while IFS= read -r line || [ -n "$line" ]; do
 done < "$TEMPLATE_FILE" > "$TEMP_CONF"
 
 # cp "$TEMP_CONF" turnserver.conf
-# 使用sudo复制配置文件到目标位置
+# Use sudo to copy the configuration file to the target location
 cp "$TEMP_CONF" /etc/turnserver.conf
 
-# # 删除临时文件
+# Delete temporary file
 rm "$TEMP_CONF"
 
-# # 重启TURN服务器
+# Restart the TURN server
 service coturn restart
 
 echo "TURN server configuration has been updated and service restarted."

backend/docker/TURN/turnserver_development.conf

@@ -1,45 +1,45 @@
 # /etc/turnserver.conf
 
-# 监听所有接口
+# Listen on all interfaces
 listening-ip=0.0.0.0
 
-# 使用你的服务器公网IP
+# Use your server's public IP
 external-ip=YourServerPublicIP
 
-# TURN 服务器端口
+# TURN server port
 listening-port=3478
-# 启用 TLS--TURNS（加密的 TURN）
+# Enable TLS -- TURNS (encrypted TURN)
 #tls-listening-port=5349
 
-# 中继端口范围
+# Relay port range
 min-port=49152
 max-port=65535
 
-# 长期证书机制
+# Long-term certificate mechanism
 lt-cred-mech
 
-# TURN 服务器域名（如果有的话） IP or YourTURNDomain
+# TURN server domain (if any) IP or YourTURNDomain
 # realm=YourTURNDomain
 realm=YourServerPublicIP
 
-# TURN 服务器证书和密钥（用于TLS） 开发环境可以不用证书
+# TURN server certificate and key (for TLS) certificates are not required in the development environment
 # cert=/etc/letsencrypt/live/turn.securityshare.xyz/fullchain.pem
 # pkey=/etc/letsencrypt/live/turn.securityshare.xyz/privkey.pem
 
-# 用户名和密码（在生产环境中应使用更安全的方法）
+# Username and password (a more secure method should be used in a production environment)
 user=UserName:PassWord
 
-# 启用详细日志
+# Enable verbose logging
 verbose
 
-# 允许回环地址
+# Allow loopback addresses
 # allow-loopback-peers
 
-# 设置最大带宽（字节/秒）
+# Set maximum bandwidth (bytes/second)
 # max-bandwidth=0
 
-# 禁用 TLS
+# Disable TLS
 # no-tls
 
-# 禁用 DTLS
+# Disable DTLS
 # no-dtls

backend/docker/TURN/turnserver_production.conf

@@ -1,45 +1,45 @@
 # /etc/turnserver.conf
 
-# 监听所有接口
+# Listen on all interfaces
 listening-ip=0.0.0.0
 
-# 使用你的服务器公网IP
+# Use your server's public IP
 external-ip=YourServerPublicIP
 
-# TURN 服务器端口
+# TURN server port
 listening-port=3478
-# 启用 TLS--TURNS（加密的 TURN）
+# Enable TLS -- TURNS (encrypted TURN)
 tls-listening-port=5349
 
-# 中继端口范围
+# Relay port range
 min-port=49152
 max-port=65535
 
-# 长期证书机制
+# Long-term certificate mechanism
 lt-cred-mech
 
-# TURN 服务器域名（如果有的话） IP or YourTURNDomain
+# TURN server domain (if any) IP or YourTURNDomain
 # realm=YourServerPublicIP
 realm=YourTURNDomain
 
-# TURN 服务器证书和密钥（用于TLS）
+# TURN server certificate and key (for TLS)
 cert=path/to/your/certFile
 pkey=path/to/your/privkeyFile
 
-# 用户名和密码（在生产环境中应使用更安全的方法）
+# Username and password (a more secure method should be used in a production environment)
 user=UserName:PassWord
 
-# 启用详细日志
+# Enable verbose logging
 verbose
 
-# 允许回环地址
+# Allow loopback addresses
 # allow-loopback-peers
 
-# 设置最大带宽（字节/秒）
+# Set maximum bandwidth (bytes/second)
 # max-bandwidth=0
 
-# 禁用 TLS
+# Disable TLS
 # no-tls
 
-# 禁用 DTLS
+# Disable DTLS
 # no-dtls

backend/docker/env_install.log

@@ -16,35 +16,35 @@ sudo apt-get update
 sudo apt install -y nodejs
 sudo npm install -g pnpm
 
-# 安装Nginx (支持 HTTP/3，Ubuntu 示例)
-参考: https://nginx.org/en/linux_packages.html#Ubuntu
+# Install Nginx (with HTTP/3 support, Ubuntu example)
+Reference: https://nginx.org/en/linux_packages.html#Ubuntu
 
-1.  **安装先决条件：**
+1.  **Install prerequisites:**
     
     sudo apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring
     
-2.  **导入 Nginx 签名密钥：**
+2.  **Import Nginx signing key:**
     
     curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
      | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
     
-3.  **验证密钥：**
+3.  **Verify the key:**
     
     gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
-    # 期望指纹: 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
+    # Expected fingerprint: 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
     
-4.  **为稳定版 Nginx 包设置 apt 仓库：**
+4.  **Set up the apt repository for stable Nginx packages:**
     
     echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
     http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
      | sudo tee /etc/apt/sources.list.d/nginx.list
     
-5.  **设置仓库 pinning：**
+5.  **Set up repository pinning:**
     
     echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
      | sudo tee /etc/apt/preferences.d/99nginx
     
-6.  **安装 Nginx：**
+6.  **Install Nginx:**
     
     sudo apt update
     sudo apt install nginx