refactor: Cloudflare Tunnel + frp SSH 中转变更

- 新增 cloudflared Docker 服务替代原 Bandwagon frp 方案
- 新增 frpc 转发 Git SSH 到阿里云 VPS
- 为所有服务添加 web entrypoint 路由（兼容 cloudflared HTTP）
- HedgeDoc 添加 X-Forwarded-Proto 中间件修复 CSP 登录问题
- Homepage 添加 xiteng.site 根域名路由
- Gitea 配置 SSH_DOMAIN=git.xiteng.site
- 更新 README 反映当前架构
- .gitignore: frpc.toml / credentials / letsencrypt

uptime-kuma/compose.yml

@@ -8,9 +8,23 @@ services:
     ports:
       - "3001:3001"
     labels:
+      # --- 1. Traefik 路由设置 ---
       - "traefik.enable=true"
-      - "traefik.http.routers.uptime.rule=Host(`uptime.homelab`)"
+      - "traefik.http.routers.uptime.rule=Host(`uptime.xiteng.site`)"
       - "traefik.http.services.uptime.loadbalancer.server.port=3001"
+      - "traefik.http.routers.uptime.entrypoints=websecure"
+      # --- HTTP 入口（来自 cloudflared tunnel）---
+      - "traefik.http.routers.uptime-http.rule=Host(`uptime.xiteng.site`)"
+      - "traefik.http.routers.uptime-http.service=uptime"
+      - "traefik.http.routers.uptime-http.entrypoints=web"
+      - "traefik.http.routers.uptime.tls=true"
+      - "traefik.http.routers.uptime.tls.certresolver=cfresolver"
+      # --- 2. Homepage 自动发现设置 ---
+      - "homepage.group=生产力工具"             # 分组名称
+      - "homepage.name=Uptime Kuma"               # 显示名称
+      - "homepage.icon=uptime"               # 图标 (支持 si, mdi 等前缀)
+      - "homepage.href=https://uptime.xiteng.site" # 点击跳转的链接
+      - "homepage.description=网站监控工具" # 副标题描述
     networks:
       - homelab_net