记录一次部署cloudflare temp email 遇到的问题

很多配置需要提前获取/配置，比如resend的token相关、cloudflare的验证码、tgbot的token、用来发信的kv。基本是不能第一次就配置完全的，查漏补缺，跟文档慢慢来吧。

name = "cloudflare_temp_email"
main = "src/worker.ts"
compatibility_date = "2025-04-01"
compatibility_flags = [ "nodejs_compat" ]
# if you want use custom_domain, you need to add routes
routes = [
   { pattern = "temp-email-api.example.com", custom_domain = true },
]

# if you want deploy worker with frontend assets, you need to add assets
# [assets]
# directory = "../frontend/dist/"
# binding = "ASSETS"
# run_worker_first = true

# enable cron if you want set auto clean up
# [triggers]
# crons = [ "0 0 * * *" ]

# 通过 Cloudflare 发送邮件
send_email = [
   { name = "SEND_MAIL" },
]

[vars]
DEFAULT_LANG = "zh"
TITLE = "临时邮箱" # custom title
ANNOUNCEMENT = ""
# 邮箱名称前缀，不需要后缀可配置为空字符串或者不配置
PREFIX = "tmp"
# resend.com密钥
RESEND_TOKEN_EXAMPLE1_COM = "resend token 1"
RESEND_TOKEN_EXAMPLE2_COM = "re_send_token2"
# address check REGEX, if not set, will not check
ADDRESS_CHECK_REGEX = "^(?!.*admin).*"
# address name replace REGEX, if not set, the default is [^a-z0-9]
ADDRESS_REGEX = "[^a-z0-9.-]"  # 我添加了允许-和.
# (min, max) length of the adderss, if not set, the default is (1, 30)
MIN_ADDRESS_LEN = 4
MAX_ADDRESS_LEN = 20
# IF YOU WANT TO MAKE YOUR SITE PRIVATE, UNCOMMENT THE FOLLOWING LINES
# PASSWORDS = ["123", "456"]
# For admin panel
# ADMIN_PASSWORDS = ["admin password"]  # 建议第一次登录时开启，用来给一个用户设置admin权限
# warning: no password or user check for admin portal
DISABLE_ADMIN_PASSWORD_CHECK = false
# ADMIN CONTACT, CAN BE ANY STRING
ADMIN_CONTACT = "support@ikun.li"
DEFAULT_DOMAINS = ["yourdomain1.com" , "yourdomain.com"] # domain name for no role users
DOMAINS = ["yourdomain1.com" , "yourdomain.com"]  # all domain names
# For chinese domain name, you can use DOMAIN_LABELS to show chinese domain name
# DOMAIN_LABELS = ["中文.xxx", "xxx.xxx2"]
USER_DEFAULT_ROLE = "vip" # default role for new users(only when enable mail verification)
ADMIN_USER_ROLE = "admin" # the role which can access admin panel
# User roles configuration, if domains is empty will use default_domains, if prefix is null will use default prefix, if prefix is empty string will not use prefix
USER_ROLES = [
   { domains = ["yourdomain1.com" , "yourdomain.com"], role = "vip", prefix = "" },
   { domains = ["yourdomain1.com" , "yourdomain.com"], role = "admin", prefix = "" },
]
JWT_SECRET = "changeme to a long secret"
BLACK_LIST = "gov.cn,edu.cn"
# Allow users to create email addresses
ENABLE_USER_CREATE_EMAIL = true
# Disable anonymous user create email, if set true, users can only create email addresses after logging in
DISABLE_ANONYMOUS_USER_CREATE_EMAIL = false
# Allow users to delete messages
ENABLE_USER_DELETE_EMAIL = true
# Allow automatic replies to emails
ENABLE_AUTO_REPLY = false
# Allow webhook
ENABLE_WEBHOOK = false
# Footer text
COPYRIGHT = ""
DISABLE_SHOW_GITHUB = true
# default send balance, if not set, it will be 0
DEFAULT_SEND_BALANCE = 2
# the role which can send emails without limit, multiple roles can be separated by ,
NO_LIMIT_SEND_ROLE = "admin"
# Turnstile verification
CF_TURNSTILE_SITE_KEY = "your key"
CF_TURNSTILE_SECRET_KEY = "your key"
# telegram bot
TG_MAX_ADDRESS = 5
TELEGRAM_BOT_TOKEN = "your tg bot token"
# telegram bot info, predefined bot info can reduce latency of the webhook
TG_BOT_INFO = "{}"
# global forward address list, if set, all emails will be forwarded to these addresses
# FORWARD_ADDRESS_LIST = ["xxx@xxx.com"]
# Frontend URL
FRONTEND_URL = "https://mail.yourdomain.com"
# Enable check junk mail
ENABLE_CHECK_JUNK_MAIL = true
# junk mail check list, if status exists and status is not pass, will be marked as junk mail
# JUNK_MAIL_CHECK_LIST = = ["spf", "dkim", "dmarc"]
# junk mail force check pass list, if no status or status is not pass, will be marked as junk mail
JUNK_MAIL_FORCE_PASS_LIST = ["spf", "dkim", "dmarc"]
# remove attachment if size exceed 2MB, mail maybe mising some information due to parsing
REMOVE_EXCEED_SIZE_ATTACHMENT = true
# remove all attachment, mail maybe mising some information due to parsing
REMOVE_ALL_ATTACHMENT = true
# Calling other woker to process email
ENABLE_ANOTHER_WORKER = true
ANOTHER_WORKER_LIST = """
[
   {
       "binding":"AUTH_INBOX",
       "method":"rpcEmail",
       "keywords":[
           "验证码","激活码","激活链接","确认链接","验证邮箱","确认邮件","账号激活","邮件验证","账户确认","安全码","认证码","安全验证","登陆码","确认码","启用账户","激活账户","账号验证","注册确认",
           "account","activation","verify","verification","activate","confirmation","email","code","validate","registration","login","code","expire","confirm"
       ]
   }
]
"""

[[d1_databases]]
binding = "DB"
database_name = "tempmail"
database_id = "your-database-id"

# kv config for send email verification code
[[kv_namespaces]]
binding = "KV"
id = "your kv id"

# ratelimit config for /api/new_address
[[unsafe.bindings]]
name = "RATE_LIMITER"
type = "ratelimit"
namespace_id = "1001"
# 10 requests per minute
simple = { limit = 2, period = 300 }

# binding another worker service (parse the code or link), e.g. auth-inbox
# [[services]]
# binding = "AUTH_INBOX"
# service = "auth-inbox"