diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index 40dae2c..e26ab4d 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -35,13 +35,19 @@ jobs:
           cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.APP_NAME }}:buildcache
           cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.APP_NAME }}:buildcache,mode=max
 
-      # 4. 你原来的 SSH 部署步骤不变
+      # 4. 核心修改：先上传deploy.yaml到K3s服务器，再执行kubectl
       - name: SSH部署K3s
-        run: |
+        run:
           mkdir -p ~/.ssh
           echo "${{ secrets.K3S_PEM_KEY }}" > k3s.pem
           chmod 600 k3s.pem
+          # 关键1：把Gitea仓库里的deploy.yaml上传到K3s服务器临时目录（/tmp）
+          # 注意：如果你的deploy.yaml不在仓库根目录，要修改./deploy.yaml为实际路径
+          scp -i k3s.pem -o StrictHostKeyChecking=no ./deploy.yaml root@${K3S_HOST}:/tmp/
+          # 关键2：执行kubectl时指向临时目录的文件，而非不存在的/k8s/
           ssh -i k3s.pem -o StrictHostKeyChecking=no root@${K3S_HOST} << CMD
-            kubectl apply -f /k8s/deploy.yaml
-            kubectl rollout restart deployment ${APP_NAME}
+            kubectl apply -f /tmp/deploy.yaml
+            kubectl rollout restart deployment ${APP_NAME} -n default
+            # 可选：部署完成后删除临时文件，清理服务器
+            rm -f /tmp/deploy.yaml
           CMD
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 51c1ee2..e8b6670 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -30,6 +30,6 @@ COPY ngnix.conf /etc/nginx/conf.d/default.conf
 # 复制SSL证书
 COPY ssl/* /etc/nginx/ssl/
 
-EXPOSE 80 443
+EXPOSE 443
 
 CMD ["nginx", "-g", "daemon off;"]