From 4950ccf4ec5c336edfd8dc71e8dbb0aeb9175f36 Mon Sep 17 00:00:00 2001 From: pluto <83957921+plutoyty@users.noreply.github.com> Date: Thu, 3 Aug 2023 16:04:35 +0800 Subject: [PATCH] nginx minio configuration picture can not be sent (#763) * fix-bug-762 * update * example --- config/open-im-ng-example.conf | 112 +++++++++++++++++++++++---------- 1 file changed, 78 insertions(+), 34 deletions(-) diff --git a/config/open-im-ng-example.conf b/config/open-im-ng-example.conf index e5e584ff8..10a2ecb52 100644 --- a/config/open-im-ng-example.conf +++ b/config/open-im-ng-example.conf @@ -1,31 +1,37 @@ upstream im_msg_gateway{ - server 127.0.0.1:10001; #IM消息服务器地址 根据部署情况可指定多台 + server 127.0.0.1:10001; #IM Message server address Multiple can be specified according to the deployment } upstream im_api{ - server 127.0.0.1:10002; #IM群组用户api服务器地址 根据部署情况可指定多台 - } -upstream storage { - server 127.0.0.1:10005; #MinIO服务器地址 暂时支持1台 + server 127.0.0.1:10002; #IM Group user api server address Multiple can be specified according to the deployment } upstream im_grafana{ - server 127.0.0.1:10007; #IM 统计服务器地址 docker-compose启动所在机器 + server 127.0.0.1:10007; #IM Statistical server address The machine where docker-compose starts } upstream im_chat_api{ - server 127.0.0.1:10008; #IM 商业版登录注册服务器地址 根据部署情况可指定多台 + server 127.0.0.1:10008; #IM Business version login registration server address Multiple can be specified according to the deployment } upstream im_admin_api{ - server 127.0.0.1:10009; #IM 商业版admin地址 根据部署情况可指定多台 + server 127.0.0.1:10009; #IM The admin address of the commercial version can specify multiple units according to the deployment situation } upstream im_open_rtc{ - server 127.0.0.1:7880; #rtc 音视频通话 服务器地址 根据部署情况可指定多台 + server 127.0.0.1:7880; #rtc Audio and video call server address Multiple devices can be specified according to the deployment } +upstream minio_s3_2 { + least_conn; + server 127.0.0.1:10005; +} + +upstream minio_console_2 { + least_conn; + server 127.0.0.1:9090; +} server { listen 443; - server_name test-web.rentsoft.cn; #1 web im 端 域名 + server_name your-domain.com; #your-domain.com ssl on; - ssl_certificate /etc/nginx/conf.d/ssl/test-web.rentsoft.cn.crt; #2 证书 - ssl_certificate_key /etc/nginx/conf.d/ssl/test-web.rentsoft.cn.key; #3 证书 + ssl_certificate /etc/nginx/conf.d/ssl/your-domain.com.crt; #2 Certificate + ssl_certificate_key /etc/nginx/conf.d/ssl/your-domain.com.key; #3 Certificate ssl_session_timeout 5m; gzip on; gzip_min_length 1k; @@ -42,7 +48,7 @@ server { proxy_set_header X-Real-Ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-NginX-Proxy true; - root /data1/online/Pc-Web-Demo/build/; # web im静态资源存放路径 + root /data1/online/Pc-Web-Demo/build/; # web im static resource storage path index index.html; try_files $uri $uri/ /index.html; } @@ -98,31 +104,69 @@ server { server { listen 80; - server_name test-web.rentsoft.cn ; #1 web im 端 域名 + server_name test-web.rentsoft.cn ; #1 web im end domain name rewrite ^(.*)$ https://${server_name}$1 permanent; } + server { - ssl_session_timeout 5m; - listen 443; - server_name test-storage.rentsoft.cn; #1 MinIO存储域名 - ssl on; - ssl_certificate /etc/nginx/conf.d/ssl/test-storage.rentsoft.cn.crt; #证书 - ssl_certificate_key /etc/nginx/conf.d/ssl/test-storage.rentsoft.cn.key; #证书 - gzip on; - gzip_min_length 1k; - gzip_buffers 4 16k; - gzip_comp_level 2; - gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png; - gzip_vary off; - gzip_disable "MSIE [1-6]\."; + listen 443; + + server_name your-domain.com; #your-domain.com + ssl on; + ssl_certificate /etc/nginx/conf.d/ssl/your-domain.com.crt; #Certificate + ssl_certificate_key /etc/nginx/conf.d/ssl/your-domain.com.key; #Certificate + gzip on; + gzip_min_length 1k; + gzip_buffers 4 16k; + gzip_comp_level 2; + gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/wasm; + gzip_vary off; + gzip_disable "MSIE [1-6]\."; + # Allow special characters in headers + ignore_invalid_headers off; + # Allow any size file to be uploaded. + # Set to a value such as 1000m; to restrict file size to a specific value + client_max_body_size 0; + # Disable buffering + proxy_buffering off; + proxy_request_buffering off; + location / { - proxy_pass http://storage; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $http_host; - proxy_http_version 1.1; - client_max_body_size 8000M; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_connect_timeout 300; + # Default is HTTP/1, keepalive is only enabled in HTTP/1.1 + proxy_http_version 1.1; + proxy_set_header Connection ""; + chunked_transfer_encoding off; + + proxy_pass http://minio_s3_2; # This uses the upstream directive definition to load balance + } + + location /minio/ui { + rewrite ^/minio/ui/(.*) /$1 break; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-NginX-Proxy true; + + # This is necessary to pass the correct IP to be hashed + real_ip_header X-Real-IP; + + proxy_connect_timeout 300; + + # To support websockets in MinIO versions released after January 2023 + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + chunked_transfer_encoding off; + + proxy_pass http://minio_console_2; # This uses the upstream directive definition to load balance } }