msb-public
/
Open-IM-Server
mirror of https://github.com/OpenIMSDK/Open-IM-Server
2
0
Code Issues Projects Releases Wiki Activity

Nginx reverse proxy and TLS configuration

Browse Source
pull/742/head
pluto 2 years ago
parent efde8499cc
commit 5a4e6a14fe
1 changed files with 112 additions and 57 deletions
Show Stats Download Patch File Download Diff File

165
config/open-im-ng-example.conf
Unescape View File

@ -4,31 +4,54 @@ upstream im_msg_gateway{
upstream im_api{
server 127.0.0.1:10002; #IM群组用户api服务器地址 根据部署情况可指定多台
}
upstream im_jssdk_gateway{
server 127.0.0.1:10003; #IM jssdk服务器地址 根据部署情况可指定多台
}
upstream storage {
server 127.0.0.1:10005; #MinIO服务器地址 暂时支持1台
}
upstream im_admin{
server 127.0.0.1:10006; #IM admin服务器地址 根据部署情况可指定多台
}
upstream im_grafana{
server 127.0.0.1:10007; #IM 统计服务器地址 docker-compose启动所在机器
}
upstream im_chat{
upstream im_chat_api{
server 127.0.0.1:10008; #IM 商业版登录注册服务器地址 根据部署情况可指定多台
}
upstream im_complete_admin{
upstream im_admin_api{
server 127.0.0.1:10009; #IM 商业版admin地址 根据部署情况可指定多台
}
upstream im_organization{
server 127.0.0.1:10010; #IM 商业版组织架构服务器地址 根据部署情况可指定多台
upstream im_user{
server 127.0.0.1:10110; #IM 用户服务 服务器地址 根据部署情况可指定多台
}
upstream im_friend{
server 127.0.0.1:10120; #IM 好友服务 服务器地址 根据部署情况可指定多台
}
upstream im_message{
server 127.0.0.1:10130; #IM 消息 服务器地址 根据部署情况可指定多台
}
upstream im_message_gateway{
server 127.0.0.1:10140; #IM 消息网关 服务器地址 根据部署情况可指定多台
}
upstream im_group{
server 127.0.0.1:10150; #IM 群组服务 服务器地址 根据部署情况可指定多台
}
upstream im_auth{
server 127.0.0.1:10160; #IM 鉴权服务 服务器地址 根据部署情况可指定多台
}
upstream im_push{
server 127.0.0.1:10170; #IM 推送服务 服务器地址 根据部署情况可指定多台
}
upstream im_conversation{
server 127.0.0.1:10180; #IM 即时对话 服务器地址 根据部署情况可指定多台
}
upstream im_third{
server 127.0.0.1:10190; #IM 第三方服务 服务器地址 根据部署情况可指定多台
}
upstream im_admin{
server 127.0.0.1:30200; #chat admin服务器地址 根据部署情况可指定多台
}
upstream im_chat{
server 127.0.0.1:30300; #chat 商业版登录注册服务器地址 根据部署情况可指定多台
}
upstream im_open_rtc{
server 127.0.0.1:7880; #rtc 音视频通话 服务器地址 根据部署情况可指定多台
}
server {
listen 443;
server_name web.rentsoft.cn; #1 web im 端 域名
@ -72,53 +95,117 @@ server {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_api/;
}
location /jssdk_gateway { #10003 jssdk
location ^~/grafana/ { #10007 prometheus
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_jssdk_gateway/;
proxy_pass http://im_grafana/;
}
location ^~/admin/ { #10006 admin
location ^~/im_chat_api/ { #10008 im_chat_api
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_admin/;
proxy_pass http://im_chat_api/;
}
location ^~/grafana/ { #10007 prometheus
location ^~/im_admin_api/ { #10009 admin
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_grafana/;
proxy_pass http://im_complete_admin/;
}
location ^~/chat/ { #10008 chat login
location ^~/im_user/ { #10110 im_user
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_chat/;
proxy_pass http://im_user/;
}
location ^~/complete_admin/ { #10009 admin
location ^~/im_friend/ { #10120 im_friend
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_complete_admin/;
proxy_pass http://im_friend/;
}
location ^~/im_message/ { #10130 im_message
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_message/;
}
location ^~/im_message_gateway/ { #10140 im_message_gateway
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_message_gateway/;
}
location ^~/im_group/ { #10150 im_group
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_group/;
}
location ^~/im_auth/ { #10160 im_auth
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_auth/;
}
location ^~/im_push/ { #10170 im_push
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_push/;
}
location ^~/im_conversation/ { #10180 im_conversation
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_conversation/;
}
location ^~/im_third/ { #10190 im_third
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_third/;
}
location ^~/organization/ { #10010 organization
location ^~/im_admin/ { #30200 im_admin
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_organization/;
proxy_pass http://im_admin/;
}
location ^~/im_chat/ { #30300 im_chat
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_chat/;
}
location ^~/open_rtc/ { #7880 rtc
proxy_http_version 1.1;
@ -160,35 +247,3 @@ server {
client_max_body_size 8000M;
}
}
server {
listen 443;
server_name admin.rentsoft.cn; #后台管理域名
ssl on;
ssl_certificate /etc/nginx/conf.d/ssl/admin.rentsoft.cn.crt; # 证书
ssl_certificate_key /etc/nginx/conf.d/ssl/admin.rentsoft.cn.key; #证书
ssl_session_timeout 5m;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-NginX-Proxy true;
root /data1/online/Open-IM-Admin/dist/; #管理后台web静态资源存放路径
index index.html;
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name admin.rentsoft.cn; #管理后台 域名
rewrite ^(.*)$ https://${server_name}$1 permanent;
}

Write Preview
Loading…
Cancel
Save