msb-public
/
Open-IM-Server
mirror of https://github.com/OpenIMSDK/Open-IM-Server
2
0
Code Issues Projects Releases Wiki Activity

update "Nginx reverse proxy and TLS configuration"

Browse Source
pull/742/head
pluto 2 years ago
parent a6301fb7f3
commit 9b096428b0
1 changed files with 10 additions and 131 deletions
Show Stats Download Patch File Download Diff File

141
config/open-im-ng-example.conf
Unescape View File

@ -16,49 +16,16 @@ upstream im_chat_api{
upstream im_admin_api{ upstream im_admin_api{
server 127.0.0.1:10009; #IM 商业版admin地址 根据部署情况可指定多台 server 127.0.0.1:10009; #IM 商业版admin地址 根据部署情况可指定多台
} }
upstream im_user{
server 127.0.0.1:10110; #IM 用户服务 服务器地址 根据部署情况可指定多台
}
upstream im_friend{
server 127.0.0.1:10120; #IM 好友服务 服务器地址 根据部署情况可指定多台
}
upstream im_message{
server 127.0.0.1:10130; #IM 消息 服务器地址 根据部署情况可指定多台
}
upstream im_message_gateway{
server 127.0.0.1:10140; #IM 消息网关 服务器地址 根据部署情况可指定多台
}
upstream im_group{
server 127.0.0.1:10150; #IM 群组服务 服务器地址 根据部署情况可指定多台
}
upstream im_auth{
server 127.0.0.1:10160; #IM 鉴权服务 服务器地址 根据部署情况可指定多台
}
upstream im_push{
server 127.0.0.1:10170; #IM 推送服务 服务器地址 根据部署情况可指定多台
}
upstream im_conversation{
server 127.0.0.1:10180; #IM 即时对话 服务器地址 根据部署情况可指定多台
}
upstream im_third{
server 127.0.0.1:10190; #IM 第三方服务 服务器地址 根据部署情况可指定多台
}
upstream im_admin{
server 127.0.0.1:30200; #chat admin服务器地址 根据部署情况可指定多台
}
upstream im_chat{
server 127.0.0.1:30300; #chat 商业版登录注册服务器地址 根据部署情况可指定多台
}
upstream im_open_rtc{ upstream im_open_rtc{
server 127.0.0.1:7880; #rtc 音视频通话 服务器地址 根据部署情况可指定多台 server 127.0.0.1:7880; #rtc 音视频通话 服务器地址 根据部署情况可指定多台
} }
server { server {
listen 443; listen 443;
server_name web.rentsoft.cn; #1 web im 端 域名 server_name test-web.rentsoft.cn; #1 web im 端 域名
ssl on; ssl on;
ssl_certificate /etc/nginx/conf.d/ssl/web.rentsoft.cn.crt; #2 证书 ssl_certificate /etc/nginx/conf.d/ssl/test-web.rentsoft.cn.crt; #2 证书
ssl_certificate_key /etc/nginx/conf.d/ssl/web.rentsoft.cn.key; #3 证书 ssl_certificate_key /etc/nginx/conf.d/ssl/test-web.rentsoft.cn.key; #3 证书
ssl_session_timeout 5m; ssl_session_timeout 5m;
gzip on; gzip on;
gzip_min_length 1k; gzip_min_length 1k;
@ -103,7 +70,7 @@ server {
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_grafana/; proxy_pass http://im_grafana/;
} }
location ^~/im_chat_api/ { #10008 im_chat_api location ^~/chat/ { #10008 im_chat_api
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
@ -111,102 +78,14 @@ server {
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_chat_api/; proxy_pass http://im_chat_api/;
} }
location ^~/im_admin_api/ { #10009 admin location ^~/complete_admin/ { #10009 admin
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_complete_admin/;
}
location ^~/im_user/ { #10110 im_user
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_user/;
}
location ^~/im_friend/ { #10120 im_friend
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_friend/;
}
location ^~/im_message/ { #10130 im_message
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_message/;
}
location ^~/im_message_gateway/ { #10140 im_message_gateway
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_message_gateway/;
}
location ^~/im_group/ { #10150 im_group
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_group/;
}
location ^~/im_auth/ { #10160 im_auth
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr; proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_auth/; proxy_pass http://im_admin_api/;
} }
location ^~/im_push/ { #10170 im_push
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_push/;
}
location ^~/im_conversation/ { #10180 im_conversation
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_conversation/;
}
location ^~/im_third/ { #10190 im_third
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_third/;
}
location ^~/im_admin/ { #30200 im_admin
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_admin/;
}
location ^~/im_chat/ { #30300 im_chat
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://im_chat/;
}
location ^~/open_rtc/ { #7880 rtc location ^~/open_rtc/ { #7880 rtc
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
@ -219,17 +98,17 @@ server {
server { server {
listen 80; listen 80;
server_name web.rentsoft.cn ; #1 web im 端 域名 server_name test-web.rentsoft.cn ; #1 web im 端 域名
rewrite ^(.*)$ https://${server_name}$1 permanent; rewrite ^(.*)$ https://${server_name}$1 permanent;
} }
server { server {
ssl_session_timeout 5m; ssl_session_timeout 5m;
listen 443; listen 443;
server_name storage.rentsoft.cn; #1 MinIO存储域名 server_name test-storage.rentsoft.cn; #1 MinIO存储域名
ssl on; ssl on;
ssl_certificate /etc/nginx/conf.d/ssl/storage.rentsoft.cn.crt; #证书 ssl_certificate /etc/nginx/conf.d/ssl/test-storage.rentsoft.cn.crt; #证书
ssl_certificate_key /etc/nginx/conf.d/ssl/storage.rentsoft.cn.key; #证书 ssl_certificate_key /etc/nginx/conf.d/ssl/test-storage.rentsoft.cn.key; #证书
gzip on; gzip on;
gzip_min_length 1k; gzip_min_length 1k;
gzip_buffers 4 16k; gzip_buffers 4 16k;

Write Preview
Loading…
Cancel
Save