diff --git a/deployments/templates/default.conf b/deployments/templates/default.conf new file mode 100644 index 000000000..463f20734 --- /dev/null +++ b/deployments/templates/default.conf @@ -0,0 +1,105 @@ +upstream minio_s3 { + server ${DOCKER_BRIDGE_GATEWAY}:${MINIO_PORT}; +} +upstream im_web_front { + server ${DOCKER_BRIDGE_GATEWAY}:${OPENIM_WEB_PORT}; +} +upstream im_admin_front { + server ${DOCKER_BRIDGE_GATEWAY}:${OPENIM_ADMIN_FRONT_PORT}; +} + +upstream im_msg_gateway { + server ${DOCKER_BRIDGE_GATEWAY}:${OPENIM_WS_PORT}; +} + +upstream im_api { + server ${DOCKER_BRIDGE_GATEWAY}:${API_OPENIM_PORT}; +} + +upstream im_chat_api { + server ${DOCKER_BRIDGE_GATEWAY}:${OPENIM_CHAT_API_PORT}; +} + +upstream im_admin_api { + server ${DOCKER_BRIDGE_GATEWAY}:${OPENIM_ADMIN_API_PORT}; +} + +server { + listen 80; + #server_name hostname; + gzip on; + gzip_min_length 1k; + gzip_buffers 4 16k; + gzip_comp_level 2; + gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/wasm; + gzip_vary off; + gzip_disable "MSIE [1-6]\."; + error_page 405 =200 $uri; + default_type application/wasm; + # base open + location ^~/openim-front/{ #web front + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://im_web_front/; + } + location ^~/openim-admin-front/{ #admin front + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://im_admin_front/; + } + location ^~/msg_gateway/ { #10001 ws msggateway + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://im_msg_gateway/; + } + location ^~/api/ { #10002 api openim-api + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://im_api/; + } + + location ^~/chat/ { #10008 im_chat_api charserver chart + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://im_chat_api/; + } + location ^~/complete_admin/ { #10009 charserver admin + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://im_admin_api/; + } + location ^~/im-minio-api/ { #10009 minio admin + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_connect_timeout 300; + # Default is HTTP/1, keepalive is only enabled in HTTP/1.1 + proxy_http_version 1.1; + proxy_set_header Connection ""; + chunked_transfer_encoding off; + proxy_pass http://minio_s3/; + } +} \ No newline at end of file diff --git a/deployments/templates/env-template.yaml b/deployments/templates/env-template.yaml index ab9c87c02..0e44ab2b5 100644 --- a/deployments/templates/env-template.yaml +++ b/deployments/templates/env-template.yaml @@ -256,4 +256,8 @@ OPENIM_ADMIN_FRONT_PORT=${OPENIM_ADMIN_FRONT_PORT} # Port for the alertmanager. # Default: ALERT_MANAGER_PORT=19093 -ALERT_MANAGER_PORT=${ALERT_MANAGER_PORT} \ No newline at end of file +ALERT_MANAGER_PORT=${ALERT_MANAGER_PORT} + +# Port for the nginx listen. +# Default: NGINX_LISTEN_PORT=80 +NGINX_LISTEN_PORT=${NGINX_LISTEN_PORT} \ No newline at end of file diff --git a/deployments/templates/nginx.conf b/deployments/templates/nginx.conf new file mode 100644 index 000000000..2399fc7cd --- /dev/null +++ b/deployments/templates/nginx.conf @@ -0,0 +1,30 @@ +user nginx; +worker_processes auto; + +error_log /var/log/nginx/error.log notice; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout 65; + client_max_body_size 50m; + #gzip on; + include /etc/nginx/conf.d/*.conf; +} \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index de3deaaea..f0d94d136 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -11,6 +11,20 @@ networks: gateway: '${DOCKER_BRIDGE_GATEWAY:-172.28.0.1}' services: + nginx: + restart: always + container_name: nginx + image: nginx + ports: + - ${NGINX_LISTEN_PORT}:80 + volumes: + - ./logs:/var/log/nginx + - ./config/nginx.conf:/etc/nginx/nginx.conf + - ./config/default.conf:/etc/nginx/conf.d/default.conf + environment: + - NGINX_PORT=80 + - TZ=Asia/Shanghai + privileged: true mongodb: image: mongo:${MONGODB_IMAGE_VERSION-6.0.2} ports: @@ -112,12 +126,9 @@ services: openim-web: image: ${IMAGE_REGISTRY:-ghcr.io/openimsdk}/openim-web:${OPENIM_WEB_IMAGE_VERSION:-latest} container_name: openim-web - environment: - - OPENIM_WEB_DIST_PATH=${OPENIM_WEB_DIST_PATH:-/app/dist} - - OPENIM_WEB_PORT=${OPENIM_WEB_PORT:-11001} restart: always ports: - - "${OPENIM_WEB_PORT:-11001}:11001" + - "${OPENIM_WEB_PORT:-11001}:80" networks: server: ipv4_address: ${OPENIM_WEB_NETWORK_ADDRESS:-172.28.0.7} @@ -167,6 +178,12 @@ services: # hostname: grafana # user: root # restart: always + # environment: + # - GF_SECURITY_ALLOW_EMBEDDING=true + # - GF_SESSION_COOKIE_SAMESITE=none + # - GF_SESSION_COOKIE_SECURE=true + # - GF_AUTH_ANONYMOUS_ENABLED=true + # - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin # ports: # - "${GRAFANA_PORT:-13000}:3000" # volumes: diff --git a/scripts/init-config.sh b/scripts/init-config.sh index c75fc5502..1572c30c4 100755 --- a/scripts/init-config.sh +++ b/scripts/init-config.sh @@ -34,6 +34,7 @@ declare -A TEMPLATES=( ["${OPENIM_ROOT}/deployments/templates/openim.yaml"]="${OPENIM_ROOT}/config/config.yaml" ["${OPENIM_ROOT}/deployments/templates/prometheus.yml"]="${OPENIM_ROOT}/config/prometheus.yml" ["${OPENIM_ROOT}/deployments/templates/alertmanager.yml"]="${OPENIM_ROOT}/config/alertmanager.yml" + ["${OPENIM_ROOT}/deployments/templates/default.conf"]="${OPENIM_ROOT}/config/default.yml" ) # Templates for example files @@ -49,6 +50,7 @@ declare -A COPY_TEMPLATES=( ["${OPENIM_ROOT}/deployments/templates/email.tmpl"]="${OPENIM_ROOT}/config/email.tmpl" ["${OPENIM_ROOT}/deployments/templates/instance-down-rules.yml"]="${OPENIM_ROOT}/config/instance-down-rules.yml" ["${OPENIM_ROOT}/deployments/templates/notification.yaml"]="${OPENIM_ROOT}/config/notification.yaml" + ["${OPENIM_ROOT}/deployments/templates/nginx.conf"]="${OPENIM_ROOT}/config/nginx.conf" ) # Templates for config Copy file diff --git a/scripts/install/environment.sh b/scripts/install/environment.sh index feb36c3c1..b8a5f861e 100755 --- a/scripts/install/environment.sh +++ b/scripts/install/environment.sh @@ -286,6 +286,9 @@ readonly ALERTMANAGER_SEND_RESOLVED=${ALERTMANAGER_SEND_RESOLVED:-"{SEND_RESOLVE def "GRAFANA_PORT" "13000" # Grafana的端口 def "GRAFANA_ADDRESS" "${DOCKER_BRIDGE_GATEWAY}" # Grafana的地址 +###################### nginx 配置信息 ###################### +readonly NGINX_LISTEN_PORT=${NGINX_LISTEN_PORT:-"80"} + ###################### RPC Port Configuration Variables ###################### # For launching multiple programs, just fill in multiple ports separated by commas # For example: