From dfcfa643f0568e67fe62ebf2dc70e608d7722ead Mon Sep 17 00:00:00 2001 From: skiffer-git <44203734@qq.com> Date: Wed, 9 Nov 2022 21:05:14 +0800 Subject: [PATCH] nginx config --- config/open-im-online.conf | 187 +++++++++++++++++-------------------- 1 file changed, 88 insertions(+), 99 deletions(-) diff --git a/config/open-im-online.conf b/config/open-im-online.conf index de1d0c56c..43e7b4c68 100644 --- a/config/open-im-online.conf +++ b/config/open-im-online.conf @@ -1,37 +1,43 @@ upstream im_msg_gateway{ - server 127.0.0.1:10001; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10001; #IM消息服务器地址 根据部署情况可指定多台 + } upstream im_api{ - server 127.0.0.1:10002; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10002; #IM群组用户api服务器地址 根据部署情况可指定多台 + } upstream im_jssdk_gateway{ - server 127.0.0.1:10003; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10003; #IM jssdk服务器地址 根据部署情况可指定多台 + } upstream im_demo{ - server 127.0.0.1:10004; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10004; #IM demo登录注册服务器地址 根据部署情况可指定多台 + } +upstream storage { + server 127.0.0.1:10005; #MinIO服务器地址 暂时支持1台 + } upstream im_admin{ - server 127.0.0.1:10006; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10006; #IM admin服务器地址 根据部署情况可指定多台 + } upstream im_grafana{ - server 127.0.0.1:10007; #指定后端服务器地址 docker-compose启动所在机器 - } + server 127.0.0.1:10007; #IM 统计服务器地址 docker-compose启动所在机器 + } upstream im_chat{ - server 127.0.0.1:10008; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10008; #IM 商业版登录注册服务器地址 根据部署情况可指定多台 + } upstream im_complete_admin{ - server 127.0.0.1:10009; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10009; #IM 商业版admin地址 根据部署情况可指定多台 + } upstream im_organization{ - server 127.0.0.1:10010; #指定后端服务器地址 根据部署情况可指定多台 - } + server 127.0.0.1:10010; #IM 商业版组织架构服务器地址 根据部署情况可指定多台 + } +upstream im_open_rtc{ + server 127.0.0.1:7880; #rtc 音视频通话 服务器地址 根据部署情况可指定多台 + } server { listen 443; - server_name open-im-online.rentsoft.cn; #1 + server_name web.rentsoft.cn ; #1 web im 端 域名 ssl on; - ssl_certificate /etc/nginx/conf.d/ssl/open-im-online.rentsoft.cn.crt; #2 - ssl_certificate_key /etc/nginx/conf.d/ssl/open-im-online.rentsoft.cn.key; #3 + ssl_certificate /etc/nginx/conf.d/ssl/web.rentsoft.cn .crt; #2 证书 + ssl_certificate_key /etc/nginx/conf.d/ssl/web.rentsoft.cn .key; #3 证书 ssl_session_timeout 5m; gzip on; gzip_min_length 1k; @@ -46,54 +52,49 @@ server { proxy_set_header X-Real-Ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-NginX-Proxy true; - root /data1/online/Pc-Web-Demo/build/; #4 + root /data1/online/Pc-Web-Demo/build/; # web im静态资源存放路径 index index.html; try_files $uri $uri/ /index.html; } - location /msg_gateway { #10001 ws proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_msg_gateway; + proxy_pass http://im_msg_gateway/; } - location /api { #10002 api proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_api; + proxy_pass http://im_api/; } - location /jssdk_gateway { #10003 jssdk proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_jssdk_gateway; + proxy_pass http://im_jssdk_gateway/; } - location /demo { # 10004 demo proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_demo; + proxy_pass http://im_demo/; } - location /admin { #10006 admin proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_admin; + proxy_pass http://im_admin/; } location /grafana { #10007 prometheus proxy_http_version 1.1; @@ -101,7 +102,7 @@ server { proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_grafana; + proxy_pass http://im_grafana/; } location /chat { #10008 chat login proxy_http_version 1.1; @@ -109,7 +110,7 @@ server { proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_chat; + proxy_pass http://im_chat/; } location /complete_admin { #10009 admin proxy_http_version 1.1; @@ -117,7 +118,7 @@ server { proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_complete_admin; + proxy_pass http://im_complete_admin/; } location /organization { #10010 organization proxy_http_version 1.1; @@ -125,33 +126,31 @@ server { proxy_set_header Connection "Upgrade"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://im_organization; - }//organization + proxy_pass http://im_organization/; + } + location /open_rtc { #7880 rtc + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://im_open_rtc; + } } - server { listen 80; - server_name open-im-online.rentsoft.cn; #1 + server_name web.rentsoft.cn ; #1 web im 端 域名 rewrite ^(.*)$ https://${server_name}$1 permanent; } - - - - - - - server { - listen 51000; - server_name open-im-online.rentsoft.cn; - ssl on; - ssl_certificate /etc/nginx/conf.d/ssl/open-im-online.rentsoft.cn.crt; - ssl_certificate_key /etc/nginx/conf.d/ssl/open-im-online.rentsoft.cn.key; ssl_session_timeout 5m; - - client_max_body_size 200m; + listen 443; + server_name storage.rentsoft.cn; #1 MinIO存储域名 + ssl on; + ssl_certificate /etc/nginx/conf.d/ssl/storage.rentsoft.cn_nginx/storage.rentsoft.cn_bundle.crt; #证书 + ssl_certificate_key /etc/nginx/conf.d/ssl/storage.rentsoft.cn_nginx/storage.rentsoft.cn.key; #证书 gzip on; gzip_min_length 1k; gzip_buffers 4 16k; @@ -159,23 +158,25 @@ server { gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png; gzip_vary off; gzip_disable "MSIE [1-6]\."; - location / { - proxy_http_version 1.1; - proxy_set_header X-real-ip $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://127.0.0.1:8081; - } + location / { + proxy_pass http://storage; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $http_host; + proxy_http_version 1.1; + client_max_body_size 8000M; + } } server { - listen 57880; - server_name open-im-online.rentsoft.cn; + listen 443; + server_name admin.rentsoft.cn; #后台管理域名 ssl on; - ssl_certificate /etc/nginx/conf.d/ssl/open-im-online.rentsoft.cn.crt; - ssl_certificate_key /etc/nginx/conf.d/ssl/open-im-online.rentsoft.cn.key; + ssl_certificate /etc/nginx/conf.d/ssl/admin.rentsoft.cn.crt; # 证书 + ssl_certificate_key /etc/nginx/conf.d/ssl/admin.rentsoft.cn.key; #证书 ssl_session_timeout 5m; - gzip on; gzip_min_length 1k; gzip_buffers 4 16k; @@ -184,38 +185,31 @@ server { gzip_vary off; gzip_disable "MSIE [1-6]\."; location / { - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header X-real-ip $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Real-Ip $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://127.0.0.1:7880; + proxy_set_header X-NginX-Proxy true; + root /data/test/admin-test/dist/; #管理后台web静态资源存放路径 + index index.html; + try_files $uri $uri/ /index.html; } } - - - -upstream storage { - server 127.0.0.1:10005; -} - server { - # listen 443; - # server_name storage-online.rentsoft.cn; - # ssl on - # ssl_certificate /etc/nginx/conf.d/ssl/storage-online.rentsoft.cn_bundle.crt; - # ssl_certificate_key /etc/nginx/conf.d/ssl/storage-online.rentsoft.cn.key; - ssl_session_timeout 5m; + listen 80; + server_name admin.rentsoft.cn; #管理后台 域名 + rewrite ^(.*)$ https://${server_name}$1 permanent; +} - listen 443; - server_name storage-online.rentsoft.cn; +server { + listen 51000; + server_name web.rentsoft.cn ; ssl on; - ssl_certificate /etc/nginx/conf.d/ssl/storage-online.rentsoft.cn_nginx/storage-online.rentsoft.cn_bundle.crt; - ssl_certificate_key /etc/nginx/conf.d/ssl/storage-online.rentsoft.cn_nginx/storage-online.rentsoft.cn.key; - - + ssl_certificate /etc/nginx/conf.d/ssl/web.rentsoft.cn .crt; + ssl_certificate_key /etc/nginx/conf.d/ssl/web.rentsoft.cn .key; + ssl_session_timeout 5m; + client_max_body_size 200m; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; @@ -223,15 +217,10 @@ server { gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png; gzip_vary off; gzip_disable "MSIE [1-6]\."; - - location / { - proxy_pass http://127.0.0.1:10005/; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $http_host; - proxy_http_version 1.1; - client_max_body_size 8000M; - - } + location / { + proxy_http_version 1.1; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_pass http://127.0.0.1:8081; + } }