test

00-init-tools.sh

@@ -7,7 +7,7 @@
 #    2. 配置 GOPROXY（自动测速选最快节点）
 #    3. 安装 Node.js / npm（前端依赖）
 #    4. 安装 Docker（基础设施容器）
-#    5. 安装 Nginx 并写入 PC/OpenIM 反代（:80 → 10001/10002/10008，见 nginx/openim-pc-proxy.conf）
+#    5. 安装 Nginx 并写入 PC/OpenIM 反代（:80 API 网关，:443 PC/API/WS + COOP/COEP）
 #    6. 写入 /etc/profile.d/deploy-env.sh（永久生效）
 #
 #  用法:
@@ -244,7 +244,7 @@ _install_docker() {
 }
 
 # ──────────────────────────────────────────────────────────────────────────────
-# 5. Nginx — PC / OpenIM 统一入口（HTTP :80，反代本机 10001/10002/10008）
+# 5. Nginx — PC / OpenIM 统一入口（HTTP :80 / HTTPS :443）
 # ──────────────────────────────────────────────────────────────────────────────
 _install_pc_nginx_proxy() {
   step "安装 Nginx 并配置 OpenIM/PC 反代"
@@ -258,6 +258,16 @@ _install_pc_nginx_proxy() {
   script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
   local conf_src="${script_dir}/nginx/openim-pc-proxy.conf"
   local conf_name="openim-pc-proxy.conf"
+  local deploy_ip="${DEPLOY_TEST_IP:-54.116.29.247}"
+  local ssl_dir="/etc/nginx/ssl"
+  local ssl_key="${ssl_dir}/openim-pc-proxy-selfsigned.key"
+  local ssl_crt="${ssl_dir}/openim-pc-proxy-selfsigned.crt"
+
+  if [[ -f "$ENV_FILE" ]]; then
+    # shellcheck source=/dev/null
+    source "$ENV_FILE"
+    deploy_ip="${DEPLOY_TEST_IP:-$deploy_ip}"
+  fi
 
   if [[ ! -f "$conf_src" ]]; then
     error "  找不到配置: $conf_src"
@@ -267,17 +277,47 @@ _install_pc_nginx_proxy() {
   if ! _has nginx; then
     if _has apt-get; then
       apt-get update -y
-      apt-get install -y nginx
+      apt-get install -y nginx openssl
     elif _has dnf; then
-      dnf install -y nginx
+      dnf install -y nginx openssl
     elif _has yum; then
-      yum install -y nginx
+      yum install -y nginx openssl
     else
       error "  未检测到 apt/dnf/yum，请先手动安装 nginx"
       return 1
     fi
   fi
 
+  if ! _has openssl; then
+    if _has apt-get; then
+      apt-get update -y
+      apt-get install -y openssl
+    elif _has dnf; then
+      dnf install -y openssl
+    elif _has yum; then
+      yum install -y openssl
+    else
+      error "  未安装 openssl，无法生成 HTTPS 自签名证书"
+      return 1
+    fi
+  fi
+
+  mkdir -p "$ssl_dir"
+  if [[ ! -s "$ssl_key" ]] || [[ ! -s "$ssl_crt" ]]; then
+    openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+      -keyout "$ssl_key" \
+      -out "$ssl_crt" \
+      -subj "/CN=${deploy_ip}" \
+      -addext "subjectAltName=IP:${deploy_ip},DNS:localhost" >/dev/null 2>&1 || \
+    openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+      -keyout "$ssl_key" \
+      -out "$ssl_crt" \
+      -subj "/CN=${deploy_ip}" >/dev/null 2>&1
+    chmod 0600 "$ssl_key"
+    chmod 0644 "$ssl_crt"
+    success "  已生成 HTTPS 自签名证书: $ssl_crt"
+  fi
+
   if [[ -d /etc/nginx/sites-available ]]; then
     install -m 0644 "$conf_src" "/etc/nginx/sites-available/${conf_name}"
     mkdir -p /etc/nginx/sites-enabled
@@ -303,9 +343,10 @@ _install_pc_nginx_proxy() {
   systemctl restart nginx
 
   success "  Nginx 反代已启用（配置: $conf_src）"
-  info "  请放行 TCP 80；curl -sS http://127.0.0.1/nginx-health 应返回 ok"
-  info "  纯 IP 访问 :80 为 API 网关；若 nginx -t 报 duplicate default_server，请从其它站点配置中去掉 default_server"
-  info "  .env.deploy-test 中 PC_BACKEND_ORIGIN=http://<公网IP>（与 DEPLOY_TEST_IP 一致）"
+  info "  请放行 TCP 80/443；curl -k -sS https://127.0.0.1/nginx-health 应返回 ok"
+  info "  纯 IP 访问 :80 为 API 网关；HTTPS :443 会代理 PC dev server + API + WebSocket，并启用 COOP/COEP"
+  info "  为避免 OpenIM WASM DB worker 在 http://公网IP:5173 下超时，建议 .env.deploy-test 设置 PC_BACKEND_ORIGIN=https://${deploy_ip}"
+  info "  浏览器打开 https://${deploy_ip}/（首次访问需接受自签名证书）"
 }
 
 # all 时非 root 则跳过（不中断 Go/Node/Docker）

01-init-env.sh

@@ -106,10 +106,11 @@ TENCENT_SDK_SECRET_KEY=cceba44084aaa04f8c48a1858ffd5385875c3a5ec006d34278d9d3714
 
 # ── PC 客户端（Vite dev）对接的后端公网地址（可选）───────────────────────────
 # 仅 IP：在服务器上先部署 Nginx 反代（sudo ./deploy-test/00-init-tools.sh nginx）
-# 填写与下方 DEPLOY_TEST_IP 一致的 http:// 根地址，无末尾斜杠
+# PC Web 版 OpenIM WASM DB worker 在公网 IP 下建议走 HTTPS + COOP/COEP。
+# 填写与下方 DEPLOY_TEST_IP 一致的 https:// 根地址，无末尾斜杠；首次浏览器访问需接受自签名证书。
 # ./deploy-test/07-start-frontend.sh 启动 pc 时会 export VITE_*，覆盖 pc/.env，无需改 pc 目录
 # 若某路径与网关不一致，可单独覆盖：PC_VITE_API_URL / PC_VITE_WS_URL / PC_VITE_CHAT_URL / PC_VITE_USER_URL
-PC_BACKEND_ORIGIN=http://54.116.29.247
+PC_BACKEND_ORIGIN=https://54.116.29.247
 EOF
 
 success ".env.deploy-test 已写入: $ENV_FILE"

07-start-frontend.sh

@@ -158,6 +158,10 @@ _start_fe() {
     success "  ✓ $name (PID=$(cat "$pidfile"))  ${FE_PORT[$name]}  → $logfile"
     if [[ "$name" == "pc" ]]; then
       pc_check_wasm_assets "http://${DEPLOY_TEST_IP}:5173"
+      if [[ "${PC_BACKEND_ORIGIN:-}" == https://* ]]; then
+        pc_check_wasm_assets "${PC_BACKEND_ORIGIN}"
+        info "  PC 浏览器入口建议使用: ${PC_BACKEND_ORIGIN%/}/（HTTPS + COOP/COEP；首次访问需接受自签名证书）"
+      fi
     fi
   else
     error "  ✗ $name 启动失败，查看日志:"
@@ -198,6 +202,7 @@ if [[ "$TARGET" == "all" ]]; then
   echo ""
   echo -e "${BOLD}访问地址：${NC}"
   echo "  PC:             http://${DEPLOY_TEST_IP}:5173  (默认 yarn dev:web；Electron 用 PC_ELECTRON=1 或 pc 目录内 yarn dev)"
+  echo "  PC HTTPS:       https://${DEPLOY_TEST_IP}/  (OpenIM WASM DB worker 推荐入口；首次访问需接受自签名证书)"
   echo "  H5:             http://${DEPLOY_TEST_IP}:3003"
   echo "  CMS:            http://${DEPLOY_TEST_IP}:8001"
   echo "  Build CMS:      http://${DEPLOY_TEST_IP}:8002"

README.md

@@ -285,20 +285,22 @@ TENCENT_SDK_SECRET_KEY=xxx
 
 ### Nginx 反代（仅公网 IP，供 PC / 浏览器访问后端）
 
-无域名时，在**测试服务器**上部署 Nginx，统一监听 **HTTP :80**，把路径转发到本机 `openim-server` / `chat-api`：
+无域名时，在**测试服务器**上部署 Nginx。HTTP `:80` 继续作为 API 网关；HTTPS `:443` 额外反代 PC Vite dev server，并启用 COOP/COEP，避免 OpenIM Web 版 WASM DB worker 在 `http://公网IP:5173` 下卡在 `initDB`：
 
 | 路径前缀 | 后端 |
 |----------|------|
 | `/api/im/` | `127.0.0.1:10002` |
 | `/api/user/`、`/api/chat/` | `127.0.0.1:10008` |
 | `/msg_gateway` | `127.0.0.1:10001`（WebSocket） |
+| `/`（HTTPS） | `127.0.0.1:5173`（PC Vite dev server） |
 
 1. 服务器上已执行 `05-start.sh` 等，保证 `10001/10002/10008` 在监听。
-2. 仓库根目录执行：`sudo ./deploy-test/00-init-tools.sh nginx`（会安装 `nginx` 并写入配置 `deploy-test/nginx/openim-pc-proxy.conf`；亦已包含在 `00-init-tools.sh` 无参的 **all** 流程末尾，需 root）。
-3. 云安全组放行 **TCP 80**。
-4. `.env.deploy-test` 中设置 **`PC_BACKEND_ORIGIN=http://<DEPLOY_TEST_IP>`**（无末尾 `/`），与 `DEPLOY_TEST_IP` 一致；再 `./deploy-test/07-start-frontend.sh pc` 启动 PC 时即注入 `VITE_*`。
+2. 仓库根目录执行：`sudo ./deploy-test/00-init-tools.sh nginx`（会安装 `nginx` / `openssl`、生成自签名证书，并写入配置 `deploy-test/nginx/openim-pc-proxy.conf`；亦已包含在 `00-init-tools.sh` 无参的 **all** 流程末尾，需 root）。
+3. 云安全组放行 **TCP 80/443**。
+4. `.env.deploy-test` 中设置 **`PC_BACKEND_ORIGIN=https://<DEPLOY_TEST_IP>`**（无末尾 `/`），与 `DEPLOY_TEST_IP` 一致；再 `./deploy-test/07-start-frontend.sh pc` 启动 PC 时即注入 `VITE_*`。
+5. 浏览器打开 **`https://<DEPLOY_TEST_IP>/`**（首次访问需接受自签名证书），不要用 `http://<DEPLOY_TEST_IP>:5173/` 排查 OpenIM Web SDK 登录。
 
-**仅 IP、:80 只做 API（不出现 CMS 静态站）**：本配置中 `openim-pc-proxy` 使用 **`listen 80 default_server`**，`GET /` 返回简短说明文本（非 CMS）。`00-init-tools.sh nginx` 会禁用 `sites-enabled/default`，并尝试去掉 `sites-available/default` 里的 `default_server`。若机上还有其它站点也写了 **`default_server`**，`nginx -t` 会报错，需在该站点配置中删除 `default_server`（保留 `listen 80;` 即可，用 **域名** 访问 CMS）。**CMS 开发**请用 **`http://IP:8001`**（UMI）。
+**仅 IP、:80 只做 API（不出现 CMS 静态站）**：本配置中 `openim-pc-proxy` 使用 **`listen 80 default_server`**，HTTP `GET /` 返回简短说明文本（非 CMS）；HTTPS `GET /` 才代理 PC Vite。`00-init-tools.sh nginx` 会禁用 `sites-enabled/default`，并尝试去掉 `sites-available/default` 里的 `default_server`。若机上还有其它站点也写了 **`default_server`**，`nginx -t` 会报错，需在该站点配置中删除 `default_server`（保留 `listen 80;` 即可，用 **域名** 访问 CMS）。**CMS 开发**请用 **`http://IP:8001`**（UMI）。
 
 ### Docker 基础设施
 

common.sh

@@ -260,6 +260,10 @@ pc_print_vite_backend_env() {
   info "    VITE_CHAT_URL=${VITE_CHAT_URL:-<empty>}"
   info "    VITE_USER_URL=${VITE_USER_URL:-<empty>}"
   info "    VITE_ADMIN_URL=${VITE_ADMIN_URL:-${PC_VITE_ADMIN_URL:-<empty>}}"
+
+  if [[ "$PC_BACKEND_ORIGIN" == http://* ]] && [[ "$PC_BACKEND_ORIGIN" != http://127.0.0.1* ]] && [[ "$PC_BACKEND_ORIGIN" != http://localhost* ]]; then
+    warn "  PC_BACKEND_ORIGIN 仍是 HTTP 公网入口；OpenIM WASM DB worker 可能继续 initDB 超时。建议改为 https://${VITE_BASE_DOMAIN}"
+  fi
 }
 
 pc_check_nginx_gateway() {
@@ -272,11 +276,14 @@ pc_check_nginx_gateway() {
     return 0
   fi
 
-  if curl -fsS --max-time 3 "${o}/nginx-health" >/dev/null 2>&1; then
+  local curl_tls=()
+  [[ "$o" == https://* ]] && curl_tls=(-k)
+
+  if curl "${curl_tls[@]}" -fsS --max-time 3 "${o}/nginx-health" >/dev/null 2>&1; then
     success "  Nginx 网关可达: ${o}/nginx-health"
   else
     warn "  Nginx 网关不可达: ${o}/nginx-health"
-    warn "  PC WebSocket 默认连 ${VITE_WS_URL:-ws://<host>/msg_gateway}；请确认已执行 sudo ./deploy-test/00-init-tools.sh nginx，并放行 TCP 80"
+    warn "  PC WebSocket 默认连 ${VITE_WS_URL:-ws://<host>/msg_gateway}；请确认已执行 sudo ./deploy-test/00-init-tools.sh nginx，并放行 TCP 80/443"
   fi
 
   pc_probe_msg_gateway "$o"
@@ -308,6 +315,9 @@ pc_check_wasm_assets() {
     return 0
   fi
 
+  local curl_tls=()
+  [[ "$origin" == https://* ]] && curl_tls=(-k)
+
   local asset url ct
   for asset in \
     openIM.wasm \
@@ -316,8 +326,8 @@ pc_check_wasm_assets() {
     node_modules/@openim/wasm-client-sdk/lib/worker.js \
     node_modules/@openim/wasm-client-sdk/lib/worker-legacy.js; do
     url="${origin}/${asset}"
-    ct=$(curl -fsSI --max-time 5 "$url" 2>/dev/null | awk 'BEGIN{IGNORECASE=1} /^content-type:/ {sub(/\r$/, ""); print $0; exit}' || true)
-    if [[ -n "$ct" ]] || curl -fsS --max-time 5 -r 0-0 "$url" >/dev/null 2>&1; then
+    ct=$(curl "${curl_tls[@]}" -fsSI --max-time 5 "$url" 2>/dev/null | awk 'BEGIN{IGNORECASE=1} /^content-type:/ {sub(/\r$/, ""); print $0; exit}' || true)
+    if [[ -n "$ct" ]] || curl "${curl_tls[@]}" -fsS --max-time 5 -r 0-0 "$url" >/dev/null 2>&1; then
       success "  PC SDK 资源可达: ${url}${ct:+ (${ct#*: })}"
     else
       warn "  PC SDK 资源不可达: ${url}（SDK login 可能卡住且不会发起 /msg_gateway WebSocket）"

nginx/openim-pc-proxy.conf

@@ -1,10 +1,10 @@
-# OpenIM / PC 客户端统一入口（HTTP :80）
+# OpenIM / PC 客户端统一入口（HTTP :80 / HTTPS :443）
 # 后端均为本机 deploy-test 单机进程：openim-server、chat-api
 #
 # 安装：在测试服务器上以 root 执行
 #   sudo ./deploy-test/00-init-tools.sh nginx
 #
-# 安全组 / 防火墙须放行 TCP 80；后端 10001/10002/10008 仅需本机访问（127.0.0.1）
+# 安全组 / 防火墙须放行 TCP 80/443；后端 10001/10002/10008 仅需本机访问（127.0.0.1）
 #
 # CORS：chat-api（:10008）与 openim（:10001/:10002）已在应用内通过 openimsdk/tools/mw.CorsHandler
 # 返回 Access-Control-Allow-Origin: *。若在此再用 add_header 追加 $http_origin，浏览器会收到
@@ -114,3 +114,103 @@ server {
         return 200 "ok\n";
     }
 }
+
+server {
+    listen 443 ssl http2 default_server;
+    listen [::]:443 ssl http2 default_server;
+    server_name _;
+
+    ssl_certificate /etc/nginx/ssl/openim-pc-proxy-selfsigned.crt;
+    ssl_certificate_key /etc/nginx/ssl/openim-pc-proxy-selfsigned.key;
+
+    client_max_body_size 100m;
+    access_log /var/log/nginx/openim-pc-proxy-access.log openim_pc_gateway;
+    error_log /var/log/nginx/openim-pc-proxy-error.log warn;
+
+    # OpenIM WASM DB worker 使用 SharedArrayBuffer / Atomics；公网 IP 下请通过 HTTPS + 跨源隔离访问。
+    add_header Cross-Origin-Opener-Policy same-origin always;
+    add_header Cross-Origin-Embedder-Policy require-corp always;
+
+    location /api/im/ {
+        proxy_pass http://127.0.0.1:10002/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300s;
+        proxy_send_timeout 300s;
+    }
+
+    location /api/user/ {
+        proxy_pass http://127.0.0.1:10008/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300s;
+        proxy_send_timeout 300s;
+    }
+
+    location /api/chat/ {
+        proxy_pass http://127.0.0.1:10008/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300s;
+        proxy_send_timeout 300s;
+    }
+
+    location /api/admin/ {
+        proxy_pass http://127.0.0.1:10009/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300s;
+        proxy_send_timeout 300s;
+    }
+
+    location ^~ /msg_gateway {
+        proxy_pass http://127.0.0.1:10001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Port $server_port;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache_bypass $http_upgrade;
+        proxy_buffering off;
+        proxy_read_timeout 86400s;
+        proxy_send_timeout 86400s;
+    }
+
+    location = /nginx-health {
+        access_log off;
+        default_type text/plain;
+        return 200 "ok\n";
+    }
+
+    # PC Vite dev server. Use https://<IP>/ instead of http://<IP>:5173/ for WASM DB worker.
+    location / {
+        proxy_pass http://127.0.0.1:5173;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache_bypass $http_upgrade;
+        proxy_buffering off;
+        proxy_read_timeout 86400s;
+        proxy_send_timeout 86400s;
+    }
+}

pc-sdk-probe.sh

@@ -193,10 +193,11 @@ cat <<'EOF'
     userID = userID || await window.__deployTestReadLocalForage("IM_USERID");
     token = token || await window.__deployTestReadLocalForage("IM_TOKEN");
     const operationID = `deploy-test-${Date.now()}`;
+    const gatewayOrigin = window.location.protocol === "https:" ? window.location.origin : "http://54.116.29.247";
     const config = {
       platformID: 5,
-      apiAddr: apiAddr || "http://54.116.29.247/api/im",
-      wsAddr: wsAddr || "ws://54.116.29.247/msg_gateway",
+      apiAddr: apiAddr || `${gatewayOrigin}/api/im`,
+      wsAddr: wsAddr || `${gatewayOrigin.replace(/^http/, "ws")}/msg_gateway`,
       dataDir: "./",
       logLevel: 5,
       isLogStandardOutput: true,
@@ -268,8 +269,8 @@ await window.__deployTestResetBrowserStorage()
 await window.__deployTestManualInitDB()
 
 清理后按这个顺序重测：
-1. 关闭其它 http://54.116.29.247:5173 标签页
-2. 刷新页面
+1. 关闭其它 http://54.116.29.247:5173 / https://54.116.29.247 标签页
+2. 打开 https://54.116.29.247/ 并刷新页面（首次访问需接受自签名证书）
 3. 重新粘贴本脚本输出的整段 JS（刷新会清掉已安装的 probe）
 4. 再登录
 5. 观察 counts 是否从 0 变 1，以及 /var/log/nginx/openim-pc-proxy-access.log 是否出现 /msg_gateway

status.sh

@@ -55,11 +55,13 @@ echo ""
 echo -e "${BOLD}[ Nginx 网关（PC API / WebSocket）]${NC}"
 if command -v curl &>/dev/null && [[ -n "${PC_BACKEND_ORIGIN:-}" ]]; then
   PC_BACKEND_ORIGIN="${PC_BACKEND_ORIGIN%/}"
-  if curl -fsS --max-time 3 "${PC_BACKEND_ORIGIN}/nginx-health" >/dev/null 2>&1; then
+  curl_tls=()
+  [[ "$PC_BACKEND_ORIGIN" == https://* ]] && curl_tls=(-k)
+  if curl "${curl_tls[@]}" -fsS --max-time 3 "${PC_BACKEND_ORIGIN}/nginx-health" >/dev/null 2>&1; then
     printf "  ${GREEN}●${NC} %-14s %s\n" "nginx-health" "${PC_BACKEND_ORIGIN}/nginx-health"
   else
     printf "  ${RED}○${NC} %-14s %s\n" "nginx-health" "${PC_BACKEND_ORIGIN}/nginx-health 不可达"
-    echo "      请执行: sudo ./deploy-test/00-init-tools.sh nginx，并确认安全组/防火墙放行 TCP 80"
+    echo "      请执行: sudo ./deploy-test/00-init-tools.sh nginx，并确认安全组/防火墙放行 TCP 80/443"
   fi
   gateway_host=$(printf '%s' "$PC_BACKEND_ORIGIN" | sed -E 's#^https?://([^/]+).*#\1#')
   if [[ "$PC_BACKEND_ORIGIN" == https://* ]]; then
@@ -72,6 +74,9 @@ if command -v curl &>/dev/null && [[ -n "${PC_BACKEND_ORIGIN:-}" ]]; then
   echo "      PC Chat API:  ${PC_VITE_CHAT_URL:-${PC_BACKEND_ORIGIN}/api/chat}"
   echo "      PC Admin API: ${PC_VITE_ADMIN_URL:-${PC_BACKEND_ORIGIN}/api/admin}"
   echo "      PC WebSocket: ${PC_VITE_WS_URL:-$default_ws_url}"
+  if [[ "$PC_BACKEND_ORIGIN" == https://* ]]; then
+    echo "      PC 页面入口:  ${PC_BACKEND_ORIGIN}/  (HTTPS + COOP/COEP，首次访问需接受自签名证书)"
+  fi
   echo "      Nginx 日志:   /var/log/nginx/openim-pc-proxy-access.log"
   pc_probe_msg_gateway "$PC_BACKEND_ORIGIN"
 else