im-group/deploy-test
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
vet
2026-04-14 15:20:00 +07:00
parent 3332ec541a
commit 4ce37703b3
8 changed files with 192 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
nginx/openim-pc-proxy.conf
View File

@@ -1,10 +1,10 @@
# OpenIM / PC 客户端统一入口HTTP :80
# OpenIM / PC 客户端统一入口HTTP :80 / HTTPS :443
# 后端均为本机 deploy-test 单机进程openim-server、chat-api
#
# 安装:在测试服务器上以 root 执行
# sudo ./deploy-test/00-init-tools.sh nginx
#
# 安全组 / 防火墙须放行 TCP 80后端 10001/10002/10008 仅需本机访问127.0.0.1
# 安全组 / 防火墙须放行 TCP 80/443;后端 10001/10002/10008 仅需本机访问127.0.0.1
#
# CORSchat-api:10008与 openim:10001/:10002已在应用内通过 openimsdk/tools/mw.CorsHandler
# 返回 Access-Control-Allow-Origin: *。若在此再用 add_header 追加 $http_origin浏览器会收到
@@ -114,3 +114,103 @@ server {
return 200 "ok\n";
}
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
ssl_certificate /etc/nginx/ssl/openim-pc-proxy-selfsigned.crt;
ssl_certificate_key /etc/nginx/ssl/openim-pc-proxy-selfsigned.key;
client_max_body_size 100m;
access_log /var/log/nginx/openim-pc-proxy-access.log openim_pc_gateway;
error_log /var/log/nginx/openim-pc-proxy-error.log warn;
# OpenIM WASM DB worker 使用 SharedArrayBuffer / Atomics公网 IP 下请通过 HTTPS + 跨源隔离访问。
add_header Cross-Origin-Opener-Policy same-origin always;
add_header Cross-Origin-Embedder-Policy require-corp always;
location /api/im/ {
proxy_pass http://127.0.0.1:10002/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
location /api/user/ {
proxy_pass http://127.0.0.1:10008/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
location /api/chat/ {
proxy_pass http://127.0.0.1:10008/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
location /api/admin/ {
proxy_pass http://127.0.0.1:10009/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
location ^~ /msg_gateway {
proxy_pass http://127.0.0.1:10001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_buffering off;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
location = /nginx-health {
access_log off;
default_type text/plain;
return 200 "ok\n";
}
# PC Vite dev server. Use https://<IP>/ instead of http://<IP>:5173/ for WASM DB worker.
location / {
proxy_pass http://127.0.0.1:5173;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_buffering off;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
}