Compare commits
2 Commits
62aa15f171
...
6c30dddbbe
| Author | SHA1 | Date | |
|---|---|---|---|
|
6c30dddbbe | ||
|
|
2e0af83599 |
@@ -124,8 +124,10 @@ _start_fe() {
|
||||
fi
|
||||
|
||||
info "启动 ${BOLD}$name${NC} ..."
|
||||
if [[ "$name" == "pc" ]] && [[ -n "${PC_BACKEND_ORIGIN:-}" ]]; then
|
||||
info " pc 后端 PC_BACKEND_ORIGIN=${PC_BACKEND_ORIGIN}(注入 VITE_*,不写 pc 目录)"
|
||||
if [[ "$name" == "pc" ]]; then
|
||||
pc_export_vite_backend_env
|
||||
pc_print_vite_backend_env
|
||||
pc_check_nginx_gateway
|
||||
fi
|
||||
|
||||
# 写日志分隔符
|
||||
|
||||
31
common.sh
31
common.sh
@@ -247,3 +247,34 @@ pc_export_vite_backend_env() {
|
||||
export VITE_WS_URL="${PC_VITE_WS_URL:-wss://${host}/msg_gateway}"
|
||||
fi
|
||||
}
|
||||
|
||||
pc_print_vite_backend_env() {
|
||||
if [[ -z "${PC_BACKEND_ORIGIN:-}" ]]; then
|
||||
warn " pc 未设置 PC_BACKEND_ORIGIN,将使用 pc/.env 或代码默认地址;WebSocket 可能连错环境"
|
||||
return 0
|
||||
fi
|
||||
|
||||
info " pc 后端 PC_BACKEND_ORIGIN=${PC_BACKEND_ORIGIN}(注入 VITE_*,不写 pc 目录)"
|
||||
info " VITE_API_URL=${VITE_API_URL:-<empty>}"
|
||||
info " VITE_WS_URL=${VITE_WS_URL:-<empty>}"
|
||||
info " VITE_CHAT_URL=${VITE_CHAT_URL:-<empty>}"
|
||||
info " VITE_USER_URL=${VITE_USER_URL:-<empty>}"
|
||||
}
|
||||
|
||||
pc_check_nginx_gateway() {
|
||||
local o="${PC_BACKEND_ORIGIN:-}"
|
||||
o="${o%/}"
|
||||
[[ -z "$o" ]] && return 0
|
||||
|
||||
if ! command -v curl &>/dev/null; then
|
||||
warn " 未安装 curl,跳过 Nginx 网关检查;请手动访问 ${o}/nginx-health"
|
||||
return 0
|
||||
fi
|
||||
|
||||
if curl -fsS --max-time 3 "${o}/nginx-health" >/dev/null 2>&1; then
|
||||
success " Nginx 网关可达: ${o}/nginx-health"
|
||||
else
|
||||
warn " Nginx 网关不可达: ${o}/nginx-health"
|
||||
warn " PC WebSocket 默认连 ${VITE_WS_URL:-ws://<host>/msg_gateway};请确认已执行 sudo ./deploy-test/00-init-tools.sh nginx,并放行 TCP 80"
|
||||
fi
|
||||
}
|
||||
|
||||
@@ -6,12 +6,18 @@
|
||||
#
|
||||
# 安全组 / 防火墙须放行 TCP 80;后端 10001/10002/10008 仅需本机访问(127.0.0.1)
|
||||
#
|
||||
# CORS:Vite 开发服在 :5173,API 经 :80 反代,浏览器视为跨域,需在此返回允许头并处理 OPTIONS 预检
|
||||
# chat-api / openim 等上游若自带 Access-Control-Allow-Origin(如 *),会与下方 add_header 合并成多个值导致浏览器报错,故用 proxy_hide_header 剥掉上游 CORS
|
||||
# CORS:chat-api(:10008)与 openim(:10001/:10002)已在应用内通过 openimsdk/tools/mw.CorsHandler
|
||||
# 返回 Access-Control-Allow-Origin: *。若在此再用 add_header 追加 $http_origin,浏览器会收到
|
||||
# 「*, http://IP:5173」两个值并报错。故本配置不在 Nginx 层添加 CORS,预检 OPTIONS 也交给上游处理。
|
||||
#
|
||||
# default_server:纯 IP 访问 http://x.x.x.x/ 时命中本 server(不做 CMS 静态站,仅 API 网关)
|
||||
# CMS 开发请用 http://IP:8001(UMI dev)
|
||||
|
||||
map $http_upgrade $connection_upgrade {
|
||||
default upgrade;
|
||||
'' close;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
@@ -28,14 +34,6 @@ server {
|
||||
|
||||
# OpenIM HTTP API → openim-server :10002
|
||||
location /api/im/ {
|
||||
if ($request_method = OPTIONS) {
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
|
||||
add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
|
||||
add_header Access-Control-Max-Age 86400 always;
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
proxy_pass http://127.0.0.1:10002/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host $host;
|
||||
@@ -44,26 +42,10 @@ server {
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_read_timeout 300s;
|
||||
proxy_send_timeout 300s;
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
proxy_hide_header Access-Control-Allow-Credentials;
|
||||
proxy_hide_header Access-Control-Allow-Methods;
|
||||
proxy_hide_header Access-Control-Allow-Headers;
|
||||
proxy_hide_header Access-Control-Expose-Headers;
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
|
||||
add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
|
||||
}
|
||||
|
||||
# 用户 / 登录相关 → chat-api :10008(与 im-cms-nginx 一致)
|
||||
location /api/user/ {
|
||||
if ($request_method = OPTIONS) {
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
|
||||
add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
|
||||
add_header Access-Control-Max-Age 86400 always;
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
proxy_pass http://127.0.0.1:10008/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host $host;
|
||||
@@ -72,26 +54,10 @@ server {
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_read_timeout 300s;
|
||||
proxy_send_timeout 300s;
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
proxy_hide_header Access-Control-Allow-Credentials;
|
||||
proxy_hide_header Access-Control-Allow-Methods;
|
||||
proxy_hide_header Access-Control-Allow-Headers;
|
||||
proxy_hide_header Access-Control-Expose-Headers;
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
|
||||
add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
|
||||
}
|
||||
|
||||
# Chat API → chat-api :10008
|
||||
location /api/chat/ {
|
||||
if ($request_method = OPTIONS) {
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
|
||||
add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
|
||||
add_header Access-Control-Max-Age 86400 always;
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
proxy_pass http://127.0.0.1:10008/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host $host;
|
||||
@@ -100,31 +66,17 @@ server {
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_read_timeout 300s;
|
||||
proxy_send_timeout 300s;
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
proxy_hide_header Access-Control-Allow-Credentials;
|
||||
proxy_hide_header Access-Control-Allow-Methods;
|
||||
proxy_hide_header Access-Control-Allow-Headers;
|
||||
proxy_hide_header Access-Control-Expose-Headers;
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
|
||||
add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
|
||||
}
|
||||
|
||||
# MsgGateway WebSocket → openim-server :10001
|
||||
location /msg_gateway {
|
||||
if ($request_method = OPTIONS) {
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
|
||||
add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,Upgrade,Connection,Sec-WebSocket-Key,Sec-WebSocket-Version,Sec-WebSocket-Protocol,Sec-WebSocket-Extensions" always;
|
||||
add_header Access-Control-Max-Age 86400 always;
|
||||
add_header Content-Length 0;
|
||||
return 204;
|
||||
}
|
||||
location ^~ /msg_gateway {
|
||||
proxy_pass http://127.0.0.1:10001;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Port $server_port;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
@@ -132,12 +84,6 @@ server {
|
||||
proxy_buffering off;
|
||||
proxy_read_timeout 86400s;
|
||||
proxy_send_timeout 86400s;
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
proxy_hide_header Access-Control-Allow-Credentials;
|
||||
proxy_hide_header Access-Control-Allow-Methods;
|
||||
proxy_hide_header Access-Control-Allow-Headers;
|
||||
proxy_hide_header Access-Control-Expose-Headers;
|
||||
add_header Access-Control-Allow-Origin $http_origin always;
|
||||
}
|
||||
|
||||
# 可选:健康检查
|
||||
|
||||
53
status.sh
53
status.sh
@@ -9,7 +9,12 @@
|
||||
# =============================================================================
|
||||
set -euo pipefail
|
||||
source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh"
|
||||
load_env 2>/dev/null || true
|
||||
if [[ -f "$ENV_FILE" ]]; then
|
||||
set -a
|
||||
# shellcheck source=/dev/null
|
||||
source "$ENV_FILE"
|
||||
set +a
|
||||
fi
|
||||
|
||||
header "服务运行状态"
|
||||
|
||||
@@ -45,24 +50,50 @@ print_svc_status "livecloud" ":8080"
|
||||
print_svc_status "livestream" ":8888"
|
||||
print_svc_status "build-server" ":8281"
|
||||
|
||||
# ── Nginx API / WebSocket 网关 ─────────────────────────────────────────────────
|
||||
echo ""
|
||||
echo -e "${BOLD}[ Nginx 网关(PC API / WebSocket)]${NC}"
|
||||
if command -v curl &>/dev/null && [[ -n "${PC_BACKEND_ORIGIN:-}" ]]; then
|
||||
PC_BACKEND_ORIGIN="${PC_BACKEND_ORIGIN%/}"
|
||||
if curl -fsS --max-time 3 "${PC_BACKEND_ORIGIN}/nginx-health" >/dev/null 2>&1; then
|
||||
printf " ${GREEN}●${NC} %-14s %s\n" "nginx-health" "${PC_BACKEND_ORIGIN}/nginx-health"
|
||||
else
|
||||
printf " ${RED}○${NC} %-14s %s\n" "nginx-health" "${PC_BACKEND_ORIGIN}/nginx-health 不可达"
|
||||
echo " 请执行: sudo ./deploy-test/00-init-tools.sh nginx,并确认安全组/防火墙放行 TCP 80"
|
||||
fi
|
||||
gateway_host=$(printf '%s' "$PC_BACKEND_ORIGIN" | sed -E 's#^https?://([^/]+).*#\1#')
|
||||
if [[ "$PC_BACKEND_ORIGIN" == https://* ]]; then
|
||||
default_ws_url="wss://${gateway_host}/msg_gateway"
|
||||
else
|
||||
default_ws_url="ws://${gateway_host}/msg_gateway"
|
||||
fi
|
||||
echo " PC WebSocket: ${PC_VITE_WS_URL:-$default_ws_url}"
|
||||
else
|
||||
printf " ${YELLOW}○${NC} %-14s %s\n" "nginx-health" "跳过(未安装 curl 或未设置 PC_BACKEND_ORIGIN)"
|
||||
fi
|
||||
|
||||
# ── 前端服务 ─────────────────────────────────────────────────────────────────
|
||||
echo ""
|
||||
echo -e "${BOLD}[ 前端开发服务器 ]${NC}"
|
||||
declare -A FE_PORT_MAP=(
|
||||
[pc]="5173 (yarn dev:web)"
|
||||
[meetingh5]="5188"
|
||||
[h5]="3003"
|
||||
[cms]="8001"
|
||||
[build-cms]="8002"
|
||||
[build-down]="8003"
|
||||
)
|
||||
fe_port_desc() {
|
||||
case "$1" in
|
||||
pc) echo "5173 (yarn dev:web)" ;;
|
||||
meetingh5) echo "5188" ;;
|
||||
h5) echo "3003" ;;
|
||||
cms) echo "8001" ;;
|
||||
build-cms) echo "8002" ;;
|
||||
build-down) echo "8003" ;;
|
||||
*) echo "?" ;;
|
||||
esac
|
||||
}
|
||||
for fe in pc meetingh5 h5 cms build-cms build-down; do
|
||||
pidfile="$PID_DIR/fe-${fe}.pid"
|
||||
logfile="$LOG_DIR/fe-${fe}.log"
|
||||
port_desc="$(fe_port_desc "$fe")"
|
||||
if [[ -f "$pidfile" ]] && kill -0 "$(cat "$pidfile")" 2>/dev/null; then
|
||||
printf " ${GREEN}●${NC} %-14s PID=%-7s :%s\n" "$fe" "$(cat "$pidfile")" "${FE_PORT_MAP[$fe]}"
|
||||
printf " ${GREEN}●${NC} %-14s PID=%-7s :%s\n" "$fe" "$(cat "$pidfile")" "$port_desc"
|
||||
else
|
||||
printf " ${RED}○${NC} %-14s 未运行 :%s\n" "$fe" "${FE_PORT_MAP[$fe]}"
|
||||
printf " ${RED}○${NC} %-14s 未运行 :%s\n" "$fe" "$port_desc"
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
Reference in New Issue
Block a user