diff --git a/.idea/vcs.xml b/.idea/vcs.xml index 1edb162..35eb1dd 100644 --- a/.idea/vcs.xml +++ b/.idea/vcs.xml @@ -2,7 +2,5 @@ - - \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 7b016a8..0000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "java.compile.nullAnalysis.mode": "automatic" -} \ No newline at end of file diff --git a/nginxdashuju/Dockerfile.nginx b/nginxdashuju/Dockerfile.nginx new file mode 100644 index 0000000..41b0394 --- /dev/null +++ b/nginxdashuju/Dockerfile.nginx @@ -0,0 +1,40 @@ +FROM nginx:latest + +# 删除默认的nginx配置 +RUN rm -rf /etc/nginx/conf.d/* + +# 每增加一个前端项目,需要在这里添加一个临时目录,并复制文件;Dockerfile.nginx 中也要添加一个COPY命令 +# 创建目标目录 +RUN mkdir -p /data/tuoheng_airport_web/dist +RUN mkdir -p /data/tuoheng_hhz_web/dist +RUN mkdir -p /data/tuoheng_business_web/dist + +# 创建视频录制和图片的地址 +RUN mkdir -p /data/recording +RUN mkdir -p /data/srs + +# 复制temp_vhosts配置到nginx配置目录 +COPY temp_vhosts/ /etc/nginx/conf.d/ + +# 复制SSL证书文件到nginx目录 +COPY vhosts/cert/t-aaron.com.pem /etc/nginx/t-aaron.com.pem +COPY vhosts/cert/t-aaron.com.key /etc/nginx/t-aaron.com.key + +# 每增加一个前端项目,需要在这里添加一个临时目录,并复制文件;Dockerfile.nginx 中也要添加一个COPY命令 +# 复制 AIRPORT_WEB_DIST 目录下的文件到容器中 +COPY airport_web_dist/ /data/tuoheng_airport_web/dist/ +COPY hhz_admin_web_dist/ /data/tuoheng_hhz_web/dist/ +COPY business_web_dist/ /data/tuoheng_business_web/dist/ + +# 设置正确的权限 +RUN chmod 644 /etc/nginx/t-aaron.com.pem /etc/nginx/t-aaron.com.key && \ + chmod -R 755 /data/tuoheng_airport_web/dist + +# 设置时区 +ENV TZ=Asia/Shanghai + +# 暴露端口 +EXPOSE 80 443 + +# 启动nginx +CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/nginxdashuju/build.sh b/nginxdashuju/build.sh new file mode 100755 index 0000000..8d9254c --- /dev/null +++ b/nginxdashuju/build.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# 这个脚本现在只是一个包装器,调用两个新脚本 + +echo "步骤1: 替换配置文件中的环境变量..." +./replace_vars.sh + +# 检查替换结果是否成功 +if [ $? -ne 0 ]; then + echo "错误: 变量替换失败,中止构建" + exit 1 +fi + +#echo "" +echo "变量替换已完成,请检查 temp_vhosts/ 目录中的文件" +#echo "确认替换结果无误后,按回车键继续构建镜像,或按Ctrl+C取消" +#read -p "" + +echo "" +echo "步骤2: 构建Nginx镜像..." +echo "注意: SSL证书文件将从vhosts/cert/目录复制到镜像中的/etc/nginx/目录" +./build_image.sh diff --git a/nginxdashuju/build_image.sh b/nginxdashuju/build_image.sh new file mode 100755 index 0000000..8ea4638 --- /dev/null +++ b/nginxdashuju/build_image.sh @@ -0,0 +1,92 @@ +#!/bin/bash + +# 加载环境变量 +source ../environment.sh + +# 设置Nginx镜像名称(如果环境变量中未定义) +if [ -z "${NGINX_IMAGE}" ]; then + export NGINX_IMAGE="${REGISTRY_HOST}nginx:${DOMAIN}" +fi + +echo "开始构建Nginx镜像: ${NGINX_IMAGE}" + +# 检查临时目录是否存在 +TEMP_DIR="temp_vhosts" +if [ ! -d "$TEMP_DIR" ]; then + echo "错误: $TEMP_DIR 目录不存在! 请先运行 replace_vars.sh 脚本" + exit 1 +fi + +# 检查临时目录中是否有配置文件 +if [ -z "$(ls -A $TEMP_DIR)" ]; then + echo "警告: $TEMP_DIR 目录为空,将使用空配置构建镜像" +fi + +# 检查SSL证书文件是否存在 +if [ ! -f "vhosts/cert/t-aaron.com.pem" ] || [ ! -f "vhosts/cert/t-aaron.com.key" ]; then + echo "警告: SSL证书文件不存在于vhosts/cert/目录中" + echo "预期的证书文件位置: vhosts/cert/t-aaron.com.pem 和 vhosts/cert/t-aaron.com.key" + echo "Nginx容器的SSL功能可能无法正常工作" +fi + +# 检查 AIRPORT_WEB_DIST 目录是否存在 +if [ -z "${AIRPORT_WEB_DIST}" ]; then + echo "错误: AIRPORT_WEB_DIST 环境变量未设置!" + exit 1 +fi + +if [ ! -d "${AIRPORT_WEB_DIST}" ]; then + echo "错误: AIRPORT_WEB_DIST 目录不存在: ${AIRPORT_WEB_DIST}" + exit 1 +fi + +if [ ! -d "${HHZ_ADMIN_WEB_DIST}" ]; then + echo "错误: HHZ_ADMIN_WEB_DIST 目录不存在: ${HHZ_ADMIN_WEB_DIST}" + exit 1 +fi + +# 每增加一个前端项目,需要在这里添加一个临时目录,并复制文件;Dockerfile.nginx 中也要添加一个COPY命令 +echo "创建临时目录并复制 AIRPORT_WEB_DIST 文件..." +rm -rf airport_web_dist +mkdir -p airport_web_dist +cp -r "${AIRPORT_WEB_DIST}"/* airport_web_dist/ + +rm -rf hhz_admin_web_dist +mkdir -p hhz_admin_web_dist +cp -r "${HHZ_ADMIN_WEB_DIST}"/* hhz_admin_web_dist/ + +rm -rf business_web_dist +mkdir -p business_web_dist +cp -r "${BUSINESS_WEB_DIST}"/* business_web_dist/ + + + +# 构建Docker镜像 +echo "使用Dockerfile.nginx构建镜像..." +docker build -t ${NGINX_IMAGE} -f Dockerfile.nginx . + +# 清理临时目录 +rm -rf airport_web_dist +rm -rf hhz_admin_web_dist + +# 检查构建结果 +if [ $? -eq 0 ]; then + echo "Nginx镜像构建成功: ${NGINX_IMAGE}" + + # 推送到镜像仓库(如果需要) + echo "推送镜像到仓库: ${NGINX_IMAGE}" + docker push ${NGINX_IMAGE} + + if [ $? -eq 0 ]; then + echo "镜像推送成功!" + else + echo "警告: 镜像推送失败!" + fi +else + echo "错误: Nginx镜像构建失败!" + exit 1 +fi + +echo "Nginx镜像构建和推送完成!" +echo "SSL证书已被包含在镜像中,位于/etc/nginx/目录下" +echo "AIRPORT_WEB_DIST 文件已被复制到镜像中的 /data/tuoheng_airport_web/dist 目录" \ No newline at end of file diff --git a/nginxdashuju/replace_vars.sh b/nginxdashuju/replace_vars.sh new file mode 100755 index 0000000..29bca22 --- /dev/null +++ b/nginxdashuju/replace_vars.sh @@ -0,0 +1,68 @@ +#!/bin/bash + +# 加载环境变量 +source ../environment.sh + +echo "开始替换配置文件中的环境变量..." + +# 检查vhosts目录是否存在 +if [ ! -d "vhosts" ]; then + echo "错误: vhosts目录不存在!" + exit 1 +fi + +# 检查vhosts目录中是否有配置文件 +if [ -z "$(ls -A vhosts/*.conf 2>/dev/null)" ]; then + echo "警告: vhosts目录中没有.conf文件,没有配置文件需要处理" + exit 0 +fi + +# 创建临时目录 +TEMP_DIR="temp_vhosts" +rm -rf $TEMP_DIR +mkdir -p $TEMP_DIR + +# 处理所有.conf文件,替换环境变量,跳过cert目录 +for conf_file in vhosts/*.conf; do + # 检查文件是否存在(处理无匹配文件的情况) + if [ ! -f "$conf_file" ]; then + continue + fi + + # 跳过cert目录中的文件 + if [[ "$conf_file" == *"/cert/"* ]]; then + continue + fi + + filename=$(basename "$conf_file") + echo "处理文件: $filename" + + # 读取原始文件内容 + content=$(cat "$conf_file") + + # 获取environment.sh中所有环境变量 + env_vars=$(grep -E "^export [A-Z_]+" ../environment.sh | sed 's/export //') + + # 逐个替换环境变量 + for var in $env_vars; do + var_name=$(echo $var | cut -d= -f1) + var_value=${!var_name} + if [ ! -z "$var_value" ]; then + # 使用更安全的变量替换方法 + pattern="\\\${$var_name}" + + # 转义特殊字符 + escaped_value=$(echo "$var_value" | sed 's/[\/&]/\\&/g') + echo " 替换变量: ${pattern} -> $var_value" + content=$(echo "$content" | sed "s|${pattern}|${escaped_value}|g") + fi + done + + # 写入处理后的内容到临时文件 + echo "$content" > "$TEMP_DIR/$filename" + + echo " 文件处理完成: $filename" +done + +echo "环境变量替换完成! 替换后的文件位于 $TEMP_DIR/ 目录" +echo "请检查替换结果,确认无误后运行 build_image.sh 构建镜像" \ No newline at end of file diff --git a/nginxdashuju/vhosts/airport.conf b/nginxdashuju/vhosts/airport.conf new file mode 100644 index 0000000..6162d91 --- /dev/null +++ b/nginxdashuju/vhosts/airport.conf @@ -0,0 +1,50 @@ + server + { + listen 80; + listen 443 ssl; + server_name ${AIRPORT_DOMAIN}; + root /data/tuoheng_airport_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + proxy_redirect http://${AIRPORT_DOMAIN} https://${AIRPORT_DOMAIN_FULL}; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /airport { + proxy_pass http://gatewayService/airport; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://airportService/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } \ No newline at end of file diff --git a/nginxdashuju/vhosts/cert/t-aaron.com.key b/nginxdashuju/vhosts/cert/t-aaron.com.key new file mode 100644 index 0000000..4e726ee --- /dev/null +++ b/nginxdashuju/vhosts/cert/t-aaron.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAl20i2WRVBqF9NkDTAhen86bl10pGrmyEHrsBXIt/DZgtXjJB +A4xwkq2vsA5axj4b+CV9zXAsWDqfo0l+PHkcyoAj3LrTf23mkQLTd3i4B1JYTYeK +vyq6kqkbTkEpG8qK4bJKDewEiF+vBLiq6bzUfSXIqBeNJuh1kG+rKOTxUvsy+89r +4QYm9zo8vZlY2/nkE4JYBrcdrgRO1+bsAIPKWR403Bz5jzKLx+TxqQykd4K1f3Mc +z0U5CcR8wgVTzzywKbv2R+kX7CPHSh60x2MdFO41c5y2HZJF3NNqBYD6WJGhKsV7 ++NvlMLgIdqQkMzxKc/JdtkHjdOK84Z+z9mNoPwIDAQABAoIBADOLLqWZBWgwaBKj +li/MJZtGYE4cNlsBDSf4t8nsod7awfaiXIb8swT6oibne/anBZY+DMh1OmL98YD/ +bzzebPJxE8P6xCtIGYea0qiEKwAzA2PAk3Xm8YMilOzaOUgAda3Fpnd+szxIdabB +xUuyvxGqXtb4zU9FKV9042oUJCD+YlqMSDhOUyt8agNcE9PpmzAOCQ36/845pCCt +0H2iXc2qrV0koz7SIK2TksWGav1kVb7KfEOzGg1vhHJRKrP9mODkgIAFNVrBbIYd +kUGaWCTqfuNGBxWSeV38XX5kKM5aHISB5gL4tjzrlkiMv4yBya7jTOWHHPK8ZTwL +q9Tb18ECgYEA0amJ/BCQl6HRTOXN0+4jjx1seKnJTlKAwBATGxYbhOHQ1kBUPslh +FwsG2Wcb46ccBnw8XwjSypDJJVOYCtdxlnDVqiCxQLdx06/JHOdYwb7zrmGpHLGs +chZ5ccGI10FolW7CC21xErAS+o2d+cc3s1yZZtiYD1xSjR9sblw+aekCgYEAuOSr +xK6NwbbSCYFWBHJ6257+Z0fzY79KPnhNK3E8q42ygSzn5KRuW4pfH6Kk3rLwcqkO +3NOJXOK5T8paCkBcvXmVcladuqeamGY17XKRG35XwiwyjQhFUTjQLO4ob6Cm1SA8 +yguL80Imauhkfq9jTvhaEYahrN+smcn+TSuFv+cCgYBV3kLmGn6tq5eGEARZjQnB +PoLDdH4+9qlGgA7jJA3HQZj/dr9KK7346wo2FfWlKjbfLRior3ttfRj0kaUOo6gg +vjuz/sm5wKf809zhWprOVv+EZvkVCGuhGjVI8sOxrVdBBGiyt3L8/WH4ffG6b+4P +JpipN4InoF8q7zjAhkUFqQKBgQCU1G136tJtBk7YG+YzujsvIjLCzGYc+tQ2qPvl +ZkdiCLORy6X2pG24/g9IFdIE+aEXiwJNu3Gs9UwZ8Fa+PcTpOD+WRCa/Iz8MQepS +8o/fw7m8sXsXj3rMwKDCKgseoADrOgH02YqUC8GE+QA8Ac48uSk3RlpKH9p+CNzN +HaWSLQKBgQDE362akbYJdFknNg631VvsUTK+hL953UaY8OvtTBhDKjRqUhuniLr2 +R+CLoCLezhjzzx/11luowbVbcL2hgYxdPwEi4GNKmfGqs/jtkm1PkWej/4jw3Pcj +Jq9Di+Vb9uTHp0O4ZlSZ3PKdn+ovTzVwrOPHmYXf5pLWIA5Qe0F1Wg== +-----END RSA PRIVATE KEY----- diff --git a/nginxdashuju/vhosts/cert/t-aaron.com.pem b/nginxdashuju/vhosts/cert/t-aaron.com.pem new file mode 100644 index 0000000..bf818de --- /dev/null +++ b/nginxdashuju/vhosts/cert/t-aaron.com.pem @@ -0,0 +1,76 @@ +-----BEGIN CERTIFICATE----- +MIIHljCCBX6gAwIBAgIQD49k2sFPkysTaVxmbXLLPDANBgkqhkiG9w0BAQsFADBc +MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT +K1JhcGlkU1NMIEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN +MjQwNTI4MDAwMDAwWhcNMjUwNjA4MjM1OTU5WjAYMRYwFAYDVQQDDA0qLnQtYWFy +b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl20i2WRVBqF9 +NkDTAhen86bl10pGrmyEHrsBXIt/DZgtXjJBA4xwkq2vsA5axj4b+CV9zXAsWDqf +o0l+PHkcyoAj3LrTf23mkQLTd3i4B1JYTYeKvyq6kqkbTkEpG8qK4bJKDewEiF+v +BLiq6bzUfSXIqBeNJuh1kG+rKOTxUvsy+89r4QYm9zo8vZlY2/nkE4JYBrcdrgRO +1+bsAIPKWR403Bz5jzKLx+TxqQykd4K1f3Mcz0U5CcR8wgVTzzywKbv2R+kX7CPH +Sh60x2MdFO41c5y2HZJF3NNqBYD6WJGhKsV7+NvlMLgIdqQkMzxKc/JdtkHjdOK8 +4Z+z9mNoPwIDAQABo4IDljCCA5IwHwYDVR0jBBgwFoAU8JyF/aKffY/JaLvV1IlN +Hb7TkP8wHQYDVR0OBBYEFHgfehJZw28iIU4o2GOiJ4ZSQQ7aMCUGA1UdEQQeMByC +DSoudC1hYXJvbi5jb22CC3QtYWFyb24uY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQIB +MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNV +HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNV +HR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9SYXBpZFNT +TEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0cDov +L2NybDQuZGlnaWNlcnQuY29tL1JhcGlkU1NMR2xvYmFsVExTUlNBNDA5NlNIQTI1 +NjIwMjJDQTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6 +Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMu +ZGlnaWNlcnQuY29tL1JhcGlkU1NMR2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJD +QTEuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1 +AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABj7400tYAAAQDAEYw +RAIgfnSKqPxcIM1n61Wj7v4Mg6q+okpcU3BF90SdbbhpBi0CIHVeKYRiODN3XLes +nVf5fyhTGnMOU6GrZfIODrB5gvO3AHcAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65 +Ay/ZDowuebgAAAGPvjTTFQAABAMASDBGAiEA2yVzWD3eRw/QGQX7jeULxvpFGMNG +ZvGT7srGeX02ax0CIQDvzHcl6J296wCVqWacf8KQo61uovh7td/PhKnYpyUiVAB2 +AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABj7400ycAAAQDAEcw +RQIgTkSIS1GXUtPuoTvVmdm57OCm1P2x4uPVQuo8LJN68w4CIQCvaSRtK63o2gUI +gmi4h2Ch/CzRE48Zr0Eu7TkOBwVsfzANBgkqhkiG9w0BAQsFAAOCAgEAA+ab0S21 +cgtoI2TUfCdPolQVV8no3YY3bQJzDZCpmva4dpYxSoQ7qTrOfIeUI3iyeKkaREGb +Xu6lAUhOvWZ7q/mp9od9pWJvPjbUmYT5OaWxhe3KiWmyo2TemABcCtOHe7v0qE5Y +arPmL4HgrhGAqpkWl1eZFQpfGdQ5ry0yCikDZz9umvasdbxuHKfJGPCAsyPqik0r +LmxnUYWOjCCNoSanDKj4ckdNkv/A9RXvazk/ZT1ElsBo/pK6eemiHmRNj3s6AWGO +chGlkHkuvkgCgNsXFT3pqK6uVrE4yD8qmxDPOOaT8wC1MB9xYO77SmMOimelacG6 +d3DsUXGvYdUONZF2LzSpUkzFYofhZhULexI6xOCWnp3t7aCzTJQc68F6iwU6JYGW +7l2AioXUW6Q4AYNlUEo0EG3u6g4H98xAW5YIVX3u9cT8ZerVfTTmO1AQkkMM98nH +bvFx4/53T9eCTB9OBwiqISFICNXJNKhUuudVKQ6w0AfrI6kMk6dkhO3kkhb0cL/F +nDAInqJ8BlMtV01owk2CaEica81WP/cjEDItnnjjJ5INUklraYfZFVgN71c78zr5 +rgF2DSQSsC+pPoqoloAC/YdiRw72kqaZlkXOaUgJBk2xJ73H27TriAPDmdtYA+Xd +vtfjp7o21OOXsORq6LHElFYlcJO+mDYGzz8= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFyzCCBLOgAwIBAgIQCgWbJfVLPYeUzGYxR3U4ozANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0yMjA1MDQwMDAwMDBaFw0zMTExMDkyMzU5NTlaMFwxCzAJBgNVBAYTAlVT +MRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE0MDIGA1UEAxMrUmFwaWRTU0wgR2xv +YmFsIFRMUyBSU0E0MDk2IFNIQTI1NiAyMDIyIENBMTCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBAKY5PJhwCX2UyBb1nelu9APen53D5+C40T+BOZfSFaB0 +v0WJM3BGMsuiHZX2IHtwnjUhLL25d8tgLASaUNHCBNKKUlUGRXGztuDIeXb48d64 +k7Gk7u7mMRSrj+yuLSWOKnK6OGKe9+s6oaVIjHXY+QX8p2I2S3uew0bW3BFpkeAr +LBCU25iqeaoLEOGIa09DVojd3qc/RKqr4P11173R+7Ub05YYhuIcSv8e0d7qN1sO +1+lfoNMVfV9WcqPABmOasNJ+ol0hAC2PTgRLy/VZo1L0HRMr6j8cbR7q0nKwdbn4 +Ar+ZMgCgCcG9zCMFsuXYl/rqobiyV+8U37dDScAebZTIF/xPEvHcmGi3xxH6g+dT +CjetOjJx8sdXUHKXGXC9ka33q7EzQIYlZISF7EkbT5dZHsO2DOMVLBdP1N1oUp0/ +1f6fc8uTDduELoKBRzTTZ6OOBVHeZyFZMMdi6tA5s/jxmb74lqH1+jQ6nTU2/Mma +hGNxUuJpyhUHezgBA6sto5lNeyqc+3Cr5ehFQzUuwNsJaWbDdQk1v7lqRaqOlYjn +iomOl36J5txTs0wL7etCeMRfyPsmc+8HmH77IYVMUOcPJb+0gNuSmAkvf5QXbgPI +Zursn/UYnP9obhNbHc/9LYdQkB7CXyX9mPexnDNO7pggNA2jpbEarLmZGi4grMmf +AgMBAAGjggGCMIIBfjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTwnIX9 +op99j8lou9XUiU0dvtOQ/zAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3R +VTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl +cnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v +RGlnaUNlcnRHbG9iYWxSb290Q0EuY3J0MEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6 +Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYD +VR0gBDYwNDALBglghkgBhv1sAgEwBwYFZ4EMAQEwCAYGZ4EMAQIBMAgGBmeBDAEC +AjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAfjh/s1f5dDdfm0sNm74/dW +MbbsxfYV1LoTpFt+3MSUWvSbiPQfUkoV57b5rutRJvnPP9mSlpFwcZ3e1nSUbi2o +ITGA7RCOj23I1F4zk0YJm42qAwJIqOVenR3XtyQ2VR82qhC6xslxtNf7f2Ndx2G7 +Mem4wpFhyPDT2P6UJ2MnrD+FC//ZKH5/ERo96ghz8VqNlmL5RXo8Ks9rMr/Ad9xw +Y4hyRvAz5920myUffwdUqc0SvPlFnahsZg15uT5HkK48tHR0TLuLH8aRpzh4KJ/Y +p0sARNb+9i1R4Fg5zPNvHs2BbIve0vkwxAy+R4727qYzl3027w9jEFC6HMXRaDc= +-----END CERTIFICATE----- diff --git a/nginxdashuju/vhosts/consul.conf b/nginxdashuju/vhosts/consul.conf new file mode 100644 index 0000000..de3b93c --- /dev/null +++ b/nginxdashuju/vhosts/consul.conf @@ -0,0 +1,21 @@ + +server { + listen 80; + listen 443 ssl; + server_name ${CONSUL_DOMAIN}; + + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_pass http://${CONSUL_NAME}:8500; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} diff --git a/nginxdashuju/vhosts/minio.conf b/nginxdashuju/vhosts/minio.conf new file mode 100644 index 0000000..4186d3a --- /dev/null +++ b/nginxdashuju/vhosts/minio.conf @@ -0,0 +1,30 @@ +server { + listen 80; + listen 443 ssl; + server_name ${MINIO_DOMAIN}; + client_max_body_size 2g; + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://${MINIO_NAME}:9000; + } + + location /ta-tech-image/DJIimage { + add_header Content-Disposition 'attachment; filename="$arg_filename"'; + add_header x-oss-force-download 'true'; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://${MINIO_NAME}:9000; + } + + +} diff --git a/nginxdashuju/vhosts/minioconsole.conf b/nginxdashuju/vhosts/minioconsole.conf new file mode 100644 index 0000000..5237eaa --- /dev/null +++ b/nginxdashuju/vhosts/minioconsole.conf @@ -0,0 +1,20 @@ + +server { + listen 80; + listen 443 ssl; + server_name ${MINIO_CONSOLE_DOMAIN}; + + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://${MINIO_NAME}:9001; + } +} diff --git a/nginxdashuju/vhosts/oidcservice.conf b/nginxdashuju/vhosts/oidcservice.conf new file mode 100644 index 0000000..457b4f9 --- /dev/null +++ b/nginxdashuju/vhosts/oidcservice.conf @@ -0,0 +1,24 @@ +server { + listen 80; + listen 443 ssl; + server_name ${OIDC_SERVER_DOMAIN}; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_pass http://${OIDC_SERVER_NAME}:8090; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # 只添加这一行来修复重定向 + proxy_redirect http://${OIDC_SERVER_DOMAIN} https://${OIDC_DOMAIN_FULL}; + } +} diff --git a/nginxdashuju/vhosts/srs.conf b/nginxdashuju/vhosts/srs.conf new file mode 100644 index 0000000..d3758da --- /dev/null +++ b/nginxdashuju/vhosts/srs.conf @@ -0,0 +1,40 @@ +server { + listen 80; + listen 443 ssl; + server_name ${SRS_DOMAIN}; + client_max_body_size 2g; + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://${SRS_NAME}:8080; + } + + location /recording/ { + alias /data/recording/; + autoindex on; + autoindex_exact_size off; + autoindex_localtime on; + charset utf-8; + + # 允许所有文件类型访问 + include mime.types; + default_type application/octet-stream; + + # 添加一些基本的访问控制 + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Methods' 'GET, HEAD'; + + # 配置文件下载时的行为 + if ($request_filename ~* ^.*?\.(txt|doc|pdf|rar|gz|zip|docx|exe|xlsx|ppt|pptx|jpg|jpeg|png|gif|svg|mp3|mp4|wav|avi|mov|wmv|flv|mkv)$) { + add_header Content-Disposition 'attachment'; + } + } +} diff --git a/nginxdashuju/vhosts/upstream.conf b/nginxdashuju/vhosts/upstream.conf new file mode 100644 index 0000000..512a7c8 --- /dev/null +++ b/nginxdashuju/vhosts/upstream.conf @@ -0,0 +1,11 @@ +upstream gatewayService { + server ${GATEWAY_NAME}:7011; +} + +upstream airportService { + server ${AIRPORT_NAME}:9060; +} + +upstream businessService { + server ${BUSINESS_NAME}:9260; +} diff --git a/nginxdashuju/vhosts/xxljob.conf b/nginxdashuju/vhosts/xxljob.conf new file mode 100644 index 0000000..ac03608 --- /dev/null +++ b/nginxdashuju/vhosts/xxljob.conf @@ -0,0 +1,21 @@ +server { + listen 80; + listen 443 ssl; + server_name ${XXLJOB_DOMAIN}; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + location / { + proxy_pass http://${XXLJOB_NAME}:8080; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} + diff --git a/streamTest/player.html b/streamTest/player.html deleted file mode 100644 index 4760855..0000000 --- a/streamTest/player.html +++ /dev/null @@ -1,104 +0,0 @@ - - - - - - 视频播放器 - - - -
-

视频播放器

-
- -
-
- - - - -
-
- - - - \ No newline at end of file diff --git a/temp b/temp deleted file mode 100644 index c31bf7f..0000000 --- a/temp +++ /dev/null @@ -1 +0,0 @@ -帮我更新2.mysql.sh中的脚本,在环境中创建一个mysql的容器,需要在上面指定的网络中,root密码通过环境变量指定,映射到主机的端口也通过 \ No newline at end of file