sunpeng
/
docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

调度

This commit is contained in:
孙小云 2025-06-05 09:21:59 +08:00
parent 13b8a74717
commit e4826b7760
14 changed files with 541 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
nginxbazhong/Dockerfile.nginx Normal file
View File

@ -0,0 +1,40 @@
FROM nginx:latest
# 删除默认的nginx配置
RUN rm -rf /etc/nginx/conf.d/*
# 每增加一个前端项目需要在这里添加一个临时目录并复制文件Dockerfile.nginx 中也要添加一个COPY命令
# 创建目标目录
RUN mkdir -p /data/tuoheng_airport_web/dist
RUN mkdir -p /data/tuoheng_hhz_web/dist
RUN mkdir -p /data/tuoheng_business_web/dist
# 创建视频录制和图片的地址
RUN mkdir -p /data/recording
RUN mkdir -p /data/srs
# 复制temp_vhosts配置到nginx配置目录
COPY temp_vhosts/ /etc/nginx/conf.d/
# 复制SSL证书文件到nginx目录
COPY vhosts/cert/t-aaron.com.pem /etc/nginx/t-aaron.com.pem
COPY vhosts/cert/t-aaron.com.key /etc/nginx/t-aaron.com.key
# 每增加一个前端项目需要在这里添加一个临时目录并复制文件Dockerfile.nginx 中也要添加一个COPY命令
# 复制 AIRPORT_WEB_DIST 目录下的文件到容器中
COPY airport_web_dist/ /data/tuoheng_airport_web/dist/
COPY hhz_admin_web_dist/ /data/tuoheng_hhz_web/dist/
COPY business_web_dist/ /data/tuoheng_business_web/dist/
# 设置正确的权限
RUN chmod 644 /etc/nginx/t-aaron.com.pem /etc/nginx/t-aaron.com.key && \
chmod -R 755 /data/tuoheng_airport_web/dist
# 设置时区
ENV TZ=Asia/Shanghai
# 暴露端口
EXPOSE 80 443
# 启动nginx
CMD ["nginx", "-g", "daemon off;"]

22
nginxbazhong/build.sh Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
# 这个脚本现在只是一个包装器,调用两个新脚本
echo "步骤1: 替换配置文件中的环境变量..."
./replace_vars.sh
# 检查替换结果是否成功
if [ $? -ne 0 ]; then
echo "错误: 变量替换失败,中止构建"
exit 1
fi
#echo ""
echo "变量替换已完成,请检查 temp_vhosts/ 目录中的文件"
#echo "确认替换结果无误后按回车键继续构建镜像或按Ctrl+C取消"
#read -p ""
echo ""
echo "步骤2: 构建Nginx镜像..."
echo "注意: SSL证书文件将从vhosts/cert/目录复制到镜像中的/etc/nginx/目录"
./build_image.sh

92
nginxbazhong/build_image.sh Executable file
View File

@ -0,0 +1,92 @@
#!/bin/bash
# 加载环境变量
source ../environment.sh
# 设置Nginx镜像名称如果环境变量中未定义
if [ -z "${NGINX_IMAGE}" ]; then
export NGINX_IMAGE="${REGISTRY_HOST}nginx:${DOMAIN}"
fi
echo "开始构建Nginx镜像: ${NGINX_IMAGE}"
# 检查临时目录是否存在
TEMP_DIR="temp_vhosts"
if [ ! -d "$TEMP_DIR" ]; then
echo "错误: $TEMP_DIR 目录不存在! 请先运行 replace_vars.sh 脚本"
exit 1
fi
# 检查临时目录中是否有配置文件
if [ -z "$(ls -A $TEMP_DIR)" ]; then
echo "警告: $TEMP_DIR 目录为空,将使用空配置构建镜像"
fi
# 检查SSL证书文件是否存在
if [ ! -f "vhosts/cert/t-aaron.com.pem" ] || [ ! -f "vhosts/cert/t-aaron.com.key" ]; then
echo "警告: SSL证书文件不存在于vhosts/cert/目录中"
echo "预期的证书文件位置: vhosts/cert/t-aaron.com.pem 和 vhosts/cert/t-aaron.com.key"
echo "Nginx容器的SSL功能可能无法正常工作"
fi
# 检查 AIRPORT_WEB_DIST 目录是否存在
if [ -z "${AIRPORT_WEB_DIST}" ]; then
echo "错误: AIRPORT_WEB_DIST 环境变量未设置!"
exit 1
fi
if [ ! -d "${AIRPORT_WEB_DIST}" ]; then
echo "错误: AIRPORT_WEB_DIST 目录不存在: ${AIRPORT_WEB_DIST}"
exit 1
fi
if [ ! -d "${HHZ_ADMIN_WEB_DIST}" ]; then
echo "错误: HHZ_ADMIN_WEB_DIST 目录不存在: ${HHZ_ADMIN_WEB_DIST}"
exit 1
fi
# 每增加一个前端项目需要在这里添加一个临时目录并复制文件Dockerfile.nginx 中也要添加一个COPY命令
echo "创建临时目录并复制 AIRPORT_WEB_DIST 文件..."
rm -rf airport_web_dist
mkdir -p airport_web_dist
cp -r "${AIRPORT_WEB_DIST}"/* airport_web_dist/
rm -rf hhz_admin_web_dist
mkdir -p hhz_admin_web_dist
cp -r "${HHZ_ADMIN_WEB_DIST}"/* hhz_admin_web_dist/
rm -rf business_web_dist
mkdir -p business_web_dist
cp -r "${BUSINESS_WEB_DIST}"/* business_web_dist/
# 构建Docker镜像
echo "使用Dockerfile.nginx构建镜像..."
docker build -t ${NGINX_IMAGE} -f Dockerfile.nginx .
# 清理临时目录
rm -rf airport_web_dist
rm -rf hhz_admin_web_dist
# 检查构建结果
if [ $? -eq 0 ]; then
echo "Nginx镜像构建成功: ${NGINX_IMAGE}"
# 推送到镜像仓库(如果需要)
echo "推送镜像到仓库: ${NGINX_IMAGE}"
docker push ${NGINX_IMAGE}
if [ $? -eq 0 ]; then
echo "镜像推送成功!"
else
echo "警告: 镜像推送失败!"
fi
else
echo "错误: Nginx镜像构建失败!"
exit 1
fi
echo "Nginx镜像构建和推送完成!"
echo "SSL证书已被包含在镜像中位于/etc/nginx/目录下"
echo "AIRPORT_WEB_DIST 文件已被复制到镜像中的 /data/tuoheng_airport_web/dist 目录"

68
nginxbazhong/replace_vars.sh Executable file
View File

@ -0,0 +1,68 @@
#!/bin/bash
# 加载环境变量
source ../environment.sh
echo "开始替换配置文件中的环境变量..."
# 检查vhosts目录是否存在
if [ ! -d "vhosts" ]; then
echo "错误: vhosts目录不存在!"
exit 1
fi
# 检查vhosts目录中是否有配置文件
if [ -z "$(ls -A vhosts/*.conf 2>/dev/null)" ]; then
echo "警告: vhosts目录中没有.conf文件没有配置文件需要处理"
exit 0
fi
# 创建临时目录
TEMP_DIR="temp_vhosts"
rm -rf $TEMP_DIR
mkdir -p $TEMP_DIR
# 处理所有.conf文件替换环境变量跳过cert目录
for conf_file in vhosts/*.conf; do
# 检查文件是否存在(处理无匹配文件的情况)
if [ ! -f "$conf_file" ]; then
continue
fi
# 跳过cert目录中的文件
if [[ "$conf_file" == *"/cert/"* ]]; then
continue
fi
filename=$(basename "$conf_file")
echo "处理文件: $filename"
# 读取原始文件内容
content=$(cat "$conf_file")
# 获取environment.sh中所有环境变量
env_vars=$(grep -E "^export [A-Z_]+" ../environment.sh | sed 's/export //')
# 逐个替换环境变量
for var in $env_vars; do
var_name=$(echo $var | cut -d= -f1)
var_value=${!var_name}
if [ ! -z "$var_value" ]; then
# 使用更安全的变量替换方法
pattern="\\\${$var_name}"
# 转义特殊字符
escaped_value=$(echo "$var_value" | sed 's/[\/&]/\\&/g')
echo " 替换变量: ${pattern} -> $var_value"
content=$(echo "$content" | sed "s|${pattern}|${escaped_value}|g")
fi
done
# 写入处理后的内容到临时文件
echo "$content" > "$TEMP_DIR/$filename"
echo " 文件处理完成: $filename"
done
echo "环境变量替换完成! 替换后的文件位于 $TEMP_DIR/ 目录"
echo "请检查替换结果,确认无误后运行 build_image.sh 构建镜像"

50
nginxbazhong/vhosts/airport.conf Normal file
View File

@ -0,0 +1,50 @@
server
{
listen 80;
listen 443 ssl;
server_name ${AIRPORT_DOMAIN};
root /data/tuoheng_airport_web/dist;
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# 开启gzip功能
gzip on;
gzip_min_length 10k;
gzip_comp_level 9;
gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
location /{
try_files $uri $uri/ @router;
index index.html;
proxy_redirect http://${AIRPORT_DOMAIN} https://${AIRPORT_DOMAIN_FULL};
}
location @router{
rewrite ^.*$ /index.html last;
}
location /airport {
proxy_pass http://gatewayService/airport;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /permission {
proxy_pass http://airportService/permission;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

27
nginxbazhong/vhosts/cert/t-aaron.com.key Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAl20i2WRVBqF9NkDTAhen86bl10pGrmyEHrsBXIt/DZgtXjJB
A4xwkq2vsA5axj4b+CV9zXAsWDqfo0l+PHkcyoAj3LrTf23mkQLTd3i4B1JYTYeK
vyq6kqkbTkEpG8qK4bJKDewEiF+vBLiq6bzUfSXIqBeNJuh1kG+rKOTxUvsy+89r
4QYm9zo8vZlY2/nkE4JYBrcdrgRO1+bsAIPKWR403Bz5jzKLx+TxqQykd4K1f3Mc
z0U5CcR8wgVTzzywKbv2R+kX7CPHSh60x2MdFO41c5y2HZJF3NNqBYD6WJGhKsV7
+NvlMLgIdqQkMzxKc/JdtkHjdOK84Z+z9mNoPwIDAQABAoIBADOLLqWZBWgwaBKj
li/MJZtGYE4cNlsBDSf4t8nsod7awfaiXIb8swT6oibne/anBZY+DMh1OmL98YD/
bzzebPJxE8P6xCtIGYea0qiEKwAzA2PAk3Xm8YMilOzaOUgAda3Fpnd+szxIdabB
xUuyvxGqXtb4zU9FKV9042oUJCD+YlqMSDhOUyt8agNcE9PpmzAOCQ36/845pCCt
0H2iXc2qrV0koz7SIK2TksWGav1kVb7KfEOzGg1vhHJRKrP9mODkgIAFNVrBbIYd
kUGaWCTqfuNGBxWSeV38XX5kKM5aHISB5gL4tjzrlkiMv4yBya7jTOWHHPK8ZTwL
q9Tb18ECgYEA0amJ/BCQl6HRTOXN0+4jjx1seKnJTlKAwBATGxYbhOHQ1kBUPslh
FwsG2Wcb46ccBnw8XwjSypDJJVOYCtdxlnDVqiCxQLdx06/JHOdYwb7zrmGpHLGs
chZ5ccGI10FolW7CC21xErAS+o2d+cc3s1yZZtiYD1xSjR9sblw+aekCgYEAuOSr
xK6NwbbSCYFWBHJ6257+Z0fzY79KPnhNK3E8q42ygSzn5KRuW4pfH6Kk3rLwcqkO
3NOJXOK5T8paCkBcvXmVcladuqeamGY17XKRG35XwiwyjQhFUTjQLO4ob6Cm1SA8
yguL80Imauhkfq9jTvhaEYahrN+smcn+TSuFv+cCgYBV3kLmGn6tq5eGEARZjQnB
PoLDdH4+9qlGgA7jJA3HQZj/dr9KK7346wo2FfWlKjbfLRior3ttfRj0kaUOo6gg
vjuz/sm5wKf809zhWprOVv+EZvkVCGuhGjVI8sOxrVdBBGiyt3L8/WH4ffG6b+4P
JpipN4InoF8q7zjAhkUFqQKBgQCU1G136tJtBk7YG+YzujsvIjLCzGYc+tQ2qPvl
ZkdiCLORy6X2pG24/g9IFdIE+aEXiwJNu3Gs9UwZ8Fa+PcTpOD+WRCa/Iz8MQepS
8o/fw7m8sXsXj3rMwKDCKgseoADrOgH02YqUC8GE+QA8Ac48uSk3RlpKH9p+CNzN
HaWSLQKBgQDE362akbYJdFknNg631VvsUTK+hL953UaY8OvtTBhDKjRqUhuniLr2
R+CLoCLezhjzzx/11luowbVbcL2hgYxdPwEi4GNKmfGqs/jtkm1PkWej/4jw3Pcj
Jq9Di+Vb9uTHp0O4ZlSZ3PKdn+ovTzVwrOPHmYXf5pLWIA5Qe0F1Wg==
-----END RSA PRIVATE KEY-----

76
nginxbazhong/vhosts/cert/t-aaron.com.pem Normal file
View File

@ -0,0 +1,76 @@
-----BEGIN CERTIFICATE-----
MIIHljCCBX6gAwIBAgIQD49k2sFPkysTaVxmbXLLPDANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K1JhcGlkU1NMIEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjQwNTI4MDAwMDAwWhcNMjUwNjA4MjM1OTU5WjAYMRYwFAYDVQQDDA0qLnQtYWFy
b24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl20i2WRVBqF9
NkDTAhen86bl10pGrmyEHrsBXIt/DZgtXjJBA4xwkq2vsA5axj4b+CV9zXAsWDqf
o0l+PHkcyoAj3LrTf23mkQLTd3i4B1JYTYeKvyq6kqkbTkEpG8qK4bJKDewEiF+v
BLiq6bzUfSXIqBeNJuh1kG+rKOTxUvsy+89r4QYm9zo8vZlY2/nkE4JYBrcdrgRO
1+bsAIPKWR403Bz5jzKLx+TxqQykd4K1f3Mcz0U5CcR8wgVTzzywKbv2R+kX7CPH
Sh60x2MdFO41c5y2HZJF3NNqBYD6WJGhKsV7+NvlMLgIdqQkMzxKc/JdtkHjdOK8
4Z+z9mNoPwIDAQABo4IDljCCA5IwHwYDVR0jBBgwFoAU8JyF/aKffY/JaLvV1IlN
Hb7TkP8wHQYDVR0OBBYEFHgfehJZw28iIU4o2GOiJ4ZSQQ7aMCUGA1UdEQQeMByC
DSoudC1hYXJvbi5jb22CC3QtYWFyb24uY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQIB
MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNV
HR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9SYXBpZFNT
TEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0cDov
L2NybDQuZGlnaWNlcnQuY29tL1JhcGlkU1NMR2xvYmFsVExTUlNBNDA5NlNIQTI1
NjIwMjJDQTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6
Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMu
ZGlnaWNlcnQuY29tL1JhcGlkU1NMR2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJD
QTEuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1
AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABj7400tYAAAQDAEYw
RAIgfnSKqPxcIM1n61Wj7v4Mg6q+okpcU3BF90SdbbhpBi0CIHVeKYRiODN3XLes
nVf5fyhTGnMOU6GrZfIODrB5gvO3AHcAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65
Ay/ZDowuebgAAAGPvjTTFQAABAMASDBGAiEA2yVzWD3eRw/QGQX7jeULxvpFGMNG
ZvGT7srGeX02ax0CIQDvzHcl6J296wCVqWacf8KQo61uovh7td/PhKnYpyUiVAB2
AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABj7400ycAAAQDAEcw
RQIgTkSIS1GXUtPuoTvVmdm57OCm1P2x4uPVQuo8LJN68w4CIQCvaSRtK63o2gUI
gmi4h2Ch/CzRE48Zr0Eu7TkOBwVsfzANBgkqhkiG9w0BAQsFAAOCAgEAA+ab0S21
cgtoI2TUfCdPolQVV8no3YY3bQJzDZCpmva4dpYxSoQ7qTrOfIeUI3iyeKkaREGb
Xu6lAUhOvWZ7q/mp9od9pWJvPjbUmYT5OaWxhe3KiWmyo2TemABcCtOHe7v0qE5Y
arPmL4HgrhGAqpkWl1eZFQpfGdQ5ry0yCikDZz9umvasdbxuHKfJGPCAsyPqik0r
LmxnUYWOjCCNoSanDKj4ckdNkv/A9RXvazk/ZT1ElsBo/pK6eemiHmRNj3s6AWGO
chGlkHkuvkgCgNsXFT3pqK6uVrE4yD8qmxDPOOaT8wC1MB9xYO77SmMOimelacG6
d3DsUXGvYdUONZF2LzSpUkzFYofhZhULexI6xOCWnp3t7aCzTJQc68F6iwU6JYGW
7l2AioXUW6Q4AYNlUEo0EG3u6g4H98xAW5YIVX3u9cT8ZerVfTTmO1AQkkMM98nH
bvFx4/53T9eCTB9OBwiqISFICNXJNKhUuudVKQ6w0AfrI6kMk6dkhO3kkhb0cL/F
nDAInqJ8BlMtV01owk2CaEica81WP/cjEDItnnjjJ5INUklraYfZFVgN71c78zr5
rgF2DSQSsC+pPoqoloAC/YdiRw72kqaZlkXOaUgJBk2xJ73H27TriAPDmdtYA+Xd
vtfjp7o21OOXsORq6LHElFYlcJO+mDYGzz8=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIQCgWbJfVLPYeUzGYxR3U4ozANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0yMjA1MDQwMDAwMDBaFw0zMTExMDkyMzU5NTlaMFwxCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE0MDIGA1UEAxMrUmFwaWRTU0wgR2xv
YmFsIFRMUyBSU0E0MDk2IFNIQTI1NiAyMDIyIENBMTCCAiIwDQYJKoZIhvcNAQEB
BQADggIPADCCAgoCggIBAKY5PJhwCX2UyBb1nelu9APen53D5+C40T+BOZfSFaB0
v0WJM3BGMsuiHZX2IHtwnjUhLL25d8tgLASaUNHCBNKKUlUGRXGztuDIeXb48d64
k7Gk7u7mMRSrj+yuLSWOKnK6OGKe9+s6oaVIjHXY+QX8p2I2S3uew0bW3BFpkeAr
LBCU25iqeaoLEOGIa09DVojd3qc/RKqr4P11173R+7Ub05YYhuIcSv8e0d7qN1sO
1+lfoNMVfV9WcqPABmOasNJ+ol0hAC2PTgRLy/VZo1L0HRMr6j8cbR7q0nKwdbn4
Ar+ZMgCgCcG9zCMFsuXYl/rqobiyV+8U37dDScAebZTIF/xPEvHcmGi3xxH6g+dT
CjetOjJx8sdXUHKXGXC9ka33q7EzQIYlZISF7EkbT5dZHsO2DOMVLBdP1N1oUp0/
1f6fc8uTDduELoKBRzTTZ6OOBVHeZyFZMMdi6tA5s/jxmb74lqH1+jQ6nTU2/Mma
hGNxUuJpyhUHezgBA6sto5lNeyqc+3Cr5ehFQzUuwNsJaWbDdQk1v7lqRaqOlYjn
iomOl36J5txTs0wL7etCeMRfyPsmc+8HmH77IYVMUOcPJb+0gNuSmAkvf5QXbgPI
Zursn/UYnP9obhNbHc/9LYdQkB7CXyX9mPexnDNO7pggNA2jpbEarLmZGi4grMmf
AgMBAAGjggGCMIIBfjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTwnIX9
op99j8lou9XUiU0dvtOQ/zAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3R
VTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
cnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v
RGlnaUNlcnRHbG9iYWxSb290Q0EuY3J0MEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYD
VR0gBDYwNDALBglghkgBhv1sAgEwBwYFZ4EMAQEwCAYGZ4EMAQIBMAgGBmeBDAEC
AjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAfjh/s1f5dDdfm0sNm74/dW
MbbsxfYV1LoTpFt+3MSUWvSbiPQfUkoV57b5rutRJvnPP9mSlpFwcZ3e1nSUbi2o
ITGA7RCOj23I1F4zk0YJm42qAwJIqOVenR3XtyQ2VR82qhC6xslxtNf7f2Ndx2G7
Mem4wpFhyPDT2P6UJ2MnrD+FC//ZKH5/ERo96ghz8VqNlmL5RXo8Ks9rMr/Ad9xw
Y4hyRvAz5920myUffwdUqc0SvPlFnahsZg15uT5HkK48tHR0TLuLH8aRpzh4KJ/Y
p0sARNb+9i1R4Fg5zPNvHs2BbIve0vkwxAy+R4727qYzl3027w9jEFC6HMXRaDc=
-----END CERTIFICATE-----

21
nginxbazhong/vhosts/consul.conf Normal file
View File

@ -0,0 +1,21 @@
server {
listen 80;
listen 443 ssl;
server_name ${CONSUL_DOMAIN};
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://${CONSUL_NAME}:8500;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

30
nginxbazhong/vhosts/minio.conf Normal file
View File

@ -0,0 +1,30 @@
server {
listen 80;
listen 443 ssl;
server_name ${MINIO_DOMAIN};
client_max_body_size 2g;
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://${MINIO_NAME}:9000;
}
location /ta-tech-image/DJIimage {
add_header Content-Disposition 'attachment; filename="$arg_filename"';
add_header x-oss-force-download 'true';
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://${MINIO_NAME}:9000;
}
}

20
nginxbazhong/vhosts/minioconsole.conf Normal file
View File

@ -0,0 +1,20 @@
server {
listen 80;
listen 443 ssl;
server_name ${MINIO_CONSOLE_DOMAIN};
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://${MINIO_NAME}:9001;
}
}

25
nginxbazhong/vhosts/oidcservice.conf Normal file
View File

@ -0,0 +1,25 @@
server {
listen 80;
listen 443 ssl;
listen 3443 ssl;
server_name ${OIDC_SERVER_DOMAIN};
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://${OIDC_SERVER_NAME}:8090;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 只添加这一行来修复重定向
proxy_redirect http://${OIDC_SERVER_DOMAIN} https://${OIDC_DOMAIN_FULL};
}
}

40
nginxbazhong/vhosts/srs.conf Normal file
View File

@ -0,0 +1,40 @@
server {
listen 80;
listen 443 ssl;
server_name ${SRS_DOMAIN};
client_max_body_size 2g;
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://${SRS_NAME}:8080;
}
location /recording/ {
alias /data/recording/;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
charset utf-8;
# 允许所有文件类型访问
include mime.types;
default_type application/octet-stream;
# 添加一些基本的访问控制
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, HEAD';
# 配置文件下载时的行为
if ($request_filename ~* ^.*?\.(txt|doc|pdf|rar|gz|zip|docx|exe|xlsx|ppt|pptx|jpg|jpeg|png|gif|svg|mp3|mp4|wav|avi|mov|wmv|flv|mkv)$) {
add_header Content-Disposition 'attachment';
}
}
}

9
nginxbazhong/vhosts/upstream.conf Normal file
View File

@ -0,0 +1,9 @@
upstream gatewayService {
server ${GATEWAY_NAME}:7011;
}
upstream airportService {
server ${AIRPORT_NAME}:9060;
}

21
nginxbazhong/vhosts/xxljob.conf Normal file
View File

@ -0,0 +1,21 @@
server {
listen 80;
listen 443 ssl;
server_name ${XXLJOB_DOMAIN};
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://${XXLJOB_NAME}:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}