Edit acme.md

configuration/nginx/acme.md

@@ -14,15 +14,15 @@ $ acme.sh -v
 
 2.登录
 ```
-$ acme.sh --register-account -m 405348097@qq.com
 $ acme.sh --set-default-ca --server letsencrypt
+$ acme.sh --register-account -m 405348097@qq.com
 ```
 
 3.api接口需要增加以下 nginx 配置
 ```
 server {
     listen          80;
-    server_name     duanju2.api.styujia.com;
+    server_name     duanju2.api.daoguyujia.com;
     
     location ^~ /.well-known/acme-challenge/ {
         root /home/webroot;
@@ -36,8 +36,8 @@ $ mkdir -p /home/webroot/.well-known/acme-challenge
 
 4.生成证书
 ```
-$ acme.sh --issue -d duanju2.manage.styujia.com -w /home/YujiaDuanjuAdmin/dist/
-$ acme.sh --issue -d duanju2.api.styujia.com -w /home/webroot/
+$ acme.sh --issue -d ai.manage.daoguyujia.com -w /home/FrontendSys/dist/
+$ acme.sh --issue -d ai.api.daoguyujia.com -w /home/webroot/
 ```
 
 5.设置自动更新

configuration/nginx/ai.api.conf

@@ -1,77 +1,85 @@
+upstream myapi {
+    ip_hash;
+    server 127.0.0.1:48080;
+}
+
 server {
     listen          80;
     server_name     ai.api.daoguyujia.com;
+    client_max_body_size 500M;
 
-    location / {
-        # # 允许跨域
-        # add_header Access-Control-Allow-Origin * always;
-        # add_header Access-Control-Allow-Headers * always;
-        # add_header Access-Control-Allow-Methods 'GET,POST,OPTIONS' always;
-        # add_header Access-Control-Allow-Credentials 'true' always;
+    location ^~ /.well-known/acme-challenge/ {
+        root /home/webroot;
+        allow all;
+    }
 
-        proxy_pass http://127.0.0.1:48080;
+    location / {
+        proxy_pass http://myapi;
         proxy_http_version 1.1;
-        proxy_connect_timeout 4s;                # 配置点1
-        proxy_read_timeout 120s;                 # 配置点2，如果没效，可以考虑这个时间配置长一点
-        proxy_send_timeout 120s;                 # 配置点3
-        proxy_set_header Upgrade $http_upgrade;  # 支持wss
-        proxy_set_header Connection "upgrade";   # 支持wss
-
-        # proxy_set_header Host $proxy_host;
-        # proxy_set_header X-Real-IP $remote_addr;
-        # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_connect_timeout 4s;
+        proxy_read_timeout 60s;
+        proxy_send_timeout 12s;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_redirect off;
     }
 
-    location /sqx_fast/sse/stream {
-        proxy_pass http://127.0.0.1:48080/api/log/stream/watch;
+    # 接口开放监听 (SSE)
+    location /api/sse/ {
+        proxy_pass http://myapi/api/sse/;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
-        # 以下设置确保SSE正常工作
-        proxy_buffering off;                # 关闭缓冲，确保数据实时发送
-        proxy_cache off;                    # 关闭代理缓存
-        proxy_set_header Connection "";     # 清除原有的Connection头，避免影响
+        proxy_read_timeout 10s;
+        proxy_send_timeout 10s;
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_set_header Connection "";
     }
 
 }
 
-# server {
-#     listen       443;
-#     server_name  ai.manage.daoguyujia.com;
-
-#     ssl on;
-#     ssl_certificate      /usr/local/webserver/nginx/cert/socket.hkyuekee.com.crt;
-#     ssl_certificate_key  /usr/local/webserver/nginx/cert/socket.hkyuekee.com.key;
-#     ssl_session_cache    shared:SSL:1m;
-#     ssl_session_timeout  5m;
-#     ssl_ciphers  HIGH:!aNULL:!MD5;
-#     ssl_prefer_server_ciphers  on;
+server {
+    listen       443 ssl;
+    server_name  ai.api.daoguyujia.com;
 
-#     location / {
-#         proxy_pass http://127.0.0.1:3001;
-#         proxy_http_version 1.1;
-#         proxy_connect_timeout 4s;
-#         proxy_read_timeout 60s;
-#         proxy_send_timeout 12s;
-#         proxy_set_header Upgrade $http_upgrade;
-#         proxy_set_header Connection "upgrade";
+    ssl_certificate      /root/.acme.sh/ai.api.daoguyujia.com/fullchain.cer;
+    ssl_certificate_key  /root/.acme.sh/ai.api.daoguyujia.com/ai.api.daoguyujia.com.key;
+    ssl_session_cache    shared:SSL:1m;
+    ssl_session_timeout  5m;
+    ssl_ciphers  HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers  on;
 
-#         proxy_set_header X-Real-IP $remote_addr;
-#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-#         proxy_set_header Host $http_host;
-#         proxy_set_header X-NginX-Proxy true;
-#         proxy_redirect off;
-#     }
+    location / {
+        proxy_pass http://myapi;
+        proxy_http_version 1.1;
+        proxy_connect_timeout 4s;
+        proxy_read_timeout 60s;
+        proxy_send_timeout 12s;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_redirect off;
+    }
 
-#     location /sqx_fast/sse/stream {
-#         proxy_pass http://127.0.0.1:48080/api/log/stream/watch;
-#         proxy_http_version 1.1;
-#         proxy_set_header Upgrade $http_upgrade;
-#         proxy_set_header Connection "upgrade";
-#         # 以下设置确保SSE正常工作
-#         proxy_buffering off;                # 关闭缓冲，确保数据实时发送
-#         proxy_cache off;                    # 关闭代理缓存
-#         proxy_set_header Connection "";     # 清除原有的Connection头，避免影响
-#     }
+    # 接口开放监听 (SSE)
+    location /api/sse/ {
+        proxy_pass http://myapi/api/sse/;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 10s;
+        proxy_send_timeout 10s;
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_set_header Connection "";
+    }
 
-# }
+}

configuration/nginx/ai.manage.conf

@@ -1,10 +1,27 @@
 upstream myapp {
-    server 127.0.0.1:8088;
-}
-upstream myapi {
+    ip_hash;
     server 127.0.0.1:48080;
 }
 
+server {
+    listen          80;
+    server_name     ai.manage.daoguyujia.com;
+    client_max_body_size 500M;
+
+    location / {
+        proxy_pass http://127.0.0.1:8088;
+        proxy_http_version 1.1;
+        proxy_connect_timeout 4s;
+        proxy_read_timeout 120s;
+        proxy_send_timeout 120s;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
 server {
     listen          8088;
     client_max_body_size 500M;
@@ -23,58 +40,71 @@ server {
 
     # 接口代理配置 (Vue项目代理)
     location /api/ {
-        proxy_pass http://myapi/api/;
+        proxy_pass http://myapp/api/;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
 
-}
-
-server {
-    listen          80;
-    server_name     ai.manage.daoguyujia.com;
-    location / {
-        proxy_pass http://myapp;
+    # 接口开放监听 (SSE)
+    location /api/sse/ {
+        proxy_pass http://myapp/api/sse/;
         proxy_http_version 1.1;
-        proxy_connect_timeout 4s;
-        proxy_read_timeout 120s;
-        proxy_send_timeout 120s;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 10s;
+        proxy_send_timeout 10s;
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_set_header Connection "";
     }
+
 }
 
-# server {
-#     listen       443;
-#     server_name  ai.manage.daoguyujia.com;
+server {
+    listen       443 ssl;
+    server_name  ai.manage.daoguyujia.com;
 
-#     ssl on;
-#     ssl_certificate      /usr/local/webserver/nginx/cert/socket.hkyuekee.com.crt;
-#     ssl_certificate_key  /usr/local/webserver/nginx/cert/socket.hkyuekee.com.key;
-#     ssl_session_cache    shared:SSL:1m;
-#     ssl_session_timeout  5m;
-#     ssl_ciphers  HIGH:!aNULL:!MD5;
-#     ssl_prefer_server_ciphers  on;
+    ssl_certificate      /root/.acme.sh/ai.manage.daoguyujia.com/fullchain.cer;
+    ssl_certificate_key  /root/.acme.sh/ai.manage.daoguyujia.com/ai.manage.daoguyujia.com.key;
+    ssl_session_cache    shared:SSL:1m;
+    ssl_session_timeout  5m;
+    ssl_ciphers  HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers  on;
 
-#     location / {
-#         proxy_pass http://127.0.0.1:3001;
-#         proxy_http_version 1.1;
-#         proxy_connect_timeout 4s;
-#         proxy_read_timeout 60s;
-#         proxy_send_timeout 12s;
-#         proxy_set_header Upgrade $http_upgrade;
-#         proxy_set_header Connection "upgrade";
+    location / {
+        index  index.html;
+        root /home/FrontendSys/dist;
+        # Vue 路由设置
+        try_files $uri $uri/ /index.html;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_redirect off;
+    }
 
-#         proxy_set_header X-Real-IP $remote_addr;
-#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-#         proxy_set_header Host $http_host;
-#         proxy_set_header X-NginX-Proxy true;
-#         proxy_redirect off;
-#     }
+    # 接口代理配置 (Vue项目代理)
+    location /api/ {
+        proxy_pass http://myapp/api/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # 接口开放监听 (SSE)
+    location /api/sse/ {
+        proxy_pass http://myapp/api/sse/;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 10s;
+        proxy_send_timeout 10s;
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_set_header Connection "";
+    }
 
-# }
+ }