ProHoster > Блог > Gudanarwa > Muna haɓaka misalin mu na Webogram tare da wakili ta hanyar nginx

Muna haɓaka misalin mu na Webogram tare da wakili ta hanyar nginx

Hai Habr!

Kwanan nan na sami kaina a cikin halin da ake ciki wanda ya zama dole don yin aiki a cikin hanyar sadarwar kamfanoni tare da rashin cikakkiyar damar shiga Intanet kuma, kamar yadda zaku iya tsammani daga take, Telegram an katange a ciki. Na tabbata cewa wannan yanayin ya saba da mutane da yawa.

Zan iya yin ba tare da saƙon nan take ba, amma Telegram ne nake buƙata don aiki. Ba zai yiwu a shigar da abokin ciniki a kan injin aiki ba, kuma ba zai yiwu a yi amfani da kwamfutar tafi-da-gidanka na sirri ba. Wani bayani da alama shine a yi amfani da shi official website version, amma kamar yadda zaku iya tsammani, shima babu shi. Nan da nan na ketare zaɓi na neman madubi mara izini (Ina fata don dalilai masu ma'ana).

Sa'ar al'amarin shine, Webogram aikin buɗaɗɗen tushe ne wanda lambar tushe ke samuwa a ciki github marubucinta (Don abin da yawa godiya gare shi!)
Shigarwa da ƙaddamar da kanta ba shi da wahala, duk da haka, a cikin yanayin aiki a cikin hanyar sadarwa tare da katange damar yin amfani da sabar Telegram, za ku zama mafi kusantar yin baƙin ciki fiye da nasara, tun da sigar yanar gizo ta aika buƙatun zuwa sabar Telegram daga na'urar mai amfani.

Abin sa'a, wannan gyara ne mai sauƙi (amma ba a bayyane ba). Ina so in yi muku gargaɗi cewa ba ni ne marubucin wannan maganin ba. Na yi nasarar same shi a ciki reshe, wanda ya tattauna matsala irin tawa. Maganin mai amfani da github ya ba da shawarar tecknojock, ya taimake ni da yawa, duk da haka, na tabbata cewa zai iya taimaka wa wani, don haka na yanke shawarar rubuta wannan koyawa.

A ƙasan yanke za ku sami saitin mataki-mataki na madubin Webogram ɗin ku da saitin ƙaddamar da buƙatun sa zuwa sabobin Telegram ta amfani da nginx.

A matsayin misali, na zaɓi sabon shigar da sabunta Ubuntu Server 18.04.3.

Gargadi: Wannan koyawa ba zai haɗa da umarni kan kafa yanki a nginx ba. Kuna buƙatar yin wannan da kanku. Koyarwar tana ɗauka cewa kun riga kun saita yanki tare da ssl, kuma uwar garken da kanta wanda kuke shirin saita shi yana da damar zuwa sabobin Telegram (ta kowace hanya kuke so)

Bari mu ɗauka cewa ip na wannan uwar garken shine 10.23.0.3, kuma sunan yankin shine mywebogram.localhost.

Dangane da waɗannan ƙa'idodin, zan ba da misalan daidaitawa. Kar a manta canza dabi'u zuwa naku.

Don haka bari mu fara:

Don gudanar da Webogram, muna buƙatar nodejs. Ta hanyar tsoho, idan muka shigar da shi daga wuraren ajiyar Ubuntu, za mu sami nau'in nodejs 8.x. Muna buƙatar 12.x:

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - 
sudo apt update && sudo apt -y install nodejs

Mun zaɓi wurin da za a kafa Webogram ɗin mu.

Misali, bari mu sanya shi a cikin tushen kundin adireshin gida. Don yin wannan, rufe wurin ajiyar hukuma zuwa sabar mu:

cd ~ && git clone https://github.com/zhukov/webogram.git

Mataki na gaba shine shigar da duk abubuwan dogaro da ake buƙata don gudanar da aikace-aikacen:

cd webogram && npm install

Bari mu gwada gwajin gwaji. Gudanar da umarni:

npm start

Bayan haka, muna ƙoƙarin buɗe shi a cikin mai binciken 

 http://10.23.0.3:8000/app/index.html

Idan har zuwa wannan lokacin kun yi komai daidai, shafin izinin Webogram zai buɗe.

Yanzu muna buƙatar saita aikace-aikacen don aiki azaman sabis. Don yin wannan, bari mu ƙirƙiri fayil

sudo touch /lib/systemd/system/webogram.service

bude shi a cikin kowane edita kuma ba shi bayyanar mai zuwa (shigar da hanyar ku zuwa WorkDirectory)

[Unit]
Description=Webogram mirror
[Service]
WorkingDirectory=/home/tg/webogram
ExecStart=/usr/bin/npm start
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target

Sannan muna gudanar da umarni masu zuwa:

Aiwatar da canje-canje

sudo systemctl daemon-reload

Kunna autorun:

sudo systemctl enable webogram.service

Bari mu fara sabis:

sudo systemctl start webogram.service

Bayan kammala matakan, Webogram zai ci gaba da kasancewa akan tashar jiragen ruwa 8000.

Tun da za mu kafa damar zuwa Webogram ta nginx, za mu rufe tashar jiragen ruwa 8000 don buƙatun daga waje.

Muna amfani da udf mai amfani don wannan (ko kowace hanyar da ta dace da ku):

sudo ufw deny 8000

Idan har yanzu kuna yanke shawarar amfani da udf, amma ba a kashe shi akan sabar, ƙara ƙarin dokoki (don komai ya lalace) kuma kunna udf:

sudo ufw allow ssh
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable

Na gaba, bari mu fara canza tsarin nginx.

Kamar yadda na yi gargaɗi a sama, ana ɗauka cewa an riga an saita yanki mai ssl akan sabar ku. Zan jawo hankalin ku kawai ga abin da ake buƙatar ƙarawa zuwa fayil ɗin daidaitawar yanki don yin aiki daidai:


server {
...
  location ^~ /pluto/apiw1/ {
    proxy_pass https://pluto.web.telegram.org/apiw1/;
  }
  location ^~ /venus/apiw1/ {
    proxy_pass https://venus.web.telegram.org/apiw1/;
  }
  location ^~ /aurora/apiw1/ {
    proxy_pass https://aurora.web.telegram.org/apiw1/;
  }
  location ^~ /vesta/apiw1/ {
    proxy_pass https://vesta.web.telegram.org/apiw1/;
  }
  location ^~ /flora/apiw1/ {
    proxy_pass https://flora.web.telegram.org/apiw1/;
  }
  location ^~ /pluto-1/apiw1/ {
    proxy_pass https://pluto-1.web.telegram.org/apiw1/;
  }
  location ^~ /venus-1/apiw1/ {
    proxy_pass https://venus-1.web.telegram.org/apiw1/;
  }
  location ^~ /aurora-1/apiw1/ {
    proxy_pass https://aurora-1.web.telegram.org/apiw1/;
  }
  location ^~ /vesta-1/apiw1/ {
    proxy_pass https://vesta-1.web.telegram.org/apiw1/;
  }
  location ^~ /flora-1/apiw1/ {
    proxy_pass https://flora-1.web.telegram.org/apiw1/;
  }
  location ^~ /DC1/ {
    proxy_pass http://149.154.175.10:80/;
  }
  location ^~ /DC2/ {
    proxy_pass http://149.154.167.40:80/;
  }
  location ^~ /DC3/ {
    proxy_pass http://149.154.175.117:80/;
  }
  location ^~ /DC4/ {
    proxy_pass http://149.154.175.50:80/;
  }
  location ^~ /DC5/ {
    proxy_pass http://149.154.167.51:80/;
  }
  location ^~ /DC6/ {
    proxy_pass http://149.154.175.100:80/;
  }
  location ^~ /DC7/ {
    proxy_pass http://149.154.167.91:80/;
  }
  location ^~ /DC8/ {
    proxy_pass http://149.154.171.5:80/;
  }
 location / {
    auth_basic "tg";
    auth_basic_user_file /etc/nginx/passwd.htpasswd;
    proxy_pass http://localhost:8000/;
    proxy_read_timeout 90s;
    proxy_connect_timeout 90s;
    proxy_send_timeout 90s;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
  }
}

Abin da muke ƙarawa zuwa tsarin nginx:

  • Muna canza wurin tushen, wanda zai buƙatun buƙatun zuwa tashar jiragen ruwa 8000, wanda Webogram ya amsa
  • Muna rufe tushen wuri ta amfani da ainihin-auth. Wannan mataki ne na alama zalla don rufe aikace-aikacen mu daga idanuwa da bots. (Kuma don guje wa matsaloli tare da toshewa)
  • Yawancin wurare tare da proxy_path akan sabar Telegram sune ainihin ƙarshen ƙarshen mu ta hanyar da za mu wakilci buƙatun mu.

Hakanan, bari mu ƙirƙiri fayil /etc/nginx/passwd.htpasswd;don haka nginx yana da wani abu don bincika kalmar sirri da mai amfani da shi.

sudo apt install apache2-utils
sudo htpasswd -c /etc/nginx/passwd.htpasswd tg

Muna haɓaka misalin mu na Webogram tare da wakili ta hanyar nginx

Sake kunna nginx:

sudo systemctl restart nginx

Yanzu Webogram zai kasance kawai a mywebogram.localhost/app/index.html bayan shiga da kalmar sirri da kuka ayyana lokacin ƙirƙirar umarnin htpasswd an shigar da su.

Akwai kaɗan kaɗan: za mu yi ƙananan canje-canje ga aikin da kansa.

Buɗe fayil ɗin a cikin edita ~/webogram/app/js/lib/mtproto.js

Kuma kawo farkonsa zuwa tsari mai zuwa:

/*!
 * Webogram v0.7.0 - messaging web application for MTProto
 * https://github.com/zhukov/webogram
 * Copyright (C) 2014 Igor Zhukov <[email protected]>
 * https://github.com/zhukov/webogram/blob/master/LICENSE
 */

angular.module('izhukov.mtproto', ['izhukov.utils'])

  .factory('MtpDcConfigurator', function () {
    var sslSubdomains = ['pluto', 'venus', 'aurora', 'vesta', 'flora']

    var dcOptions = Config.Modes.test
      ? [
        {id: 1, host: 'mywebogram.localhost/DC1',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC2',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC3', port: 80}
      ]
      : [
        {id: 1, host: 'mywebogram.localhost/DC4',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC5',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC6', port: 80},
        {id: 4, host: 'mywebogram.localhost/DC7',  port: 80},
        {id: 5, host: 'mywebogram.localhost/DC8',   port: 80}
      ]

    var chosenServers = {}

    function chooseServer (dcID, upload) {
      if (chosenServers[dcID] === undefined) {
        var chosenServer = false,
          i, dcOption

        if (Config.Modes.ssl || !Config.Modes.http) {
          var subdomain = sslSubdomains[dcID - 1] + (upload ? '-1' : '')
          var path = Config.Modes.test ? 'apiw_test1' : '/apiw1/'
          chosenServer = 'https://mywebogram.localhost/' + subdomain + path
          return chosenServer
        }
       for (i = 0; i < dcOptions.length; i++) {
          dcOption = dcOptions[i]
          if (dcOption.id == dcID) {
            chosenServer = 'http://' + dcOption.host + '/apiw1'
            break
          }
        }
        chosenServers[dcID] = chosenServer
      }
...

Bayan wannan, kuna buƙatar sabunta shafin aikace-aikacen a cikin mai binciken.

Bude na'ura mai ba da hanya tsakanin hanyoyin sadarwa kuma duba buƙatun hanyar sadarwa na aikace-aikacen. Idan komai yana aiki kuma buƙatun XHR sun je sabar ku, to duk abin da aka yi daidai yake, kuma Webogram yanzu yana da proxied ta nginx.

Muna haɓaka misalin mu na Webogram tare da wakili ta hanyar nginx

Ina fatan wannan koyaswar zata kasance da amfani ga wani ban da ni.

Godiya ga duk wanda ya karanta har ƙarshe.

Idan kowa yana da wata matsala ko na yi kuskure, zan yi farin cikin amsawa da ƙoƙarin taimaka muku a cikin sharhi ko a cikin PM.

source: www.habr.com

Add a comment