Heus Habr!
Недавно я попал в ситуацию, в которой необходимо было работать внутри корпоративной сети с неполным доступом к интернету и как вы можете догадаться по заголовку — Telegram в ней был заблокирован. Certus sum hanc condicionem multis esse familiarem.
Sine momentis nuntiis facere possum, sed Telegram opus mihi fuit. Clientem in machina operis instituere non potuit, neque personale laptop uti potuit. Alia solutio videtur uti
Feliciter, Webogrammus est fons apertus consilii cuius fons codice in promptu est
Institutio et Lorem ipsum difficile non est, tamen in condicionibus operandi intra retis accessum obstructis ad Telegram ministrantibus, magis falli quam prosperum erit, cum versio interreti petitiones telegram e machina usoris emittit.
Feliciter hoc satis simplex (sed non satis perspicuum) figere. Monere velim me huius solutionis auctorem non esse. Potui invenire in
Infra abscisam invenies gradatim constitutivum speculi Webogram tui et setup procurandi petitiones suas ad telegram ministrantium ngingem utentium.
Exemplum, de novo inaugurato et renovato decuriae Servo 18.04.3.
monitio: Hoc doceo instructiones non continebit in nginx constituendo ditione. Hoc te facere debes. Nullam suscipit te iam domain cum ssl figuratum esse, et ipsum servo quo configurare cogitas aditum habere ad servers telegraphum (quoquo modo libet)
Sumamus umbilicum huius servientis 10.23.0.3 esse, et nomen regio mywebogram.localhost
Ex his conventionibus exempla figurarum dabo. Noli oblivisci bona tua mutare.
Lets 'adepto coepi:
Ad Webogram currendum, nodejs opus est. Defalta, si ex Ubuntu repositoria instituemus, nodejs versionis 8.x obtinebimus. Нам необходима 12.x:
curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
sudo apt update && sudo apt -y install nodejs
Locum eligimus ubi Webogrammus noster fundabitur.
Exempli gratia, eam in radice domus presul ineamus. Hoc facere, clone repositorium officiale nostro servo;
cd ~ && git clone https://github.com/zhukov/webogram.git
Proximus gradus est instituere omnes clientelas quae ad applicationem currendi requiruntur:
cd webogram && npm install
Experiri experimentum currere. Currite imperium;
npm start
Deinde in navigatro aperire conamur
http://10.23.0.3:8000/app/index.html
Si hucusque omnia recte fecisti, pagina auctoritate Webogram aperiet.
Nunc opus est ut applicatio ad currendum inserviat configurare. Hoc facere, limam creare
sudo touch /lib/systemd/system/webogram.service
aperi in aliquo editore et da sequenti specie (intra viam tuam ad WorkDirectory)
[Unit]
Description=Webogram mirror
[Service]
WorkingDirectory=/home/tg/webogram
ExecStart=/usr/bin/npm start
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
Sequuntur deinde mandata currimus;
Applicando mutationes
sudo systemctl daemon-reload
Autorun activare:
sudo systemctl enable webogram.service
De servitio scriptor satus:
sudo systemctl start webogram.service
Gradibus perfectis, Webogram in portu 8000 praesto esse perget.
Cum accessum ad Webogram per nginx nostrum constituemus, portum 8000 petendi ab extra claudemus.
Utimur udf ad hanc utilitatem (or opportunus vobis modus) ;
sudo ufw deny 8000
In casu adhuc udf uti volueris, sed in servo debilitatum est, regulas plura addas (ut omnia non dilabuntur) et udf faciant:
sudo ufw allow ssh
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable
Deinde, lets 'satus mutantur in Nginx configuratione.
Ut supra monui, ponatur dominium cum ssl iam in servo tuo figuratum esse. Tantum animum advertam ad id quod opus erit ad limam lineam domain addendam ut recte operandum;
server {
...
location ^~ /pluto/apiw1/ {
proxy_pass https://pluto.web.telegram.org/apiw1/;
}
location ^~ /venus/apiw1/ {
proxy_pass https://venus.web.telegram.org/apiw1/;
}
location ^~ /aurora/apiw1/ {
proxy_pass https://aurora.web.telegram.org/apiw1/;
}
location ^~ /vesta/apiw1/ {
proxy_pass https://vesta.web.telegram.org/apiw1/;
}
location ^~ /flora/apiw1/ {
proxy_pass https://flora.web.telegram.org/apiw1/;
}
location ^~ /pluto-1/apiw1/ {
proxy_pass https://pluto-1.web.telegram.org/apiw1/;
}
location ^~ /venus-1/apiw1/ {
proxy_pass https://venus-1.web.telegram.org/apiw1/;
}
location ^~ /aurora-1/apiw1/ {
proxy_pass https://aurora-1.web.telegram.org/apiw1/;
}
location ^~ /vesta-1/apiw1/ {
proxy_pass https://vesta-1.web.telegram.org/apiw1/;
}
location ^~ /flora-1/apiw1/ {
proxy_pass https://flora-1.web.telegram.org/apiw1/;
}
location ^~ /DC1/ {
proxy_pass http://149.154.175.10:80/;
}
location ^~ /DC2/ {
proxy_pass http://149.154.167.40:80/;
}
location ^~ /DC3/ {
proxy_pass http://149.154.175.117:80/;
}
location ^~ /DC4/ {
proxy_pass http://149.154.175.50:80/;
}
location ^~ /DC5/ {
proxy_pass http://149.154.167.51:80/;
}
location ^~ /DC6/ {
proxy_pass http://149.154.175.100:80/;
}
location ^~ /DC7/ {
proxy_pass http://149.154.167.91:80/;
}
location ^~ /DC8/ {
proxy_pass http://149.154.171.5:80/;
}
location / {
auth_basic "tg";
auth_basic_user_file /etc/nginx/passwd.htpasswd;
proxy_pass http://localhost:8000/;
proxy_read_timeout 90s;
proxy_connect_timeout 90s;
proxy_send_timeout 90s;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
Quod ad nginx config addimus;
- Radicum locum mutamus, qui petitiones procuratorio ad 8000 portum habebit, cui Webogrammus respondet
- Obcludimus locum radicis utens basic-auth. Hic gradus est mere symbolicus ad claudendam applicationem nostram ab oculis explorandis et autocinetis. (Et etiam ad vitandum difficultates interclusio)
- Fasciculus locorum cum proxy_path in telegrapho servitore nostro prorsus fines sunt per quos petitiones nostras procuratorios dabimus.
Etiam, limam creare /etc/nginx/passwd.htpasswd;
ut nginx habeat aliquid ad reprimendam usor passwords cum.
sudo apt install apache2-utils
sudo htpasswd -c /etc/nginx/passwd.htpasswd tg
Sileo nginx:
sudo systemctl restart nginx
Nunc Webogram modo praesto erit
parum superest: parvas mutationes ad ipsum propositum faciemus.
Aperi tabella in editore ~/webogram/app/js/lib/mtproto.js
Et initium eius afferat in hac forma;
/*!
* Webogram v0.7.0 - messaging web application for MTProto
* https://github.com/zhukov/webogram
* Copyright (C) 2014 Igor Zhukov <[email protected]>
* https://github.com/zhukov/webogram/blob/master/LICENSE
*/
angular.module('izhukov.mtproto', ['izhukov.utils'])
.factory('MtpDcConfigurator', function () {
var sslSubdomains = ['pluto', 'venus', 'aurora', 'vesta', 'flora']
var dcOptions = Config.Modes.test
? [
{id: 1, host: 'mywebogram.localhost/DC1', port: 80},
{id: 2, host: 'mywebogram.localhost/DC2', port: 80},
{id: 3, host: 'mywebogram.localhost/DC3', port: 80}
]
: [
{id: 1, host: 'mywebogram.localhost/DC4', port: 80},
{id: 2, host: 'mywebogram.localhost/DC5', port: 80},
{id: 3, host: 'mywebogram.localhost/DC6', port: 80},
{id: 4, host: 'mywebogram.localhost/DC7', port: 80},
{id: 5, host: 'mywebogram.localhost/DC8', port: 80}
]
var chosenServers = {}
function chooseServer (dcID, upload) {
if (chosenServers[dcID] === undefined) {
var chosenServer = false,
i, dcOption
if (Config.Modes.ssl || !Config.Modes.http) {
var subdomain = sslSubdomains[dcID - 1] + (upload ? '-1' : '')
var path = Config.Modes.test ? 'apiw_test1' : '/apiw1/'
chosenServer = 'https://mywebogram.localhost/' + subdomain + path
return chosenServer
}
for (i = 0; i < dcOptions.length; i++) {
dcOption = dcOptions[i]
if (dcOption.id == dcID) {
chosenServer = 'http://' + dcOption.host + '/apiw1'
break
}
}
chosenServers[dcID] = chosenServer
}
...
Postea pagina applicationis in navigatro reficere debes.
Aperi navigatrum consolatorium et respice in retis applicationis petitiones. Si omnia opera et petitiones XHR ad servo tuo eunt, tum omnia recte fiunt, et Webogrammus nunc per nginx proximatur.
Spero fore ut hoc doceo alteri praeter me utilem.
Multis agimus omnibus qui ad finem perlegerunt.
Si quis aliquas difficultates habet aut indiligentias egero, laetus ero respondere ac te adiuvare in commentaria vel in PM.
Source: www.habr.com