Ka whakaarahia ta maatau tauira Webogram me te takawaenga ma te nginx

Hei Habr!

I tata nei ka kitea e au i roto i tetahi ahuatanga e tika ana kia mahi i roto i tetahi whatunga umanga me te kore e uru ki te Ipurangi, a, ka taea e koe te whakaaro mai i te taitara, i aukatihia a Telegram. E mohio ana ahau kei te mohio te nuinga o tenei ahuatanga.

Ka taea e au te mahi me te kore he karere tere, engari ko Telegram te hiahia mo te mahi. Kaore i taea te whakauru i te kiritaki ki runga i te miihini mahi, kaore i taea te whakamahi i te pona whaiaro. Ko tetahi atu otinga ko te whakamahi putanga paetukutuku mana, engari ka taea e koe te whakaaro, kaore ano i te waatea. Ka whiti tonu ahau ki te rapu i tetahi whakaata kore mana (e tumanako ana ahau mo nga take maamaa).

Waimarie, Webogram he kaupapa puna tuwhera kei te waatea te waehere puna GitHub tona kaituhi (Mo te mihi nui ki a ia!)
Ko te whakaurunga me te whakarewanga ake ehara i te mea uaua, engari, i roto i nga ahuatanga o te mahi i roto i te whatunga me te aukati i te uru atu ki nga kaitoro Telegram, ka nui ake te pouri i te angitu, na te mea ka tukuna e te putanga paetukutuku nga tono ki nga kaitoro Telegram mai i te miihini a te kaiwhakamahi.

Waimarie, he tino ngawari tenei (engari kaore e tino kitea). E hiahia ana ahau ki te whakatupato ia koe ehara ahau i te kaituhi o tenei otinga. I taea e au te kimi i roto peka, i korero mo tetahi raruraru e rite ana ki taku. Ko te otinga i whakaarohia e te kaiwhakamahi github tecknojock, he nui te awhina i a au, heoi, e mohio ana ahau ka taea e ia te awhina i tetahi atu, no reira ka whakatau ahau ki te tuhi i tenei akoranga.

I raro i te tapahi ka kitea e koe te tatūnga-taahiraa o to whakaata Webogram me te whakarite mo te takawaenga i ana tono ki nga kaitoro Telegram ma te whakamahi i te nginx.

Hei tauira, i whiriwhiria e ahau he Ubuntu Server 18.04.3 hou kua whakauruhia me te whakahou.

Whakatupato: Kaore tenei akoranga e whakauru i nga tohutohu mo te whakatuu rohe i roto i te nginx. Me mahi koe i tenei. Ko te akoranga e kii ana kua whirihorahia e koe tetahi rohe me te ssl, a ko te kaimau tonu e whakamahere ana koe ki te whirihora ka whai waahi ki nga kaitoro Telegram (mehemea e pai ana koe)

Me whakaaro ko te ip o tenei tūmau ko 10.23.0.3, ko te ingoa rohe ko mywebogram.localhost

I runga i enei tikanga, ka hoatu e ahau etahi tauira o nga whirihoranga. Kaua e wareware ki te huri i nga uara ki a koe ake.

Na kia timata tatou:

Hei whakahaere i te Webogram, me whai nodejs. Ma te taunoa, ki te whakauruhia e matou mai i nga putunga Ubuntu, ka whiwhi matou i te putanga nodejs 8.x. Me 12.x tatou:

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - 
sudo apt update && sudo apt -y install nodejs

Ka whiriwhiria e matou te waahi ka tuuhia to tatou Webogram.

Hei tauira, me tuu ki te putake o te raarangi kaainga. Ki te mahi i tenei, kohia te putunga mana ki to maatau tūmau:

cd ~ && git clone https://github.com/zhukov/webogram.git

Ko te taahiraa e whai ake nei ko te whakauru i nga whakawhirinaki katoa e hiahiatia ana hei whakahaere i te tono:

cd webogram && npm install

Me whakamatau he oma whakamatautau. Whakahaerehia te tono:

npm start

I muri i tera, ka ngana taatau ki te whakatuwhera i roto i te tirotiro

 http://10.23.0.3:8000/app/index.html

Mena tae noa ki tenei wa kua tika taau mahi, ka tuwhera te wharangi whakamanatanga Webogram.

Inaianei me whirihora i te tono kia rere hei ratonga. Hei mahi i tenei, me hanga he konae

sudo touch /lib/systemd/system/webogram.service

whakatuwheratia ki tetahi ētita ka hoatu ki a ia te ahua e whai ake nei (whakauruhia to ara ki WorkDirectory)

[Unit]
Description=Webogram mirror
[Service]
WorkingDirectory=/home/tg/webogram
ExecStart=/usr/bin/npm start
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target

Na ka whakahaerehia e matou nga whakahau e whai ake nei:

Te tono i nga huringa

sudo systemctl daemon-reload

Whakahohea te whakahaere aunoa:

sudo systemctl enable webogram.service

Me timata te mahi:

sudo systemctl start webogram.service

I muri i te whakaotinga o nga hikoinga, ka waatea tonu a Webogram ki te tauranga 8000.

I te mea ka whakarite matou i te uru ki to matou Webogram ma te nginx, ka kati matou i te tauranga 8000 mo nga tono mai i waho.

Ka whakamahia e matou te whaipainga udf mo tenei (me tetahi tikanga pai mo koe):

sudo ufw deny 8000

Mena ka whakatau tonu koe ki te whakamahi i te udf, engari kua monokia i runga i te tūmau, taapirihia etahi atu ture (kia kore e pakaru nga mea katoa) ka taea te udf:

sudo ufw allow ssh
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable

I muri mai, me timata taatau ki te huri i te whirihoranga nginx.

Ka rite ki taku whakatupato i runga ake nei, e kiia ana kua whirihorahia he rohe whai ssl ki runga i to kaimau. Ka aro noa ahau ki nga mea hei taapiri atu ki te konae whirihoranga rohe kia tika ai te mahi:

server {
...
  location ^~ /pluto/apiw1/ {
    proxy_pass https://pluto.web.telegram.org/apiw1/;
  }
  location ^~ /venus/apiw1/ {
    proxy_pass https://venus.web.telegram.org/apiw1/;
  }
  location ^~ /aurora/apiw1/ {
    proxy_pass https://aurora.web.telegram.org/apiw1/;
  }
  location ^~ /vesta/apiw1/ {
    proxy_pass https://vesta.web.telegram.org/apiw1/;
  }
  location ^~ /flora/apiw1/ {
    proxy_pass https://flora.web.telegram.org/apiw1/;
  }
  location ^~ /pluto-1/apiw1/ {
    proxy_pass https://pluto-1.web.telegram.org/apiw1/;
  }
  location ^~ /venus-1/apiw1/ {
    proxy_pass https://venus-1.web.telegram.org/apiw1/;
  }
  location ^~ /aurora-1/apiw1/ {
    proxy_pass https://aurora-1.web.telegram.org/apiw1/;
  }
  location ^~ /vesta-1/apiw1/ {
    proxy_pass https://vesta-1.web.telegram.org/apiw1/;
  }
  location ^~ /flora-1/apiw1/ {
    proxy_pass https://flora-1.web.telegram.org/apiw1/;
  }
  location ^~ /DC1/ {
    proxy_pass http://149.154.175.10:80/;
  }
  location ^~ /DC2/ {
    proxy_pass http://149.154.167.40:80/;
  }
  location ^~ /DC3/ {
    proxy_pass http://149.154.175.117:80/;
  }
  location ^~ /DC4/ {
    proxy_pass http://149.154.175.50:80/;
  }
  location ^~ /DC5/ {
    proxy_pass http://149.154.167.51:80/;
  }
  location ^~ /DC6/ {
    proxy_pass http://149.154.175.100:80/;
  }
  location ^~ /DC7/ {
    proxy_pass http://149.154.167.91:80/;
  }
  location ^~ /DC8/ {
    proxy_pass http://149.154.171.5:80/;
  }
 location / {
    auth_basic "tg";
    auth_basic_user_file /etc/nginx/passwd.htpasswd;
    proxy_pass http://localhost:8000/;
    proxy_read_timeout 90s;
    proxy_connect_timeout 90s;
    proxy_send_timeout 90s;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
  }
}

He aha ta maatau e taapiri atu ki te whirihora nginx:

• Ka hurihia e matou te waahi pakiaka, ka tukuna nga tono takawaenga ki te tauranga 8000, ka whakautu a Webogram
• Ka kati tatou i te waahi pakiaka ma te whakamahi taketake-auth. He mahi tohu noa tenei ki te kati i ta maatau tono mai i nga karu me nga karetao. (A ki te karo i nga raru mo te aukati)
• He paihere o nga waahi me te takawaenga_ara i runga i te tūmau Telegram he rite tonu ki a maatau nga pito mutunga hei takawaenga i a maatau tono.

Ano, me hanga he konae /etc/nginx/passwd.htpasswd;na te nginx tetahi mea hei tirotiro i nga kupuhipa kaiwhakamahi.

sudo apt install apache2-utils
sudo htpasswd -c /etc/nginx/passwd.htpasswd tg

Tīmata anō te nginx:

sudo systemctl restart nginx

Inaianei ka waatea noa te Webogram ki mywebogram.localhost/app/index.html i muri i te takiuru me te kupuhipa i tautuhia e koe i te wa e hanga ana te whakahau htpasswd ka whakauruhia.

He iti noa nga mea e toe ana: ka mahia e matou nga huringa iti ki te kaupapa ake.

Whakatuwheratia te konae i roto i te ētita ~/webogram/app/js/lib/mtproto.js

Na ka kawe i tona timatanga ki te ahua e whai ake nei:

/*!
 * Webogram v0.7.0 - messaging web application for MTProto
 * https://github.com/zhukov/webogram
 * Copyright (C) 2014 Igor Zhukov <[email protected]>
 * https://github.com/zhukov/webogram/blob/master/LICENSE
 */

angular.module('izhukov.mtproto', ['izhukov.utils'])

  .factory('MtpDcConfigurator', function () {
    var sslSubdomains = ['pluto', 'venus', 'aurora', 'vesta', 'flora']

    var dcOptions = Config.Modes.test
      ? [
        {id: 1, host: 'mywebogram.localhost/DC1',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC2',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC3', port: 80}
      ]
      : [
        {id: 1, host: 'mywebogram.localhost/DC4',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC5',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC6', port: 80},
        {id: 4, host: 'mywebogram.localhost/DC7',  port: 80},
        {id: 5, host: 'mywebogram.localhost/DC8',   port: 80}
      ]

    var chosenServers = {}

    function chooseServer (dcID, upload) {
      if (chosenServers[dcID] === undefined) {
        var chosenServer = false,
          i, dcOption

        if (Config.Modes.ssl || !Config.Modes.http) {
          var subdomain = sslSubdomains[dcID - 1] + (upload ? '-1' : '')
          var path = Config.Modes.test ? 'apiw_test1' : '/apiw1/'
          chosenServer = 'https://mywebogram.localhost/' + subdomain + path
          return chosenServer
        }
       for (i = 0; i < dcOptions.length; i++) {
          dcOption = dcOptions[i]
          if (dcOption.id == dcID) {
            chosenServer = 'http://' + dcOption.host + '/apiw1'
            break
          }
        }
        chosenServers[dcID] = chosenServer
      }
...
 

I muri i tenei, me whakahou koe i te whaarangi tono i roto i te tirotiro.

Whakatuwherahia to papatohu tirotiro ka titiro ki nga tono whatunga a te tono. Mena ka mahi nga mea katoa ka haere nga tono XHR ki to kaimau, katahi ka tika nga mea katoa, ka tukuna inaianei a Webogram ma te nginx.

Ko taku tumanako ka whai hua tenei akoranga ki tetahi atu i tua atu i ahau.

Ka nui te mihi ki te hunga katoa i panui ki te mutunga.

Mena kei te raru tetahi, kei te he ranei au, ka koa ahau ki te whakautu me te ngana ki te awhina i a koe i roto i nga korero, i te PM ranei.

Source: will.com