ProHoster > Блог > Isakoso > A gbe apẹẹrẹ Webogram wa pẹlu aṣoju nipasẹ nginx

A gbe apẹẹrẹ Webogram wa pẹlu aṣoju nipasẹ nginx

Hey Habr!

Laipẹ Mo rii ara mi ni ipo kan ninu eyiti o jẹ dandan lati ṣiṣẹ inu nẹtiwọọki ile-iṣẹ kan pẹlu iraye si Intanẹẹti ti ko pe ati, bi o ṣe le gboju lati akọle, Telegram ti dina mọ ninu rẹ. Mo ni idaniloju pe ipo yii jẹ faramọ si ọpọlọpọ.

Mo le ṣe laisi awọn ojiṣẹ lẹsẹkẹsẹ, ṣugbọn Telegram ni Mo nilo fun iṣẹ. Ko ṣee ṣe lati fi sori ẹrọ alabara lori ẹrọ iṣẹ, tabi ko ṣee ṣe lati lo kọǹpútà alágbèéká ti ara ẹni. Ojutu miiran dabi pe o jẹ lati lo osise ayelujara version, ṣugbọn bi o ṣe le gboju, ko tun si. Mo kọja lẹsẹkẹsẹ aṣayan ti wiwa digi laigba aṣẹ (Mo nireti fun awọn idi ti o han gbangba).

Ni Oriire, Webogram jẹ iṣẹ akanṣe orisun ṣiṣi ti koodu orisun wa ninu github onkọwe rẹ (Nitori eyiti ọpọlọpọ o ṣeun fun u!)
Fifi sori ẹrọ ati ifilọlẹ funrararẹ ko nira, sibẹsibẹ, ni awọn ipo iṣẹ laarin nẹtiwọọki kan pẹlu iwọle si dina mọ awọn olupin Telegram, iwọ yoo ni ibanujẹ diẹ sii ju aṣeyọri lọ, nitori ẹya wẹẹbu firanṣẹ awọn ibeere si awọn olupin Telegram lati ẹrọ olumulo.

Ni Oriire, eyi jẹ atunṣe ti o rọrun (ṣugbọn kii ṣe kedere). Emi yoo fẹ lati kilo fun ọ pe Emi kii ṣe onkọwe ojutu yii. Mo ti ṣakoso lati wa ninu rẹ ẹka, tí ó jíròrò ìṣòro kan tí ó jọ tèmi. Solusan daba nipasẹ olumulo github tecknojock, O ṣe iranlọwọ fun mi pupọ, sibẹsibẹ, Mo ni idaniloju pe o le ṣe iranlọwọ fun ẹlomiran, nitorina ni mo ṣe pinnu lati kọ ẹkọ yii.

Ni isalẹ gige iwọ yoo rii iṣeto-igbesẹ-igbesẹ ti digi Webogram rẹ ati iṣeto ti sisọ awọn ibeere rẹ si awọn olupin Telegram ni lilo nginx.

Gẹgẹbi apẹẹrẹ, Mo yan Ubuntu Server tuntun ti a fi sori ẹrọ ati imudojuiwọn 18.04.3.

Ifarabalẹ: Ikẹkọ yii kii yoo pẹlu awọn ilana lori siseto agbegbe ni nginx. O nilo lati ṣe eyi funrararẹ. Ikẹkọ naa dawọle pe o ti tunto agbegbe kan tẹlẹ pẹlu ssl, ati pe olupin funrararẹ lori eyiti o gbero lati tunto o ni iwọle si awọn olupin Telegram (ni ọna eyikeyi ti o fẹ)

Jẹ ki a ro pe ip ti olupin yii jẹ 10.23.0.3, ati pe orukọ ìkápá naa jẹ mywebogram.localhost

Da lori awọn apejọ wọnyi, Emi yoo fun apẹẹrẹ ti awọn atunto. Maṣe gbagbe lati yi awọn iye pada si tirẹ.

Nitorinaa jẹ ki a bẹrẹ:

Lati ṣiṣẹ Webogram, a nilo nodejs. Nipa aiyipada, ti a ba fi sii lati awọn ibi ipamọ Ubuntu, a yoo gba ẹya nodejs 8.x. A nilo 12.x:

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - 
sudo apt update && sudo apt -y install nodejs

A yan ibi ti Webogram wa yoo wa.

Fun apẹẹrẹ, jẹ ki a gbe e sinu gbongbo ilana ile. Lati ṣe eyi, kọlu ibi ipamọ osise si olupin wa:

cd ~ && git clone https://github.com/zhukov/webogram.git

Igbesẹ ti o tẹle ni lati fi sori ẹrọ gbogbo awọn igbẹkẹle ti o nilo lati ṣiṣẹ ohun elo naa:

cd webogram && npm install

Jẹ ki a gbiyanju idanwo kan. Ṣiṣe aṣẹ naa:

npm start

Lẹhin iyẹn, a gbiyanju lati ṣii ni ẹrọ aṣawakiri 

 http://10.23.0.3:8000/app/index.html

Ti o ba ti to aaye yii o ti ṣe ohun gbogbo ni deede, oju-iwe aṣẹ Webogram yoo ṣii.

Bayi a nilo lati tunto ohun elo lati ṣiṣẹ bi iṣẹ kan. Lati ṣe eyi, jẹ ki a ṣẹda faili kan

sudo touch /lib/systemd/system/webogram.service

ṣii ni eyikeyi olootu ki o fun ni irisi atẹle (tẹ ọna rẹ si WorkDirectory)

[Unit]
Description=Webogram mirror
[Service]
WorkingDirectory=/home/tg/webogram
ExecStart=/usr/bin/npm start
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target

Lẹhinna a ṣiṣẹ awọn aṣẹ wọnyi:

Lilo awọn ayipada

sudo systemctl daemon-reload

Mu adaṣe ṣiṣẹ:

sudo systemctl enable webogram.service

Jẹ ki a bẹrẹ iṣẹ naa:

sudo systemctl start webogram.service

Lẹhin ipari awọn igbesẹ naa, Webogram yoo tẹsiwaju lati wa lori ibudo 8000.

Niwọn igba ti a yoo ṣeto iraye si Webogram wa nipasẹ nginx, a yoo pa ibudo 8000 fun awọn ibeere lati ita.

A lo ohun elo udf fun eyi (tabi ọna eyikeyi ti o rọrun fun ọ):

sudo ufw deny 8000

Ni ọran ti o tun pinnu lati lo udf, ṣugbọn o jẹ alaabo lori olupin naa, ṣafikun awọn ofin diẹ sii (ki ohun gbogbo ko ba kuna) ki o mu udf ṣiṣẹ:

sudo ufw allow ssh
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable

Nigbamii, jẹ ki a bẹrẹ yiyipada iṣeto nginx.

Gẹgẹbi Mo ti kilo loke, o ro pe agbegbe kan pẹlu ssl ti tunto tẹlẹ lori olupin rẹ. Emi yoo fa akiyesi rẹ nikan si kini yoo nilo lati ṣafikun si faili iṣeto agbegbe fun lati ṣiṣẹ ni deede:


server {
...
  location ^~ /pluto/apiw1/ {
    proxy_pass https://pluto.web.telegram.org/apiw1/;
  }
  location ^~ /venus/apiw1/ {
    proxy_pass https://venus.web.telegram.org/apiw1/;
  }
  location ^~ /aurora/apiw1/ {
    proxy_pass https://aurora.web.telegram.org/apiw1/;
  }
  location ^~ /vesta/apiw1/ {
    proxy_pass https://vesta.web.telegram.org/apiw1/;
  }
  location ^~ /flora/apiw1/ {
    proxy_pass https://flora.web.telegram.org/apiw1/;
  }
  location ^~ /pluto-1/apiw1/ {
    proxy_pass https://pluto-1.web.telegram.org/apiw1/;
  }
  location ^~ /venus-1/apiw1/ {
    proxy_pass https://venus-1.web.telegram.org/apiw1/;
  }
  location ^~ /aurora-1/apiw1/ {
    proxy_pass https://aurora-1.web.telegram.org/apiw1/;
  }
  location ^~ /vesta-1/apiw1/ {
    proxy_pass https://vesta-1.web.telegram.org/apiw1/;
  }
  location ^~ /flora-1/apiw1/ {
    proxy_pass https://flora-1.web.telegram.org/apiw1/;
  }
  location ^~ /DC1/ {
    proxy_pass http://149.154.175.10:80/;
  }
  location ^~ /DC2/ {
    proxy_pass http://149.154.167.40:80/;
  }
  location ^~ /DC3/ {
    proxy_pass http://149.154.175.117:80/;
  }
  location ^~ /DC4/ {
    proxy_pass http://149.154.175.50:80/;
  }
  location ^~ /DC5/ {
    proxy_pass http://149.154.167.51:80/;
  }
  location ^~ /DC6/ {
    proxy_pass http://149.154.175.100:80/;
  }
  location ^~ /DC7/ {
    proxy_pass http://149.154.167.91:80/;
  }
  location ^~ /DC8/ {
    proxy_pass http://149.154.171.5:80/;
  }
 location / {
    auth_basic "tg";
    auth_basic_user_file /etc/nginx/passwd.htpasswd;
    proxy_pass http://localhost:8000/;
    proxy_read_timeout 90s;
    proxy_connect_timeout 90s;
    proxy_send_timeout 90s;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
  }
}

Ohun ti a ṣafikun si atunto nginx:

  • A yi ipo gbongbo pada, eyiti yoo awọn ibeere aṣoju si ibudo 8000, eyiti Webogram ṣe idahun
  • A pa awọn root ipo lilo ipilẹ-auth. Eyi jẹ igbesẹ aami odasaka lati pa ohun elo wa lati awọn oju prying ati awọn bot. (Ati tun lati yago fun awọn iṣoro pẹlu ìdènà)
  • Ọpọlọpọ awọn ipo pẹlu proxy_path lori olupin Telegram jẹ awọn aaye ipari wa gangan nipasẹ eyiti a yoo ṣe aṣoju awọn ibeere wa

Bakannaa, jẹ ki a ṣẹda faili kan /etc/nginx/passwd.htpasswd;ki nginx ni nkan lati ṣayẹwo awọn ọrọigbaniwọle olumulo pẹlu.

sudo apt install apache2-utils
sudo htpasswd -c /etc/nginx/passwd.htpasswd tg

A gbe apẹẹrẹ Webogram wa pẹlu aṣoju nipasẹ nginx

Tun nginx bẹrẹ:

sudo systemctl restart nginx

Bayi Webogram yoo wa nikan ni mywebogram.localhost/app/index.html lẹhin iwọle ati ọrọ igbaniwọle ti o ṣalaye nigbati o ṣẹda aṣẹ htpasswd ti wa ni titẹ sii.

Osi diẹ wa: a yoo ṣe awọn ayipada kekere si iṣẹ akanṣe funrararẹ.

Ṣii faili ni olootu kan ~/webogram/app/js/lib/mtproto.js

Ki o si mu ibẹrẹ rẹ wa si fọọmu atẹle:

/*!
 * Webogram v0.7.0 - messaging web application for MTProto
 * https://github.com/zhukov/webogram
 * Copyright (C) 2014 Igor Zhukov <[email protected]>
 * https://github.com/zhukov/webogram/blob/master/LICENSE
 */

angular.module('izhukov.mtproto', ['izhukov.utils'])

  .factory('MtpDcConfigurator', function () {
    var sslSubdomains = ['pluto', 'venus', 'aurora', 'vesta', 'flora']

    var dcOptions = Config.Modes.test
      ? [
        {id: 1, host: 'mywebogram.localhost/DC1',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC2',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC3', port: 80}
      ]
      : [
        {id: 1, host: 'mywebogram.localhost/DC4',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC5',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC6', port: 80},
        {id: 4, host: 'mywebogram.localhost/DC7',  port: 80},
        {id: 5, host: 'mywebogram.localhost/DC8',   port: 80}
      ]

    var chosenServers = {}

    function chooseServer (dcID, upload) {
      if (chosenServers[dcID] === undefined) {
        var chosenServer = false,
          i, dcOption

        if (Config.Modes.ssl || !Config.Modes.http) {
          var subdomain = sslSubdomains[dcID - 1] + (upload ? '-1' : '')
          var path = Config.Modes.test ? 'apiw_test1' : '/apiw1/'
          chosenServer = 'https://mywebogram.localhost/' + subdomain + path
          return chosenServer
        }
       for (i = 0; i < dcOptions.length; i++) {
          dcOption = dcOptions[i]
          if (dcOption.id == dcID) {
            chosenServer = 'http://' + dcOption.host + '/apiw1'
            break
          }
        }
        chosenServers[dcID] = chosenServer
      }
...

Lẹhin eyi, o nilo lati sọ oju-iwe ohun elo ni ẹrọ aṣawakiri naa.

Ṣii console ẹrọ aṣawakiri rẹ ki o wo awọn ibeere nẹtiwọọki ohun elo naa. Ti ohun gbogbo ba ṣiṣẹ ati awọn ibeere XHR lọ si olupin rẹ, lẹhinna ohun gbogbo ti ṣe ni deede, ati pe Webogram ti wa ni isunmọ nipasẹ nginx.

A gbe apẹẹrẹ Webogram wa pẹlu aṣoju nipasẹ nginx

Mo nireti pe ikẹkọ yii yoo wulo fun ẹlomiran yatọ si mi.

O ṣeun pupọ fun gbogbo eniyan ti o ka titi de opin.

Ti ẹnikẹni ba ni awọn iṣoro eyikeyi tabi Mo ṣe awọn aṣiṣe eyikeyi, Emi yoo dun lati dahun ati gbiyanju lati ran ọ lọwọ ninu awọn asọye tabi ni PM.

orisun: www.habr.com

Fi ọrọìwòye kun