🥇Ukukhulisa isibonelo sakho se-Webogram ngokusebenza njengommeleli nge-nginx

Sawubona Habr!

Muva nje ngizithole ngisesimweni lapho kudingekile ukusebenza ngaphakathi kwenethiwekhi yezinkampani ngokufinyelela okungaphelele ku-inthanethi futhi, njengoba ungaqagela esihlokweni, iTelegram ivinjiwe kuyo. Nginesiqiniseko sokuthi lesi simo siyasijwayele kwabaningi.

Ngingakwazi ukwenza ngaphandle kwezithunywa ezisheshayo, kodwa kwakuyiTelegram engangiyidinga emsebenzini. Kwakungenakwenzeka ukufaka iklayenti emshinini womsebenzi, futhi kwakungenakwenzeka ukusebenzisa i-laptop yomuntu siqu. Esinye isixazululo sibonakala siwukusebenzisa inguqulo yewebhu esemthethweni, kodwa njengoba ungaqagela, ibingatholakali. Ngokushesha nginqamula inketho yokusesha isibuko esingekho emthethweni (ngithemba ngezizathu ezisobala).

Ngenhlanhla, i-Webogram iphrojekthi yomthombo ovulekile ikhodi yayo yomthombo itholakala kuyo github umbhali wayo (Ongabonga kakhulu kuye!)
Ukufakwa nokuqaliswa ngokwayo akunzima, nokho, ezimweni zokusebenza ngaphakathi kwenethiwekhi enokufinyelela okuvinjiwe kumaseva weTelegram, uzodumazeka kakhulu kunokuphumelela, njengoba inguqulo yewebhu ithumela izicelo kumaseva weTelegram kusuka emshinini womsebenzisi.

Ngenhlanhla, lokhu kuyindlela elula (kodwa engabonakali kakhulu). Ngithanda ukukuxwayisa ukuthi angiyena umsunguli walesi sixazululo. Ngikwazile ukuyithola phakathi igatsha, eyayixoxa ngenkinga efana neyami. Isixazululo esiphakanyiswe ngumsebenzisi we-github i-tecknojock, kungisize kakhulu, nokho, ngiqinisekile ukuthi kungasiza omunye umuntu, ngakho nginqume ukubhala lesi sifundo.

Ngezansi kwesisikiwe uzothola ukusethwa kwesinyathelo ngesinyathelo kwesibuko sakho se-Webogram kanye nokusethwa kommeleli wezicelo zaso kumaseva weTelegram usebenzisa i-nginx.

В качестве примера я выбрал только что установленную и обновленную Ubuntu Iseva 18.04.3.

Isexwayiso: Lesi sifundo ngeke sifake imiyalelo yokusetha isizinda ku-nginx. Udinga ukwenza lokhu ngokwakho. Isifundo sithatha ukuthi usuvele usimisile isizinda nge-ssl, nokuthi iseva ngokwayo ohlele ukuyilungisa inokufinyelela kumaseva eTelegramu (nganoma iyiphi indlela oyithandayo)

Ake sicabange ukuthi i-ip yalesi seva ngu-10.23.0.3, futhi igama lesizinda lithi mywebogram.localhost

Ngokusekelwe kulezi zivumelwano, ngizonikeza izibonelo zokucushwa. Ungakhohlwa ukushintsha amanani abe awakho.

Ngakho-ke ake siqale:

Для запуска Webogram, нам необходим nodejs. По умолчанию, если устанавливать его из репозиториев Ubuntu — мы получим nodejs версии 8.x. Нам необходима 12.x:

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - 
sudo apt update && sudo apt -y install nodejs

Sikhetha indawo lapho iWebogram yethu izozinzela khona.

Isibonelo, asibeke kuyimpande yohlu lwasekhaya. Ukwenza lokhu, fanisa inqolobane esemthethweni kuseva yethu:

cd ~ && git clone https://github.com/zhukov/webogram.git

Isinyathelo esilandelayo ukufaka konke okuncikile okudingekayo ukuze usebenzise uhlelo lokusebenza:

cd webogram && npm install

Ake sizame ukuhlola. Qalisa umyalo:

npm start

Ngemva kwalokho, sizama ukuyivula kusiphequluli

 http://10.23.0.3:8000/app/index.html

Uma kuze kube manje wenze yonke into ngendlela efanele, ikhasi lokugunyazwa le-Webogram lizovuleka.

Manje sidinga ukumisa uhlelo lokusebenza ukuthi lusebenze njengesevisi. Ukwenza lokhu, masidale ifayela

sudo touch /lib/systemd/system/webogram.service

yivule kunoma imuphi umhleli bese unikeza ukubukeka okulandelayo (faka indlela yakho eya ku-WorkDirectory)

[Unit]
Description=Webogram mirror
[Service]
WorkingDirectory=/home/tg/webogram
ExecStart=/usr/bin/npm start
SuccessExitStatus=143
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target

Bese sisebenzisa imiyalo elandelayo:

Ukusebenzisa izinguquko

sudo systemctl daemon-reload

Nika amandla i-autorun:

sudo systemctl enable webogram.service

Asiqale isevisi:

sudo systemctl start webogram.service

Ngemva kokuqeda izinyathelo, i-Webogram izoqhubeka nokutholakala ku-port 8000.

Njengoba sizobe simisa ukufinyelela ku-Webogram yethu nge-nginx, sizovala i-port 8000 ngezicelo ezivela ngaphandle.

Sisebenzisa insiza ye-udf kulokhu (noma iyiphi indlela ekulungele):

sudo ufw deny 8000

Uma kwenzeka usanquma ukusebenzisa i-udf, kodwa ivaliwe kuseva, engeza imithetho eyengeziwe (ukuze yonke into ingahlukani) futhi unike amandla udf:

sudo ufw allow ssh
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable

Okulandelayo, ake siqale ukushintsha ukucushwa kwe-nginx.

Njengoba ngixwayise ngenhla, kucatshangwa ukuthi isizinda esine-ssl sesivele simisiwe kuseva yakho. Ngizodonsela ukunaka kwakho kulokho okuzodinga ukungezwa kufayela lokumisa isizinda ukuze lisebenze kahle:


server {
...
  location ^~ /pluto/apiw1/ {
    proxy_pass https://pluto.web.telegram.org/apiw1/;
  }
  location ^~ /venus/apiw1/ {
    proxy_pass https://venus.web.telegram.org/apiw1/;
  }
  location ^~ /aurora/apiw1/ {
    proxy_pass https://aurora.web.telegram.org/apiw1/;
  }
  location ^~ /vesta/apiw1/ {
    proxy_pass https://vesta.web.telegram.org/apiw1/;
  }
  location ^~ /flora/apiw1/ {
    proxy_pass https://flora.web.telegram.org/apiw1/;
  }
  location ^~ /pluto-1/apiw1/ {
    proxy_pass https://pluto-1.web.telegram.org/apiw1/;
  }
  location ^~ /venus-1/apiw1/ {
    proxy_pass https://venus-1.web.telegram.org/apiw1/;
  }
  location ^~ /aurora-1/apiw1/ {
    proxy_pass https://aurora-1.web.telegram.org/apiw1/;
  }
  location ^~ /vesta-1/apiw1/ {
    proxy_pass https://vesta-1.web.telegram.org/apiw1/;
  }
  location ^~ /flora-1/apiw1/ {
    proxy_pass https://flora-1.web.telegram.org/apiw1/;
  }
  location ^~ /DC1/ {
    proxy_pass http://149.154.175.10:80/;
  }
  location ^~ /DC2/ {
    proxy_pass http://149.154.167.40:80/;
  }
  location ^~ /DC3/ {
    proxy_pass http://149.154.175.117:80/;
  }
  location ^~ /DC4/ {
    proxy_pass http://149.154.175.50:80/;
  }
  location ^~ /DC5/ {
    proxy_pass http://149.154.167.51:80/;
  }
  location ^~ /DC6/ {
    proxy_pass http://149.154.175.100:80/;
  }
  location ^~ /DC7/ {
    proxy_pass http://149.154.167.91:80/;
  }
  location ^~ /DC8/ {
    proxy_pass http://149.154.171.5:80/;
  }
 location / {
    auth_basic "tg";
    auth_basic_user_file /etc/nginx/passwd.htpasswd;
    proxy_pass http://localhost:8000/;
    proxy_read_timeout 90s;
    proxy_connect_timeout 90s;
    proxy_send_timeout 90s;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
  }
}

Esikwengeza ku-nginx config:

Sishintsha indawo yempande, ezocela ummeleli ku-port 8000, lapho i-Webogram iphendula khona
Sivala indawo yempande sisebenzisa i-basic-auth. Lesi isinyathelo esingokomfanekiso nje sokuvala uhlelo lwethu lokusebenza ekuhloleni amehlo nama-bots. (Futhi futhi ukugwema izinkinga ngokuvimba)
Inqwaba yezindawo ezine-proxy_path kuseva yeTelegram ziyiziphetho zethu lapho sizomela izicelo zethu.

Futhi, masidale ifayela /etc/nginx/passwd.htpasswd;ukuze nginx ibe nokuthile yokuhlola amaphasiwedi omsebenzisi.

sudo apt install apache2-utils
sudo htpasswd -c /etc/nginx/passwd.htpasswd tg

Siphakamisa isibonelo sethu se-Webogram ngokufaka ummeleli nge-nginx

Qala kabusha i-nginx:

sudo systemctl restart nginx

Manje i-Webogram izotholakala kuphela ku- mywebogram.localhost/app/index.html ngemuva kokungena ngemvume nephasiwedi oyichazile lapho udala umyalo we-htpasswd kufakwa.

Kuncane okusele: sizokwenza izinguquko ezincane kuphrojekthi ngokwayo.

Vula ifayela kusihleli ~/webogram/app/js/lib/mtproto.js

Futhi ulethe ukuqala kwayo ngendlela elandelayo:

/*!
 * Webogram v0.7.0 - messaging web application for MTProto
 * https://github.com/zhukov/webogram
 * Copyright (C) 2014 Igor Zhukov <igor.beatle@gmail.com>
 * https://github.com/zhukov/webogram/blob/master/LICENSE
 */

angular.module('izhukov.mtproto', ['izhukov.utils'])

  .factory('MtpDcConfigurator', function () {
    var sslSubdomains = ['pluto', 'venus', 'aurora', 'vesta', 'flora']

    var dcOptions = Config.Modes.test
      ? [
        {id: 1, host: 'mywebogram.localhost/DC1',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC2',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC3', port: 80}
      ]
      : [
        {id: 1, host: 'mywebogram.localhost/DC4',  port: 80},
        {id: 2, host: 'mywebogram.localhost/DC5',  port: 80},
        {id: 3, host: 'mywebogram.localhost/DC6', port: 80},
        {id: 4, host: 'mywebogram.localhost/DC7',  port: 80},
        {id: 5, host: 'mywebogram.localhost/DC8',   port: 80}
      ]

    var chosenServers = {}

    function chooseServer (dcID, upload) {
      if (chosenServers[dcID] === undefined) {
        var chosenServer = false,
          i, dcOption

        if (Config.Modes.ssl || !Config.Modes.http) {
          var subdomain = sslSubdomains[dcID - 1] + (upload ? '-1' : '')
          var path = Config.Modes.test ? 'apiw_test1' : '/apiw1/'
          chosenServer = 'https://mywebogram.localhost/' + subdomain + path
          return chosenServer
        }
       for (i = 0; i < dcOptions.length; i++) {
          dcOption = dcOptions[i]
          if (dcOption.id == dcID) {
            chosenServer = 'http://' + dcOption.host + '/apiw1'
            break
          }
        }
        chosenServers[dcID] = chosenServer
      }
...

Ngemva kwalokhu, udinga ukuvuselela ikhasi lohlelo lokusebenza esipheqululini.

Vula ikhonsoli yesiphequluli sakho bese ubheka izicelo zenethiwekhi yohlelo lokusebenza. Uma yonke into isebenza futhi izicelo ze-XHR ziya kuseva yakho, khona-ke yonke into yenziwa ngendlela efanele, futhi i-Webogram manje isisetshenziswa njenge-nginx.

Siphakamisa isibonelo sethu se-Webogram ngokufaka ummeleli nge-nginx

Ngethemba ukuthi lesi sifundo sizoba usizo komunye umuntu ngaphandle kwami.

Sibonga kakhulu kubo bonke abafunde kwaze kwaba sekugcineni.

Uma noma ubani enobunzima noma ngenze noma yikuphi ukungalungi, ngizojabula ukuphendula futhi ngizame ukukusiza kumazwana noma ku-PM.

Source: www.habr.com