初始化提交

2025-10-13 11:05:51 +08:00
commit ab171d45bb
301 changed files with 59788 additions and 0 deletions
--- a/nginx/运维机器反向代理.conf
+++ b/nginx/运维机器反向代理.conf
@@ -0,0 +1,255 @@
+server {
+    listen 80;
+    server_name devfeisu.scalelink.cn;
+
+    access_log /data/tengine/logs/devfeisu-auto-access.log;
+    error_log  /data/tengine/logs/devfeisu-auto-error.log;
+
+    location /api/ {
+        proxy_pass http://192.168.70.7:8020;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "";
+
+        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
+
+        if ($request_method = OPTIONS ) {
+            return 204;
+        }
+    }
+}
+
+
+
+
+server {
+    listen 80;
+    server_name testfeisu.scalelink.cn;
+
+    access_log /data/tengine/logs/testfeisu-auto-access.log;
+    error_log  /data/tengine/logs/testfeisu-auto-error.log;
+
+    location /api/ {
+        proxy_pass http://127.0.0.1:8020;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "";
+
+        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
+
+        if ($request_method = OPTIONS ) {
+            return 204;
+        }
+    }
+}
+
+
+
+
+
+server {
+    listen 80;
+    server_name prodfeisu.scalelink.cn;
+
+    access_log /data/tengine/logs/prodfeisu-auto-access.log;
+    error_log  /data/tengine/logs/prodfeisu-auto-error.log;
+
+    location /api/ {
+        proxy_pass http://127.0.0.1:80;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "";
+
+        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
+
+        if ($request_method = OPTIONS ) {
+            return 204;
+        }
+    }
+}
+
+
+
+
+
+server {
+    listen 443 ssl;
+    server_name git.deeplink.media;
+
+    ssl_certificate     /data/tengine/conf/certificate/git.deeplink.media_bundle.crt;
+    ssl_certificate_key /data/tengine/conf/certificate/git.deeplink.media.key;
+
+    ssl_protocols       TLSv1.2 TLSv1.3;
+    ssl_ciphers         HIGH:!aNULL:!MD5;
+
+    location / {
+        
+        proxy_pass http://172.24.16.20:80;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "";
+
+        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
+
+        if ($request_method = OPTIONS ) {
+            return 204;
+        }
+    }
+}
+
+# 可选：HTTP 自动跳转到 HTTPS
+server {
+    listen 80;
+    server_name git.deeplink.media;
+    return 301  https://$host$request_uri;
+}
+
+
+
+
+# 代理到s1的go服务：
+server {
+    listen 8101;  # 监听 8100 端口
+    server_name 172.24.16.20;  # 运维机 的公网 IP
+    location / {
+        proxy_pass http://43.130.56.138:8100;  # 反向代理到本地电脑的sit的8070
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+      
+        client_max_body_size 300M;
+    }
+}
+
+
+# 代理到s2的go服务：
+server {
+    listen 8102;  # 监听 8100 端口
+    server_name 172.24.16.20;  # 运维机 的公网 IP
+    location / {
+        proxy_pass http://43.159.145.241:8100;  # 反向代理到本地电脑的sit的8070
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+      
+        client_max_body_size 300M;
+    }
+}
+
+
+# 代理到s3的go服务：
+server {
+    listen 8103;  # 监听 8100 端口
+    server_name 172.24.16.20;  # 运维机 的公网 IP
+    location / {
+        proxy_pass http://43.159.145.241:8101;  # 反向代理到本地电脑的sit的8070
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+      
+        client_max_body_size 300M;
+    }
+}
+
+version: '3'
+services:
+  nginx:
+    image: nginx:latest
+    container_name: my-nginx
+    ports:
+      - "1070:1070"
+      - "9200:9200"
+      - "8070:8070"
+      - "8071:8071"
+      - "8010:8090"
+      - "8011:8091"
+      - "443:443"
+      - "8101:8101"
+      - "8102:8102"
+      - "8103:8103"
+    volumes:
+      - ./conf:/etc/nginx/conf.d
+      - ./html:/usr/share/nginx/html
+      - ./certs:/etc/nginx/certs
+    restart: unless-stopped
+
+
+
+    user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}
+
+
+
+socat
+yum install -y socat
+socat TCP-LISTEN:3306,bind=0.0.0.0,reuseaddr,fork TCP:192.168.70.18:3306
+nohup socat TCP-LISTEN:3306,bind=0.0.0.0,reuseaddr,fork TCP:192.168.70.18:3306 &
+