diff --git a/conf/alchemy/.htpasswd b/conf/alchemy/.htpasswd deleted file mode 100644 index 3a2826c..0000000 --- a/conf/alchemy/.htpasswd +++ /dev/null @@ -1 +0,0 @@ -huiwing:$apr1$r50umplo$ltopNoFz2rhNuSgKN46e0/ diff --git a/conf/alchemy/ai.conf b/conf/alchemy/ai.conf deleted file mode 100644 index 5237734..0000000 --- a/conf/alchemy/ai.conf +++ /dev/null @@ -1,69 +0,0 @@ -server { -# https://serverfault.com/questions/798734/use-variable-for-server-name-in-nginx# -# server_name $servername; - server_name "ai.alchemy-studio.cn"; - listen 443 ssl; -# listen 80; - client_max_body_size 10M; - - # disable in local test env - ssl_certificate /etc/letsencrypt/live/alchemy-studio.cn/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/alchemy-studio.cn/privkey.pem; # managed by Certbot - - location / { - try_files $uri $uri/ /index.html; - proxy_set_header Host "ai.alchemy-studio.cn"; - proxy_set_header X-Real-IP $remote_addr; - # disable in local test env - proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $remote_addr; - } - - location /api/v1/index { - - return 200 "Ai api index"; - } - add_header Access-Control-Allow-Origin $http_origin always; - add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; - add_header Access-Control-Allow-Headers 'Authorization,unionid,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; - add_header Access-Control-Allow-Credentials true always; - add_header Access-Control-Max-Age 86400 always; - if ($request_method = 'OPTIONS') { - return 200; - } - - location /api/v1/ai/ { - proxy_set_header Host $host; - add_header Access-Control-Allow-Origin $http_origin always; - add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; - add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; - add_header Access-Control-Allow-Credentials true always; - add_header Access-Control-Max-Age 86400 always; - if ($request_method = 'OPTIONS') { - return 200; - } - -# auth_basic "ai_api access auth"; -# auth_basic_user_file /usr/local/openresty/nginx/conf.d/.htpasswd; - - proxy_pass http://127.0.0.1:5000/; - } - - location /api/v1/coze/ { - proxy_set_header Host $host; - add_header Access-Control-Allow-Origin $http_origin always; - add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; - add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; - add_header Access-Control-Allow-Credentials true always; - add_header Access-Control-Max-Age 86400 always; - if ($request_method = 'OPTIONS') { - return 200; - } - -# auth_basic "coze_api access auth"; -# auth_basic_user_file /usr/local/openresty/nginx/conf.d/.htpasswd; - - proxy_pass http://127.0.0.1:6000/; - } -} diff --git a/conf/huiwings/admin.conf b/conf/huiwings/admin.conf index 7c948c0..7b5284c 100644 --- a/conf/huiwings/admin.conf +++ b/conf/huiwings/admin.conf @@ -10,7 +10,9 @@ server { ssl_certificate_key /etc/letsencrypt/live/huiwings.cn/privkey.pem; # managed by Certbot set $tmp_file_dir "/file_upload"; # 文件存储路径 - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + set $huiwing_htyts_rust "127.0.0.1:3003"; # huiwing 仓库 htyts(Rust) + set $huiwing_htyproc_rust "127.0.0.1:3004"; # huiwing 仓库 htyproc(Rust) set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/openresty"; set $convert "/usr/bin/convert"; @@ -109,6 +111,22 @@ server { location /api/v1/uc/ { proxy_pass http://127.0.0.1:3000/api/v1/uc/; } + + # 同域独立测 Rust TS/proc(不经 ts./proc. 子域);/api/v2 → 本机 htyts/htyproc + location /api/v2/ts/ { + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + location /api/v2/proc/ { + proxy_pass http://$huiwing_htyproc_rust/api/v1/proc/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } } server { diff --git a/conf/huiwings/ai.conf b/conf/huiwings/ai.conf index 2013749..5237734 100644 --- a/conf/huiwings/ai.conf +++ b/conf/huiwings/ai.conf @@ -61,6 +61,9 @@ server { return 200; } +# auth_basic "coze_api access auth"; +# auth_basic_user_file /usr/local/openresty/nginx/conf.d/.htpasswd; + proxy_pass http://127.0.0.1:6000/; } } diff --git a/conf/huiwings/proc.conf b/conf/huiwings/proc.conf index 54d4b8b..de8b9ef 100644 --- a/conf/huiwings/proc.conf +++ b/conf/huiwings/proc.conf @@ -8,6 +8,9 @@ server { ssl_certificate /etc/letsencrypt/live/huiwings.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/huiwings.cn/privkey.pem; # managed by Certbot + # huiwing 仓库:`cargo run -p htyproc`,env 见 envs/*/htyproc.env(PROC_PORT=3004) + set $huiwing_htyproc_rust "127.0.0.1:3004"; + location /api/v1/proc/ { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; @@ -19,4 +22,17 @@ server { } proxy_pass http://127.0.0.1:8880/api/v1/proc/; } + + # Rust htyproc:对外 /api/v2/proc → 本进程;后端路由仍为 /api/v1/proc + location /api/v2/proc/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://$huiwing_htyproc_rust/api/v1/proc/; + } } diff --git a/conf/huiwings/ts.conf b/conf/huiwings/ts.conf index 0dce115..e3a5f98 100644 --- a/conf/huiwings/ts.conf +++ b/conf/huiwings/ts.conf @@ -10,7 +10,10 @@ server { ssl_certificate /etc/letsencrypt/live/huiwings.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/huiwings.cn/privkey.pem; # managed by Certbot - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + # huiwing 仓库:`cargo run -p htyts`,env 见 envs/*/htyts.env(TS_PORT=3003) + set $huiwing_htyts_rust "127.0.0.1:3003"; + set $task_server_rust "http://$huiwing_htyts_rust"; # 与 Java 并行,仅 /api/v2 走此 set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/openresty"; @@ -26,6 +29,19 @@ server { } proxy_pass http://127.0.0.1:8080/api/v1/ts/; } + + # Rust htyts:对外 /api/v2/ts → 本进程;后端路由仍为 /api/v1/ts(与 Java /api/v1/ts 并行) + location /api/v2/ts/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + } } # server { diff --git a/conf/local_linux/admin.conf b/conf/local_linux/admin.conf index 749c89d..dd42580 100644 --- a/conf/local_linux/admin.conf +++ b/conf/local_linux/admin.conf @@ -6,7 +6,9 @@ server { client_max_body_size 10M; set $tmp_file_dir "/file_upload"; # 文件存储路径 - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + set $huiwing_htyts_rust "127.0.0.1:3003"; + set $huiwing_htyproc_rust "127.0.0.1:3004"; set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/openresty"; set $convert "/usr/local/bin/convert"; @@ -101,4 +103,19 @@ server { location /api/v1/uc/ { proxy_pass http://127.0.0.1:3000/api/v1/uc/; } + + location /api/v2/ts/ { + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + location /api/v2/proc/ { + proxy_pass http://$huiwing_htyproc_rust/api/v1/proc/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } } diff --git a/conf/local_linux/ts.conf b/conf/local_linux/ts.conf index a60fcae..f527737 100644 --- a/conf/local_linux/ts.conf +++ b/conf/local_linux/ts.conf @@ -5,7 +5,9 @@ server { listen 8088; client_max_body_size 10M; - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + set $huiwing_htyts_rust "127.0.0.1:3003"; # huiwing 仓库 htyts(Rust) + set $task_server_rust "http://$huiwing_htyts_rust"; set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/openresty"; @@ -20,5 +22,17 @@ server { } proxy_pass http://127.0.0.1:8080/api/v1/ts/; } + + location /api/v2/ts/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + } } diff --git a/conf/local_macos/admin.conf b/conf/local_macos/admin.conf index cdb463c..e78475f 100644 --- a/conf/local_macos/admin.conf +++ b/conf/local_macos/admin.conf @@ -6,7 +6,9 @@ server { client_max_body_size 10M; set $tmp_file_dir "/usr/local/file_upload"; # 文件存储路径 - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + set $huiwing_htyts_rust "127.0.0.1:3003"; + set $huiwing_htyproc_rust "127.0.0.1:3004"; # set $htyuc "http://127.0.0.1:3000"; #htyuc host set $htyuc "https://admin.moicen.com"; #Verify jwt token set $resty_loc "/usr/local/opt/openresty"; @@ -105,6 +107,21 @@ server { proxy_pass http://127.0.0.1:3000/api/v1/uc/; } + location /api/v2/ts/ { + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + location /api/v2/proc/ { + proxy_pass http://$huiwing_htyproc_rust/api/v1/proc/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + location /api/ngx/upyun_download { content_by_lua_file $resty_loc/nginx/scripts/upyun_download.lua; } diff --git a/conf/local_macos/proc.conf b/conf/local_macos/proc.conf new file mode 100644 index 0000000..a0b31b7 --- /dev/null +++ b/conf/local_macos/proc.conf @@ -0,0 +1,31 @@ +server { + server_name "proc.localhost"; + listen 8088; + client_max_body_size 10M; + + set $huiwing_htyproc_rust "127.0.0.1:3004"; # huiwing 仓库 htyproc(Rust) + + location /api/v1/proc/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://127.0.0.1:8880/api/v1/proc/; + } + + location /api/v2/proc/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://$huiwing_htyproc_rust/api/v1/proc/; + } +} diff --git a/conf/local_macos/ts.conf b/conf/local_macos/ts.conf index df690c8..8c8f77b 100644 --- a/conf/local_macos/ts.conf +++ b/conf/local_macos/ts.conf @@ -5,7 +5,9 @@ server { listen 8088; client_max_body_size 10M; - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + set $huiwing_htyts_rust "127.0.0.1:3003"; # huiwing 仓库 htyts(Rust) + set $task_server_rust "http://$huiwing_htyts_rust"; set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/opt/openresty"; @@ -20,5 +22,17 @@ server { } proxy_pass http://127.0.0.1:8080/api/v1/ts/; } + + location /api/v2/ts/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + } } diff --git a/conf/moicen/admin.conf b/conf/moicen/admin.conf index 5a9b9a9..cccea95 100644 --- a/conf/moicen/admin.conf +++ b/conf/moicen/admin.conf @@ -31,7 +31,9 @@ server { ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot set $tmp_file_dir "/file_upload"; # 文件存储路径 - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + set $huiwing_htyts_rust "127.0.0.1:3003"; + set $huiwing_htyproc_rust "127.0.0.1:3004"; set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/openresty"; set $convert "/usr/bin/convert"; @@ -133,6 +135,21 @@ server { location /api/v1/uc/ { proxy_pass http://127.0.0.1:3000/api/v1/uc/; } + + location /api/v2/ts/ { + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + location /api/v2/proc/ { + proxy_pass http://$huiwing_htyproc_rust/api/v1/proc/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } } server { diff --git a/conf/moicen/proc.conf b/conf/moicen/proc.conf index c84b7b4..ec4fdd9 100644 --- a/conf/moicen/proc.conf +++ b/conf/moicen/proc.conf @@ -8,6 +8,8 @@ server { ssl_certificate /etc/letsencrypt/live/moicen.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot + set $huiwing_htyproc_rust "127.0.0.1:3004"; # huiwing 仓库 htyproc(Rust) + location /api/v1/proc/ { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; @@ -19,4 +21,16 @@ server { } proxy_pass http://127.0.0.1:8880/api/v1/proc/; } + + location /api/v2/proc/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://$huiwing_htyproc_rust/api/v1/proc/; + } } diff --git a/conf/moicen/ts.conf b/conf/moicen/ts.conf index 8a03795..1c63569 100644 --- a/conf/moicen/ts.conf +++ b/conf/moicen/ts.conf @@ -10,7 +10,9 @@ server { ssl_certificate /etc/letsencrypt/live/moicen.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot - set $task_server "http://127.0.0.1:8080"; # task server host + set $task_server "http://127.0.0.1:8080"; # Java task_server + set $huiwing_htyts_rust "127.0.0.1:3003"; # huiwing 仓库 htyts(Rust) + set $task_server_rust "http://$huiwing_htyts_rust"; set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/openresty"; @@ -26,6 +28,18 @@ server { } proxy_pass http://127.0.0.1:8080/api/v1/ts/; } + + location /api/v2/ts/ { + add_header Access-Control-Allow-Origin $http_origin always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; + add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; + add_header Access-Control-Allow-Credentials true always; + add_header Access-Control-Max-Age 86400 always; + if ($request_method = 'OPTIONS') { + return 200; + } + proxy_pass http://$huiwing_htyts_rust/api/v1/ts/; + } } # server {