add

2023-12-18 13:53:26 +08:00 · 2023-12-18 13:53:26 +08:00 · 33c3438126
commit 33c3438126
parent 3efe4e376b
5 changed files with 87 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -4,6 +4,6 @@ mysql/8.0/data/
 logs/*
 openresty/config/vhost/*
 !openresty/config/vhost/ssl
-!openresty/config/vhost/default.conf
+!openresty/config/vhost/default.conf.example
 redis/data
 .env
--- a/docker-compose.yaml.example
+++ b/docker-compose.yaml.example
@ -28,9 +28,9 @@ services:
      aix-docker-cc:
        ipv4_address: ${NET_SUBNET:-10.12.25}.200
  
-  java_gateway:
-    image: ${IMAGE_BASE}/java_gateway:1.0.0
-    container_name: java_gateway
+  java-gateway:
+    image: ${IMAGE_BASE}/java_gateway:1.0.1
+    container_name: java-gateway
    restart: always
    volumes:
      - "./java_gateway:/app"
--- a/java_gateway/captcha-1.0-SNAPSHOT.jar
+++ b/java_gateway/captcha-1.0-SNAPSHOT.jar
--- a/openresty/config/vhost/default.conf.example
+++ b/openresty/config/vhost/default.conf.example
@ -0,0 +1,82 @@
+server {
+  listen 80;
+  listen [::]:80;
+
+  # listen 443 ssl http2;
+  # listen [::]:443 ssl http2;
+  # ssl_certificate /usr/local/openresty/nginx/conf/vhost/ssl/gateway.jsaix.cn.crt;
+  # ssl_certificate_key /usr/local/openresty/nginx/conf/vhost/ssl/gateway.jsaix.cn.key;
+  # ssl_protocols TLSv1.2 TLSv1.3;
+  # ssl_prefer_server_ciphers on;
+  # ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
+  # ssl_session_timeout 10m;
+  # ssl_session_cache builtin:1000 shared:SSL:10m;
+  # ssl_session_tickets off;
+  ## curl https://ssl-config.mozilla.org/ffdhe2048.txt > /usr/local/openresty/nginx/conf/vhost/ssl/dhparam.pem
+  # ssl_dhparam /usr/local/openresty/nginx/conf/vhost/ssl/dhparam.pem;
+  # ssl_buffer_size 1400;
+  # add_header Strict-Transport-Security "max-age=63072000" always;
+  # ssl_stapling on;
+  # ssl_stapling_verify on;
+  # ssl_trusted_certificate /usr/local/openresty/nginx/conf/vhost/ssl/full_chain_rsa.crt;
+  # resolver 223.5.5.5;
+  # add_header X-Xss-Protection "1; mode=block";
+  # add_header X-Content-Type-Options nosniff;
+  # if ($ssl_protocol = "") { return 301 https://$host$request_uri; }
+
+  server_name *.abchen.net;
+  access_log /data/wwwlogs/abchen.net_nginx.log combined;
+  error_log /data/wwwlogs/error.abchen.net_nginx.log;
+  index index.html index.htm index.php;
+
+  root /data/wwwroot/default;
+  include /usr/local/openresty/nginx/conf/rewrite/laravel.conf;
+  #error_page 404 /404.html;
+  #error_page 502 /502.html;
+  location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
+    valid_referers none blocked *.abchen.net;
+    if ($invalid_referer) {
+        return 403;
+    }
+  }
+  # location /wss {
+  #   proxy_http_version 1.1;
+  #   proxy_set_header Upgrade $http_upgrade;
+  #   # proxy_set_header Connection $connection_upgrade;
+  #   # add_header Front-End-Https on;
+	# 	# add_header 'Access-Control-Allow-Methods' 'GET,POST';
+	# 	# add_header 'Access-Control-Allow-Origin' $http_origin;
+	# 	# add_header 'Access-Control-Allow-Credentials' 'true';
+	# 	# add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
+  #   include proxy.conf
+  #   proxy_pass http://php81:22349;
+  # }
+  location ~ [^/]\.php(/|$) {
+    fastcgi_pass php81:9000;
+    #fastcgi_pass unix:/dev/shm/php73-cgi.sock;
+    fastcgi_index index.php;
+    fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root/:/tmp/:/proc/";
+    include fastcgi.conf;
+  }
+
+  location ~ .*\.(?i)(txt|doc|pdf|rar|gz|zip|docx|exe|xlsx|ppt|pptx)$ {
+    add_header Content-Disposition attachment;
+  }
+  location ~* ^/(storage|attachments|upload)/.*\.(php|php5)$ {
+    deny all;
+  }
+  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
+    expires 30d;
+    access_log off;
+  }
+  location ~ .*\.(js|css)?$ {
+    expires 7d;
+    access_log off;
+  }
+  location ~ /(\.user\.ini|\.ht|\.git|\.svn|\.project|LICENSE|README\.md) {
+    deny all;
+  }
+  location /.well-known {
+    allow all;
+  }
+}
--- a/start.sh
+++ b/start.sh
@ -66,7 +66,7 @@ systemctl enable docker
 fi

 if ! command -v docker-compose >/dev/null 2>&1 ; then
-  curl -L https://gh.api.99988866.xyz/https://github.com/docker/compose/releases/download/v2.18.1/docker-compose-linux-x86_64 -o  /usr/local/bin/docker-compose
+  curl -L https://github.chenc.dev/https://github.com/docker/compose/releases/download/v2.18.1/docker-compose-linux-x86_64 -o  /usr/local/bin/docker-compose
  chmod +x /usr/local/bin/docker-compose
 fi