weiyu/docs/assets/js/b4cf3f2a.db9e7bf4.js

"use strict";(self.webpackChunkdocs=self.webpackChunkdocs||[]).push([[4646],{6653:(e,n,i)=>{i.r(n),i.d(n,{assets:()=>l,contentTitle:()=>o,default:()=>h,frontMatter:()=>a,metadata:()=>r,toc:()=>d});const r=JSON.parse('{"id":"deploy/depend/nginx","title":"Nginx","description":"- Operating System: Ubuntu 20.04 LTS","source":"@site/i18n/en/docusaurus-plugin-content-docs/current/deploy/depend/nginx.md","sourceDirName":"deploy/depend","slug":"/deploy/depend/nginx","permalink":"/bytedesk/docs/deploy/depend/nginx","draft":false,"unlisted":false,"editUrl":"https://github.com/bytedesk/bytedesk/docs/deploy/depend/nginx.md","tags":[],"version":"current","sidebarPosition":4,"frontMatter":{"sidebar_label":"Nginx","sidebar_position":4},"sidebar":"tutorialSidebar","previous":{"title":"Ollama","permalink":"/bytedesk/docs/deploy/depend/ollama"},"next":{"title":"SSL Certificate","permalink":"/bytedesk/docs/deploy/depend/letsencrypt"}}');var s=i(5723),t=i(6246);const a={sidebar_label:"Nginx",sidebar_position:4},o="Nginx",l={},d=[{value:"Installation",id:"installation",level:2},{value:"Preparation",id:"preparation",level:2},{value:"Example Using IP",id:"example-using-ip",level:2},{value:"nginx.conf",id:"nginxconf",level:2},{value:"sites-available",id:"sites-available",level:2},{value:"weiyuai_cn_80.conf",id:"weiyuai_cn_80conf",level:3},{value:"weiyuai_cn_443.conf",id:"weiyuai_cn_443conf",level:3},{value:"weiyuai_cn_api_80.conf",id:"weiyuai_cn_api_80conf",level:3},{value:"weiyuai_cn_api_443.conf",id:"weiyuai_cn_api_443conf",level:3},{value:"Create Symbolic Links",id:"create-symbolic-links",level:2},{value:"Apply Configuration",id:"apply-configuration",level:2},{value:"Open Ports",id:"open-ports",level:2},{value:"Modify TCP Connections (Optional)",id:"modify-tcp-connections-optional",level:2},{value:"Common Issues",id:"common-issues",level:2},{value:"References",id:"references",level:2}];function c(e){const n={a:"a",admonition:"admonition",code:"code",h1:"h1",h2:"h2",h3:"h3",header:"header",li:"li",p:"p",pre:"pre",ul:"ul",...(0,t.R)(),...e.components};return(0,s.jsxs)(s.Fragment,{children:[(0,s.jsx)(n.header,{children:(0,s.jsx)(n.h1,{id:"nginx",children:"Nginx"})}),"\n",(0,s.jsx)(n.admonition,{type:"tip",children:(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"Operating System: Ubuntu 20.04 LTS"}),"\n",(0,s.jsx)(n.li,{children:"Server minimum requirements: 2 CPU cores, 4GB RAM. Recommended: 4 CPU cores, 8GB RAM."}),"\n"]})}),"\n",(0,s.jsx)(n.h2,{id:"installation",children:"Installation"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"sudo apt update\nsudo apt install nginx\n# Check if installation successful\nnetstat -ntlp\n# If port 80 starts normally, installation is successful\n# Stop nginx\n# service nginx stop\n# Start nginx\n# service nginx start\n# Restart nginx:\n# service nginx restart\n# systemctl restart nginx\n# Reload:\n# service nginx force-reload\n"})}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:'# Check if stream module is installed\nnginx -V | grep stream # Note: capital V\n# Output indicates it\'s installed\nnginx version: nginx/1.18.0 (Ubuntu)\n# ...\n# You can see parameter: --with-stream=dynamic, indicating stream module is installed\n# For error: unknown directive "stream" in /etc/nginx/nginx.conf, need to insert at first line of nginx.conf:\nload_module /usr/lib/nginx/modules/ngx_stream_module.so;\n# Create cache directory, used in nginx.conf\nmkdir -p /var/www/html/nginx/cache/webserver\n# Reload configuration\nnginx -s reload\n# Or restart nginx\nservice nginx restart\n'})}),"\n",(0,s.jsx)(n.h2,{id:"preparation",children:"Preparation"}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsxs)(n.li,{children:["Download and extract ",(0,s.jsx)(n.a,{href:"https://www.weiyuai.cn/download/weiyu-server.zip",children:"server"})," file, the extracted structure is as follows:"]}),"\n"]}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"(base) server % tree -L 1\n.\n\u251c\u2500\u2500 admin\n\u251c\u2500\u2500 agent\n\u251c\u2500\u2500 bytedesk-starter-0.4.0.jar\n\u251c\u2500\u2500 chat\n\u251c\u2500\u2500 config\n\u251c\u2500\u2500 logs\n\u251c\u2500\u2500 readme.md\n\u251c\u2500\u2500 readme.zh.md\n\u251c\u2500\u2500 start.bat\n\u251c\u2500\u2500 start.sh\n\u251c\u2500\u2500 stop.bat\n\u251c\u2500\u2500 stop.sh\n\u2514\u2500\u2500 uploader\n\n7 directories, 7 files\n"})}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"Copy the admin, agent, chat folders to /var/www/html/weiyuai/"}),"\n",(0,s.jsx)(n.li,{children:"Where: admin is for management dashboard, agent is for client, chat is for visitor interface"}),"\n",(0,s.jsxs)(n.li,{children:["The three components default to accessing server at: ",(0,s.jsx)(n.a,{href:"http://127.0.0.1:9003",children:"http://127.0.0.1:9003"}),", this needs to be modified for production use, specifically:"]}),"\n",(0,s.jsx)(n.li,{children:"Find config.json files in admin/config.json, agent/config.json and chat/config.json"}),"\n",(0,s.jsx)(n.li,{children:"The config.json content is as follows:"}),"\n"]}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-json",children:'{\n    "enabled": false,\n    "apiUrl": "https://api.weiyuai.cn",\n    "websocketUrl": "wss://api.weiyuai.cn/websocket",\n    "htmlUrl": "https://www.weiyuai.cn"\n}\n'})}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"enabled field determines whether to use custom server address, default is false. Change it to true here. Only when set to true will the apiHost and htmlHost below take effect"}),"\n",(0,s.jsx)(n.li,{children:"apiUrl field is the API address, default is: api.weiyuai.cn, please replace with your domain"}),"\n",(0,s.jsx)(n.li,{children:"websocketUrl field is the websocket address, default is: ws://api.weiyuai.cn/websocket, please replace with your domain"}),"\n",(0,s.jsxs)(n.li,{children:["htmlHost field is the static webpage address, default is: ",(0,s.jsx)(n.a,{href:"http://www.weiyuai.cn",children:"www.weiyuai.cn"}),", please replace with your domain"]}),"\n"]}),"\n",(0,s.jsx)(n.h2,{id:"example-using-ip",children:"Example Using IP"}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"Replace domain with IP"}),"\n",(0,s.jsx)(n.li,{children:"Replace https with http"}),"\n"]}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-json",children:'{\n    "enabled": false,\n    "apiUrl": "http://127.0.0.1:9003",\n    "websocketUrl": "ws://127.0.0.1:9885/websocket",\n    "htmlUrl": "http://127.0.0.1:9006"\n}\n'})}),"\n",(0,s.jsx)(n.h2,{id:"nginxconf",children:"nginx.conf"}),"\n",(0,s.jsx)(n.p,{children:"Add the following content to the http module in nginx.conf:"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"#...\nhttp {\n    ##...\n    \n    ## REST API Load Balancing\n    upstream weiyuai {\n        # round_robin; # Default, round-robin distribution\n        ip_hash; # Same IP accesses same server, so visitors from same IP are fixed to one backend server\n        # least_conn; # Fair distribution\n        # server 172.16.81.2:9003     weight=2 max_fails=10 fail_timeout=60s;\n        server 127.0.0.1:9003 weight=2 max_fails=10 fail_timeout=60s;\n    }\n\n    # WebSocket Load Balancing\n    upstream weiyuaiwss {\n        # round_robin; # Default, round-robin distribution\n        ip_hash; # Same IP accesses same server, so visitors from same IP are fixed to one backend server\n        # least_conn; # Fair distribution\n        # server 172.16.81.2:9885     weight=2 max_fails=10 fail_timeout=60s;\n        server 127.0.0.1:9885 weight=2 max_fails=10 fail_timeout=60s;\n    }\n\n    include /etc/nginx/conf.d/*.conf;\n    include /etc/nginx/sites-enabled/*;\n}\n"})}),"\n",(0,s.jsx)(n.h2,{id:"sites-available",children:"sites-available"}),"\n",(0,s.jsx)(n.p,{children:"Create 4 files in the sites-available folder as follows:"}),"\n",(0,s.jsx)(n.h3,{id:"weiyuai_cn_80conf",children:"weiyuai_cn_80.conf"}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"Need to change server_name weiyuai.cn *.weiyuai.cn; to your domain or IP address"}),"\n"]}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"# weiyuai_cn_80.conf content\nserver {\n    listen 80;\n    listen [::]:80;\n\n    root /var/www/html/weiyuai/;\n    index index.html index.htm index.nginx-debian.html index.php;\n\n    server_name weiyuai.cn *.weiyuai.cn;\n\n    location / {\n        # Match all paths, try to serve file first, then directory, finally fallback to index.html\n        try_files $uri $uri/ /index.html; # This should point to root directory's index.html, not specific path's index.html\n    }\n\n    # If you need to provide specific index.html for each sub-path, you can add extra location blocks\n    location /admin/ {\n        try_files $uri $uri/ /admin/index.html;\n    }\n\n    location /agent/ {\n        try_files $uri $uri/ /agent/index.html;\n    }\n\n    location /chat/ {\n        try_files $uri $uri/ /chat/index.html;\n    }\n\n    location /frame/ {\n        try_files $uri $uri/ /chat/index.html;\n    }\n}\n"})}),"\n",(0,s.jsx)(n.h3,{id:"weiyuai_cn_443conf",children:"weiyuai_cn_443.conf"}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"Optional, only needed when SSL is enabled"}),"\n",(0,s.jsx)(n.li,{children:"Need to change server_name weiyuai.cn *.weiyuai.cn; to your domain or IP address"}),"\n",(0,s.jsx)(n.li,{children:"Port 443 configuration requires SSL certificate, here using Let's Encrypt free SSL certificate"}),"\n",(0,s.jsx)(n.li,{children:"Need to modify SSL certificate paths"}),"\n"]}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"# weiyuai_cn_443.conf content\nserver {\n    listen 443 ssl;\n    listen [::]:443 ssl;\n\n    ssl_certificate /etc/letsencrypt/live/weiyuai.cn/fullchain.pem; # managed by Certbot\n    ssl_certificate_key /etc/letsencrypt/live/weiyuai.cn/privkey.pem; # managed by Certbot\n\n    server_name weiyuai.cn *.weiyuai.cn;\n\n    root /var/www/html/weiyuai;\n    index index.html index.htm index.nginx-debian.html index.php;\n\n    location / {\n        # Match all paths, try to serve file first, then directory, finally fallback to index.html\n        try_files $uri $uri/ /index.html; # This should point to root directory's index.html, not specific path's index.html\n    }\n\n    # If you need to provide specific index.html for each sub-path, you can add extra location blocks\n    location /admin/ {\n        try_files $uri $uri/ /admin/index.html;\n    }\n\n    location /agent/ {\n        try_files $uri $uri/ /agent/index.html;\n    }\n\n    location /chat/ {\n        try_files $uri $uri/ /chat/index.html;\n    }\n\n    location /frame/ {\n        try_files $uri $uri/ /chat/index.html;\n    }\n\n    location /docs/ {\n        try_files $uri $uri/ /docs/index.html;\n    }\n}\n"})}),"\n",(0,s.jsx)(n.h3,{id:"weiyuai_cn_api_80conf",children:"weiyuai_cn_api_80.conf"}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"Need to change server_name api.weiyuai.cn; to your domain or IP address"}),"\n"]}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:'# weiyuai_cn_api_80.conf content\nserver {\n    listen 80;\n    listen [::]:80;\n\n    root /var/www/html/weiyuai/;\n    index index.html index.htm index.nginx-debian.html;\n\n    server_name api.weiyuai.cn;\n\n    ## Reverse Proxy\n    # Proxy stomp connection\n    location /stomp {\n        proxy_http_version 1.1;\n        proxy_set_header Upgrade $http_upgrade;\n        proxy_set_header Connection "upgrade";\n        proxy_pass http://weiyuai/stomp;\n\n        # To record real IP address instead of reverse proxy server address\n        proxy_set_header  Host            $host;\n        proxy_set_header  X-Real-IP       $remote_addr;\n        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;\n        include           fastcgi_params;\n    }\n\n    ## Reverse Proxy\n    # Proxy websocket connection\n    location /websocket {\n        proxy_http_version 1.1;\n        proxy_set_header Upgrade $http_upgrade;\n        proxy_set_header Connection "upgrade";\n        proxy_pass http://weiyuaiwss/websocket;\n\n        # To record real IP address instead of reverse proxy server address\n        proxy_set_header  Host            $host;\n        proxy_set_header  X-Real-IP       $remote_addr;\n        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;\n        include           fastcgi_params;\n    }\n\n    # Add two headers\n    add_header X-Via $server_addr;\n    add_header X-Cache $upstream_cache_status;\n\n    ## Reverse Proxy\n    location @springboot {\n        # Forward all nginx requests to port 9003\n        proxy_pass http://weiyuai;\n        \n        # To record real IP address instead of reverse proxy server address\n        proxy_set_header  Host            $host;\n        # X-Real-IP makes logs show real client IP\n        proxy_set_header  X-Real-IP       $remote_addr;\n        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;\n        include           fastcgi_params;\n\n        # Set cache\n        # Set 10-minute cache for response codes 200 and 302, 10-minute cache for 404 code\n        #proxy_cache webserver;\n        # proxy_cache_valid  200 302  10m;\n        proxy_cache_valid  404      10m;\n    }\n\n    location / {\n        # First attempt to serve request as file, then\n        # as directory, then fall back to displaying a 404.\n        # try_files $uri $uri/ =404;\n        try_files $uri $uri/ @springboot;\n    }\n}\n'})}),"\n",(0,s.jsx)(n.h3,{id:"weiyuai_cn_api_443conf",children:"weiyuai_cn_api_443.conf"}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:"Optional, only needed when SSL is enabled"}),"\n",(0,s.jsx)(n.li,{children:"Need to change server_name api.weiyuai.cn; to your domain or IP address"}),"\n",(0,s.jsx)(n.li,{children:"Port 443 configuration requires SSL certificate, here using Let's Encrypt free SSL certificate"}),"\n",(0,s.jsx)(n.li,{children:"Need to modify SSL certificate paths"}),"\n"]}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:'# weiyuai_cn_api_443.conf content\nserver {\n    listen 443 ssl;\n    listen [::]:443 ssl;\n\n    ssl_certificate /etc/letsencrypt/live/weiyuai.cn/fullchain.pem; # managed by Certbot\n    ssl_certificate_key /etc/letsencrypt/live/weiyuai.cn/privkey.pem; # managed by Certbot\n\n    server_name api.weiyuai.cn;\n\n    root /var/www/html/weiyuai;\n    index index.html index.htm index.nginx-debian.html;\n\n    ## Reverse Proxy\n    # Proxy stomp connection\n    location /stomp {\n        proxy_http_version 1.1;\n        proxy_set_header Upgrade $http_upgrade;\n        proxy_set_header Connection "upgrade";\n        proxy_pass http://weiyuai/stomp;\n\n        # To record real IP address instead of reverse proxy server address\n        proxy_set_header  Host            $host;\n        proxy_set_header  X-Real-IP       $remote_addr;\n        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;\n        include           fastcgi_params;\n    }\n\n    ## Reverse Proxy\n    # Proxy websocket connection\n    location /websocket {\n        proxy_http_version 1.1;\n        proxy_set_header Upgrade $http_upgrade;\n        proxy_set_header Connection "upgrade";\n        proxy_pass http://weiyuaiwss/websocket;\n\n        # To record real IP address instead of reverse proxy server address\n        proxy_set_header  Host            $host;\n        proxy_set_header  X-Real-IP       $remote_addr;\n        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;\n        include           fastcgi_params;\n    }\n\n    # Add two headers\n    add_header X-Via $server_addr;\n    add_header X-Cache $upstream_cache_status;\n\n    ## Reverse Proxy\n    location @springboot {\n        # Forward all nginx requests to port 9003\n        proxy_pass http://weiyuai;\n\n        # add_header Access-Control-Allow-Origin *; # Error, cannot add, need to remove corresponding origin in spring boot\n        # To record real IP address instead of reverse proxy server address\n        proxy_set_header  Host            $host;\n        # X-Real-IP makes logs show real client IP\n        proxy_set_header  X-Real-IP       $remote_addr;\n        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;\n        include           fastcgi_params;\n\n        # Set cache\n        # Set 10-minute cache for response codes 200 and 302, 10-minute cache for 404 code\n        #proxy_cache webserver;\n        #proxy_cache_valid  200 302  10m;\n        proxy_cache_valid  404      10m;\n    }\n\n    location / {\n        # First attempt to serve request as file, then\n        # as directory, then fall back to displaying a 404.\n        # try_files $uri $uri/ =404;\n        try_files $uri $uri/ @springboot;\n    }\n}\n'})}),"\n",(0,s.jsx)(n.h2,{id:"create-symbolic-links",children:"Create Symbolic Links"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"# Create symbolic links\nsudo ln -s /etc/nginx/sites-available/weiyuai_cn_80.conf /etc/nginx/sites-enabled/\nsudo ln -s /etc/nginx/sites-available/weiyuai_cn_443.conf /etc/nginx/sites-enabled/\nsudo ln -s /etc/nginx/sites-available/weiyuai_cn_api_80.conf /etc/nginx/sites-enabled/\nsudo ln -s /etc/nginx/sites-available/weiyuai_cn_api_443.conf /etc/nginx/sites-enabled/\n"})}),"\n",(0,s.jsx)(n.h2,{id:"apply-configuration",children:"Apply Configuration"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"# Reload nginx configuration\nsudo nginx -s reload\n# Or\nsudo systemctl reload nginx\n"})}),"\n",(0,s.jsx)(n.h2,{id:"open-ports",children:"Open Ports"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"# Ports to open externally\nhttp: 80\nhttps: 443\n# Optional, may not need to be opened externally\nmysql: 3306\nredis: 6379\nrest api: 9003\nwebsocket: 9885\n"})}),"\n",(0,s.jsx)(n.h2,{id:"modify-tcp-connections-optional",children:"Modify TCP Connections (Optional)"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-bash",children:"# Check maximum file limit for Linux system user\nulimit -n\n# 65535\n# Modify file limit\nvi /etc/security/limits.conf\nroot soft nofile 655350\nroot hard nofile 655350\nnginx soft nofile 6553500\nnginx hard nofile 6553500\n* soft nofile 655350\n* hard nofile 655350\n# root specifies which user's file limit to modify.\n# '*' can be used to modify limit for all users;\n# soft or hard specifies whether to modify soft or hard limit;\n# 102400 specifies the new limit value, i.e. maximum open files\n# (note: soft limit value must be less than or equal to hard limit)\n# Note: After modifying /etc/security/limits.conf, close Terminal and re-login or restart server to take effect\n# Check open files number\nulimit -a\n"})}),"\n",(0,s.jsx)(n.h2,{id:"common-issues",children:"Common Issues"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"# View nginx log\ncd /var/log/nginx\n"})}),"\n",(0,s.jsx)(n.h2,{id:"references",children:"References"}),"\n",(0,s.jsxs)(n.ul,{children:["\n",(0,s.jsx)(n.li,{children:(0,s.jsx)(n.a,{href:"https://letsencrypt.org/",children:"letsencrypt"})}),"\n",(0,s.jsx)(n.li,{children:(0,s.jsx)(n.a,{href:"https://www.jianshu.com/p/c5c9d071e395",children:"LetsEncrypt Wildcard Certificate"})}),"\n",(0,s.jsx)(n.li,{children:(0,s.jsx)(n.a,{href:"https://www.cnblogs.com/xiao987334176/p/11008812.html",children:"Ubuntu /etc/security/limits.conf Not Taking Effect"})}),"\n"]})]})}function h(e={}){const{wrapper:n}={...(0,t.R)(),...e.components};return n?(0,s.jsx)(n,{...e,children:(0,s.jsx)(c,{...e})}):c(e)}},6246:(e,n,i)=>{i.d(n,{R:()=>a,x:()=>o});var r=i(2155);const s={},t=r.createContext(s);function a(e){const n=r.useContext(t);return r.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function o(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(s):e.components||s:a(e.components),r.createElement(t.Provider,{value:n},e.children)}}}]);