Browse Source

refactor: configfile of nginx

master
Dnomd343 4 years ago
parent
commit
0d2b97ef56
  1. 2
      Dockerfile
  2. 54
      README.md
  3. 48
      conf/nginx/README.md
  4. 0
      conf/nginx/docker.conf
  5. 8
      conf/nginx/ip.conf
  6. 73
      conf/nginx/methodA/ip-sub.func
  7. 15
      conf/nginx/methodA/ip.conf

2
Dockerfile

@ -8,6 +8,6 @@ RUN mkdir -p /var/www/echoIP \
&& apt install -y php7.3 php7.3-fpm php7.3-sqlite3 \
&& apt install -y nodejs \
&& apt clean \
&& cp /var/www/echoIP/conf/nginx/docker/ip.conf /etc/nginx/conf.d \
&& cp /var/www/echoIP/conf/nginx/docker.conf /etc/nginx/conf.d \
&& chmod +x /init.sh
CMD ["sh","init.sh"]

54
README.md

@ -2,7 +2,7 @@
> 显示客户端IP、查询IP详细信息
结合 [ipinfo.io](https://ipinfo.io/)、[IPIP.net](https://www.ipip.net/)、[纯真IP](http://www.cz88.net/) 的数据计算指定IP信息,支持IPv4与IPv6地址。
结合 [ipinfo.io](https://ipinfo.io/)、[IPIP.net](https://www.ipip.net/)、[纯真IP](http://www.cz88.net/) 的数据获取IP地址的信息,支持IPv4与IPv6地址。
客户端可直接向服务器询问自己的IP地址,同时可指定任意IP地址获取其详细信息。
@ -52,10 +52,17 @@ shell> docker -v
启动容器并映射端口
```
# 这里映射到宿主机1601端口,可更改
# 映射容器服务到宿主机1601端口
shell> docker run -dit --name echoip -p 1601:8080 dnomd343/echoip
```
测试容器是否正常工作
```
shell> curl 127.0.0.1:1601/8.8.8.8
···8.8.8.8的详细信息···
```
配置Nginx反向代理
```
@ -71,7 +78,7 @@ shell> vim ip.conf
server {
listen 80;
listen [::]:80;
server_name ip.343.re; #
server_name ip.343.re; # 改为自己的域名
location / {
if ($http_user_agent !~* (curl|wget)) {
return 301 https://$server_name$request_uri;
@ -82,18 +89,24 @@ server {
}
server {
listen 444 ssl http2 proxy_protocol;
listen [::]:444 ssl http2 proxy_protocol;
server_name ip.343.re;
ssl_certificate /etc/ssl/certs/343.re/fullchain.pem;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ip.343.re; # 改为自己的域名
ssl_certificate /etc/ssl/certs/343.re/fullchain.pem; # 改为自己的证书
ssl_certificate_key /etc/ssl/certs/343.re/privkey.pem;
location / {
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:1601;
}
}
```
重启Nginx服务
```
shell> nginx -s reload
```
### 常规方式
首先拉取仓库到你的服务器上,这里以 `/var/www/echoIP` 为例
@ -127,10 +140,28 @@ shell> wget --version
```
shell> cd /var/www/echoIP/backend/qqwryFormat
# 默认端口为1602,注意不要重复开启
shell> ./start
shell> ./start.sh
```
配置网页服务器代理,需要额外占用除80与443之外的一个端口,默认为TCP/1601,可按需修改
```
# 进入nginx配置目录
shell> cd /etc/nginx/conf.d
# 从代码仓库复制配置文件
shell> cp /var/www/echoIP/conf/nginx/ip.conf ./
# 修改配置文件,将ip.343.re改为需要部署的域名
shell> vim ip.conf
···
```
配置网页服务器代理,这里提供[Nginx示例](https://github.com/dnomd343/echoIP/blob/main/conf/nginx/README.md)
重启Nginx服务
```
shell> nginx -s reload
```
## 开发资料
@ -140,21 +171,18 @@ shell> ./start
```
shell> docker build -t echoip https://github.com/dnomd343/echoIP.git#main
···
```
启动容器
```
shell> docker run -dit --name echoip -p 1601:8080 echoip
···
```
进入容器调试
```
shell> docker exec -it echoip bash
···
```
### ipinfo.io

48
conf/nginx/README.md

@ -1,48 +0,0 @@
## Nginx配置
### 方式A
需要两个配置文件 `ip.conf``ip-sub.func`
```
# 进入nginx配置目录
shell> cd /etc/nginx/conf.d
# 从代码仓库复制配置文件
shell> cp /var/www/echoIP/conf/nginx/methodA/ip.conf ./
shell> cp /var/www/echoIP/conf/nginx/methodA/ip-sub.func ./
# 修改配置文件,将ip.343.re改为需要部署的域名
shell> vim ip.conf
···
shell> vim ip-sub.func
···
```
重启Nginx服务
```
shell> nginx -s reload
```
### 方式B
需要一个配置文件 `ip.conf` ,但需要额外占用除80与443之外的一个端口,默认为TCP/1601,可按需修改
```
# 进入nginx配置目录
shell> cd /etc/nginx/conf.d
# 从代码仓库复制配置文件
shell> cp /var/www/echoIP/conf/nginx/methodB/ip.conf ./
# 修改配置文件,将ip.343.re改为需要部署的域名
shell> vim ip.conf
···
```
重启Nginx服务
```
shell> nginx -s reload
```

0
conf/nginx/docker/ip.conf → conf/nginx/docker.conf

8
conf/nginx/methodB/ip.conf → conf/nginx/ip.conf

@ -7,7 +7,7 @@ server {
return 301 https://$server_name$request_uri;
}
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:1601; # 自定义端口
proxy_pass http://127.0.0.1:1601;
}
}
@ -19,12 +19,12 @@ server {
ssl_certificate_key /etc/ssl/certs/343.re/privkey.pem;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:1601; # 自定义端口
proxy_pass http://127.0.0.1:1601;
}
}
server {
listen 1601; # 自定义端口
listen 1601;
root /var/www/echoIP;
set_real_ip_from 0.0.0.0/0;
@ -55,7 +55,7 @@ server {
location ~* ^/([^/]+?)$ {
set $request_ip $1;
if ($http_user_agent ~* (curl|wget)) {
proxy_pass http://127.0.0.1:1601/info/$request_ip; # 自定义端口
proxy_pass http://127.0.0.1:1601/info/$request_ip;
}
}

73
conf/nginx/methodA/ip-sub.func

@ -1,73 +0,0 @@
root /var/www/echoIP;
resolver 8.8.8.8;
location = / {
if ($http_user_agent ~* (curl|wget)) {
return 200 $remote_addr\n;
}
if ($scheme = http) {
return 301 https://$server_name;
}
index index.html;
}
location = /ua {
if ($http_user_agent ~* (curl|wget)) {
return 200 $http_user_agent\n;
}
default_type application/json;
return 200 $http_user_agent;
}
location = /ip {
if ($http_user_agent ~* (curl|wget)) {
return 200 $remote_addr\n;
}
if ($scheme = http) {
return 301 https://$server_name/ip;
}
return 200 $remote_addr;
}
location ~* ^/([^/]+?)$ {
set $request_ip $1;
if ($http_user_agent ~* (curl|wget)) {
proxy_pass https://ip.343.re/info/$request_ip; # 改成自己的域名
break;
}
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
}
location ^~ /info {
set $is_cli 0;
set $is_https 0;
set $is_legal 0;
if ($uri ~* ^/info/?$) {
set $is_legal 1;
set $query ip=$remote_addr;
}
if ($uri ~* ^/info/([^/]+?)$) {
set $is_legal 1;
set $query ip=$1;
}
if ($is_legal = 0) {
return 404;
}
if ($scheme = https) {
set $is_https 1;
}
if ($http_user_agent ~* (curl|wget)) {
set $is_cli 1;
set $query $query&cli=true;
}
set $flag_https_cli $is_https$is_cli;
if ($flag_https_cli = 00) {
return 301 https://$server_name$request_uri;
}
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000; # php-fpm接口
fastcgi_param QUERY_STRING $query;
fastcgi_param SCRIPT_FILENAME /var/www/echoIP/backend/queryInfo.php;
}

15
conf/nginx/methodA/ip.conf

@ -1,15 +0,0 @@
server {
listen 80;
listen [::]:80;
server_name ip.343.re; # 改为自己的域名
include conf.d/ip-sub.func;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ip.343.re; # 改为自己的域名
ssl_certificate /etc/ssl/certs/343.re/fullchain.pem; # 改为自己的证书
ssl_certificate_key /etc/ssl/certs/343.re/privkey.pem;
include conf.d/ip-sub.func;
}
Loading…
Cancel
Save