From 1117bd0bd7fd6237fd10b7c7ea87bb723bddfe96 Mon Sep 17 00:00:00 2001 From: Developer Date: Mon, 18 May 2026 20:51:54 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20=E7=AB=AF=E5=8F=A3=E6=94=B9?= =?UTF-8?q?=E4=B8=BA=E5=86=85=E9=83=A8=E6=98=A0=E5=B0=84=EF=BC=8C=E9=80=9A?= =?UTF-8?q?=E8=BF=87=20Nginx=20=E5=8F=8D=E5=90=91=E4=BB=A3=E7=90=86?= =?UTF-8?q?=E8=AE=BF=E9=97=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - docker-compose.test.yml: API 和 MongoDB 端口改为 expose(仅容器内部可见) - webhook-server.js: 端口改为 19001,绑定 127.0.0.1(仅本机访问) - 新增 deploy/nginx-test.conf Nginx 反向代理配置 - API: miniapp-api-test.dxz99wyr.cn → miniapp-api_test:3001 - Webhook: miniapp-api-test-webhook.dxz99wyr.cn/webhook → 127.0.0.1:19001 - 更新 setup.sh 和 README.md 文档 --- deploy/README.md | 28 +++++++++++++++++++++++----- deploy/nginx-test.conf | 25 +++++++++++++++++++++++++ deploy/setup.sh | 2 +- deploy/webhook-server.js | 7 ++++--- docker-compose.test.yml | 8 ++++---- 5 files changed, 57 insertions(+), 13 deletions(-) create mode 100644 deploy/nginx-test.conf diff --git a/deploy/README.md b/deploy/README.md index 020c05c..3a08116 100644 --- a/deploy/README.md +++ b/deploy/README.md @@ -52,7 +52,7 @@ chmod +x deploy/setup.sh 在 Git 仓库设置中添加 Webhook: -- **Payload URL**: `http://your-server-ip:9001/webhook` +- **Payload URL**: `https://miniapp-api-test-webhook.dxz99wyr.cn/webhook` - **Content type**: `application/json` - **Secret**: 你设置的 `WEBHOOK_SECRET` - **触发事件**: Push events (main 分支) @@ -60,23 +60,41 @@ chmod +x deploy/setup.sh ### 5. 开放防火墙端口 ```bash -# 开放 9001 端口(webhook)和 3001 端口(API) -ufw allow 9001/tcp -ufw allow 3001/tcp +# 仅需开放 80/443 端口,所有服务通过 Nginx 反向代理 +ufw allow 80/tcp +ufw allow 443/tcp ``` ### 6. 配置 Nginx 反向代理 (推荐) ```nginx +# 复制到服务器的 Nginx 配置目录 +# cp deploy/nginx-test.conf /opt/ALiYunManager/nginx/conf.d/miniapp-api-test.conf +# docker exec main-nginx nginx -t && docker exec main-nginx nginx -s reload + server { listen 80; server_name miniapp-api-test.dxz99wyr.cn; location / { - proxy_pass http://localhost:3001; + proxy_pass http://miniapp-api_test:3001; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} + +server { + listen 80; + server_name miniapp-api-test-webhook.dxz99wyr.cn; + + location /webhook { + proxy_pass http://127.0.0.1:19001/webhook; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; } } ``` diff --git a/deploy/nginx-test.conf b/deploy/nginx-test.conf new file mode 100644 index 0000000..686c319 --- /dev/null +++ b/deploy/nginx-test.conf @@ -0,0 +1,25 @@ +server { + listen 80; + server_name miniapp-api-test.dxz99wyr.cn; + + location / { + proxy_pass http://miniapp-api_test:3001; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} + +server { + listen 80; + server_name miniapp-api-test-webhook.dxz99wyr.cn; + + location /webhook { + proxy_pass http://127.0.0.1:19001/webhook; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} diff --git a/deploy/setup.sh b/deploy/setup.sh index c74996e..9f22836 100644 --- a/deploy/setup.sh +++ b/deploy/setup.sh @@ -44,7 +44,7 @@ echo "==========================================" echo " 配置完成!" echo "==========================================" echo "" -echo "Webhook 接收地址: http://$(curl -s ifconfig.me):9001/webhook" +echo "Webhook 接收地址: https://miniapp-api-test-webhook.dxz99wyr.cn/webhook" echo "API 测试地址: https://miniapp-api-test.dxz99wyr.cn" echo "" echo "查看 webhook 日志: journalctl -u miniapp-api_test-webhook -f" diff --git a/deploy/webhook-server.js b/deploy/webhook-server.js index 43ae176..7af858b 100644 --- a/deploy/webhook-server.js +++ b/deploy/webhook-server.js @@ -3,7 +3,7 @@ const { exec } = require('child_process'); const path = require('path'); const crypto = require('crypto'); -const PORT = 9001; +const PORT = 19001; const DEPLOY_DIR = '/opt/miniapp-api_test'; const COMPOSE_FILE = 'docker-compose.test.yml'; @@ -98,8 +98,9 @@ const server = http.createServer(async (req, res) => { }); }); -server.listen(PORT, '0.0.0.0', () => { +server.listen(PORT, '127.0.0.1', () => { console.log(`Webhook 服务器已启动, 监听端口 ${PORT}`); console.log(`部署目录: ${DEPLOY_DIR}`); - console.log(`接收地址: http://your-server-ip:${PORT}/webhook`); + console.log(`接收地址: http://127.0.0.1:${PORT}/webhook`); + console.log(`Nginx 代理地址: http://your-server-ip/webhook`); }); diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 0e112ec..1f5c40b 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -5,8 +5,8 @@ services: dockerfile: Dockerfile container_name: miniapp-api_test restart: unless-stopped - ports: - - "3001:3001" + expose: + - "3001" environment: - PORT=3001 - NODE_ENV=production @@ -38,8 +38,8 @@ services: image: mongo:7.0 container_name: miniapp-api_test-mongo restart: unless-stopped - ports: - - "27019:27017" + expose: + - "27017" volumes: - mongo_data_test:/data/db environment: