黄志涛
MongoDB 文件损坏恢复
分开部署手册
充电桩常见问题处理
普洛斯脏数据处理
能耗排查
Linux 系统 Docker 日志限制
后台中台延迟启动设置
Linux 项目数据目录迁移
能耗阈值设置
RabbitMQ服务弱口令问题
定时备份Mysql 功能调整
MQTT版本升级
从 Google Drive 下载部署包
通过同一个端口访问网站或者连接设备
数据库异地备份方案
本文档使用 MrDoc 发布
-
+
首页
通过同一个端口访问网站或者连接设备
## 1、简要说明 项目上只能开放一个端口,那么可以通过OpenResty组件来实现,网站访问和设备上报用同一个端口。 ## 2、上传OpenResty 镜像 从 svn://192.168.32.20/CodeData/Release/eiot/镜像 下载 OpenResty 文件  上传到 /home/acrel-iot-linux/docker/images 目录下,并运行以下命令进行导入 ```bash docker load -i /home/acrel-iot-linux/docker/images/openresty.tar ``` ## 3、上传lua脚本 /home/acrel-iot-linux/config 目录下创建 lua目录,并在目录下创建 preread.lua文件,并且按照提示调整 将10.212.46.219改为服务器内网IP,20028改为TCP路由端口 ``` local sock = ngx.req.socket(true) if not sock then -- 1. TCP 协议 ngx.var.backend = "10.212.46.219:20028" return end sock:settimeout(50) local data = sock:peek(1) if not data then -- 1. TCP 协议 ngx.var.backend = "10.212.46.219:20028" return end local b = data:byte(1) if b == 0x16 then -- 2. HTTPS 协议 ngx.var.backend = "10.212.46.219:8890" return end -- 3. 判断 MQTT 协议 if b == 0x10 then ngx.var.backend = "10.212.46.219:30001" return end -- 4. 判断 HTTP (明文) -- HTTP 请求通常以方法名开头: -- GET -> 0x47 ('G') -- POST -> 0x50 ('P') -- PUT -> 0x50 ('P') -- HEAD -> 0x48 ('H') -- DELETE -> 0x44 ('D') -- OPTIONS -> 0x4F ('O') -- PATCH -> 0x50 ('P') if b == 0x47 or b == 0x50 or b == 0x48 or b == 0x44 or b == 0x4F then -- 匹配到 HTTP 方法首字母,转发到明文 HTTP 后端 ngx.var.backend = "10.212.46.219:8890" return end -- 1. 默认TCP 协议 ngx.var.backend = "10.212.46.219:20028" ``` 运行以下命令,赋予执行权限 ````bash chmod o+r,o+x /home/acrel-iot-linux/docker/config/lua ```` ## 4、Nginx 配置替换 stream 部分为新增内容,将20071替换为服务器开通的端口 ``` #user nobody; worker_processes 8; worker_rlimit_nofile 65535; events { worker_connections 20480; } stream { error_log /usr/local/openresty/lua/stream.log debug; tcp_nodelay on; proxy_ssl off; server { listen 20071; set $backend ""; preread_by_lua_file /usr/local/openresty/lua/preread.lua; ssl_preread on; proxy_pass $backend; proxy_connect_timeout 3s; proxy_timeout 24h; proxy_socket_keepalive on; } } http { client_max_body_size 100m; include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 20003; server_name localhost 127.0.0.1; gzip on; gzip_buffers 32 4K; gzip_comp_level 6; gzip_min_length 100; gzip_types application/javascript text/css text/xml; gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持) gzip_vary on; location / { root /usr/local/web/vision_web; } location /exchange/ { proxy_pass http://127.0.0.1:20001/exchange/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } location /basic/prepayment/{ proxy_pass http://127.0.0.1:19900/prepayment/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_buffer_size 4096k; proxy_buffers 16 4096k; proxy_busy_buffers_size 8192k; proxy_temp_file_write_size 8192k; } location = /50x.html { root html; } } server { listen 20005; server_name localhost 127.0.0.1; gzip on; gzip_buffers 32 4K; gzip_comp_level 6; gzip_min_length 100; gzip_types application/javascript text/css text/xml; gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持) gzip_vary on; location / { root /usr/local/web/debug_web; } location /exchange/ { proxy_pass http://127.0.0.1:20001/exchange/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } location /basic/prepayment/{ proxy_pass http://127.0.0.1:19900/prepayment/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_buffer_size 4096k; proxy_buffers 16 4096k; proxy_busy_buffers_size 8192k; proxy_temp_file_write_size 8192k; } location = /50x.html { root html; } } server { listen 20111; server_name localhost 127.0.0.1; gzip on; gzip_buffers 32 4K; gzip_comp_level 6; gzip_min_length 100; gzip_types application/javascript text/css text/xml; gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持) gzip_vary on; location / { root /usr/local/web/iot_admin; } location /exchange/ { proxy_pass http://127.0.0.1:20001/exchange/; proxy_http_version 1.1; proxy_set_header Upwebgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } location = /50x.html { root html; } } server { listen 20002; gzip on; gzip_buffers 32 4K; gzip_comp_level 6; gzip_min_length 100; gzip_types application/javascript text/css text/xml; gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持) gzip_vary on; location / { root /usr/local/web/appH5/dist/build/h5; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 8890; # listen 443 ssl; # server_name localhost 127.0.0.1 domainName; # ssl_certificate /cert/certificate.crt; # ssl_certificate_key /cert/certificate.key; # ssl_session_timeout 5m; # ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # ssl_prefer_server_ciphers on; #charset koi8-r; gzip on; gzip_buffers 32 4K; gzip_comp_level 6; gzip_min_length 100; gzip_types application/javascript text/css text/xml; gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持) gzip_vary on; #access_log logs/host.access.log main; location / { if ($request_filename ~* .*\.(?:htm|html)$) ## 配置页面不缓存html和htm结尾的文件 { add_header Cache-Control "private, no-store, no-cache, must-revalidate, proxy-revalidate"; } root /usr/local/web/eiot_web; index index.html; try_files $uri $uri/ /index.html; error_page 405 =200 http://$host$request_uri; client_max_body_size 200m; add_header Access-Control-Allow-Credentials "true"; add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; } location /ws { proxy_pass http://127.0.0.1:20072; proxy_read_timeout 60s; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'Upgrade'; } location /webeditor { alias /usr/local/web/webeditor/; index index.html; try_files $uri $uri/ /index.html; add_header Access-Control-Allow-Credentials "true"; add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; } location /H5 { alias /usr/share/nginx/html/yff; index index.html index.htm; try_files $uri $uri/ /index.html =404; error_page 405 =200 http://$host$request_uri; } location /basic/prepayment/{ proxy_pass http://127.0.0.1:19900/prepayment/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_buffer_size 4096k; proxy_buffers 16 4096k; proxy_busy_buffers_size 8192k; proxy_temp_file_write_size 8192k; } location /basic/system/{ proxy_pass http://127.0.0.1:19900/prepayment/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_buffer_size 4096k; proxy_buffers 16 4096k; proxy_busy_buffers_size 8192k; proxy_temp_file_write_size 8192k; } location /basic/currency/{ proxy_pass http://127.0.0.1:19900/prepayment/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_buffer_size 4096k; proxy_buffers 16 4096k; proxy_busy_buffers_size 8192k; proxy_temp_file_write_size 8192k; } location /exchange/{ proxy_pass http://127.0.0.1:20001/exchange/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_buffer_size 4096k; proxy_buffers 16 4096k; proxy_busy_buffers_size 8192k; proxy_temp_file_write_size 8192k; } location /basic/image/ { add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Headers X-Requested-With; add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS; if ($request_method = 'OPTIONS') { return 204; } alias /image/ ; } location /image/ { add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Headers X-Requested-With; add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS; if ($request_method = 'OPTIONS') { return 204; } alias /image/ ; } location /basic_dev/{ proxy_pass http://127.0.0.1:20007/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } } ``` ## 5、Docker 容器调整 替换 /home/acrel-iot-linux/docker/docker-compose.yml 文件 ```yaml services: iot-mongo: image: mongo:4.4 container_name: iot-mongo restart: always volumes: - ${DIR}/data/mongo:/data/db - /etc/localtime:/etc/localtime - ${DIR}/config/mongo/keyfile:/data/mongo_key_file/keyfile environment: # ROOT用户名 MONGO_INITDB_ROOT_USERNAME: acrel # ROOT用户密码 MONGO_INITDB_ROOT_PASSWORD: Acrel1a2c3r4e5l6! ports: # MongoDB连接端口 - 20051:27017 deploy: resources: limits: memory: 3G reservations: memory: 200M ulimits: nofile: soft: 65535 hard: 65535 iot-mysql: image: mysql:8.0.43 container_name: iot-mysql restart: always volumes: - ${DIR}/data/mysql:/var/lib/mysql - /etc/localtime:/etc/localtime command: --skip-log-bin --lower_case_table_names=1 --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci --explicit_defaults_for_timestamp=true --sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION,NO_ENGINE_SUBSTITUTION environment: MYSQL_ROOT_PASSWORD: Acrel1a2c3r4e5l6! ports: - 20052:3306 ulimits: nofile: soft: 65535 hard: 65535 iot-redis: image: redis:latest container_name: iot-redis restart: always volumes: - /etc/localtime:/etc/localtime - ${DIR}/data/redis:/data command: --requirepass Acrel1a2c3r4e5l6! --masterauth Acrel1a2c3r4e5l6! ports: - 20053:6379 ulimits: nofile: soft: 65535 hard: 65535 iot-rabbitmq: image: rabbitmq:3.13.7 container_name: iot-rabbitmq hostname : iot-rabbitmq restart: always environment: - LANG=en_US.UTF-8 volumes: - /etc/localtime:/etc/localtime - ${DIR}/config/rabbit:/etc/rabbitmq - ${DIR}/data/rabbit/data:/var/lib/rabbitmq - ${DIR}/data/rabbit/log:/var/log/rabbitmq ports: - "20072:20072" - "30001:1883" - "5672:5672" - "15672:15672" ulimits: nofile: soft: 65535 hard: 65535 iot-openresty: image: openresty/openresty container_name: iot-openresty network_mode: host restart: always volumes: - ${DIR}/config/nginx/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf - ${DIR}/web:/usr/local/web - ${DIR}/image:/image - ${DIR}/config/nginx/cert:/cert - ${DIR}/config/lua:/usr/local/openresty/lua ulimits: nofile: soft: 65535 hard: 65535 iot-exchange: image: java:8 container_name: iot-exchange network_mode: host restart: always depends_on: - iot-rabbitmq - iot-redis - iot-mongo - iot-mysql environment: - TZ=${TIME_ZONE} - LANG=en_US.UTF-8 volumes: - /etc/localtime:/etc/localtime:ro - /usr/share/zoneinfo/${TIME_ZONE}:/etc/localtime - ${DIR}/server/exchange:/home/exchange command: java -server -Dfile.encoding=UTF-8 -jar -Duser.timezone="${TIME_ZONE}" /home/exchange/service-exchange-1.0.jar --spring.config.location=classpath:/,file:/home/exchange/config/ --spring.profiles.active=prod-linux ulimits: nofile: soft: 65535 hard: 65535 iot-eiot: image: java:8 container_name: iot-eiot network_mode: host restart: always depends_on: - iot-rabbitmq - iot-redis - iot-mongo - iot-mysql volumes: - /usr/share/zoneinfo/${TIME_ZONE}:/etc/localtime - ${DIR}/server/eiot:/home/eiot - ${DIR}/image:/image - /home/local/acre:/usr/local/acre - ${DIR}/cert:/home/cert - ${DIR}/server/eiot/log:/log - ${DIR}/backup:/backup command: java -server -Dfile.encoding=UTF-8 -jar -Duser.timezone="${TIME_ZONE}" /home/eiot/service-eiot-web-1.0.jar --spring.config.location=classpath:/,file:/home/eiot/config/ --spring.profiles.active=prod-linux ulimits: nofile: soft: 65535 hard: 65535 ``` 运行以下命令删除Nginx 容器并且重建: ```bash docker stop iot-nginx docker start iot-nginx docker-compose -f /home/acrel-iot-linux/docker/docker-compose.yml up -d ```
admin
2026年3月30日 16:38
转发文档
收藏文档
上一篇
下一篇
手机扫码
复制链接
手机扫一扫转发分享
复制链接
Markdown文件
分享
链接
类型
密码
更新密码