hailin
/
rwadurian
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
rwadurian/frontend/admin-web/nginx
History
hailin 747e4ae8ef refactor(mpc-system): migrate to party-driven architecture with PartyID-based routing 
- Remove Address field from PartyEndpoint (parties connect to router themselves)
- Update K8s Discovery to only manage PartyID and Role labels
- Add Party registration and SessionEvent protobuf definitions
- Implement PartyRegistry and SessionEventBroadcaster domain logic
- Add RegisterParty and SubscribeSessionEvents gRPC handlers
- Prepare infrastructure for party-driven MPC coordination

This is the first phase of migrating from coordinator-driven to party-driven
architecture following international MPC system design patterns.
 		2025-12-05 08:11:28 -08:00
..
README.md refactor(mpc-system): migrate to party-driven architecture with PartyID-based routing 2025-12-05 08:11:28 -08:00
install.sh refactor(mpc-system): migrate to party-driven architecture with PartyID-based routing 2025-12-05 08:11:28 -08:00
rwaadmin.szaiai.com.conf refactor(mpc-system): migrate to party-driven architecture with PartyID-based routing 2025-12-05 08:11:28 -08:00
setup-ssl.sh refactor(mpc-system): migrate to party-driven architecture with PartyID-based routing 2025-12-05 08:11:28 -08:00

README.md

Nginx 配置说明

快速部署

前提条件

  1. 一台 Ubuntu/Debian 服务器
  2. 域名 rwaadmin.szaiai.com 的 DNS A 记录已指向服务器 IP
  3. 防火墙开放 80 和 443 端口

一键安装

# 1. 上传项目到服务器
scp -r ./admin-web user@server:/opt/

# 2. SSH 登录服务器
ssh user@server

# 3. 运行 Nginx 安装脚本
cd /opt/admin-web/nginx
sudo chmod +x install.sh
sudo ./install.sh

手动安装步骤

1. 安装 Nginx 和 Certbot

sudo apt update && sudo apt upgrade -y
sudo apt install -y nginx certbot python3-certbot-nginx

2. 配置防火墙

sudo ufw allow 'Nginx Full'
sudo ufw allow OpenSSH
sudo ufw enable

3. 创建 Nginx 配置

# 复制配置文件
sudo cp rwaadmin.szaiai.com.conf /etc/nginx/sites-available/rwaadmin.szaiai.com

# 启用站点
sudo ln -s /etc/nginx/sites-available/rwaadmin.szaiai.com /etc/nginx/sites-enabled/

# 删除默认站点 (可选)
sudo rm /etc/nginx/sites-enabled/default

# 测试配置
sudo nginx -t

4. 申请 SSL 证书

# 创建验证目录
sudo mkdir -p /var/www/certbot

# 先创建临时 HTTP 配置用于验证
# (或使用 certbot --nginx 自动配置)

# 申请证书
sudo certbot certonly --webroot -w /var/www/certbot -d rwaadmin.szaiai.com

# 或使用 Nginx 插件自动配置
sudo certbot --nginx -d rwaadmin.szaiai.com

5. 重载 Nginx

sudo nginx -t && sudo systemctl reload nginx

证书管理

查看证书

sudo certbot certificates

手动续期

sudo certbot renew

测试续期

sudo certbot renew --dry-run

自动续期

Certbot 会自动创建 systemd timer 进行证书续期:

# 查看 timer 状态
sudo systemctl status certbot.timer

# 查看续期日志
sudo journalctl -u certbot

常用命令

# Nginx 状态
sudo systemctl status nginx

# 启动/停止/重启
sudo systemctl start nginx
sudo systemctl stop nginx
sudo systemctl restart nginx

# 重载配置 (不中断服务)
sudo systemctl reload nginx

# 测试配置语法
sudo nginx -t

# 查看访问日志
sudo tail -f /var/log/nginx/rwaadmin.szaiai.com.access.log

# 查看错误日志
sudo tail -f /var/log/nginx/rwaadmin.szaiai.com.error.log

文件结构

nginx/
├── README.md                    # 本文档
├── install.sh                   # 一键安装脚本
├── setup-ssl.sh                 # SSL 配置脚本
└── rwaadmin.szaiai.com.conf     # Nginx 站点配置

故障排除

1. 证书申请失败

  • 确认域名 DNS 已正确解析到服务器 IP
  • 确认 80 端口可访问
  • 检查 /var/www/certbot 目录权限

2. 502 Bad Gateway

  • 确认 Docker 容器正在运行: docker ps
  • 确认应用监听 3000 端口: curl localhost:3000

3. 证书过期

# 手动续期
sudo certbot renew --force-renewal
sudo systemctl reload nginx