Предпосылки
Пример конфигурации nginx для установки ИБП Мастер:Копировать
upstream frontend {
server localhost:8081;
}
upstream backend {
server localhost:8001;
}
upstream rabbit {
server localhost:15672;
}
upstream agent {
server localhost:8002;
}
server {
listen 80;
server_name yourdomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name ibp.example.com;
add_header X-Frame-Options SAMEORIGIN;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header Cache-Control "private";
add_header Access-Control-Allow-Origin https://yourdomain.com;
add_header Access-Control-Allow-Methods "GET, OPTIONS, POST";
add_header Access-Control-Allow-Headers "Content-Type";
add_header Access-Control-Max-Age 86400;
ssl_certificate /path/to/cert/fullchain.pem;
ssl_certificate_key /path/to/cert/privkey.pem;
location / {
proxy_pass http://frontend;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
location ^~ /agent {
proxy_pass http://agent;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
location ^~ /api {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
location /rabbit {
proxy_pass http://rabbit;
rewrite ^/rabbit(/.*)$ $1 break;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
}
Установка ИБП Мастер
- Клонируем репозиторий ИБП Мастер
Копировать
git clone - https://b1-dev.gitlab.yandexcloud.net/main/b1-ks/ibpmaster/p-ibp-deploy.git
- Авторизовываемся в Container Registry
Копировать
docker login cr.b1-it.ru
- Заполняем конфигурационный файл
.envпо приложенному шаблону. - Запускаем приложение через команду
docker compose up -d. - Инициализируем БД
Данный пункт также автоматически выполняется при запуске docker compose
Копировать
docker compose exec -it p-ibp-backend /bin/bash -c "python manage.py setup_db"
- Инициализируем базовые роли
Данный пункт также автоматически выполняется при запуске docker compose
Копировать
docker compose exec -it p-ibp-backend /bin/bash -c "python manage.py setup_roles"
- Создаем пользователя администратора
Копировать
docker compose exec -it p-ibp-backend /bin/bash -c "python manage.py createsuperuser"