38 lines
8.2 KiB
JavaScript
38 lines
8.2 KiB
JavaScript
import{_ as s,o as a,c as n,R as l}from"./chunks/framework.44fd0451.js";const d=JSON.parse('{"title":"","description":"","frontmatter":{},"headers":[],"relativePath":"guide/q3.md","filePath":"guide/q3.md","lastUpdated":1701657270000}'),p={name:"guide/q3.md"},o=l(`<h4 id="反向代理-grpc-端口-支持-cloudflare-cdn" tabindex="-1">反向代理 gRPC 端口(支持 Cloudflare CDN) <a class="header-anchor" href="#反向代理-grpc-端口-支持-cloudflare-cdn" aria-label="Permalink to "反向代理 gRPC 端口(支持 Cloudflare CDN)""></a></h4><p>使用 Nginx 或者 Caddy 反向代理 gRPC</p><ul><li>Nginx 配置</li></ul><div class="language-nginx"><button title="Copy Code" class="copy"></button><span class="lang">nginx</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#C792EA;">server</span><span style="color:#A6ACCD;"> {</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> listen </span><span style="color:#A6ACCD;">443 ssl http2</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> listen </span><span style="color:#A6ACCD;">[::]:443 ssl http2</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> server_name </span><span style="color:#A6ACCD;">data.example.com</span><span style="color:#89DDFF;">;</span><span style="color:#A6ACCD;"> </span><span style="color:#676E95;font-style:italic;"># 你的 Agent 连接 Dashboard 的域名</span></span>
|
||
<span class="line"></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> ssl_certificate </span><span style="color:#A6ACCD;"> /data/letsencrypt/fullchain.pem</span><span style="color:#89DDFF;">;</span><span style="color:#A6ACCD;"> </span><span style="color:#676E95;font-style:italic;"># 你的域名证书路径</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> ssl_certificate_key </span><span style="color:#A6ACCD;"> /data/letsencrypt/key.pem</span><span style="color:#89DDFF;">;</span><span style="color:#A6ACCD;"> </span><span style="color:#676E95;font-style:italic;"># 你的域名私钥路径</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> ssl_stapling </span><span style="color:#A6ACCD;">on</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> ssl_session_timeout </span><span style="color:#A6ACCD;">1d</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> ssl_session_cache </span><span style="color:#A6ACCD;">shared:SSL:10m</span><span style="color:#89DDFF;">;</span><span style="color:#A6ACCD;"> </span><span style="color:#676E95;font-style:italic;"># 此项可能会和其他配置文件冲突,如冲突请注释此项</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> ssl_protocols </span><span style="color:#A6ACCD;">TLSv1.1 TLSv1.2 TLSv1.3</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> underscores_in_headers </span><span style="color:#A6ACCD;">on</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> keepalive_time </span><span style="color:#A6ACCD;">24h</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> keepalive_requests </span><span style="color:#A6ACCD;">100000</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> keepalive_timeout </span><span style="color:#A6ACCD;">120s</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#C792EA;">location</span><span style="color:#A6ACCD;"> </span><span style="color:#FFCB6B;">/ </span><span style="color:#A6ACCD;">{</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> grpc_read_timeout </span><span style="color:#A6ACCD;">300s</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> grpc_send_timeout </span><span style="color:#A6ACCD;">300s</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> grpc_socket_keepalive </span><span style="color:#A6ACCD;">on</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> grpc_pass </span><span style="color:#A6ACCD;">grpc://grpcservers</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> }</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;">}</span></span>
|
||
<span class="line"></span>
|
||
<span class="line"><span style="color:#C792EA;">upstream</span><span style="color:#A6ACCD;"> </span><span style="color:#FFCB6B;">grpcservers </span><span style="color:#A6ACCD;">{</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;">server</span><span style="color:#A6ACCD;"> localhost:5555;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;"> keepalive </span><span style="color:#A6ACCD;">512</span><span style="color:#89DDFF;">;</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;">}</span></span></code></pre></div><ul><li>Caddy 配置</li></ul><div class="language-"><button title="Copy Code" class="copy"></button><span class="lang"></span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#A6ACCD;">data.example.com:443 { # 你的 Agent 连接 Dashboard 的域名</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> reverse_proxy {</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> to localhost:5555</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> transport http {</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> versions h2c 2</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> }</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> }</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;">}</span></span></code></pre></div><p>Dashboard 面板端配置</p><ul><li>首先登录面板进入管理后台 打开设置页面,在 <code>未接入CDN的面板服务器域名/IP</code> 中填入上一步在 Nginx 或 Caddy 中配置的域名 比如 <code>data.example.com</code> ,并保存。</li><li>然后在面板服务器中,打开 /opt/nezha/dashboard/data/config.yaml 文件,将 <code>proxygrpcport</code> 修改为 Nginx 或 Caddy 监听的端口,比如上一步设置的 <code>443</code> ;因为我们在 Nginx 或 Caddy 中开启了 SSL/TLS,所以需要将 <code>tls</code> 设置为 <code>true</code> ;修改完成后重启面板。</li></ul><p>Agent 端配置</p><ul><li>登录面板管理后台,复制一键安装命令,在对应的服务器上面执行一键安装命令重新安装 agent 端即可。</li></ul><p>开启 Cloudflare CDN(可选)</p><p>根据 Cloudflare gRPC 的要求:gRPC 服务必须侦听 443 端口 且必须支持 TLS 和 HTTP/2。 所以如果需要开启 CDN,必须在配置 Nginx 或者 Caddy 反向代理 gRPC 时使用 443 端口,并配置证书(Caddy 会自动申请并配置证书)。</p><ul><li>登录 Cloudflare,选择使用的域名。打开 <code>网络</code> 选项将 <code>gRPC</code> 开关打开,打开 <code>DNS</code> 选项,找到 Nginx 或 Caddy 反代 gRPC 配置的域名的解析记录,打开橙色云启用 CDN。</li></ul>`,13),e=[o];function c(t,r,C,D,y,A){return a(),n("div",null,e)}const F=s(p,[["render",c]]);export{d as __pageData,F as default};
|