+

2025-05-22 03:49:49 +05:00
parent 332e1b84e9
commit 3f831b68ab
3 changed files with 32 additions and 17 deletions
--- a/Nginx_install.md
+++ b/Nginx_install.md
@ -27,14 +27,18 @@ sudo apt-get install nginx -y
 cd /etc/nginx/sites-available/ &&
 sudo tee ccalm.org > /dev/null <<'EOF'
 server {
-    listen 8081;
-    listen [::]:8081;
+    listen 8081 ssl http2;
+    listen [::]:8081 ssl http2;

    root /opt/www/org_ccalm;
    index index.html;

    server_name ccalm.org www.ccalm.org;

+    ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
+    ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
+    ssl_dhparam /etc/nginx/dhparam.pem;
+
    location / {
        try_files $uri $uri/ =404;

--- a/PostgreSQL/PostgreSQL_install.md
+++ b/PostgreSQL/PostgreSQL_install.md
@ -150,9 +150,12 @@ sudo mcedit /etc/postgresql/16/main/pg_hba.conf
 	pg_restore -U postgres -d transit_new -1 /home/administrator/temp/transit.backup
 	pg_restore -U postgres -d transit -1 /home/administrator/transit.backup
 	pg_restore --host=127.0.0.1 --username=postgres --dbname=transit_2024 --verbose /home/administrator/transit.backup
+	pg_restore --host=127.0.0.1 --username=postgres --dbname=CCALM --verbose /tmp/CCALM.backup

 	sudo -u postgres psql -d transit -f /tmp/transit.backup
 	
+	
+
 Или из архива (первоначально задать trust на 127.0.0.1) так:
 	gunzip -c /var/www/dump.sql.gz | psql -h 127.0.0.1 -U bigfoott_root -d bigfoott_shop

--- a/Proxy/Traefik_install_CCALM.md
+++ b/Proxy/Traefik_install_CCALM.md
@ -1,7 +1,7 @@
 # Устанавливаю Traefik cервер в Астане

 ```sh
-ssh igor@5.180.46.11 -p 2200
+ssh ubuntu@194.32.140.11 -p 22
 ```

 # Установка Traefik на Linux Mint / Ubuntu
@ -82,11 +82,11 @@ entryPoints:
  websecure:
    address: ":443"
  traefik:
-    address: ":8080"
+    address: ":8070"

 api:
  dashboard: true
-  insecure: true
+  #insecure: true

 # Настройка сертификатов (пример с Let's Encrypt)
 certificatesResolvers:
@ -118,13 +118,15 @@ http:
    dashboard:
      entryPoints:
        - traefik
-      rule: "Host(`localhost`)"
+      rule: "Host(`194.32.140.11`)"
      service: api@internal
+      middlewares:
+        - dashboard-auth

    ccalm-api-auth:
      entryPoints:
        - websecure
-      rule: "(Host(`locust.ge`) || Host(`test.ccalm.org`)) && PathPrefix(`/api/authorization/v02/`)"
+      rule: "(Host(`locust.ge`) || Host(`almaty.ccalm.org`) || Host(`ccalm.org`)) && PathPrefix(`/api/authorization/v02/`)"
      service: org_ccalm_api_authorization_v02
      tls:
        certresolver: myresolver
@ -134,7 +136,7 @@ http:
    ccalm-dbms:
      entryPoints:
        - websecure
-      rule: "(Host(`locust.ge`) || Host(`test.ccalm.org`)) && PathPrefix(`/api/dbms/v09/`)"
+      rule: "(Host(`locust.ge`) || Host(`almaty.ccalm.org`) || Host(`ccalm.org`)) && PathPrefix(`/api/dbms/v09/`)"
      service: org_ccalm_dbms_v09
      tls:
        certresolver: myresolver
@ -144,15 +146,17 @@ http:
    ccalm-translation:
      entryPoints:
        - websecure
-      rule: "(Host(`locust.ge`) || Host(`test.ccalm.org`)) && PathPrefix(`/api/translation/v01/`)"
+      rule: "(Host(`locust.ge`) || Host(`almaty.ccalm.org`) || Host(`ccalm.org`)) && PathPrefix(`/api/translation/v01/`)"
      service: org_ccalm_translation_v01
      tls:
        certresolver: myresolver
+      middlewares:
+        - strip-translation-prefix

    ccalm-login:
      entryPoints:
        - websecure
-      rule: "(Host(`locust.ge`) || Host(`test.ccalm.org`)) && PathPrefix(`/login/`)"
+      rule: "(Host(`locust.ge`) || Host(`almaty.ccalm.org`) || Host(`ccalm.org`)) && PathPrefix(`/login/`)"
      service: org_ccalm_login_v01
      tls:
        certresolver: myresolver
@ -160,7 +164,7 @@ http:
    org-ccalm-main:
      entryPoints:
        - websecure
-      rule: "Host(`locust.ge`) || Host(`test.ccalm.org`)"
+      rule: "Host(`locust.ge`) || Host(`almaty.ccalm.org`) || Host(`ccalm.org`)"
      service: org_ccalm_main
      tls:
        certresolver: myresolver
@ -199,7 +203,7 @@ http:
    org_ccalm_translation_v01:
      loadBalancer:
        servers:
-          - url: "https://ccalm.org"
+          - url: "https://127.0.0.1:8085"
        passHostHeader: false
        serversTransport: insecureTransport
        healthCheck:
@ -246,10 +250,14 @@ http:
      stripPrefix:
        prefixes:
          - "/api/authorization/v02"
+    strip-translation-prefix:
+      stripPrefix:
+        prefixes:
+          - "/api/translation/v01"
    dashboard-auth:
      basicAuth:
        users:
-          - "admin:$apr1$NUoqcU3I$O6VxeuGhsA6RSIyh6rNbo."  # Пароль хешируется так: htpasswd -nb admin t745632746573t
+          - "admin:$apr1$NUoqcU3I$O6VxeuGhsA6RSIyh6rNbo."  # htpasswd -nb admin t745632746573t

 EOF
 ```
@ -301,11 +309,11 @@ EOF
 ```

 ---
-
+ыгвщ куищще
 ## 🔎 Шаг 6. Проверка работы
 Откройте в браузере cпаролем что быше "":
 ```sh
-open https://5.180.46.11:8080/dashboard
+open http://194.32.140.11:8070/dashboard
 ```


@ -361,7 +369,7 @@ services:
    ports:
      - "80:80"      # HTTP
      - "443:443"    # HTTPS
-      - "8080:8080"  # Dashboard
+      - "8070:8070"  # Dashboard
    volumes:
      - /etc/traefik:/etc/traefik
      - /var/run/docker.sock:/var/run/docker.sock:ro
@ -387,7 +395,7 @@ EOF

 Откройте в браузере:
 ```sh
-open http://192.168.200.85:8080/dashboard/
+open http://192.168.200.85:8070/dashboard/
 ```

 ```sh