Bennett/g0v0-server
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add nginx and spectator services to docker-compose

Browse Source 
Introduced nginx and spectator services to docker-compose-osurx.yml for improved routing and replay handling. Added nginx configuration file to restrict access to /_lio/ paths and proxy requests to spectator and app services. Also refactored environment variable management and removed direct port mapping from the app service.
This commit is contained in:
咕谷酱
2025-08-24 07:13:41 +08:00
committed by MingxuanGame
parent 71acc7182d
commit 0cf3061f8a
2 changed files with 110 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
docker-compose-osurx.yml
View File

@@ -8,8 +8,6 @@ services:
context: .
dockerfile: Dockerfile-osurx
container_name: osu_api_server_osurx
ports:
- "8000:8000"
environment:
- MYSQL_HOST=mysql
- MYSQL_PORT=3306
@@ -44,6 +42,8 @@ services:
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
env_file:
- .env
volumes:
- mysql_data:/var/lib/mysql
- ./mysql-init:/docker-entrypoint-initdb.d
@@ -60,6 +60,8 @@ services:
redis:
image: redis:7-alpine
container_name: osu_api_redis_osurx
env_file:
- .env
volumes:
- redis_data:/data
healthcheck:
@@ -73,10 +75,59 @@ services:
- osu-network
command: redis-server --appendonly yes
spectator:
image: ghcr.io/googuteam/osu-server-spectator:latest
container_name: osu-server-spectator
environment:
- SAVE_REPLAYS=${SAVE_REPLAYS:-}
- REPLAY_UPLOAD_THREADS=${REPLAY_UPLOAD_THREADS:-1}
- REPLAYS_PATH=${REPLAYS_PATH:-replays}
- S3_KEY=${S3_KEY:-}
- S3_SECRET=${S3_SECRET:-}
- REPLAYS_BUCKET=${REPLAYS_BUCKET:-}
- TRACK_BUILD_USER_COUNTS=${TRACK_BUILD_USER_COUNTS:-}
- SERVER_PORT=${SERVER_PORT:-80}
- REDIS_HOST=redis
- DD_AGENT_HOST=${DD_AGENT_HOST:-localhost}
- DB_HOST=mysql
- DB_PORT=3306
- DB_USER=${MYSQL_USER}
- DB_PASSWORD=${MYSQL_PASSWORD}
- DB_NAME=${MYSQL_DATABASE}
- SENTRY_DSN=${SENTRY_DSN:-}
- SHARED_INTEROP_DOMAIN=http://app:8000
- SHARED_INTEROP_SECRET=${SHARED_INTEROP_SECRET:-}
- JWT_SECRET_KEY=${JWT_SECRET_KEY}
- JWT_ALGORITHM=${JWT_ALGORITHM:-HS256}
- JWT_ACCESS_TOKEN_EXPIRE_MINUTES=${JWT_ACCESS_TOKEN_EXPIRE_MINUTES:-1440}
- OSU_CLIENT_ID=${OSU_CLIENT_ID:-5}
- USE_LEGACY_RSA_AUTH=${USE_LEGACY_RSA_AUTH:-}
env_file:
- .env
volumes:
- ./replays:/app/replays
depends_on:
- app
- mysql
- redis
restart: unless-stopped
networks:
- osu-network
nginx:
image: nginx:1.25-alpine
ports:
- "8000:80"
volumes:
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf:ro
restart: unless-stopped
networks:
- osu-network
volumes:
mysql_data:
redis_data:
networks:
osu-network:
driver: bridge
driver: bridge

56
nginx/default.conf Normal file
View File

@@ -0,0 +1,56 @@
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
server_name _;
client_max_body_size 50m;
# 屏蔽 /_lio/ 及其所有子路径的外部访问
location ~ ^/_lio/ {
return 403;
}
location /signalr/ {
proxy_pass http://spectator/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
proxy_connect_timeout 60s;
proxy_cache_bypass $http_upgrade;
proxy_buffering off;
}
location / {
proxy_pass http://app:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
proxy_connect_timeout 60s;
proxy_cache_bypass $http_upgrade;
proxy_buffering off;
}
}