I. Overview
1. Function introduction
The report server is deployed on the internal network and cannot access the external network, nor can it be accessed by the external network. In this case, you can configure a proxy server to forward the communication between the internal network report server and the outside.
This solution can solve the problem that the template can only be viewed when the PC device and the mobile device are switched to the same network environment.
2. Scenario assumption
Suppose there are two machines, one machine takes 192.168.5.61 as the proxy server, and the other machine takes 192.168.5.24 as the intranet server.
The following configuration takes the Windows system as an example.
II. Forward proxy configuration
1. Description
The report server sends a request similar to http://proxy ip:port/gettoken to the proxy server, and the proxy forwards the request to oapi.dingtalk.com, thereby achieving access to the external WeChat/DingTalk server.
2. Step
1)Proxy server download address: nginx, here is nginx/Windows-1.14.0 as an example, click to download.
2)After the download is complete, unzip it and use it, click nginx.exe, enter http://localhost/ in the browser, and the Nginx welcome page appears, which means the deployment is successful.
3)Modify the configuration file conf/nginx.conf and add the following code between http{}:
server {
listen 8114;
server_name 192.168.5.61;
location / {
proxy_redirect off;
proxy_pass https://oapi.dingtalk.com;
}
location = /favicon.ico {
log_not_found off;
}
}4)Restart Nginx, enter http://proxy ip:port/gettoken in the browser, for example: http://192.168.5.61:8114/gettoken, if the following information is returned by the nail, it means that the proxy server configuration is successful.
5)After installing the DingTalk plugin, fill in the proxy address on the DingTalk basic information page and save it, and then synchronize the address book in the member management. The synchronization means that the forward proxy configuration is successful.
III. Reverse proxy configuration
1. Description
Visit the proxy server env.finedevelop.com:56108/WebReport/ReportServer?op=fs, and the proxy forwards all requests to the intranet report server 192.168.5.24:8080, thereby achieving access to the intranet report server.
Note: This is a general environment configuration, customers need to configure themselves according to their own network environment, the configuration steps here are for reference only.
The proxy server is equipped with a port mapping, which can be accessed from the external network 192.168.5.61:8443—>env.finedevelop.com:56108
The access address of the intranet report server is 192.168.5.24:8080/WebReport/ReportServer?op=fs
2. Step
1)The deployment of the proxy server is the same as above, download and install Nginx.
2)Modify the Nginx configuration file conf/nginx.conf and add the following code between http{}:
server {
listen 8443;
server_name env.finedevelop.com;
location / {
proxy_pass http://192.168.5.24:8080;
proxy_set_header Host env.finedevelop.com:56108;
}
}
3)Restart Nginx and enter env.finedevelop.com:56108/WebReport/ReportServer in the browser to log in and access the server normally, which means the configuration is successful.
You can access the intranet server through env.finedevelop.com:56108/WebReport/ReportServer?op=fs, and you can also obtain the address book synchronously in the WeChat/Dingding management.
3. Other configurations
Use a reverse proxy to open the internal network report server to the public network, and the public network should only be accessed by ordinary users. For security reasons, the background management is not opened to users who connect to the public network. The setting method is as follows:
Add the following information under the monitoring port of the Nginx configuration file, webroot is the name of the project deployed by the application.
server {
listen 8088 default_server;
location /webroot/decision/v10/decision/modules {
default_type application/json;
return 200 '{"data":[]}';
}
}
IV. 10.0 single-machine Apache proxy solution
1. Description
After Apache is configured with a reverse proxy, how to deal with WebSocket to ensure that the function is available? The detailed scheme will be given below.
2. Step
1)Download and install
First, download and install the Apache server. The download and installation methods are not explained here, and users can check the relevant information by themselves.
2)Apache module start
In the %Apache_Home%\conf path, modify the httpd.conf file and comment out the code of the following modules.
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule headers_module modules/mod_headers.so
3)Configure the WebSocket listening port
In the %Apache_Home%\conf path, modify the httpd.conf file and add the WebSocket listening port 38888, as shown in the following figure:
4)Configure engineering http proxy
In the %Apache_Home%\conf path, modify the httpd.conf file and add the following code at the end of the file:
<VirtualHost *:80>
ProxyPass / http://192.168.5.246:8080/
ProxyPassReverse / http://192.168.5.246:8080/
ProxyPreserveHost On
</VirtualHost>
Note: 80 in the code is the port monitored by Apache, and 192.168.5.246:8080 in ProxyPass and ProxyPassReverse is our requested engineering server IP and port.
5)Configure WebSocket proxy
In the %Apache_Home%\conf path, modify the httpd.conf file and add the following code at the end of the file:
<VirtualHost *:38888>
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* ws://192.168.5.246:38888%{REQUEST_URI} [P]
ProxyRequests Off
ProxyMaxForwards 100
ProxyPreserveHost On
ProxyPass / http://192.168.5.246:38888/
</VirtualHost>
Note: 38888 in the code is the port monitored by Apache, and 192.168.5.246:38888 in RewriteRule and ProxyPass is the engineering server IP and WebSocket port that need our request.
6)Access to the platform
After completing the above 5 steps, in the %Apache_Home%\bin path, double-click httpd.exe to start Apache, and visit localhost/webroot/decision in the browser to access the platform normally, as shown in the following figure:
Test whether the WebSocket connection is successful, as shown in the figure below:
Note: In this article, the WebSocket port and FineReport server port are both 38888. This is because the Apache and FineReport projects are on different servers, so there is no conflict; but if on one server, you need to change the WebSocket listening port to 38889.
