Web 内网代理方案

最近更新时间:2024-07-26 12:01:11

我的收藏

适用场景

用户终端在局域网内,需要跟外网的 IM 服务器完成信令和富媒体文件收发。

工作原理

在局域网内的用户终端与 IM 服务器之间搭建代理服务器,用户终端向代理服务器发送一个请求并指定目标,代理服务器向 IM 服务器转发请求并将响应返回给用户终端。



内网终端通过 ws/http 访问代理服务器,代理服务器通过 wss/https 访问 IM 富媒体服务器完成公网访问。 这种方式,满足内网以及外网用户同时访问。

Nginx 正向代理配置指引

#daemon off; # Don't run nginx in the background, good for monitoring apps
worker_processes 7;
worker_rlimit_nofile 200000;
user root root;
events {
worker_connections 80000;
}

http {
log_format access '$remote_addr:$remote_port - $server_addr:$server_port - $upstream_addr - $host[$time_local] '
'"$request" $content_length $status $body_bytes_sent '
'$request_time $upstream_response_time $realip_remote_addr';
access_log logs/access.log access;
error_log logs/error.log;
resolver 119.29.29.29 ipv6=off;
proxy_ssl_server_name on;

server {
listen 8805;
location /binfo {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host "wss.im.qcloud.com";
proxy_http_version 1.1;
proxy_pass https://wss.im.qcloud.com/binfo$is_args$args;
}

location /v4/imopenstat {
proxy_set_header Connection "close";
proxy_set_header Host "events.im.qcloud.com";
proxy_http_version 1.1;
proxy_pass https://events.im.qcloud.com$uri$is_args$args;
}

location /upload {
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With,Content-Type,X-Real-Host;
add_header Access-Control-Allow-Methods 'GET,PUT,HEAD,OPTIONS';
return 204;
}
proxy_set_header Connection "close";
proxy_set_header Host "cn.imrich.qcloud.com";
proxy_http_version 1.1;
proxy_pass https://cn.imrich.qcloud.com$uri$is_args$args;
}

location /imageinfo {
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With,Content-Type,X-Real-Host;
add_header Access-Control-Allow-Methods 'GET,PUT,HEAD,OPTIONS';
return 204;
}
proxy_set_header Connection "close";
proxy_set_header Host "cn.imrich.qcloud.com";
proxy_http_version 1.1;
proxy_pass https://cn.imrich.qcloud.com$uri$is_args$args;
}
location /download {
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With,Content-Type,X-Real-Host;
add_header Access-Control-Allow-Methods 'GET,PUT,HEAD,OPTIONS';
return 204;
}
proxy_set_header Connection "close";
proxy_set_header Host "cn.imrich.qcloud.com";
proxy_http_version 1.1;
proxy_pass https://cn.imrich.qcloud.com$uri$is_args$args;
}
}
}


WebSDK 配置

1. 搭建 nginx 的正向代理,如果分配的代理内网IP为10.0.0.10,则按上述指引 nginx 代理配置,IM 服务代理为10.0.0.10:8805。
2. SDK 需要升级到 v3,可参见 V3集成指引 进行升级。开发者在初始化 SDK 时,填入以下参数,即可在内网通过代理正常使用腾讯云 IM 服务。




IM 服务域名及端口

1. 中国站

1、IM 长连接服务,端口 TCP:443
wss.im.qcloud.com
wss.my-imcloud.com
events.im.qcloud.com
events.my-imcloud.com

对应 IP 列表拉取接口:https://cloud.tencent.com/document/product/269/45438,接口参数nettype=3

2、IM富媒体服务,端口 TCP:443
cn.imrich.qcloud.com
cn.rich.my-imcloud.com
file.im.qcloud.com
down.im.qcloud.com
cos.ap-shanghai.myqcloud.com
cos.ap-guangzhou.myqcloud.com
2. 新加坡站

1、IM 长连接服务,端口TCP:443
wsssgp.im.qcloud.com
wsssgp.my-imcloud.com
apisgp.im.qcloud.com
apisgp.my-imcloud.com
webimsgp.im.qcloud.com
webimsgp.my-imcloud.com

对应 IP 列表拉取接口:https://www.tencentcloud.com/zh/document/product/1047/36742

2、IM富媒体服务,端口TCP:443
sgp.imrich.qcloud.com
sgp.rich.my-imcloud.com
cos.ap-singapore.myqcloud.com
cos.ap-singapore.tencentcos.cn
filesgp.im.qcloud.com
downsgp.im.qcloud.com
3. 韩国站

1、IM 长连接服务,端口TCP:443
wsskr.im.qcloud.com
wsskr.my-imcloud.com
apikr.im.qcloud.com
apikr.my-imcloud.com
webimkr.im.qcloud.com
webimkr.my-imcloud.com

对应 IP 列表拉取接口:https://www.tencentcloud.com/zh/document/product/1047/36742

2、IM 富媒体服务,端口 TCP:443
kr.imrich.qcloud.com
kr.rich.my-imcloud.com
cos.ap-seoul.myqcloud.com
cos.ap-seoul.tencentcos.cn
filekr.im.qcloud.com
downkr.im.qcloud.com
4. 德国站

1、IM 长连接服务,端口 TCP:443
wssger.im.qcloud.com
wssger.my-imcloud.com
apiger.im.qcloud.com
apiger.my-imcloud.com
webimger.im.qcloud.com
webimger.my-imcloud.com

对应 IP 列表拉取接口:https://www.tencentcloud.com/zh/document/product/1047/36742

2、IM 富媒体服务,端口 TCP:443
ger.imrich.qcloud.com
ger.rich.my-imcloud.com
cos.eu-frankfurt.myqcloud.com
cos.eu-frankfurt.tencentcos.cn
fileger.im.qcloud.com
downger.im.qcloud.com
5. 美国站

1、IM 长连接服务,端口 TCP:443
wssusa.im.qcloud.com
wssusa.my-imcloud.com
apiusa.im.qcloud.com
apiusa.my-imcloud.com
webimusa.im.qcloud.com
webimusa.my-imcloud.com

对应 IP 列表拉取接口:https://www.tencentcloud.com/zh/document/product/1047/36742

2、IM富媒体服务,端口TCP:443
usa.imrich.qcloud.com
usa.rich.my-imcloud.com
cos.na-siliconvalley.myqcloud.com
cos.na-siliconvalley.tencentcos.cn
fileusa.im.qcloud.com
downusa.im.qcloud.com