Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.xpertai.cn/llms.txt

Use this file to discover all available pages before exploring further.

SSL

Enable HTTPS Service

If you need to enable HTTPS service for this system, you can do so with the following configuration:
  • Obtain the certificate files and place them in the volumes/webapp/ssl directory, with the filenames server.crt and server.key.
  • Place the custom Nginx configuration file in the volumes/webapp/conf directory, with the filename nginx.conf, configured as follows
user  nginx;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
  worker_connections 1024;
}

http {
  include /etc/nginx/mime.types;
  
  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

  access_log  /var/log/nginx/access.log  main;

  #gzip  on;

  upstream api {
    server api:3000;
  }

  server {
    listen              80;
    listen              443 ssl;
    ssl_certificate     /webapp/ssl/server.crt;
    ssl_certificate_key /webapp/ssl/server.key;

    location / {
      root /srv/pangolin;
      try_files $uri $uri/ /index.html;
    }

    location /api/ {
      proxy_pass http://api;
      proxy_set_header Host $http_host;
      proxy_connect_timeout       5s;
      proxy_read_timeout          600s;
    }
    location /public/ {
      proxy_pass http://api;
      proxy_set_header Host $http_host;
      proxy_connect_timeout       5s;
      proxy_read_timeout          30s;
    }
  }
}
  • Specify the nginx configuration file: change command: ['nginx', '-g', 'daemon off;'] to command: ['nginx', '-g', 'daemon off;', '-c', '/webapp/conf/nginx.conf']
  • Modify the ports configuration to open port 443: - "443:443"
  • Change API_BASE_URL in the .env file to //your.domain.
  • Change WEBAPP_PORT in the .env file to 443. If you want to enable both (80/443), you can remove this variable.
Restart the service to apply the changes. For more technical details, please refer to Enable HTTPS - [ocap wiki]