From fb88b608f837b5cf9dd8d252dfefc9a54b97de3c Mon Sep 17 00:00:00 2001
From: joizhang <zxlwhom@outlook.com>
Date: Sun, 11 Dec 2022 11:13:53 +0800
Subject: [PATCH 1/2] fix: digital envelope routines::initialization error

---
 .env.development | 2 +-
 package.json     | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.env.development b/.env.development
index b627932..5626116 100644
--- a/.env.development
+++ b/.env.development
@@ -2,7 +2,7 @@
 ENV = 'development'
 
 # base api
-VUE_APP_BASE_API = 'http://localhost:5000/api/v1.0'
+VUE_APP_BASE_API = 'http://localhost:8085/api/v1.0'
 
 # model url
 VUE_APP_MODEL_URL = 'http://localhost:8086/model/model.json'
diff --git a/package.json b/package.json
index 99da6a2..9c52b64 100644
--- a/package.json
+++ b/package.json
@@ -5,9 +5,9 @@
   "author": "joizhang <zxlwhom@outlook.com>",
   "private": true,
   "scripts": {
-    "serve": "vue-cli-service serve",
-    "build": "vue-cli-service build",
-    "lint": "vue-cli-service lint",
+    "serve": "export NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service serve",
+    "build": "export NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service build",
+    "lint": "export NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service lint",
     "preview": "node build/index.js --preview",
     "svgo": "svgo -f src/icons/svg --config=src/icons/svgo.config.js"
   },
-- 
Gitee


From 1d445e419fa877b9cd96ad9a30ef5e56e51116a9 Mon Sep 17 00:00:00 2001
From: joizhang <zxlwhom@outlook.com>
Date: Sun, 11 Dec 2022 15:50:32 +0800
Subject: [PATCH 2/2] fix: cannot visit via https

---
 .gitignore         |   1 +
 Dockerfile         |  22 +++++++++
 docker-compose.yml |  11 +++++
 nginx/nginx.conf   | 118 +++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 152 insertions(+)
 create mode 100644 Dockerfile
 create mode 100644 docker-compose.yml
 create mode 100644 nginx/nginx.conf

diff --git a/.gitignore b/.gitignore
index 5e4defb..3485224 100644
--- a/.gitignore
+++ b/.gitignore
@@ -23,3 +23,4 @@ package-lock.json
 yarn.lock
 
 .env.production
+log/
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..100ec28
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,22 @@
+FROM node:18-alpine3.15 as builder
+
+COPY . /var/www/src/face-recognition-front
+WORKDIR /var/www/src/face-recognition-front
+
+RUN npm install
+RUN npm run build
+
+
+FROM nginx:1.22 as production-build
+
+RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048  \
+    -subj  "/C=CN/ST=SH/O=JoiZhang/CN=xinlin-04" \
+    -keyout /etc/ssl/private/nginx-selfsigned.key  \
+    -out /etc/ssl/certs/nginx-selfsigned.crt
+COPY ./nginx/nginx.conf /etc/nginx/nginx.conf
+RUN rm -rf /usr/share/nginx/html/*
+COPY --from=builder /var/www/src/face-recognition-front/dist /usr/share/nginx/html
+
+RUN mkdir /log
+
+ENTRYPOINT ["nginx", "-g", "daemon off;"]
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..4b32271
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,11 @@
+version: '3'
+services:
+  ui:
+    build: .
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
+      - ./log:/log
+      # - ./dist:/usr/share/nginx/html
\ No newline at end of file
diff --git a/nginx/nginx.conf b/nginx/nginx.conf
new file mode 100644
index 0000000..d1d69d5
--- /dev/null
+++ b/nginx/nginx.conf
@@ -0,0 +1,118 @@
+worker_processes 2;
+error_log /log/error.log;
+
+events {
+    use epoll;
+    worker_connections 655350;
+    multi_accept on;
+}
+
+http {
+    log_format logstash_json '{"@timestamp":"$time_iso8601",'
+                             '"@source":"$server_addr",'
+                             '"remote_addr":"$remote_addr",'
+                             '"remote_user":"$remote_user",'
+                             '"body_bytes_sent":"$body_bytes_sent",'
+                             '"request_time":"$request_time",'
+                             '"status":"$status",'
+                             '"host":"$host",'
+                             '"uri":"$uri",'
+                             '"server":"$server_name",'
+                             '"port":"$server_port",'
+                             '"protocol":"$server_protocol",'
+                             '"request_uri":"$request_uri",'
+                             #'"request_body":"$request_body",'
+                             '"request_method":"$request_method",'
+                             '"http_referrer":"$http_referer",'
+                             '"body_bytes_sent":"$body_bytes_sent",'
+                             '"http_x_forwarded_for":"$http_x_forwarded_for",'
+                             '"http_user_agent":"$http_user_agent",'
+                             '"upstream_response_time":"$upstream_response_time",'
+                             '"upstream_addr":"$upstream_addr"}';
+
+    access_log  /log/access.log  logstash_json;
+
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 2048;
+
+    open_file_cache max=655360 inactive=20s;
+    open_file_cache_valid    30s;
+    open_file_cache_min_uses 1;
+    open_file_cache_errors   off;
+
+    server_tokens  off;
+
+    gzip  on;
+    gzip_buffers 256 4k;
+    gzip_proxied any;
+    gzip_vary on;
+    gzip_min_length 1000;
+    gzip_comp_level 4;
+    gzip_types
+        text/css
+        text/javascript
+        text/xml
+        text/plain
+        text/x-component
+        application/javascript
+        application/json
+        application/xml
+        application/rss+xml
+        font/truetype
+        font/opentype
+        application/vnd.ms-fontobject
+        image/svg+xml;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    set_real_ip_from  10.0.0.0/8;
+    real_ip_header    X-Forwarded-For;
+    real_ip_recursive on;
+
+    server {
+        listen 80 default_server;
+        server_name _;
+        return 302 https://$host$request_uri;
+    }
+
+    server {
+        listen 443 ssl;
+
+        ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
+        ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
+        
+        ssl_protocols TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        # ssl_dhparam /etc/nginx/dhparam.pem; 
+        ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
+        ssl_ecdh_curve secp384r1;
+        ssl_session_timeout  10m;
+        ssl_session_cache shared:SSL:10m;
+        ssl_session_tickets off;
+        ssl_stapling on;
+        ssl_stapling_verify on;
+        resolver 8.8.8.8 8.8.4.4 valid=300s;
+        resolver_timeout 5s;
+        # Disable strict transport security for now. You can uncomment the following
+        # line if you understand the implications.
+        #add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
+        add_header X-Frame-Options DENY;
+        add_header X-Content-Type-Options nosniff;
+        add_header X-XSS-Protection "1; mode=block";
+
+        location / {
+            alias /usr/share/nginx/html/;
+            expires -1;
+            try_files $uri index.html =404;
+        }
+
+        location ~ ^/api {
+            try_files $uri @api;
+        }
+
+    }
+}
-- 
Gitee