Philip one id

来自ling
跳转至: 导航搜索

相关链接

https://www.portal.philips.com.cn/gitlab/users/sign_in

320150914/Wb102010!10

http://www.woshipm.com/operate/4483278.html

https://blog.csdn.net/weixin_43194923/article/details/107832666

localstorage的跨域存储方案

第三方统计分析埋点工具对比,神策、Ptmind、GrowingIO、国双,还有谷歌分析

https://urldefense.com/v3/__https://mysignins.microsoft.com/security-info?tenant=1a407a2d-7675-4d17-8692-b3ac285306e4__;!!N8Xdb1VRTUMlZeI!wwQy9QElyVbwoGcp2w6k3iBVmNahjXnwd597uc4YeAXY2PCLcZ_72kJhZHh6dw$

Account details of 'JasonBo, Wang (Partner)': 
First name:'Wang'
Last name prefix:'$emailArgs.lastnameprefix'
Last name:'JasonBo'
Display Name:'JasonBo, Wang (Partner)'
Company name:'KPMG'
Email address:'jb.wang@kpmg.com'
Domain Name:'CODE1'
Account ID:'320150914'
Username for login:'partner.Wang.JasonBo@philips.com'
Philips Business Contact:'Xu, Richard B'
Account Created By:'Deng, weiwei '
Initial Password: kz1;.?JL:R

http://zk.medvcom.com/

 医疗科技-咨询服务-渠道平台&超声-零距离-渠道平台

http://client.medvcom.com/login http://philips.medvcom.com https://ssd.philips.com.cn/category/operation/ http://chaosheng.medvcom.com

微信H5记录视频播放进度

https://segmentfault.com/a/1190000014577509 https://segmentfault.com/q/1010000007899341/a-1020000007899987

架构设计

eventlog

  • 第三方触点需要梳理哪些文章和视频页面需要埋点,在相应的页面调用IDP(eventResLog)接口完成埋点,IDP会保存其浏览记录;
  • 第三方触点需要开发一个请求地址供IDP完成跳转,当从IDP Portal跳转到此地址会传递oneId和redirect地址,第三方触点需要在此页面调用IDP(bindOpenId)接口绑定oneId, openId和unionId 同时跳转到redirect参数指定的触点内页面(注意避免重复请求);输入oneId(必填), openId(必填)和unionId(可选) 输出true/fasle
  • 当用户从非IDP Portal进入触点,并且用户已经关注此公众号,调用IDP(bindOpenId) 接口,IDP会绑定对应的openId、unionId信息。建议触点在首页页面调用微信根据openid查询用户信息接口,如果返回的信息中包含unionId,则调用此接口(注意避免重复请求);输入oneId(空), openId(必填)和unionId(必填) 输出true/fasle
  • 用户可以记录一张表,用于避免重复调用接口,字段包括(openid,是否绑定openid成功,是否绑定unionId成功,具体绑定时间).无需记录idp返回的oneid
  • openid的绑定主要针对匿名用户和登陆登出没有关系
  • 当用户在第三方触点注册或修改用户信息时,调用IDP(bind)接口更新openId对应的userId的UserInfo信息

H5中鉴权可以获得openId,只有关注公众号后可以拿到UnionId.

小程序button open-type='getUserInfo' 授权后都可以拿到

openid

    handleClick(thirdpart) {
        let url
        const redirect_uri = encodeURIComponent(window.location.origin+'/#/balck')
        if (thirdpart === 'wechat') {
            const appid = 'wxaec0aa10e3f127b1';
            // https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx520c15f417810387&redirect_uri=&response_type=code&scope=snsapi_base&state=123#wechat_redirect
            url = `https://open.weixin.qq.com/connect/oauth2/authorize?appid=${appid}&redirect_uri=${redirect_uri}&response_type=code&scope=snsapi_base&state=WX-LOGIN#wechat_redirec`
        }
        console.log(redirect_uri)
        // openWindow(url, thirdpart, 540, 540)
        window.location=url;
    }


  created() {
        const url = window.location.href.replace('#/balck', '')
        const code = getQueryString(url, 'code')
        console.log(code)
        if(code){
            this.bindSocial('WX', code)
        }
    },

openid是微信用户在公众号appid下的唯一用户标识(appid不同,则获取到的openid就不同),可用于永久标记一个用户,同时也是微信JSAPI支付的必传参数。

1、微信openid和unionid长度是不一样的 openid=28,unionid=29

2、openid同一用户同一应用唯一,unionid同一用户不同应用唯一。 这里的不同应用是指在同一微信开发平台下的不同应用

为了识别用户,每个用户针对每个公众号会产生一个安全的openid。

如果需要在多公众号、移动应用之间做用户共通,则需要前往微信开放平台,将这些公众号和应用绑定到一个开放平台账号下,绑定后,一个用户虽然对多个公众号和应用有多个不同的openid,但他对所有这些同一开放平台账号下的公众号和应用,只有一个unionid。一个微信开放平台只可以绑定10个公众号。

3、对于在pc端和客户端 我们在使用微信网页版本的时候,生成微信二维码用户扫描登录,此时获取的openid和微信客户端的openid是不一样的,但是unionId是一样的。这是因为,网页二维码扫描登录是网站应用,客户端是公众号,两者属于不同应用。

4、获取用户的openid是无需用户同意的,获取用户的基本信息则需要用户同意

UnionID 机制说明

如果开发者拥有多个移动应用、网站应用、和公众帐号(包括小程序),可通过 UnionID 来区分用户的唯一性,因为只要是同一个微信开放平台帐号下的移动应用、网站应用和公众帐号(包括小程序),用户的 UnionID 是唯一的。换句话说,同一用户,对同一个微信开放平台下的不同应用,UnionID是相同的。

UnionID获取途径 绑定了开发者帐号的小程序,可以通过以下途径获取 UnionID。

开发者可以直接通过 wx.login + code2Session 获取到该用户 UnionID,无须用户授权。

小程序端调用云函数时,可在云函数中通过 Cloud.getWXContext 获取 UnionID。

微信开放平台绑定小程序流程

手机号

https://developers.weixin.qq.com/miniprogram/dev/framework/open-ability/getPhoneNumber.html

获取微信用户绑定的手机号,需先调用wx.login接口。

因为需要用户主动触发才能发起获取手机号接口,所以该功能不由 API 来调用,需用 button 组件的点击来触发。

注意:目前该接口针对非个人开发者,且完成了认证的小程序开放(不包含海外主体)。需谨慎使用,若用户举报较多或被发现在不必要场景下使用,微信有权永久回收该小程序的该接口权限。

表结构设计

接口设计

网络拓扑

Ipd network.png

docker 安装

curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
systemctl start docker
service docker start
systemctl enable docker

nacos安装

docker run -d \
-e PREFER_HOST_MODE=nacos.102010.top \
-e MODE=standalone \
-e SPRING_DATASOURCE_PLATFORM=mysql \
-e MYSQL_SERVICE_HOST=172.17.0.1 \
-e MYSQL_SERVICE_PORT=3306 \
-e MYSQL_SERVICE_USER=root \
-e MYSQL_SERVICE_PASSWORD=QAZ2wsx! \
-e MYSQL_SERVICE_DB_NAME=nacos \
-e MYSQL_SERVICE_DB_PARAM='characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useSSL=false' \
-p 8848:8848 \
--name nacos-mysql7.5 \
--restart=always \
nacos/nacos-server

docker run --name nacos -e MODE=standalone -e MYSQL_SERVICE_HOST=172.17.0.1 -e MYSQL_SERVICE_USER=root -e MYSQL_SERVICE_PASSWORD=QAZ2wsx! -e MYSQL_SERVICE_DB_NAME=nacos -p 8848:8848 -d nacos/nacos-server

docker run --name nacos -e MODE=standalone -p 8848:8848 -d nacos/nacos-server:2.0.2


PREFER_HOST_MODE=hostname
MODE=standalone
SPRING_DATASOURCE_PLATFORM=mysql
MYSQL_SERVICE_HOST=mysql
MYSQL_SERVICE_DB_NAME=nacos_devtest
MYSQL_SERVICE_PORT=3306
MYSQL_SERVICE_USER=nacos
MYSQL_SERVICE_PASSWORD=nacos

MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useSSL=false

https证书

mkdir -p /alidata/dockerdata/nginx
cd /alidata/dockerdata/nginx
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto


/alidata/server/nginx/sbin/nginx -s stop
/alidata/dockerdata/nginx/certbot-auto certonly --standalone  --no-self-upgrade --email 102010cncger@sina.com -d nacos.102010.top
mv............
/alidata/server/nginx/sbin/nginx  -c /alidata/dockerdata/nginx/conf/nginx.conf

启动命令

ling-cloud-auth

cd /idp/ling-cloud/philips-cloud-auth
git pull
mvn clean install -U --settings /idp/ling-cloud/settings.xml
cd /idp/logs/philips-cloud-auth
nohup java -jar /idp/ling-cloud/philips-cloud-auth/target/philips-cloud-auth.jar --spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --server.port=3000 &
tail -f /idp/logs/philips-cloud-auth/nohup.out

ling-cloud-gateway

cd /idp/ling-cloud/philips-cloud-gateway
git pull
mvn clean install -U --settings /idp/ling-cloud/settings.xml
cd /idp/logs/philips-cloud-gateway
nohup java -jar /idp/ling-cloud/philips-cloud-gateway/target/philips-cloud-gateway.jar  --spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e   --server.port=9999 &
tail -f /idp/logs/philips-cloud-gateway/nohup.out

ling-cloud-admin

cd /idp/ling-cloud/philips-cloud-admin
git pull
mvn clean install -U --settings /idp/ling-cloud/settings.xml
cd /idp/logs/philips-cloud-admin
nohup java -jar /idp/ling-cloud/philips-cloud-admin/philips-cloud-admin-biz/target/philips-cloud-admin-biz.jar  --spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e  --server.port=4000 &
tail -f /idp/logs/philips-cloud-admin/nohup.out

idp

cd /idp/philips-idp-admin
git pull
mvn clean install -U --settings /idp/philips-idp-admin/settings.xml
cd /idp/logs/philips-idp-admin
nohup java -jar /idp/philips-idp-admin/philips-idp-admin-biz/target/philips-idp-admin-biz.jar--spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --server.port=5006 &
tail -f /idp/logs/philips-idp-admin/nohup.out

uat

UAT地址:10.65.196.218

idpuat.philips.com.cn

VDI 47.103.23.23:63389

VDI username:partner.tim.zen@philips.com

password:Vdi-320157877

username:code1\320157877

password:Rp*J1yCO:C


Connie
partner.connie.bian@philips.com
Vdi-320157878
\2*dQl{L2D

sudo su

Philips@1234
Idp@1234

nginx安装

/usr/local/nginx/conf
cd /usr/local/nginx/sbin
./nginx -s reload

#http://nginx.org/en/download.html
mkdir -p /alidata/soft
cd /alidata/soft
wget http://nginx.org/download/nginx-1.17.4.tar.gz
tar -zxvf nginx-1.17.4.tar.gz
  1. 清空原有文件或cp备份
mv /usr/local/nginx /usr/local/nginx_bark

rm -rf /usr/local/nginx
yum -y install gcc gcc-c++ pcre-devel openssl openssl-devel
apt-get install libpcre3 libpcre3-dev libpcrecpp0v5 libssl-dev zlib1g-dev
cd /alidata/soft/nginx-1.17.4
./configure --prefix=/usr/local/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-stream --with-http_ssl_module
make 
make install
mkdir -p /usr/local/nginx/conf
cp /alidata/server/nginx/conf/mime.types /usr/local/nginx/conf
  1. 查看编译结果
cd /usr/local/nginx


jenkins

admin/Philips@1234

禅道

mkdir -p /alidata/dockerdata/zbox && \
docker run -d -p 1080:80 -p 3307:3306 \
        -e BIND_ADDRESS="false" \
        -v /alidata/dockerdata/zbox/:/opt/zbox/ \
        --add-host smtp.exmail.qq.com:163.177.90.125 \
        --name zentao \
        idoop/zentao:latest

admin/Philips@1234

进程备份

java -jar /idp/ling-cloud/philips-cloud-auth/target/philips-cloud-auth.jar --spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --server.port=3000


java -Duser.home=/var/jenkins_home -Djenkins.model.Jenkins.slaveAgentPort=50000 -jar /usr/share/jenkins/jenkins.war

java -jar /idp/ling-cloud/philips-cloud-admin/philips-cloud-admin-biz/target/philips-cloud-admin-biz.jar --spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --server.port=4000

java -jar /idp/philips-idp-admin/philips-idp-admin-biz/target/philips-idp-admin-biz.jar --spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --server.port=5006

/usr/java/jdk1.8.0_181-amd64/bin/java -Djava.ext.dirs=/usr/java/jdk1.8.0_181-amd64/jre/lib/ext:/usr/java/jdk1.8.0_181-amd64/lib/ext -Xms512m -Xmx512m -Xmn256m -Dnacos.standalone=true -Dnacos.member.list= -Xloggc:/home/appadmin/nacos/logs/nacos_gc.log -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+PrintGCTimeStamps -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=10 -XX:GCLogFileSize=100M -Dloader.path=/home/appadmin/nacos/plugins/health,/home/appadmin/nacos/plugins/cmdb -Dnacos.home=/home/appadmin/nacos -jar /home/appadmin/nacos/target/nacos-server.jar --spring.config.additional-location=file:/home/appadmin/nacos/conf/ --logging.config=/home/appadmin/nacos/conf/nacos-logback.xml --server.max-http-header-size=524288 nacos.nacos


java -jar /idp/ling-cloud/philips-cloud-gateway/target/philips-cloud-gateway.jar --spring.profiles.active=dev --spring.cloud.nacos.discovery.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.server-addr=http://127.0.0.1:8848 --spring.cloud.nacos.config.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --spring.cloud.nacos.discovery.namespace=badf73e7-a200-4a89-83ed-98cf2203804e --server.port=9999

生产

nginx prod

Nginx linux 安装

nginx prd conf

/usr/local/nginx/sbin/nginx -s reload
tee /usr/local/nginx/conf/nginx.conf <<-'EOF'
user  root;
worker_processes  8;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  4048;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;
    gzip  on;

    upstream idpprd {
         server 10.65.193.20:8888;
         server 10.65.193.21:8888;
    }

    server {
	# listen 80;
        listen       443 ssl;
        server_name  digitalportal.philips.com.cn;
       	# ssl  on;
        ssl_certificate      /usr/local/nginx/ssl/DigiCertCA.crt;
        ssl_certificate_key  /usr/local/nginx/ssl/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

         location ^~/api/ver2.0/{         
           proxy_set_header   Host             $host;
           proxy_set_header   X-Real-IP        $remote_addr;
           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;   
           rewrite ^/api/ver2.0/(.*)$ /$1 break;
           proxy_pass http://idpprd;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection "upgrade";
           client_max_body_size    1000m;
         }
        location /admin {
           proxy_set_header   Host             $host;
           proxy_set_header   X-Real-IP        $remote_addr;
           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;   
           alias /idp/admin-ui/dist/;
           index  index.html index.htm;
           expires     -1;
        }
        location / {
           proxy_set_header   Host             $host;
           proxy_set_header   X-Real-IP        $remote_addr;
           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;   
           alias /idp/h5-ui/dist/;
           index  index.html index.htm;
           try_files $uri $uri/ /index.html; 
           expires     -1;
        }
    }
}
EOF

nacos prod

docker run -d \
-e PREFER_HOST_MODE=nacos.ling.city \
-e MODE=standalone \
-p 8848:8848 \
--name nacos \
--restart=always \
nacos/nacos-server

java prod

Linux_JDK安装及配置_(tar.gz版)

mvn prod

cd /alidata/server
sudo wget wget https://mirrors.cnnic.cn/apache/maven/maven-3/3.8.4/binaries/apache-maven-3.8.4-bin.tar.gz
tar -zxvf apache-maven-3.8.4-bin.tar.gz
vi ~/.bashrc
以下代码下添加export

export MAVEN_HOME=/alidata/server/apache-maven-3.8.4
export PATH=$MAVEN_HOME/bin:$PATH
编译生效
source ~/.bashrc
mvn -version

clone prod

mkdir /idp
cd /idp
git clone http://autosync:Kpmg1234@kpmggitlab.ling2.cn/idp/philips-cloud.git
mv philips-cloud ling-cloud
cd /idp/ling-cloud
git branch -a
git checkout -b prod origin/prod
cd /idp
git clone  http://autosync:Kpmg1234@kpmggitlab.ling2.cn/idp/philips-idp-admin.git
cd /idp/philips-idp-admin
git branch -a
git checkout -b prod origin/prod

ling-cloud-auth prod

cd /idp/ling-cloud/philips-cloud-auth
git pull
mvn clean install -U --settings /idp/ling-cloud/settings.xml
cd /idp/logs/philips-cloud-auth
nohup java -jar /idp/ling-cloud/philips-cloud-auth/target/philips-cloud-auth.jar --spring.profiles.active=prod --spring.cloud.nacos.discovery.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.namespace=prod --spring.cloud.nacos.discovery.namespace=prod  --server.port=3000 &
tail -f /idp/logs/philips-cloud-auth/nohup.out

ling-cloud-gateway prod

cd /idp/ling-cloud/philips-cloud-gateway
git pull
mvn clean install -U --settings /idp/ling-cloud/settings.xml
cd /idp/logs/philips-cloud-gateway
nohup java -jar /idp/ling-cloud/philips-cloud-gateway/target/philips-cloud-gateway.jar --spring.profiles.active=prod --spring.cloud.nacos.discovery.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.namespace=prod --spring.cloud.nacos.discovery.namespace=prod --server.port=8888 &
tail -f /idp/logs/philips-cloud-gateway/nohup.out

ling-cloud-admin prod

cd /idp/ling-cloud/philips-cloud-admin
git pull
mvn clean install -U --settings /idp/ling-cloud/settings.xml
cd /idp/logs/philips-cloud-admin
nohup java -jar /idp/ling-cloud/philips-cloud-admin/philips-cloud-admin-biz/target/philips-cloud-admin-biz.jar --spring.profiles.active=prod --spring.cloud.nacos.discovery.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.namespace=prod --spring.cloud.nacos.discovery.namespace=prod --server.port=4000 &
tail -f /idp/logs/philips-cloud-admin/nohup.out

idp prod

cd /idp/philips-idp-admin
git pull
mvn clean install -U --settings /idp/philips-idp-admin/settings.xml
cd /idp/logs/philips-idp-admin
nohup java -jar /idp/philips-idp-admin/philips-idp-admin-biz/target/philips-idp-admin-biz.jar --spring.profiles.active=prod --spring.cloud.nacos.discovery.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.namespace=prod --spring.cloud.nacos.discovery.namespace=prod --server.port=5006 &
tail -f /idp/logs/philips-idp-admin/nohup.out

idp h5 prod

yum install -y nodejs
npm install -g n tyarn

#指定nodejs版本

#例如,请根据实际情况指定
n v10.15.3

cd /idp
git clone http://autosync:Kpmg1234@kpmggitlab.ling2.cn/idp/idp-h5.git
mv idp-h5 h5-ui
cd /idp/h5-ui

git branch -a
git checkout -b prod origin/prod

tyarn install

nginx idp cloud

tee /usr/local/nginx/conf/nginx.conf <<-'EOF'
user  root;
worker_processes  8;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;
    gzip  on;

    upstream idp {
         server 127.0.0.1:5006;
    }

    server {
	# listen 80;
        listen       443 ssl;
        server_name  idpuat.philips.com.cn;
       	# ssl  on;
        ssl_certificate      /usr/local/nginx/ssl/idpuat_philips_com_cn.crt;
        ssl_certificate_key  /usr/local/nginx/ssl/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

         location ^~/api/ver2.0/{         
           proxy_set_header   Host             $host;
           proxy_set_header   X-Real-IP        $remote_addr;
           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;   
           rewrite ^/api/ver2.0/(.*)$ /$1 break;
           proxy_pass http://127.0.0.1:9999;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection "upgrade";
           client_max_body_size    1000m;
         }
        location /admin {
          proxy_pass http://127.0.0.1:4000;
          rewrite ^/admin/(.*)$ /$1 break;
        }
        location /auth {
          proxy_pass http://127.0.0.1:3000;
          rewrite ^/auth/(.*)$ /$1 break;
        }
        location /idp{
          proxy_pass http://127.0.0.1:5006;
          rewrite ^/idp/(.*)$ /$1 break;
        }
        location /nacos/ {
          proxy_redirect off;
          # proxy_set_header Host $host;
          proxy_set_header Host $host:$server_port; #$server_port
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_pass http://localhost:8848/nacos/;
        }
        location /zentao {
          client_max_body_size 1024M;
          proxy_pass http://localhost:1080;
        }
        location / {
          root   html;
          index  index.html index.htm;
        }
    }
}
EOF

nginx idp boot

tee /usr/local/nginx/conf/nginx.conf <<-'EOF'
user  root;
worker_processes  8;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;
    gzip  on;

    upstream idp {
         server 127.0.0.1:5006;
    }

    server {
	listen 80;
        listen       443 ssl;
        server_name  idpuat.philips.com.cn;
       	# ssl  on;
        ssl_certificate      /usr/local/nginx/ssl/idpuat_philips_com_cn.crt;
        ssl_certificate_key  /usr/local/nginx/ssl/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

         location ^~/api/ver2.0/admin {         
           proxy_set_header   Host             $host;
           proxy_set_header   X-Real-IP        $remote_addr;
           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;   
           rewrite ^/api/ver2.0/admin/(.*)$ /$1 break;
           proxy_pass http://127.0.0.1:5006;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection "upgrade";
           client_max_body_size    1000m;
         }
         location ^~/api/ver2.0/auth {         
           proxy_set_header   Host             $host;
           proxy_set_header   X-Real-IP        $remote_addr;
           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;   
           rewrite ^/api/ver2.0/auth/(.*)$ /$1 break;
           proxy_pass http://127.0.0.1:5006;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection "upgrade";
           client_max_body_size    1000m;
         }
         location ^~/api/ver2.0/idp {         
           proxy_set_header   Host             $host;
           proxy_set_header   X-Real-IP        $remote_addr;
           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;   
           rewrite ^/api/ver2.0/idp/(.*)$ /$1 break;
           proxy_pass http://127.0.0.1:5006;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection "upgrade";
           client_max_body_size    1000m;
         }
        location /idp/ {
          proxy_pass http://idp/;
        }
        location /nacos/ {
          proxy_redirect off;
          # proxy_set_header Host $host;
          proxy_set_header Host $host:$server_port; #$server_port
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_pass http://localhost:8848/nacos/;
        }
        location / {
          root   html;
          index  index.html index.htm;
        }
    }
}
EOF

gitlab

 docker run --name='gitlab' -d \
 -v /alidata/dockerdata/gitlab/data:/home/git/data \
 -p 10022:22 -p 70:80 \
 -e 'DB_HOST=www.ling2.cn' \
 -e 'DB_NAME=gitlab' \
 -e 'DB_USER=postgres' -e 'DB_PASS=Wb19831010!' \
 -e 'REDIS_HOST=10.65.196.218' -e 'REDIS_PORT=6379' \
 -e 'GITLAB_PORT=80' \
 -e 'GITLAB_SSH_PORT=10022' \
 -e 'GITLAB_HOST=idpuat.philips.com.cn/gitlab' \
 -e 'GITLAB_SIGNUP=true' \
 -e 'GITLAB_SECRETS_DB_KEY_BASE=long-and-random-alpha-numeric-string' \
 -e 'GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alpha-numeric-string' \
 -e 'GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alpha-numeric-string' \
 sameersbn/gitlab

脚本参考

ID=`netstat -tnlp |grep 3000|awk '{print $7}' |cut -d '/' -f 1`
echo $ID
kill -9 $ID
cd /idp/ling-cloud/philips-cloud-auth
git pull
mvn clean install -U --settings /idp/ling-cloud/settings.xml
cd /idp/logs/philips-cloud-auth
nohup java -jar /idp/ling-cloud/philips-cloud-auth/target/philips-cloud-auth.jar --spring.profiles.active=prod --spring.cloud.nacos.discovery.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.server-addr=http://10.65.193.20:8848 --spring.cloud.nacos.config.namespace=prod --spring.cloud.nacos.discovery.namespace=prod  --server.port=3000 & 
tail -f /idp/logs/philips-cloud-auth/nohup.out

客户问题

飞利浦医疗科技 服务号,无源代码 飞利浦微网站 http://client.medvcom.com/login 飞利浦微课堂 http://philips.medvcom.com/index.php?s=/addon/Weiketang/Video/videoPlayNew/id/1309/token/gh_c5051091b589 http://7xjlqw.com1.z0.glb.clouddn.com/2-3D%20APT%E6%8A%80%E6%9C%AF%E7%89%B9%E7%82%B9%E5%8F%8A%E4%BC%98%E5%8A%BF.mp4 伟康学院 http://academy.philipswechat.com/index.html?timespan=637642782343221180 https://philips-video.oss-cn-shanghai.aliyuncs.com/video/Health/wh/4-6_%E6%9C%BA%E6%A2%B0%E9%80%9A%E6%B0%94%E5%9F%BA%E7%A1%80-%E9%80%9A%E6%B0%94%E7%9A%84%E5%9F%BA%E6%9C%AC%E5%8E%9F%E7%90%86.mp4

飞利浦健康科技中国学院 https://www.phca.philips.com.cn/mobile/index.html#/searchpage https://pcms.oss-cn-shanghai.aliyuncs.com/v/AW6287PH/AW6287PH/stream2-2.m4s 飞凡在线 https://feifan.philips.com.cn/#/home

合作伙伴

 http://philips.medvcom.com/index.php?s=/addon/Agents/Agents/message/token/gh_c5051091b589

渠道业务

 http://zk.medvcom.com/index/index/login.shtml

联系我们

 http://chaosheng.medvcom.com/index/Index/about.shtml


飞利浦服务与解决方案 https://ssd.philips.com.cn/notice/ http://sms.medvcom.com/ywc/live/479

飞利浦超声 http://sms.medvcom.com/ywc/group/3?openid=ozaUxt9GoKkwi-Z15AIW6zvm6c5c

http://philips-us-playback.shibamudi.com/fragments/z1.shiba-live.652e27bde5171008765220328d66ac32/1615980627133-1615980635451.ts

http://chaosheng.medvcom.com/index/news/product/cate/2.shtml


飞利浦伟康https://www.hcare.philips.com.cn/cec/activty/activity.html