Cadoles/nineschool
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: Cadoles:master
Branches Tags
Cadoles:master Cadoles:dist/envole/7/master
Cadoles:build/envole/envole-7/unstable
..
compare: Cadoles:4ea2c08a5149277d04d0821b8153dd591452923f
Branches Tags
Cadoles:dist/envole/7/master Cadoles:master
Cadoles:build/envole/envole-7/unstable

21 Commits
master ... 4ea2c08a51

Author SHA1 Message Date
Arnaud Fornerot
4ea2c08a51 Merge branch 'master' into dist/envole/7/master 2021-03-11 15:15:28 +01:00
Arnaud Fornerot
0ab0958a8f Merge branch 'master' into dist/envole/7/master 2021-02-17 13:18:14 +01:00
Arnaud Fornerot
9dd5c7d4b3 Merge branch 'master' into dist/envole/7/master 2021-02-17 11:32:19 +01:00
Arnaud Fornerot
5c03e3b44f Merge branch 'master' into dist/envole/7/master 2021-02-09 17:02:23 +01:00
Arnaud Fornerot
477d5f6689 Merge branch 'master' into dist/envole/7/master 2021-02-03 13:54:11 +01:00
Arnaud Fornerot
18c9b008ee Merge branch 'master' into dist/envole/7/master 2021-01-21 17:30:24 +01:00
Arnaud Fornerot
109f7e80d3 Merge branch 'master' into dist/envole/7/master 2021-01-21 16:28:48 +01:00
Arnaud Fornerot
3ab6730f98 prise en compte du logrotate dans le paquet 2021-01-20 13:24:20 +01:00
Arnaud Fornerot
ebad96e849 Merge branch 'master' into dist/envole/7/master 2021-01-13 15:32:44 +01:00
Arnaud Fornerot
333012b0b1 Merge branch 'master' into dist/envole/7/master 2020-12-18 10:02:41 +01:00
Arnaud Fornerot
5f5e81870c Merge branch 'master' into dist/envole/7/master 2020-12-16 11:46:56 +01:00
Arnaud Fornerot
09b456becc Merge branch 'master' into dist/envole/7/master 2020-11-27 09:33:58 +01:00
Arnaud Fornerot
d2f283d4eb Merge branch 'master' into dist/envole/7/master 2020-11-13 18:01:38 +01:00
Arnaud Fornerot
8f17591995 Merge branch 'master' into dist/envole/7/master 2020-11-12 16:30:58 +01:00
Arnaud Fornerot
d0066c6f96 Merge branch 'master' into dist/envole/7/master 2020-10-23 15:33:04 +02:00
Arnaud Fornerot
7bedb306da Merge branch 'master' into dist/envole/7/master 2020-10-19 11:17:56 +02:00
Arnaud Fornerot
665ec502a5 Merge branch 'master' into dist/envole/7/master 2020-10-05 16:15:25 +02:00
Arnaud Fornerot
1fe0c3819b Merge branch 'master' into dist/envole/7/master 2020-10-05 15:57:22 +02:00
Arnaud Fornerot
a10f979a02 Merge branch 'master' into dist/envole/7/master 2020-10-05 15:35:57 +02:00
Arnaud Fornerot
1faf2ca7e1 Merge branch 'master' into dist/envole/7/master 2020-10-05 15:27:31 +02:00
Arnaud Fornerot
29b573602a add rep debian 2020-10-05 15:22:32 +02:00
20 changed files with 183 additions and 115 deletions
Expand all files Collapse all files

1
debian/compat vendored Normal file
View File

@ -0,0 +1 @@
7

24
debian/control vendored Normal file
View File

@ -0,0 +1,24 @@
Source: eole-nineschool
Section: web
Priority: optional
Maintainer: Equipe Envole <eole@ac-dijon.fr>
Build-Depends: debhelper (>= 7.0.50)
Standards-Version: 3.8.4
Homepage: http://eole.orion.education.fr/diff/
Vcs-Git: http://dev-eole.ac-dijon.fr/git/nineschool
Vcs-Browser: http://dev-eole.ac-dijon.fr/projects/nineschool/repository
Package: nineschool-sso
Architecture: all
Depends: ${misc:Depends}, eole-sso
Description: Filtre SSO pour nineschool "EOLE".
Package: eole-nineschool
Architecture: all
Depends: ${misc:Depends}, eole-envole-dependances, nineschool-sso
Description: Eolisation de l'application nineschool.
Package: nineschool-apps
Architecture: all
Depends: ${misc:Depends}, envole-dependances-apps
Description: Sources pour nineschool "EOLE".

44
debian/copyright vendored Normal file
View File

@ -0,0 +1,44 @@
Format: http://dep.debian.net/deps/dep5
Upstream-Name: {PROJECT}
Source: {URL}
Files: *
Copyright: YEAR {UPSTREAM} {AUTHOR} <{MAIL}>
License: {UPSTREAM LICENSE}
Files: debian/*
Copyright: 2012 Équipe EOLE <eole@ac-dijon.fr>
License: CeCILL-2
License: {UPSTREAM LICENSE}
{TEXT OF THE LICENSE}
License: CeCILL-2
This software is governed by the CeCILL-2 license under French law and
abiding by the rules of distribution of free software. You can use,
modify and or redistribute the software under the terms of the CeCILL-2
license as circulated by CEA, CNRS and INRIA at the following URL
"http://www.cecill.info";.
.
As a counterpart to the access to the source code and rights to copy,
modify and redistribute granted by the license, users are provided only
with a limited warranty and the software's author, the holder of the
economic rights, and the successive licensors have only limited
liability.
.
In this respect, the user's attention is drawn to the risks associated
with loading, using, modifying and/or developing or reproducing the
software by the user in light of its specific status of free software,
that may mean that it is complicated to manipulate, and that also
therefore means that it is reserved for developers and experienced
professionals having in-depth computer knowledge. Users are therefore
encouraged to load and test the software's suitability as regards their
requirements in conditions enabling the security of their systems and/or
data to be ensured and, more generally, to use and operate it in the
same conditions as regards security.
.
The fact that you are presently reading this means that you have had
knowledge of the CeCILL-2 license and that you accept its terms.
.
On Eole systems, the complete text of the CeCILL-2 License can be found
in '/usr/share/common-licenses/CeCILL-2-en'.

1
debian/eole-nineschool.install vendored Normal file
View File

@ -0,0 +1 @@
usr/share/eole

3
debian/gbp.conf vendored Normal file
View File

@ -0,0 +1,3 @@
# Set per distribution debian tag
[DEFAULT]
debian-tag = debian/envole/%(version)s

2
debian/nineschool-apps.install vendored Normal file
View File

@ -0,0 +1,2 @@
var/www/html
etc

1
debian/nineschool-sso.install vendored Normal file
View File

@ -0,0 +1 @@
usr/share/sso

8
debian/rules vendored Executable file
View File

@ -0,0 +1,8 @@
#!/usr/bin/make -f
# -*- makefile -*-
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
%:
dh $@

1
debian/source/format vendored Normal file
View File

@ -0,0 +1 @@
3.0 (native)

18
dicos/90_nineschool.xml
View File

@ -2,7 +2,6 @@
<creole>
<files>
<file filelist='nineschool' name='/etc/eole/eole-db.d/nineschool-db.yml' rm='True' mkdir='True'/>
<file filelist='nineschool_nginx' name='/etc/nginx/web.d/nineschool.conf' source='nineschool-nginx.conf' rm='True' mkdir='True' />
</files>
<containers>
@ -20,11 +19,10 @@
</containers>
<variables>
<family name='nineschool' icon='eye-open'>
<family name='nineschool'>
<variable name="ninegate_test_ninegate" type="oui/non" hidden='True' exists='False'><value>non</value></variable>
<variable name="activer_revprox" type="oui/non" description="Activer le reverse proxy Nginx" hidden='True' exists='False'><value>non</value></variable>
<variable name='activer_nineschool' type='oui/non' description='Activer Nineschool'>
<variable name='activer_nineschool' type='oui/non' description='Activer nineschool'>
<value>oui</value>
</variable>
@ -54,9 +52,8 @@
<variable type='string' name='nineschool_smtppwd' description='Mot de passe associé du compte SMTP' mandatory='True' />
<variable type='string' name='nineschool_smtpencryption' description='Type Encryptage du serveur SMTP' mandatory='True' />
<variable type='string' name='nineschool_smtpauthmode' description='Mode Authentification du serveur SMTP' mandatory='True' />
</family>
<family name='EoleDB' icon='database' mode='expert'>
<!-- BDD -->
<variable type='string' name='nineschool_db_mode' description='Serveur de bases de données à utiliser' mode='expert'/>
<variable type='string' name='nineschool_dbserver' description='Adresse du serveur de base de données' mode='expert'/>
@ -69,7 +66,7 @@
<separators>
<separator name="nineschool_ldaptemplate">Paramètres associés à l'Annuaire</separator>
<separator name="nineschool_noreply">Paramètres associés aux Mails</separator>
<separator name="nineschool_db_mode">Paramètres EoleDB associés à Nineschool</separator>
<separator name="nineschool_db_mode">Paramètres associés à la Base de Données</separator>
</separators>
</variables>
@ -78,15 +75,9 @@
<condition name='hidden_if_in' source='activer_apache'>
<param>non</param>
<target type='filelist'>nineschool</target>
<target type='filelist'>nineschool_nginx</target>
<target type='servicelist'>nineschool</target>
</condition>
<!-- AFFICHAGE EN FONCTION DE REVERSE PROXY -->
<condition name='hidden_if_in' source='activer_revprox'>
<param>non</param>
<target type='filelist'>nineschool_nginx</target>
</condition>
<!-- AFFICHAGE EN FONCTION DE NINESCHOOL -->
<condition name='hidden_if_in' source='activer_nineschool'>
@ -116,7 +107,6 @@
<target type='variable'>nineschool_dbpass</target>
<target type='filelist'>nineschool</target>
<target type='filelist'>nineschool_nginx</target>
<target type='servicelist'>nineschool</target>
</condition>

4
src/nineschool-1.0/config/services.yaml
View File

@ -28,7 +28,6 @@ parameters:
ldapModel: '%env(resolve:LDAP_MODEL)%'
ldapHost: '%env(resolve:LDAP_HOST)%'
ldapPort: '%env(resolve:LDAP_PORT)%'
ldapTls: '%env(resolve:LDAP_TLS)%'
ldapUser: '%env(resolve:LDAP_USER)%'
ldapPassword: '%env(resolve:LDAP_PASSWORD)%'
ldapBasedn: '%env(resolve:LDAP_BASEDN)%'
@ -67,7 +66,6 @@ services:
bind:
$ldapHost: '%ldapHost%'
$ldapPort: '%ldapPort%'
$ldapTls: '%ldapTls%'
$ldapUser: '%ldapUser%'
$ldapPassword: '%ldapPassword%'
$ldapBasedn: '%ldapBasedn%'
@ -107,7 +105,7 @@ services:
app.ldap.service:
public: true
class: App\Service\ldapService
arguments: ["%ldapHost%","%ldapPort%","%ldapTls%","%ldapUser%","%ldapPassword%","%ldapBasedn%"]
arguments: ["%ldapHost%","%ldapPort%","%ldapUser%","%ldapPassword%","%ldapBasedn%"]
app.upload.samename:
public: true

2
src/nineschool-1.0/scripts/websocket.sh
View File

@ -32,6 +32,6 @@ then
if [ "$restart" == "yes" ] && [ "$1" != "stop" ] ; then
echo WEBSOCKET = START
systemctl restart wss$APP_ALIAS
bin/console app:Websocket --name $APP_ALIAS & disown
fi
fi

144
src/nineschool-1.0/src/Command/SynchroUsersCommand.php
View File

@ -7,17 +7,22 @@ use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Filesystem\Filesystem;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Ramsey\Uuid\Uuid;
use App\Entity\Group;
use App\Entity\User;
use App\Entity\Group as Group;
use App\Entity\User as User;
use App\Entity\Answer as Answer;
use App\Entity\Message as Message;
use App\Service\mailService;
class SynchroUsersCommand extends Command
{
private $container;
private $router;
private $em;
private $output;
private $filesystem;
@ -25,12 +30,15 @@ class SynchroUsersCommand extends Command
private $ldap;
private $ldap_basedn;
private $ldapgroups=[];
private $mail;
public function __construct(ContainerInterface $container,EntityManagerInterface $em)
public function __construct(ContainerInterface $container,EntityManagerInterface $em,RouterInterface $router, mailService $mail)
{
parent::__construct();
$this->container = $container;
$this->em = $em;
$this->router = $router;
$this->mail = $mail;
}
protected function configure()
@ -102,17 +110,6 @@ class SynchroUsersCommand extends Command
$ldapusers = array();
$ldapmails = array();
// Suppression des groupe ninegate
$groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) {
if($group->getIdexternal()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
}
if($ldap_model=="scribe") {
$this->writeln('');
@ -158,32 +155,6 @@ class SynchroUsersCommand extends Command
if(!$simulate) $this->addmodGroup($label,$ldapfilter,true);
}
// Elèves des Classes
$this->writeln('');
$this->writeln('== ELEVES DES CLASSES ==========================================');
$results = $this->ldap->search("type=Classe", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(&(type=Classe)(cn=$cn))";
$label="ELEVES - ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,false);
}
// Professeurs des Classes
$this->writeln('');
$this->writeln('== PROFESSEURS DES CLASSES ==========================================');
$results = $this->ldap->search("type=Classe", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(|(&(type=Equipe)(cn=profs-$cn))(&(ENTPersonProfils=Administratif)(divcod=$cn)))";
$label="PROFESSEURS - ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,false);
}
// Options
$this->writeln('');
$this->writeln('== OPTIONS ==========================================');
@ -416,6 +387,15 @@ class SynchroUsersCommand extends Command
$this->writeln('== GROUPS ============================================');
$groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) {
if($group->getIdexternal()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
if(!$group->getLdapfilter()) continue;
if(!in_array($group->getId(),$this->ldapgroups)) {
@ -444,25 +424,12 @@ class SynchroUsersCommand extends Command
$this->writeln('== SYNCHONISATION NINEGATE TO BUNDLE ================');
$this->writeln('=====================================================');
// Suppression des groupe annuaire
$groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) {
if($group->getLdapfilter()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
}
$appmasterurl = $this->container->getParameter("appMasterurl");
$appmasterkey = $this->container->getParameter("appMasterkey");
// Généraltion de l'urol de communication
if(stripos($appmasterurl,"/")===0) {
$url="http://".$this->container->getParameter("appWeburl").$appmasterurl;
$url="https://".$this->container->getParameter("appWeburl").$appmasterurl;
}
else
$url=$appmasterurl;
@ -601,7 +568,7 @@ class SynchroUsersCommand extends Command
$this->writeln($group->getName());
$usergroups=[];
if($tabgroups[$group->getIdexternal()])
if(array_key_exists($group->getIdexternal(),$tabgroups)&&$tabgroups[$group->getIdexternal()])
$usergroups = $tabgroups[$group->getIdexternal()]["users"];
$tbusers=[];
foreach($usergroups as $user) {
@ -632,6 +599,12 @@ class SynchroUsersCommand extends Command
$this->em->persist($group);
$this->em->flush();
// On s'assure que l'ensemble des activité active soit bien distribué en fonction
$activitys=$this->em->getRepository("App:Activity")->findAllGroupActivityActive($group,true);
foreach($activitys as $activity) {
$this->initAnswer($activity);
}
}
$this->writeln('');
@ -664,6 +637,15 @@ class SynchroUsersCommand extends Command
$this->writeln('== GROUPS ============================================');
$groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) {
if($group->getLdapfilter()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
if(!$group->getIdexternal()) continue;
if(!in_array($group->getIdexternal(),$lstgroups)) {
@ -714,15 +696,13 @@ class SynchroUsersCommand extends Command
protected function addUser($username,$firstname,$lastname,$email,$usersadmin) {
$user = new User();
$key = Uuid::uuid4();
$user->setUsername($username);
$user->setPassword("NOPASSWORD");
$user->setLastname($lastname);
$user->setFirstname($firstname);
$user->setEmail($email);
$user->setApiKey($key);
// Definition du role
if(in_array($username,$usersadmin))
$role="ROLE_ADMIN";
@ -766,4 +746,48 @@ class SynchroUsersCommand extends Command
$this->em->flush();
}
protected function initAnswer($activity) {
$em = $this->em;
// Pour chaque élève
$group=$activity->getGroup();
foreach($group->getUsers() as $user) {
// Existe-t-il une réponse pour l'élève
if($user->hasRole("ROLE_USER")) {
$answer=$em->getRepository("App:Answer")->findOneBy(["user"=>$user,"activity"=>$activity]);
if(!$answer) {
$answer=new Answer;
$answer->setActivity($activity);
$answer->setUser($user);
$answer->setStatus(-1);
$em->persist($answer);
$em->flush();
// Message
$message=new Message;
$message->setMessage("Distribution de l'Activité");
$message->setDeletable(false);
$message->setUser($activity->getUser());
$message->setAnswer($answer);
$message->addReader($activity->getUser());
$em->persist($message);
$em->flush();
// Notification par mail de la distribution de l'activité
$to = $user->getEmail();
$from = $activity->getUser()->getEmail();
$subject="Nineschool : Nouvelle Activité à réaliser";
$body ="Activité = ".$activity->getName()."<br>";
$body.="Professeur = ".$activity->getUser()->getDisplayname()."<br>";
$body.="Matière = ".$activity->getSubject()."<br>";
$body.="Url = ".$this->router->generate('app_answer_update', ["id"=>$answer->getId()], UrlGeneratorInterface::ABSOLUTE_URL);
$this->mail->sendEmail($subject, $body, $to, $from);
}
}
}
}
}

2
src/nineschool-1.0/src/Form/ActivityType.php
View File

@ -40,7 +40,7 @@ class ActivityType extends AbstractType
"attr" => [
"class" => "btn btn-success",
"data-method" => "submit",
"data-confirm" => "Confirmez vous la distribution de l'activité ? Une fois validée, vous ne pourrez plus modifier son entête et son énoncé." ],
"data-confirm" => "Confirmez vous la distribution de l'activité ? Une foi validée, vous ne pourrez plus modifier son entête et son énoncé." ],
]
);
}

2
src/nineschool-1.0/src/Form/AnswerType.php
View File

@ -40,7 +40,7 @@ class AnswerType extends AbstractType
"attr" => [
"class" => "btn btn-success",
"data-method" => "submit",
"data-confirm" => "Confirmez vous ? Une fois rendue, vous ne pourrez plus modifier l'activité."],
"data-confirm" => "Confirmez vous ? Une foi rendues, vous ne pourrez plus modifier l'activité."],
]
);
}

2
src/nineschool-1.0/src/Form/CorrectedType.php
View File

@ -40,7 +40,7 @@ class CorrectedType extends AbstractType
"attr" => [
"class" => "btn btn-success",
"data-method" => "submit",
"data-confirm" => "Confirmez vous ? Une fois corrigée, vous ne pourrez plus modifier l'activité."],
"data-confirm" => "Confirmez vous ? Une foi corrigé, vous ne pourrez plus modifier l'activité."],
]
);

7
src/nineschool-1.0/src/Service/ldapService.php
View File

@ -10,18 +10,16 @@ class ldapService
protected $host;
protected $port;
protected $tls;
protected $user = null;
protected $password = null;
protected $basedn;
private $connection = null;
public function __construct($ldapHost, $ldapPort, $ldapTls, $ldapUser, $ldapPassword, $ldapBasedn)
public function __construct($ldapHost, $ldapPort, $ldapUser, $ldapPassword, $ldapBasedn)
{
$this->host = $ldapHost;
$this->port = $ldapPort;
$this->tls = $ldapTls;
$this->user = $ldapUser;
$this->password = $ldapPassword;
$this->basedn = $ldapBasedn;
@ -34,9 +32,6 @@ class ldapService
$ldapConn = ldap_connect($this->host, $this->port);
if($ldapConn){
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if($this->tls) ldap_start_tls($ldapConn);
if(ldap_bind( $ldapConn, $this->user, $this->password)){
$this->connection = $ldapConn;
return $this->connection;

14
tmpl/nineschool-apache.conf
View File

@ -6,16 +6,4 @@ Alias /nineschool /var/www/html/nineschool/public
Allow from All
Options Indexes FollowSymLinks MultiViews
php_admin_flag allow_url_fopen On
</Directory>
# Pour activer un serveur websocket sur l'application
# Attention choisir un port libre dans
# 5546 = nineskeletor
# 5556 = ninegate
# 5566 = nineboard
# 5576 = nineschool
# 5586 = ninesurvey
# 5587 = ninetraining
# 5596 = janus
ProxyPass "/wssnineschool" "ws://0.0.0.0:5576" retry=0 keepalive=On
ProxyPassReverse "/wssnineschool" "ws://0.0.0.0:5576" retry=0
</Directory>

12
tmpl/nineschool-env.local
View File

@ -1,7 +1,6 @@
# SYMFONY
APP_ENV=PROD
%set keyfile = %%getVar('container_path_web','') + '/var/www/html/nineschool/.key'
APP_SECRET=%%pwdreader("",%%keyfile)
APP_SECRET=%%pwdreader("","/var/www/html/nineschool/.key")
#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
#TRUSTED_HOSTS='^(localhost|example\.com)$'
@ -63,11 +62,6 @@ LDAP_MODEL=open
%end if
LDAP_HOST=%%adresse_ip_ldap
LDAP_PORT=%%ldap_port
%if %%getVar("ldap_tls","non") == "oui"
LDAP_TLS=1
%else
LDAP_TLS=0
%end if
LDAP_USER=%%ldap_reader
LDAP_PASSWORD=%%pwdreader("",%%ldap_reader_passfile)
LDAP_BASEDN=%%ldap_base_dn
@ -76,8 +70,8 @@ LDAP_USERNAME=uid
LDAP_FIRSTNAME=givenname
LDAP_LASTNAME=sn
LDAP_EMAIL=mail
LDAP_FILTERGROUP='(&(ObjectClass=posixGroup)(cn=*))'
LDAP_FILTERUSER='(&(ObjectClass=person)(uid=*))'
LDAP_FILTERGROUP=(cn=*)
LDAP_FILTERUSER=(uid=*)
%else
LDAP_USERNAME=%%nineschool_ldapuid
LDAP_FIRSTNAME=%%nineschool_ldapfirstname

6
tmpl/nineschool-nginx.conf
View File

@ -1,6 +0,0 @@
location /wssnineschool {
proxy_pass https://%%container_ip_web;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}