松機-門員工簽到系統技術手冊

--- title: '松機-門員工簽到系統' tags: description: 松機-門員工簽到系統 --- # 松機-門員工簽到系統 --- [TOC] --- ## 開發環境與工具版本 * Backend * Java 17 * Spring Tool Suite 4 * Frontend * Node 16 * NPM 8.15.0 * Visual Studio Code * Database * SQL Server 2017 * Else * OpenSSL 3.1.3 19 --- ## 測試環境 * Backend * Java 17 * Tomcat 9 * 8443 Port * Frontend * Nginx 1.24.0 * 443 Port * Database * SQL Server 2017 * Operating System * Windows --- ## SSL憑證的申請流程產生私鑰與簽證指令 ``` terminal openssl req -nodes -newkey rsa:2048 -sha256 -keyout server.key -out server.csr -utf8 ``` CSR內容 ``` terminal Country name：TW State or Province Name：Taiwan Locality Name：Taipei Organization Name：Taipei International Airport,Civil Aviation Administration,MOTC Organization Unit Name：Planning Section Common Name：facialcheckin.tsa.gov.tw Email Address：cc9659@tsa.gov.tw A challenge password：空白 An optional company name: 空白 ``` 在將server.csr寄給承辦人備註：目前SSL過期日大約是在2024-09-13 --- ## Server SSL 設定 SSL 路徑 ``` Path： D://server/ssl/server.key D://server/ssl/server.crt ``` Backend SSL 設定 ``` Path：D://server/apache-tomcat-9.0.90/conf/server.xml ``` ``` XML ... <Connector protocol="org.apache.coyote.http11.Http11AprProtocol" port="8443" maxThreads="200" maxParameterCount="1000" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="D:\server\ssl\server.crt" SSLCertificateKeyFile="D:\server\ssl\server.key" SSLVerifyClient="none" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/> ... ``` Frontend SSL 設定 ``` Path：D://server/nginx-1.24.0/conf/ ``` ``` ... ssl on; ssl_certificate D:\server\ssl\server.crt; ssl_certificate_key D:\server\ssl\server.key; ssl_session_timeout 5m; #ssl_protocols SSLv2 SSLv3 TLSv1; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ... ``` --- ## Log Path Backend ap log ``` Path：D://usr/local/eDoorman/logs/ ``` Backend server log(包含Backend ap log) ``` Path：D://server/apache-tomcat-9.0.90/logs/ ``` Frontend ap log ``` Path：D://server/nginx-1.24.0/logs/ ``` --- ## 程式佈署位置 Backend - 先停止服務後在將 edoorman.war 及 edoorman 刪除，將打包好的edoorman.war丟到webapps資料夾裡面，在啟動服務即可 ``` Path：D://server/apache-tomcat-9.0.90/webapps/ ``` Frontend - 不用停止服務，直接將edoorman裡的資料全刪除後,build.zip解壓縮資料丟進去即可 ``` Path：D://server/nginx-1.24.0/web/edoorman/ ``` --- ## 程式打包指令 Backend(先到專案目錄下) ``` terminal ./gradlew clean build -Penv=prod -Psys=windows ``` Frontend(先到專案目錄下) ``` terminal npm run build:prod ``` --- ## AP服務 Backend service ![MicrosoftTeams-image](https://hackmd.io/_uploads/HJgP3qgEp.jpg) Frontend service ![MicrosoftTeams-image (1)](https://hackmd.io/_uploads/r14w39g4a.jpg) --- ## 注意事項 * 上版時，需繳交Fortify(依承辦人這邊為主) * 可能會遇到串接系統上的問題 * WebITR(FTP -> SFTP)(打卡紀錄 -> 差勤系統) * SMTP(報警所用) * FTPS(打卡機影像傳輸所需要) * WebITR 相關資料，可以確認Server路徑上Backup的檔案 * Path：D://usr/local/eDoorman/WebITRLocal/Backup/ ---