Views: 847
Last Modified: 10.03.2021

It is recommended to use a fully pre-configured BitrixVM Bitrix Virtual Appliance is a free-of-charge, off-the-shelf software product, a fully preconfigured and tested virtual server adapted for an immediate use for both Bitrix24 products and any PHP applications. Available versions of Bitrix Virtual Appliance support both Windows and Unix systems.
Learn more...
for Bitrix24 Self-hosted. When due to some reasons, you cannot use BitrixVM, a Push server must be configured in the deployed environment. The examples below are specifically provided for CentOs.

  Push server configuration


  1. Enable the connected bitrix-env repository:
    cat /etc/yum.repos.d/bitrix.repo 
    [bitrix]
    name=$OS $releasever - $basearch
    failovermethod=priority
    baseurl=http://repos.bitrix24.com/yum/el/$releasever/$basearch
    enabled=1
    gpgcheck=1
    gpgkey=http://repos.bitrix24.com/yum/RPM-GPG-KEY-BitrixEnv

    Note: In case of Centos 6, a connected nodejs repository is required
    curl --silent --location https://rpm.nodesource.com/setup_6.x | bash - >/dev/null 2>&1

  2. Install the packages.

    Note: Due to ongoing issue with Centos 7.3, install http-parser package manually:
    rpm -Uvh https://kojipkgs.fedoraproject.org//packages/http-parser/2.7.1/3.el7/x86_64/http-parser-2.7.1-3.el7.x86_64.rpm
    
    Затем
     yum -y install nodejs push-server 

  Redis server setup


  1. Update group for Redis user. In case of Bitrix environment - it is a bitrix group. In the rest of cases, the group corresponds to the group with permissions handled by apache or php-fpm services.
    usermod -g bitrix redis 
  2. Update config file for Redis service:
     cat /etc/redis.conf  
    # Ansible managed
    unixsocket /tmp/redis.sock
    pidfile /var/run/redis_6379.pid
    logfile /var/log/redis/redis.log
    dir /var/lib/redis
    
    bind 127.0.0.1
    protected-mode yes
    port 6379
    tcp-backlog 511
    unixsocketperm 770
    timeout 0
    tcp-keepalive 300
    daemonize yes
    supervised no
    loglevel notice
    databases 16
    save 86400 1
    save 7200 10
    save 3600 10000
    stop-writes-on-bgsave-error no
    rdbcompression yes
    rdbchecksum yes
    dbfilename dump.rdb
    slave-serve-stale-data yes
    slave-read-only yes
    repl-diskless-sync no
    repl-diskless-sync-delay 5
    repl-disable-tcp-nodelay no
    slave-priority 100
    appendonly no
    appendfilename "appendonly.aof"
    appendfsync everysec
    no-appendfsync-on-rewrite no
    auto-aof-rewrite-percentage 100
    auto-aof-rewrite-min-size 64mb
    aof-load-truncated yes
    lua-time-limit 5000
    slowlog-log-slower-than 10000
    slowlog-max-len 128
    latency-monitor-threshold 0
    notify-keyspace-events ""
    hash-max-ziplist-entries 512
    hash-max-ziplist-value 64
    list-max-ziplist-size -2
    list-compress-depth 0
    set-max-intset-entries 512
    zset-max-ziplist-entries 128
    zset-max-ziplist-value 64
    hll-sparse-max-bytes 3000
    activerehashing yes
    client-output-buffer-limit normal 0 0 0
    client-output-buffer-limit slave 256mb 64mb 60
    client-output-buffer-limit pubsub 32mb 8mb 60
    hz 10
    aof-rewrite-incremental-fsync yes
    maxmemory 459mb
    maxmemory-policy allkeys-lru

    The maxmemory value depends on capabilities server with installed push-server. In case of BitrixVM, for example, this parameter equals to 1/4 from installed memory.

    Note: In case of Centos 7, update Redis service settings:
    cat /etc/systemd/system/redis.service.d/custom.conf
    [Service]
    Group=bitrix
    When Bitrix environment is not used, insert group value as you require.

  3. Re-launch Redis service and enable automatic launch for it.

    Command for Centos 7:

     systemctl enable redis && systemctl restart redis 

    Command for Centos 6:

     chkconfig redis on && /etc/init.d/redis restart 

  Push server configuration


  1. Update the settings file /etc/sysconfig/push-server-multi, by adding the option WS_HOST - host IP address You can use localhost or 127.0.0.1 for Push server. When an external address is used, make sure that network firewall settings allowed access to required web servers. , use for launching the service. When required, update the settings, responsible for number of nodejs processes, handling get and publishing messages:
    ID_SUB=5              # max ID for sub service
    ID_PUB=1              # max ID for pub service
  2. Create configuration files for launched processes. Simultaneously, the key SECURITY_KEY will be created in the config:

    /etc/init.d/push-server-multi reset

    This process creates config files in the catalog:

    ls -al /etc/push-server/push-server-*
    -rw-r--r-- 1 bitrix root   685 Aug 25 14:52 /etc/push-server/push-server-pub-9010.json
    -rw-r--r-- 1 bitrix root   685 Aug 25 14:52 /etc/push-server/push-server-pub-9011.json
    -rw-r--r-- 1 bitrix root   635 Aug 25 14:52 /etc/push-server/push-server-sub-8010.json
    -rw-r--r-- 1 bitrix root   635 Aug 25 14:52 /etc/push-server/push-server-sub-8011.json
    -rw-r--r-- 1 bitrix root   635 Aug 25 14:52 /etc/push-server/push-server-sub-8012.json
    -rw-r--r-- 1 bitrix root   635 Aug 25 14:52 /etc/push-server/push-server-sub-8013.json
    -rw-r--r-- 1 bitrix root   635 Aug 25 14:52 /etc/push-server/push-server-sub-8014.json
    -rw-r--r-- 1 bitrix root   635 Aug 25 14:52 /etc/push-server/push-server-sub-8015.json

    Number of files depends on the options, specified above.

  3. Launch the processes.

    Command for Centos 7:

    systemctl enable push-server && systemctl start push-server

    Command for Centos 6:

    chkconfig push-server-multi on && /etc/init.d/push-server-multi start

  NGINX Configuration


  1. Setup server upstream for Push server:
    #/etc/nginx/bx/settings/rtc-im_settings.conf
    
    log_format simple '$time_local $status $request';
    # if connection ti not set
    map $http_upgrade $connection_upgrade {
      default upgrade;
      '' 'close';
    }
    
    map $http_upgrade  $replace_upgrade {
      default $http_upgrade;
      ''      "websocket";
    }
    
    # sub services
    upstream nodejs_sub {
      ip_hash;
      keepalive 1024;
      server vm04.ksh.bx:8010;
      server vm04.ksh.bx:8011;
      server vm04.ksh.bx:8012;
      server vm04.ksh.bx:8013;
      server vm04.ksh.bx:8014;
      server vm04.ksh.bx:8015;
    }
    
    # pub services
    upstream nodejs_pub {
      ip_hash;
      keepalive 1024;
      server vm04.ksh.bx:9010;
      server vm04.ksh.bx:9011;
    }

    Use the installed Push server name or IP address with as the server name.

  2. Configuration file for virtual servers:
    # /etc/nginx/bx/site_enabled/rtc-server.conf
    
    server {
        listen 8895 default_server;
        server_name _;
    
        # access_log  /var/log/nginx/access.log  main buffer=64k;
        # access_log  /dev/shm/access.log simple;
        # error_log  /var/log/nginx/error.log  warn;
        access_log off;
    
        add_header "X-Content-Type-Options" "nosniff";
    
        location /server-stat {
            access_log off;
            proxy_pass http://nodejs_pub;
        }
    
        location  /nginx_status {
            stub_status on;
        }
    
        location /bitrix/pub/ {
            # IM doesn't wait
            proxy_ignore_client_abort on;
            proxy_pass http://nodejs_pub;
        }
    
    		include bx/conf/im_subscrider.conf;
    
        location / {
            deny all;
        }
    }
    
    server {
        listen 8893;
        listen 8894 default_server ssl;
    
        access_log off;
        add_header Access-Control-Allow-Origin *;
    
        server_name _;
    
        # ssl settings
        include bx/conf/ssl.conf;
    
        # Include error handlers
        include bx/conf/errors.conf;
    
        # Include im subscrider handlers
        include bx/conf/im_subscrider.conf;
        
        location ^~ /           { deny all; }
    }

    Note: Access to server, servicing the /pub can be opened only for web servers, executing the publishing. When all settings are locked on a single host, it's better to use 127.0.0.1 address for this server.

  3. The config file bx/conf/im_subscrider.conf contains settings for public entry points /bitrix/subws, /bitrix/sub and /bitrix/rest. When they must be used directly on a site and not by separate virtual server, this file must be connected directly into site config.
    # cat /etc/nginx/bx/conf/im_subscrider.conf
    # Ansible managed
    location ~* ^/bitrix/subws/ {
        access_log off;
       proxy_pass http://nodejs_sub;
       # http://blog.martinfjordvald.com/2013/02/websockets-in-nginx/
       # 12h+0.5
       proxy_max_temp_file_size 0;
       proxy_read_timeout  43800;
       proxy_http_version 1.1;
       proxy_set_header Upgrade $replace_upgrade;
       proxy_set_header Connection $connection_upgrade;
    }
    
    location ~* ^/bitrix/sub/ {
       access_log off;
       rewrite ^/bitrix/sub/(.*)$ /bitrix/subws/$1 break;
       proxy_pass http://nodejs_sub;
       proxy_max_temp_file_size 0;
       proxy_read_timeout  43800;
    }
    
    location ~* ^/bitrix/rest/ {
       access_log off;
       proxy_pass http://nodejs_pub;
       proxy_max_temp_file_size 0;
       proxy_read_timeout  43800;
    }
  4. Connect the configs:
    # /etc/nginx/nginx.conf
    include /etc/nginx/bx/site_enabled/rtc-server.conf;
    include /etc/nginx/bx/settings/rtc-im_settings.conf;
  5. In case of a Virtual Appliance, delete old server configuration (push-stream-module) /etc/nginx/bx/conf/im_subscrider.conf and /etc/nginx/bx/site_enabled/push.conf.
  6. Re-launch NGINX server.

  Site setup

Add the following settings in the config file bitrix/.settings.php Settings in the new kernel are contained in the file /bitrix/.settings.php. Please, be advised that the old kernel contained such settings in the file /bitrix/php_interface/dbconn.php. The file .settings.php structurally differs significantly from the previous dbconn.php.
Learn more...
as follows:

'pull' => Array(
    'value' =>  array(
        'path_to_listener' => 'http://#DOMAIN#/bitrix/sub/',
        'path_to_listener_secure' => 'https://#DOMAIN#/bitrix/sub/',
        'path_to_modern_listener' => 'http://#DOMAIN#/bitrix/sub/',
        'path_to_modern_listener_secure' => 'https://#DOMAIN#/bitrix/sub/',
        'path_to_mobile_listener' => 'http://#DOMAIN#:8893/bitrix/sub/',
        'path_to_mobile_listener_secure' => 'https://#DOMAIN#:8894/bitrix/sub/',
        'path_to_websocket' => 'ws://#DOMAIN#/bitrix/subws/',
        'path_to_websocket_secure' => 'wss://#DOMAIN#/bitrix/subws/',
        'path_to_publish' => 'http://vm04.ksh.bx:8895/bitrix/pub/',
        'nginx_version' => '3',
        'nginx_command_per_hit' => '100',
        'nginx' => 'Y',
        'nginx_headers' => 'N',
        'push' => 'Y',
        'websocket' => 'Y',
        'signature_key' => 'ANzCW8X3ui4GokEqAh8fwinrSBnWj3dU1V0O3knHlwc224vBdIA8Yg1PhPU1G3tQaTcnorGO9skoWPbLiDV5eqnVcH2RgbKCP65yAHjiFfP4RJh60W9sxqISkcQxWQ0U',
        'signature_algo' => 'sha1',
        'guest' => 'N',
    ),
),

Indicate settings from /etc/sysconfig/push-server-multi as a signature_key.

grep SECURITY_KEY /etc/sysconfig/push-server-multi
SECURITY_KEY=ANzCW8X3ui4GokEqAh8fwinrSBnWj3dU1V0O3knHlwc224vBdIA8Yg1PhPU1G3tQaTcnorGO9skoWPbLiDV5eqnVcH2RgbKCP65yAHjiFfP4RJh60W9sxqISkcQxWQ0U



Courses developed by «Bitrix», Inc.