When you full deployed xiaozhi-esp32-server on a pubic linux, you may want to enable domain name and https access. Here is how:
0. Make sure your http
and ws
access to your server works.
- Use browser to access
http://your_ip:8001
, It should show the login page.
- Use browser to access
ota url
: http://your_ip:8002/xiaozhi/ota/
, It should show the correct message.
- Use a websocket test tool, for example:
Websocket test client
in chrome web store, to test ws://your_ip:8000/xiaozhi/v1/
, it should return the correct anwser.
- You can use a real Xiaozhi device to access your own server. Change the
OTA url
in idf.py menuconfig
and build + flash it. Try to configure a network and speak to it.
- If you don't have a real device, you can use a test page. The offical test page https://2662r3426b.vicp.fun/test/ is not useable because the page is using https and can only access
wss
but ws
. You should use the test page under the xiaozhi-esp32-server
project path main/xiaozhi-server/test/test_page.html
. Use a http-server( for example: npm install -g http-server
then http-server
) to serve the page and access it from the browser.
- Install nginx and run it as service;
- Install certbot, generate nginx public and private certs;
# Ubuntu/Debian
sudo apt-get install certbot python3-certbot-nginx
# generate certs
sudo certbot --nginx -d diy.esp32.cn
# automatic renew
sudo certbot renew --quiet
If certbot failed to add configuration to nginx.conf, you can do it by yourself. You need to copy the certs path and paste them into nginx.conf
. For example:
ssl_certificate /etc/letsencrypt/live/yourdomain.name/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.name/privkey.pem;
I'll show you in the next step.
- Config nginx. Add the following configuration to
nginx.conf
, change yourdomain.name
to yours:
server {
listen 80;
server_name yourdomain.name;
location / {
proxy_pass http://localhost:8001;
}
}
server {
listen 443 ssl;
server_name yourdomain.name;
ssl_certificate /etc/letsencrypt/live/yourdomain.name/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.name/privkey.pem;
location / {
proxy_pass https://localhost:8001;
# Normal proxy header, forward client's request information.
proxy_set_header Host localhost:8001;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Set timeout as you wish
#proxy_read_timeout 86400s;
}
location = /xiaozhi/v1/ {
proxy_pass http://localhost:8000/xiaozhi/v1/;
# Support WebSocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_read_timeout 86400s;
}
}
Restart nginx by nginx -s reload
or service nginx restart
or systemctl restart nginx
.
The ota url and wss url should work now. You can try to access https://yourdomain.name/xiaozhi/ota/
and wss://yourdomain.name/xiaozhi/v1/
- Change vue config file
main/manager-web/vue.config.js
, add a element https: true,
under devServer:{}
, like:
devServer: {
port: 8001,
https: true,
...
Restart npm run serve
, https://yourdomain.name/
should works. and you can also access it by ip: https://your_ip:8001
. The http
access is disabled at the same time.
- Change the ota and websocket config in the admin page of
https://yourdomain.name/
.
Set systemd service
Set systemd service redis, manager-api, manager-web, xiaozhi-server.
manager-api should rely on redis, or it will fail to start.
The ExecStart
should use absolute path because systemd started earlier before PATH is loaded.
/etc/systemd/system/redis.service
[Unit]
Description=Redis Server
After=network.target
Wants=network.target
[Service]
Type=simple
ExecStart=/usr/sbin/service redis start
ExecStop=/usr/sbin/service redis stop
Restart=always
RestartSec=5
StandardOutput=append:/var/log/redis.log
StandardError=append:/var/log/redis.log
[Install]
WantedBy=multi-user.target
/etc/systemd/system/manager-api.service
[Unit]
Description=Manager API Service
After=redis.service
Requires=redis.service
[Service]
Type=simple
ExecStart=/www/server/java/jdk-21.0.2/bin/java -jar /root/s2/xiaozhi-esp32-server/main/manager-api/target/xiaozhi-esp32-api.jar
WorkingDirectory=/root/s2/xiaozhi-esp32-server/main/manager-api
Restart=no
RestartSec=5
StandardOutput=append:/var/log/manager-api.log
StandardError=append:/var/log/manager-api.log
SyslogIdentifier=manager-api
[Install]
WantedBy=multi-user.target
/etc/systemd/system/manager-web.service
[Unit]
Description=Manager Web Service
After=manager-api.service
Wants=manager-api.service
[Service]
Type=simple
Environment="PATH=/usr/local/bin:/usr/bin:/bin:/root/.nvm/versions/node/v22.16.0/bin"
ExecStart=/root/.nvm/versions/node/v22.16.0/bin/npm run serve
WorkingDirectory=/root/s2/xiaozhi-esp32-server/main/manager-web
Restart=always
RestartSec=5
StandardOutput=append:/var/log/manager-web.log
StandardError=append:/var/log/manager-web.log
SyslogIdentifier=manager-web
[Install]
WantedBy=multi-user.target
/etc/systemd/system/xiaozhi-server.service
[Unit]
Description=Xiaozhi Server
After=manager-web.service
Wants=manager-web.service
[Service]
Type=simple
Environment=XIAOZHI_HOME=/root/s2/xiaozhi-esp32-server/main
ExecStart=/www/server/pyporject_evn/xiaozhi/bin/python app.py
WorkingDirectory=/root/s2/xiaozhi-esp32-server/main/xiaozhi-server
Restart=always
RestartSec=5
StandardOutput=append:/var/log/xiaozhi-server.log
StandardError=append:/var/log/xiaozhi-server.log
SyslogIdentifier=xiaozhi-server
[Install]
WantedBy=multi-user.target
enable systemd service and check logs
systemctl enable redis manager-api manager-web xiaozhi-server
reboot
Reboot and check if services are active
systemctl status redis manager-api manager-web xiaozhi-server
# Check running log
journalctl -u redis
journalctl -u manager-api
journalctl -u manager-web
journalctl -u xiaozhi-server
# Check services' stdio output log
cat /var/log/redis.log
cat /var/log/manager-api.log
cat /var/log/manager-web.log
cat /var/log/xiaozhi-server.log