websoft9 service and all micro services

This commit is contained in:
qiaofeng1227 2023-10-17 14:34:36 +08:00
parent a3bbe99ecc
commit bc977b4ef6
9 changed files with 37 additions and 38 deletions

View file

@ -6,7 +6,7 @@ RUN go build -o init_portainer /init_portainer.go
RUN chmod +x /init_portainer
# step2: copy build go program to portainer
# Dockerfile refer to: https://github.com/portainer/portainer/blob/develop/build/linux/Dockerfile
# Dockerfile refer to: https://github.com/portainer/portainer/blob/develop/build/linux/Dockerfile
FROM portainer/portainer-ce:2.19.0
LABEL maintainer="websoft9<help@websoft9.com>"
LABEL version="2.19.0"

View file

@ -1,4 +1,4 @@
# Dockerfile refer to: https://github.com/go-gitea/gitea/blob/main/Dockerfile
# Dockerfile refer to:https://github.com/go-gitea/gitea/blob/main/Dockerfile
FROM gitea/gitea:1.20.4
LABEL maintainer="Websoft9<help@websoft9.com>"

View file

@ -1,11 +1,14 @@
#!/bin/bash
set -e
echo "start create user shell" >> /tmp/user
set -e
# Confirm gitea is running
count=1
response=""
cred_path="/data/gitea/credential"
admin_username="websoft9"
admin_email="help@websoft9.com"
while [ "$response" != "200" ]; do
response=$(curl -s -o /dev/null -w "%{http_code}" localhost:3000)
if [ "$response" = "200" ]; then
@ -19,21 +22,19 @@ while [ "$response" != "200" ]; do
fi
done
cred_path="/var/websoft9/credential"
admin_username="websoft9"
admin_email="help@websoft9.com"
if [ -e "$cred_path" ]; then
echo "File $cred_path exists. Exiting script."
exit 0
fi
echo "create diretory"
mkdir -p "$(dirname "$cred_path")"
echo "Create admin credential by admin cli"
su -c "
gitea admin user create --admin --username '$admin_username' --random-password --email '$admin_email' > /tmp/credential
if gitea admin user list | grep -q '$admin_username'; then
echo 'User already exists.'
exit 0
else
gitea admin user create --admin --username '$admin_username' --random-password --email '$admin_email' > /tmp/credential
fi
" git
echo "Read credential from tmp"

View file

@ -1,4 +1,4 @@
# Dockerfile refer to: https://github.com/NginxProxyManager/nginx-proxy-manager/blob/develop/docker/Dockerfile
# Dockerfile refer to:https://github.com/NginxProxyManager/nginx-proxy-manager/blob/develop/docker/Dockerfile
FROM jc21/nginx-proxy-manager:2.10.4
LABEL maintainer="Websoft9<help@websoft9.com>"

View file

@ -1,13 +1,12 @@
#!/bin/bash
echo "Start to change nginxproxymanage users" >> /tmp/userlog
set +e
username="help@websoft9.com"
password=$(openssl rand -base64 16 | tr -d '/+' | cut -c1-16)
token=""
cred_path="/var/websoft9/credential"
cred_path="/data/credential"
echo "Start to change nginxproxymanage users"
if [ -e "$cred_path" ]; then
echo "File $cred_path exists. Exiting script."
exit 0
@ -16,32 +15,33 @@ fi
echo "create diretory"
mkdir -p "$(dirname "$cred_path")"
sleep 10
while [ -z "$token" ]; do
sleep 5
login_data=$(curl -X POST -H "Content-Type: application/json" -d '{"identity":"admin@example.com","scope":"user", "secret":"changeme"}' http://localhost:81/api/tokens)
token=$(echo $login_data | jq -r '.token')
done
echo "Change username(email)" >> /tmp/userlog
echo "Change username(email)"
while true; do
response=$(curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d '{"email": "'$username'", "nickname": "admin", "is_disabled": false, "roles": ["admin"]}' http://localhost:81/api/users/1)
if [ $? -eq 0 ]; then
echo "HTTP call successful"
break
else
echo "HTTP call Change username failed, retrying..." >> /tmp/userlog
echo "HTTP call Change username failed, retrying..."
sleep 5
fi
done
echo "Update password" >> /tmp/userlog
echo "Update password"
while true; do
response=$(curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d '{"type":"password","current":"changeme","secret":"'$password'"}' http://localhost:81/api/users/1/auth)
if [ $? -eq 0 ]; then
echo "HTTP call successful"
break
else
echo "HTTP call Update password failed, retrying..." >> /tmp/userlog
echo "HTTP call Update password failed, retrying..."
sleep 5
fi
done
@ -49,5 +49,4 @@ done
echo "Save to credential"
json="{\"username\":\"$username\",\"password\":\"$password\"}"
echo "$json" > "$cred_path"
set -e

View file

@ -9,20 +9,20 @@ cockpit_port="9000"
on_change() {
set +e
# 从配置文件中获取端口号
cockpit_port=$(sudo docker exec -i websoft9-apphub apphub getconfig --section cockpit --key port)
sudo sed -i "s/ListenStream=[0-9]*/ListenStream=${cockpit_port}/" /lib/systemd/system/cockpit.socket
sudo systemctl daemon-reload
sudo systemctl restart cockpit.socket 2> /dev/null
sudo systemctl restart cockpit || exit 1
cockpit_port=$(docker exec -i websoft9-apphub apphub getconfig --section cockpit --key port)
sed -i "s/ListenStream=[0-9]*/ListenStream=${cockpit_port}/" /lib/systemd/system/cockpit.socket
systemctl daemon-reload
systemctl restart cockpit.socket 2> /dev/null
systemctl restart cockpit || exit 1
set_Firewalld
set -e
}
set_Firewalld(){
echo "Set cockpit service to Firewalld..."
sudo sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /etc/firewalld/services/cockpit.xml 2>/dev/nul
sudo sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /usr/lib/firewalld/services/cockpit.xml 2>/dev/nul
sudo firewall-cmd --reload 2>/dev/nul
sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /etc/firewalld/services/cockpit.xml 2>/dev/nul
sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /usr/lib/firewalld/services/cockpit.xml 2>/dev/nul
firewall-cmd --reload 2>/dev/nul
}
# 循环,持续监控

View file

@ -2,7 +2,7 @@
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
deployment_username="admin"
credential_path="/var/websoft9/credential"
credentials=("/data/gitea/credential" "/data/credential" "/data/credential")
containers=("websoft9-git" "websoft9-deployment" "websoft9-proxy")
sections=("gitea" "portainer" "nginx_proxy_manager")
max_retries=20
@ -11,13 +11,14 @@ declare -A usernames passwords
set +e # Ignore errors
for container in ${containers[@]}; do
for i in ${!containers[@]}; do
container=${containers[$i]}
credential_path=${credentials[$i]}
echo "Processing $container"
success=false
counter=0
while [[ $success == false && $counter -lt $max_retries ]]; do
temp_file=$(mktemp)
echo "Attempt $((counter+1)) to copy $credential_path from $container to $temp_file"
if docker cp $container:$credential_path $temp_file; then
# Check if temp_file is JSON format
if jq -e . >/dev/null 2>&1 <<< "$(cat "$temp_file")"; then
@ -62,7 +63,5 @@ for ((i=0; i<$length; i++)); do
container=${containers[$i]}
section=${sections[$i]}
echo "$container:"
echo "Username: ${usernames[$container]}"
echo "Password: ${passwords[$container]}"
sudo docker exec -i websoft9-apphub apphub setconfig --section $section --key user_pwd --value ${passwords[$container]}
done

View file

@ -33,11 +33,11 @@ fi
# 检查 /etc/hosts 文件中是否已经存在一个条目与容器名称相同
if grep -q $container_name /etc/hosts; then
# 如果存在,使用 sed 命令更新这个条目
sudo sed -i "/$container_name/d" /etc/hosts
echo "$container_ip $container_name" | sudo tee -a /etc/hosts > /dev/null
sed -i "/$container_name/d" /etc/hosts
echo "$container_ip $container_name" | tee -a /etc/hosts > /dev/null
echo "Container $container_name IP updated to $container_ip in /etc/hosts"
else
# 如果不存在,添加一个新的条目
echo "$container_ip $container_name" | sudo tee -a /etc/hosts > /dev/null
echo "$container_ip $container_name" | tee -a /etc/hosts > /dev/null
echo "Container $container_name IP $container_ip added to /etc/hosts"
fi

View file

@ -1,5 +1,5 @@
{
"version": "0.8.26-rc56",
"version": "0.8.26-rc57",
"plugins": {
"portainer": "0.0.7",
"nginx": "0.0.5",