websoft9 service and all micro services

This commit is contained in:
qiaofeng1227 2023-10-17 14:34:36 +08:00
parent a3bbe99ecc
commit bc977b4ef6
9 changed files with 37 additions and 38 deletions

View file

@ -1,4 +1,4 @@
# Dockerfile refer to: https://github.com/go-gitea/gitea/blob/main/Dockerfile # Dockerfile refer to:https://github.com/go-gitea/gitea/blob/main/Dockerfile
FROM gitea/gitea:1.20.4 FROM gitea/gitea:1.20.4
LABEL maintainer="Websoft9<help@websoft9.com>" LABEL maintainer="Websoft9<help@websoft9.com>"

View file

@ -1,11 +1,14 @@
#!/bin/bash #!/bin/bash
set -e
echo "start create user shell" >> /tmp/user echo "start create user shell" >> /tmp/user
set -e
# Confirm gitea is running # Confirm gitea is running
count=1 count=1
response="" response=""
cred_path="/data/gitea/credential"
admin_username="websoft9"
admin_email="help@websoft9.com"
while [ "$response" != "200" ]; do while [ "$response" != "200" ]; do
response=$(curl -s -o /dev/null -w "%{http_code}" localhost:3000) response=$(curl -s -o /dev/null -w "%{http_code}" localhost:3000)
if [ "$response" = "200" ]; then if [ "$response" = "200" ]; then
@ -19,21 +22,19 @@ while [ "$response" != "200" ]; do
fi fi
done done
cred_path="/var/websoft9/credential"
admin_username="websoft9"
admin_email="help@websoft9.com"
if [ -e "$cred_path" ]; then if [ -e "$cred_path" ]; then
echo "File $cred_path exists. Exiting script." echo "File $cred_path exists. Exiting script."
exit 0 exit 0
fi fi
echo "create diretory"
mkdir -p "$(dirname "$cred_path")"
echo "Create admin credential by admin cli" echo "Create admin credential by admin cli"
su -c " su -c "
gitea admin user create --admin --username '$admin_username' --random-password --email '$admin_email' > /tmp/credential if gitea admin user list | grep -q '$admin_username'; then
echo 'User already exists.'
exit 0
else
gitea admin user create --admin --username '$admin_username' --random-password --email '$admin_email' > /tmp/credential
fi
" git " git
echo "Read credential from tmp" echo "Read credential from tmp"

View file

@ -1,4 +1,4 @@
# Dockerfile refer to: https://github.com/NginxProxyManager/nginx-proxy-manager/blob/develop/docker/Dockerfile # Dockerfile refer to:https://github.com/NginxProxyManager/nginx-proxy-manager/blob/develop/docker/Dockerfile
FROM jc21/nginx-proxy-manager:2.10.4 FROM jc21/nginx-proxy-manager:2.10.4
LABEL maintainer="Websoft9<help@websoft9.com>" LABEL maintainer="Websoft9<help@websoft9.com>"

View file

@ -1,13 +1,12 @@
#!/bin/bash #!/bin/bash
echo "Start to change nginxproxymanage users" >> /tmp/userlog
set +e set +e
username="help@websoft9.com" username="help@websoft9.com"
password=$(openssl rand -base64 16 | tr -d '/+' | cut -c1-16) password=$(openssl rand -base64 16 | tr -d '/+' | cut -c1-16)
token="" token=""
cred_path="/var/websoft9/credential" cred_path="/data/credential"
echo "Start to change nginxproxymanage users"
if [ -e "$cred_path" ]; then if [ -e "$cred_path" ]; then
echo "File $cred_path exists. Exiting script." echo "File $cred_path exists. Exiting script."
exit 0 exit 0
@ -16,32 +15,33 @@ fi
echo "create diretory" echo "create diretory"
mkdir -p "$(dirname "$cred_path")" mkdir -p "$(dirname "$cred_path")"
sleep 10
while [ -z "$token" ]; do while [ -z "$token" ]; do
sleep 5 sleep 5
login_data=$(curl -X POST -H "Content-Type: application/json" -d '{"identity":"admin@example.com","scope":"user", "secret":"changeme"}' http://localhost:81/api/tokens) login_data=$(curl -X POST -H "Content-Type: application/json" -d '{"identity":"admin@example.com","scope":"user", "secret":"changeme"}' http://localhost:81/api/tokens)
token=$(echo $login_data | jq -r '.token') token=$(echo $login_data | jq -r '.token')
done done
echo "Change username(email)" >> /tmp/userlog echo "Change username(email)"
while true; do while true; do
response=$(curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d '{"email": "'$username'", "nickname": "admin", "is_disabled": false, "roles": ["admin"]}' http://localhost:81/api/users/1) response=$(curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d '{"email": "'$username'", "nickname": "admin", "is_disabled": false, "roles": ["admin"]}' http://localhost:81/api/users/1)
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
echo "HTTP call successful" echo "HTTP call successful"
break break
else else
echo "HTTP call Change username failed, retrying..." >> /tmp/userlog echo "HTTP call Change username failed, retrying..."
sleep 5 sleep 5
fi fi
done done
echo "Update password" >> /tmp/userlog echo "Update password"
while true; do while true; do
response=$(curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d '{"type":"password","current":"changeme","secret":"'$password'"}' http://localhost:81/api/users/1/auth) response=$(curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer $token" -d '{"type":"password","current":"changeme","secret":"'$password'"}' http://localhost:81/api/users/1/auth)
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
echo "HTTP call successful" echo "HTTP call successful"
break break
else else
echo "HTTP call Update password failed, retrying..." >> /tmp/userlog echo "HTTP call Update password failed, retrying..."
sleep 5 sleep 5
fi fi
done done
@ -49,5 +49,4 @@ done
echo "Save to credential" echo "Save to credential"
json="{\"username\":\"$username\",\"password\":\"$password\"}" json="{\"username\":\"$username\",\"password\":\"$password\"}"
echo "$json" > "$cred_path" echo "$json" > "$cred_path"
set -e set -e

View file

@ -9,20 +9,20 @@ cockpit_port="9000"
on_change() { on_change() {
set +e set +e
# 从配置文件中获取端口号 # 从配置文件中获取端口号
cockpit_port=$(sudo docker exec -i websoft9-apphub apphub getconfig --section cockpit --key port) cockpit_port=$(docker exec -i websoft9-apphub apphub getconfig --section cockpit --key port)
sudo sed -i "s/ListenStream=[0-9]*/ListenStream=${cockpit_port}/" /lib/systemd/system/cockpit.socket sed -i "s/ListenStream=[0-9]*/ListenStream=${cockpit_port}/" /lib/systemd/system/cockpit.socket
sudo systemctl daemon-reload systemctl daemon-reload
sudo systemctl restart cockpit.socket 2> /dev/null systemctl restart cockpit.socket 2> /dev/null
sudo systemctl restart cockpit || exit 1 systemctl restart cockpit || exit 1
set_Firewalld set_Firewalld
set -e set -e
} }
set_Firewalld(){ set_Firewalld(){
echo "Set cockpit service to Firewalld..." echo "Set cockpit service to Firewalld..."
sudo sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /etc/firewalld/services/cockpit.xml 2>/dev/nul sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /etc/firewalld/services/cockpit.xml 2>/dev/nul
sudo sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /usr/lib/firewalld/services/cockpit.xml 2>/dev/nul sed -i "s/port=\"[0-9]*\"/port=\"$cockpit_port\"/g" /usr/lib/firewalld/services/cockpit.xml 2>/dev/nul
sudo firewall-cmd --reload 2>/dev/nul firewall-cmd --reload 2>/dev/nul
} }
# 循环,持续监控 # 循环,持续监控

View file

@ -2,7 +2,7 @@
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
deployment_username="admin" deployment_username="admin"
credential_path="/var/websoft9/credential" credentials=("/data/gitea/credential" "/data/credential" "/data/credential")
containers=("websoft9-git" "websoft9-deployment" "websoft9-proxy") containers=("websoft9-git" "websoft9-deployment" "websoft9-proxy")
sections=("gitea" "portainer" "nginx_proxy_manager") sections=("gitea" "portainer" "nginx_proxy_manager")
max_retries=20 max_retries=20
@ -11,13 +11,14 @@ declare -A usernames passwords
set +e # Ignore errors set +e # Ignore errors
for container in ${containers[@]}; do for i in ${!containers[@]}; do
container=${containers[$i]}
credential_path=${credentials[$i]}
echo "Processing $container" echo "Processing $container"
success=false success=false
counter=0 counter=0
while [[ $success == false && $counter -lt $max_retries ]]; do while [[ $success == false && $counter -lt $max_retries ]]; do
temp_file=$(mktemp) temp_file=$(mktemp)
echo "Attempt $((counter+1)) to copy $credential_path from $container to $temp_file"
if docker cp $container:$credential_path $temp_file; then if docker cp $container:$credential_path $temp_file; then
# Check if temp_file is JSON format # Check if temp_file is JSON format
if jq -e . >/dev/null 2>&1 <<< "$(cat "$temp_file")"; then if jq -e . >/dev/null 2>&1 <<< "$(cat "$temp_file")"; then
@ -62,7 +63,5 @@ for ((i=0; i<$length; i++)); do
container=${containers[$i]} container=${containers[$i]}
section=${sections[$i]} section=${sections[$i]}
echo "$container:" echo "$container:"
echo "Username: ${usernames[$container]}"
echo "Password: ${passwords[$container]}"
sudo docker exec -i websoft9-apphub apphub setconfig --section $section --key user_pwd --value ${passwords[$container]} sudo docker exec -i websoft9-apphub apphub setconfig --section $section --key user_pwd --value ${passwords[$container]}
done done

View file

@ -33,11 +33,11 @@ fi
# 检查 /etc/hosts 文件中是否已经存在一个条目与容器名称相同 # 检查 /etc/hosts 文件中是否已经存在一个条目与容器名称相同
if grep -q $container_name /etc/hosts; then if grep -q $container_name /etc/hosts; then
# 如果存在,使用 sed 命令更新这个条目 # 如果存在,使用 sed 命令更新这个条目
sudo sed -i "/$container_name/d" /etc/hosts sed -i "/$container_name/d" /etc/hosts
echo "$container_ip $container_name" | sudo tee -a /etc/hosts > /dev/null echo "$container_ip $container_name" | tee -a /etc/hosts > /dev/null
echo "Container $container_name IP updated to $container_ip in /etc/hosts" echo "Container $container_name IP updated to $container_ip in /etc/hosts"
else else
# 如果不存在,添加一个新的条目 # 如果不存在,添加一个新的条目
echo "$container_ip $container_name" | sudo tee -a /etc/hosts > /dev/null echo "$container_ip $container_name" | tee -a /etc/hosts > /dev/null
echo "Container $container_name IP $container_ip added to /etc/hosts" echo "Container $container_name IP $container_ip added to /etc/hosts"
fi fi

View file

@ -1,5 +1,5 @@
{ {
"version": "0.8.26-rc56", "version": "0.8.26-rc57",
"plugins": { "plugins": {
"portainer": "0.0.7", "portainer": "0.0.7",
"nginx": "0.0.5", "nginx": "0.0.5",