diff --git a/.env.example b/.env.example deleted file mode 100644 index a202794..0000000 --- a/.env.example +++ /dev/null @@ -1,27 +0,0 @@ -IMAGE_BASE=registry.cn-hangzhou.aliyuncs.com/aix_chenc -OPENRESTY_VERSION=1.25.3.1 -################ Net Congfig ###################### -NET_SUBNET=10.12.25 - -################# WEB目录 ###################### -WWWROOT_PATH="./www" - -################# PHP Config ###################### -PHP73_VERSION=7.3.33 -PHP74_VERSION=7.4.33 -PHP81_VERSION=8.1.24 -PHP83_VERSION=8.3.0 - -################ Elasticsearch ###################### -ELK_VERSION=7.17.10 -ELASTICSEARCH_HOST_HTTP_PORT=9200 -ELK_ELASTIC_PASSWD=qq1458513 - - - -################# NodeJS ################## -NODEJS_VERSION="18.17.0" -PACKAGE_PATH="" - -################# Redis ################## -REDIS_PASSWORD=qq1458513 \ No newline at end of file diff --git a/aix-agent-install.sh b/aix-agent-install.sh new file mode 100644 index 0000000..1c9c450 --- /dev/null +++ b/aix-agent-install.sh @@ -0,0 +1,92 @@ +#!/bin/bash +print_error() { + RED='\033[0;31m' + NC='\033[0m' + echo -e "${RED}[ERROR] $1${NC}" >&2 +} +print_success() { + GREEN='\033[0;32m' + NC='\033[0m' + echo -e "${GREEN}[SUCCESS] $1${NC}" >&2 +} +if ! command -v jq >/dev/null 2>&1 ; then + wget -O /usr/bin/jq http://download.jsaix.cn/d/linux/jq-1.6-linux64 && chmod +x /usr/bin/jq + if ! command -v jq >/dev/null 2>&1 ; then + print_error "Unsupported Linux distribution" + exit 1 + fi +fi +while getopts "u:" opt; do + case $opt in + u) + UUID="$OPTARG" + ;; + \?) + print_error "Invalid option: -$OPTARG" + exit 1 + ;; + esac +done +if [ -z "$UUID" ]; then + print_error "Error: Missing UUID parameter. Usage: $0 -u " + exit 1 +fi +API_ENDPOINT="https://gateway.jsaix.cn/api/servers/agent_install/$UUID" +REMOTE_RESPONSE=$(curl -s "$API_ENDPOINT") +CODE=$(echo "$REMOTE_RESPONSE" | jq -r '.code') +if [ "$CODE" != "1" ]; then + print_error "Error: Remote API returned a non-successful code. Exiting." + print_error "$(echo "$REMOTE_RESPONSE" | jq -r '.message')" + exit 1 +fi +DOWNLOAD_URL=$(echo "$REMOTE_RESPONSE" | jq -r '.data.url') +EXPECTED_MD5=$(echo "$REMOTE_RESPONSE" | jq -r '.data.md5') +if [ -z "$DOWNLOAD_URL" ] || [ -z "$EXPECTED_MD5" ]; then + print_error "Error: Failed to fetch valid download information from the remote API." + exit 1 +fi +INSTALL_DIR="/usr/local/aix-agent" +MAX_RETRIES=3 +if [ ! -d "$INSTALL_DIR" ]; then + mkdir -p "$INSTALL_DIR" +fi +cd "$INSTALL_DIR" +download_and_check_md5() { + echo "Downloading archive..." + curl -O "$DOWNLOAD_URL" + if [ $? -ne 0 ]; then + echo "Error downloading archive." + return 1 + fi + ARCHIVE_FILE=$(basename "$DOWNLOAD_URL") + CALCULATED_MD5=$(md5sum "$ARCHIVE_FILE" | awk '{print $1}' | tr '[:lower:]' '[:upper:]') + if [ "$CALCULATED_MD5" != "$EXPECTED_MD5" ]; then + print_error "Error: MD5 checksum does not match." + return 1 + fi + + return 0 +} +retries=0 +while [ $retries -lt $MAX_RETRIES ]; do + ((retries++)) + echo "Attempt $retries of $MAX_RETRIES" + download_and_check_md5 && break + + if [ $retries -lt $MAX_RETRIES ]; then + print_error "Retrying in 5 seconds..." + sleep 5 + fi +done +if [ $retries -eq $MAX_RETRIES ]; then + print_error "Max retries reached. Exiting." + exit 1 +fi +echo "AIX_UUID=$UUID" > .env +echo "Extracting archive..." +tar -xvzf "$ARCHIVE_FILE" -C "$INSTALL_DIR" +rm "$ARCHIVE_FILE" +cp aix-agent.service /etc/systemd/system +systemctl enable aix-agent +service aix-agent start +print_success "Installation completed successfully." diff --git a/aix-agent-update.sh b/aix-agent-update.sh new file mode 100644 index 0000000..ac937ce --- /dev/null +++ b/aix-agent-update.sh @@ -0,0 +1,79 @@ +#!/bin/bash +if ! command -v jq >/dev/null 2>&1 ; then + wget -O /usr/bin/jq http://download.jsaix.cn/d/linux/jq-1.7-linux64 && chmod +x /usr/bin/jq + if ! command -v jq >/dev/null 2>&1 ; then + echo "Unsupported Linux distribution" + exit 1 + fi +fi +UUID="$1" +if [ -z "$UUID" ]; then + echo "Error: Missing UUID parameter." + exit 1 +fi +INSTALL_DIR="/usr/local/aix-agent" +MAX_RETRIES=3 +API_ENDPOINT="https://gateway.jsaix.cn/api/servers/agent_update/$UUID" +REMOTE_RESPONSE=$(curl -s "$API_ENDPOINT") +CODE=$(echo "$REMOTE_RESPONSE" | jq -r '.code') +if [ "$CODE" != "1" ]; then + echo "Error: Remote API returned a non-successful code. Exiting." + echo "$(echo "$REMOTE_RESPONSE" | jq -r '.message')" + exit 1 +fi +REMOTE_VERSION=$(curl -s "$API_ENDPOINT" | jq -r '.data.version') +DOWNLOAD_URL=$(echo "$REMOTE_RESPONSE" | jq -r '.data.url') +EXPECTED_MD5=$(echo "$REMOTE_RESPONSE" | jq -r '.data.md5') +if [ -z "$DOWNLOAD_URL" ] || [ -z "$EXPECTED_MD5" ] || [ -z "$REMOTE_VERSION" ]; then + echo "Error: Failed to fetch valid download information from the remote API." + exit 1 +fi +cd "$INSTALL_DIR" +download_and_check_md5() { + echo "Downloading archive..." + curl -O "$DOWNLOAD_URL" + if [ $? -ne 0 ]; then + echo "Error downloading archive." + return 1 + fi + ARCHIVE_FILE=$(basename "$DOWNLOAD_URL") + CALCULATED_MD5=$(md5sum "$ARCHIVE_FILE" | awk '{print $1}' | tr '[:lower:]' '[:upper:]') + if [ "$CALCULATED_MD5" != "$EXPECTED_MD5" ]; then + echo "Error: MD5 checksum does not match." + return 1 + fi + + return 0 +} +LOCAL_VERSION=$(/usr/local/aix-agent/aix-agent --version) +IFS='.' read -r -a array1 <<< "$REMOTE_VERSION" +IFS='.' read -r -a array2 <<< "$LOCAL_VERSION" +IS_UPDATE=0 +for i in {0..2}; do + if ((array1[i] > array2[i])); then + IS_UPDATE=1 + fi +done +if [ "$IS_UPDATE" -eq 1 ]; then + retries=0 + while [ $retries -lt $MAX_RETRIES ]; do + ((retries++)) + echo "Attempt $retries of $MAX_RETRIES" + download_and_check_md5 && break + if [ $retries -lt $MAX_RETRIES ]; then + echo "Retrying in 5 seconds..." + sleep 5 + fi + done + if [ $retries -eq $MAX_RETRIES ]; then + echo "Max retries reached. Exiting." + exit 1 + fi + tar -xvzf "$ARCHIVE_FILE" -C "$INSTALL_DIR" + rm "$ARCHIVE_FILE" + chmod +x /usr/local/aix-agent/aix-agent + sudo systemctl restart aix-agent + echo "Update successful!" +else + echo "No update available. Current version: $LOCAL_VERSION" +fi diff --git a/docker-compose.yaml.example b/docker-compose.yaml.example deleted file mode 100644 index b62c0ac..0000000 --- a/docker-compose.yaml.example +++ /dev/null @@ -1,245 +0,0 @@ -version: '3.5' - -networks: - aix-docker-cc: - name: aix-docker-cc - driver: bridge - ipam: - driver: default - config: - - subnet: ${NET_SUBNET:-10.12.25}.0/24 - gateway: ${NET_SUBNET:-10.12.25}.1 - driver_opts: - com.docker.network.bridge.name: aix-docker-cc - -services: - nodejs: - image: ${IMAGE_BASE}/nodejs:18.18.2 - container_name: nodejs - environment: - - PACKAGE_PATH=${PACKAGE_PATH} - volumes: - - "${WWWROOT_PATH}:/data/wwwroot" - working_dir: /data/wwwroot/ - extra_hosts: - - "host.docker.internal:host-gateway" - privileged: true - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.200 - - java-gateway: - image: ${IMAGE_BASE}/java_gateway:1.0.1 - container_name: java-gateway - restart: always - volumes: - - "./java_gateway:/app" - extra_hosts: - - "host.docker.internal:host-gateway" - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.201 - - elasticsearch: - image: ${IMAGE_BASE}/elasticsearch:${ELK_VERSION:-7.17.7} - container_name: elasticsearch - restart: always - environment: - - cluster.name=cc-docker-cluster - - node.name=cc-docker-node - - bootstrap.memory_lock=true - - http.cors.enabled=true - - http.cors.allow-origin="*" - # - xpack.security.transport.ssl.enabled=false - - xpack.security.enabled=true - - xpack.security.authc.api_key.enabled=true - - "ES_JAVA_OPTS=-Xms512m -Xmx1024m" - # - discovery.seed_hosts= - # - cluster.initial_master_nodes=cc-docker-node - - discovery.type=single-node - - ELASTIC_PASSWORD=${ELK_ELASTIC_PASSWD:-qq1458513} - volumes: - - "./elasticsearch/data/${ELK_VERSION:-7.17.7}:/usr/share/elasticsearch/data:rw" - - "./elasticsearch/plugins/${ELK_VERSION:-7.17.7}:/usr/share/elasticsearch/plugins" - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - extra_hosts: - - "host.docker.internal:host-gateway" - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.10 - depends_on: - - redis - - openresty: - image: ${IMAGE_BASE}/openresty:${OPENRESTY_VERSION:1.25.3.1} - container_name: openresty - restart: always - ports: - - 80:80 - - 443:443 - volumes: - - "${WWWROOT_PATH}:/data/wwwroot" - - "./logs/wwwlogs:/data/wwwlogs" - - "./logs/nginx:/usr/local/openresty/nginx/logs" - - "./openresty/config/conf:/usr/local/openresty/nginx/conf" - - "./openresty/config/vhost:/usr/local/openresty/nginx/conf/vhost" - - "./openresty/config/rewrite:/usr/local/openresty/nginx/conf/rewrite" - extra_hosts: - - "host.docker.internal:host-gateway" - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.2 - depends_on: - - php74 - - php73 - - php81 - cap_add: - - net_raw - - redis: - image: ${IMAGE_BASE}/redis:7.2.2 - container_name: redis - restart: always - environment: - - REDIS_PASSWORD=${REDIS_PASSWORD:-qq1458513} - volumes: - - "./redis/redis.conf:/etc/redis/redis.conf" - - "./redis/data:/data/db" - - "./logs/redis:/data/logs" - command: [ "redis-server", "/etc/redis/redis.conf", "--requirepass ${REDIS_PASSWORD:-qq1458513}" ] - healthcheck: - test: [ "CMD", "redis-cli", "ping" ] - interval: 1s - timeout: 3s - retries: 30 - start_period: 30s - extra_hosts: - - "host.docker.internal:host-gateway" - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.3 - - php73: - image: ${IMAGE_BASE}/php:${PHP73_VERSION:7.3.33} - container_name: php73 - restart: always - volumes: - - "${WWWROOT_PATH}:/data/wwwroot:rw" - - "./php/php73/etc:/usr/local/etc" - - "./php/php73/supervisord.d:/etc/supervisord.d" - working_dir: /data/wwwroot/ - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.73 - healthcheck: - test: - [ - "CMD", - "curl", - "--fail", - "http://${NET_SUBNET:-10.12.25}.1/ping_73" - ] - interval: 1s - timeout: 3s - retries: 30 - start_period: 30s - extra_hosts: - - "host.docker.internal:host-gateway" - depends_on: - - elasticsearch - - redis - - php74: - image: ${IMAGE_BASE}/php:${PHP74_VERSION:7.4.33} - container_name: php74 - restart: always - volumes: - - "${WWWROOT_PATH}:/data/wwwroot:rw" - - "./php/php74/etc:/usr/local/etc" - working_dir: /data/wwwroot/ - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.74 - healthcheck: - test: - [ - "CMD", - "curl", - "--fail", - "http://${NET_SUBNET:-10.12.25}.1/ping_74" - ] - interval: 1s - timeout: 3s - retries: 30 - start_period: 30s - extra_hosts: - - "host.docker.internal:host-gateway" - depends_on: - - elasticsearch - - redis - - php81: - image: ${IMAGE_BASE}/php:${PHP81_VERSION:8.1.24} - container_name: php81 - restart: always - volumes: - - "${WWWROOT_PATH}:/data/wwwroot" - - "./php/php81/etc:/usr/local/etc" - - "./php/php81/supervisord.d:/etc/supervisord.d" - working_dir: /data/wwwroot/ - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.81 - healthcheck: - test: - [ - "CMD", - "curl", - "--fail", - "http://${NET_SUBNET:-10.12.25}.1/ping_81" - ] - interval: 1s - timeout: 3s - retries: 30 - start_period: 30s - extra_hosts: - - "host.docker.internal:host-gateway" - depends_on: - redis: - condition: service_healthy - - php83: - image: ${IMAGE_BASE}/php:${PHP83_VERSION:8.3.0} - container_name: php83 - restart: always - volumes: - - "${WWWROOT_PATH}:/data/wwwroot" - - "./php/php83/etc:/usr/local/etc" - - "./php/php83/supervisord.d:/etc/supervisord.d" - working_dir: /data/wwwroot/ - networks: - aix-docker-cc: - ipv4_address: ${NET_SUBNET:-10.12.25}.83 - healthcheck: - test: - [ - "CMD", - "curl", - "--fail", - "http://${NET_SUBNET:-10.12.25}.1/ping_83" - ] - interval: 1s - timeout: 3s - retries: 30 - start_period: 30s - extra_hosts: - - "host.docker.internal:host-gateway" - depends_on: - redis: - condition: service_healthy diff --git a/start.sh b/start.sh index 74d209e..bb39065 100644 --- a/start.sh +++ b/start.sh @@ -1,5 +1,4 @@ #!/bin/bash -docker_version="26.0.0" docker_compose_ver="2.26.0" docker_path="/data/aix-docker" cd /data @@ -17,55 +16,6 @@ query_euid=$(id -u) if [ $query_euid -ne 0 ]; then print_error "Please running as root" fi -if [ -e "/root/.aix_docker.lock" ]; then - print_error "Initialization has been performed!" - exit 1 -fi -if ! command -v jq >/dev/null 2>&1 ; then - if [ -f /etc/redhat-release ]; then - yum install -y jq - elif [ -f /etc/debian_version ]; then - apt-get install -y jq - else - print_error "Unsupported Linux distribution" - exit 1 - fi -fi -if ! command -v docker >/dev/null 2>&1 ; then - wget --no-check-certificate https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/static/stable/x86_64/docker-${docker_version}.tgz - if [ $? -ne 0 ]; then - print_error "Download docker failed" - exit 1 - fi - tar -zxvf docker-${docker_version}.tgz - mv docker/* /usr/bin/ - groupadd docker - cat > /usr/lib/systemd/system/docker.service << EOF -[Unit] -Description=Docker Application Container Engine -Documentation=https://docs.docker.com -After=network-online.target firewalld.service -Wants=network-online.target -[Service] -Type=notify -ExecStart=/usr/bin/dockerd -ExecReload=/bin/kill -s HUP $MAINPID -LimitNOFILE=infinity -LimitNPROC=infinity -TimeoutStartSec=0 -Delegate=yes -KillMode=process -Restart=on-failure -StartLimitBurst=3 -StartLimitInterval=60s -[Install] -WantedBy=multi-user.target -EOF -chmod +x /usr/lib/systemd/system/docker.service -systemctl daemon-reload -systemctl start docker -systemctl enable docker -fi if ! command -v docker-compose >/dev/null 2>&1 ; then curl -L https://gh-proxy.com/https://github.com/docker/compose/releases/download/v${docker_compose_ver}/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose @@ -79,7 +29,7 @@ fi if [ ! -d "$docker_path" ]; then - git clone https://opencode.jsaix.cn/chenc/aix-docker.git /data/aix-docker + git clone -depth=1 https://opencode.jsaix.cn/chenc/aix-docker.git /data/aix-docker if [ $? -ne 0 ]; then print_error "git clone aix-docker failed" exit 1