Merge branch 'main' of https://opencode.jsaix.cn/chenc/aix-docker

.env.example

@@ -1,27 +0,0 @@
-IMAGE_BASE=opencode.jsaix.cn/chenc
-
-################  Net Congfig  ######################
-NET_SUBNET=10.12.25
-
-################ Elasticsearch ######################
-ELK_VERSION=7.17.22
-ELASTICSEARCH_HOST_HTTP_PORT=9200
-ELK_ELASTIC_PASSWD=hello321
-
-JAVAGATEWAY_VERSION=1.0.1
-NODEJS_VERSION=18.18.2
-OPENRESTY_VERSION=1.25.3.1
-REDIS_VERSION=7.2.5
-PHP73_VERSION=7.3.33
-PHP74_VERSION=7.4.33
-PHP81_VERSION=8.1.29
-PHP83_VERSION=8.3.8
-
-WWWROOT_PATH="./www"
-
-################# NodeJS ##################
-NODEJS_VERSION="18.17.0"
-PACKAGE_PATH=""
-
-################# Redis ##################
-REDIS_PASSWORD=hello321

aix-agent-install.sh

@@ -0,0 +1,92 @@
+#!/bin/bash
+print_error() {
+    RED='\033[0;31m'
+    NC='\033[0m'
+    echo -e "${RED}[ERROR] $1${NC}" >&2
+}
+print_success() {
+    GREEN='\033[0;32m'
+    NC='\033[0m'
+    echo -e "${GREEN}[SUCCESS] $1${NC}" >&2
+}
+if ! command -v jq >/dev/null 2>&1 ; then
+    wget -O /usr/bin/jq http://download.jsaix.cn/d/linux/jq-1.6-linux64 && chmod +x /usr/bin/jq
+    if ! command -v jq >/dev/null 2>&1 ; then
+        print_error "Unsupported Linux distribution"
+        exit 1
+    fi
+fi
+while getopts "u:" opt; do
+  case $opt in
+    u)
+      UUID="$OPTARG"
+      ;;
+    \?)
+      print_error "Invalid option: -$OPTARG"
+      exit 1
+      ;;
+  esac
+done
+if [ -z "$UUID" ]; then
+  print_error "Error: Missing UUID parameter. Usage: $0 -u <UUID>"
+  exit 1
+fi
+API_ENDPOINT="https://gateway.jsaix.cn/api/servers/agent_install/$UUID"
+REMOTE_RESPONSE=$(curl -s "$API_ENDPOINT")
+CODE=$(echo "$REMOTE_RESPONSE" | jq -r '.code')
+if [ "$CODE" != "1" ]; then
+  print_error "Error: Remote API returned a non-successful code. Exiting."
+  print_error "$(echo "$REMOTE_RESPONSE" | jq -r '.message')"
+  exit 1
+fi
+DOWNLOAD_URL=$(echo "$REMOTE_RESPONSE" | jq -r '.data.url')
+EXPECTED_MD5=$(echo "$REMOTE_RESPONSE" | jq -r '.data.md5')
+if [ -z "$DOWNLOAD_URL" ] || [ -z "$EXPECTED_MD5" ]; then
+  print_error "Error: Failed to fetch valid download information from the remote API."
+  exit 1
+fi
+INSTALL_DIR="/usr/local/aix-agent"
+MAX_RETRIES=3
+if [ ! -d "$INSTALL_DIR" ]; then
+    mkdir -p "$INSTALL_DIR"
+fi
+cd "$INSTALL_DIR"
+download_and_check_md5() {
+    echo "Downloading archive..."
+    curl -O "$DOWNLOAD_URL"
+    if [ $? -ne 0 ]; then
+        echo "Error downloading archive."
+        return 1
+    fi
+    ARCHIVE_FILE=$(basename "$DOWNLOAD_URL")
+    CALCULATED_MD5=$(md5sum "$ARCHIVE_FILE" | awk '{print $1}' | tr '[:lower:]' '[:upper:]')
+    if [ "$CALCULATED_MD5" != "$EXPECTED_MD5" ]; then
+        print_error "Error: MD5 checksum does not match."
+        return 1
+    fi
+
+    return 0
+}
+retries=0
+while [ $retries -lt $MAX_RETRIES ]; do
+    ((retries++))
+    echo "Attempt $retries of $MAX_RETRIES"
+    download_and_check_md5 && break
+
+    if [ $retries -lt $MAX_RETRIES ]; then
+        print_error "Retrying in 5 seconds..."
+        sleep 5
+    fi
+done
+if [ $retries -eq $MAX_RETRIES ]; then
+    print_error "Max retries reached. Exiting."
+    exit 1
+fi
+echo "AIX_UUID=$UUID" > .env
+echo "Extracting archive..."
+tar -xvzf "$ARCHIVE_FILE" -C "$INSTALL_DIR"
+rm "$ARCHIVE_FILE"
+cp aix-agent.service /etc/systemd/system
+systemctl enable aix-agent
+service aix-agent start
+print_success "Installation completed successfully."

aix-agent-update.sh

@@ -0,0 +1,79 @@
+#!/bin/bash
+if ! command -v jq >/dev/null 2>&1 ; then
+    wget -O /usr/bin/jq http://download.jsaix.cn/d/linux/jq-1.7-linux64 && chmod +x /usr/bin/jq
+    if ! command -v jq >/dev/null 2>&1 ; then
+        echo "Unsupported Linux distribution"
+        exit 1
+    fi
+fi
+UUID="$1"
+if [ -z "$UUID" ]; then
+  echo "Error: Missing UUID parameter."
+  exit 1
+fi
+INSTALL_DIR="/usr/local/aix-agent"
+MAX_RETRIES=3
+API_ENDPOINT="https://gateway.jsaix.cn/api/servers/agent_update/$UUID"
+REMOTE_RESPONSE=$(curl -s "$API_ENDPOINT")
+CODE=$(echo "$REMOTE_RESPONSE" | jq -r '.code')
+if [ "$CODE" != "1" ]; then
+  echo "Error: Remote API returned a non-successful code. Exiting."
+  echo "$(echo "$REMOTE_RESPONSE" | jq -r '.message')"
+  exit 1
+fi
+REMOTE_VERSION=$(curl -s "$API_ENDPOINT" | jq -r '.data.version')
+DOWNLOAD_URL=$(echo "$REMOTE_RESPONSE" | jq -r '.data.url')
+EXPECTED_MD5=$(echo "$REMOTE_RESPONSE" | jq -r '.data.md5')
+if [ -z "$DOWNLOAD_URL" ] || [ -z "$EXPECTED_MD5" ] || [ -z "$REMOTE_VERSION" ]; then
+  echo "Error: Failed to fetch valid download information from the remote API."
+  exit 1
+fi
+cd "$INSTALL_DIR"
+download_and_check_md5() {
+    echo "Downloading archive..."
+    curl -O "$DOWNLOAD_URL"
+    if [ $? -ne 0 ]; then
+        echo "Error downloading archive."
+        return 1
+    fi
+    ARCHIVE_FILE=$(basename "$DOWNLOAD_URL")
+    CALCULATED_MD5=$(md5sum "$ARCHIVE_FILE" | awk '{print $1}' | tr '[:lower:]' '[:upper:]')
+    if [ "$CALCULATED_MD5" != "$EXPECTED_MD5" ]; then
+        echo "Error: MD5 checksum does not match."
+        return 1
+    fi
+
+    return 0
+}
+LOCAL_VERSION=$(/usr/local/aix-agent/aix-agent --version)
+IFS='.' read -r -a array1 <<< "$REMOTE_VERSION"
+IFS='.' read -r -a array2 <<< "$LOCAL_VERSION"
+IS_UPDATE=0
+for i in {0..2}; do
+    if ((array1[i] > array2[i])); then
+        IS_UPDATE=1
+    fi
+done
+if  [ "$IS_UPDATE" -eq 1 ]; then
+    retries=0
+    while [ $retries -lt $MAX_RETRIES ]; do
+        ((retries++))
+        echo "Attempt $retries of $MAX_RETRIES"
+        download_and_check_md5 && break
+        if [ $retries -lt $MAX_RETRIES ]; then
+            echo "Retrying in 5 seconds..."
+            sleep 5
+        fi
+    done
+    if [ $retries -eq $MAX_RETRIES ]; then
+        echo "Max retries reached. Exiting."
+        exit 1
+    fi
+    tar -xvzf "$ARCHIVE_FILE" -C "$INSTALL_DIR"
+    rm "$ARCHIVE_FILE"
+    chmod +x /usr/local/aix-agent/aix-agent
+    sudo systemctl restart aix-agent 
+    echo "Update successful!"
+else
+    echo "No update available. Current version: $LOCAL_VERSION"
+fi

docker-compose.yaml.example

@@ -1,245 +0,0 @@
-version: '3.5'
-
-networks:
-  aix-docker-cc:
-    name: aix-docker-cc
-    driver: bridge
-    ipam:
-      driver: default
-      config:
-      - subnet: ${NET_SUBNET:-10.12.25}.0/24
-        gateway: ${NET_SUBNET:-10.12.25}.1          
-    driver_opts:
-      com.docker.network.bridge.name: aix-docker-cc
-
-services:
-  nodejs:
-    image: ${IMAGE_BASE}/nodejs:${NODEJS_VERSION:-18.18.2}
-    container_name: nodejs
-    environment:
-      - PACKAGE_PATH=${PACKAGE_PATH}
-    volumes:
-      - "${WWWROOT_PATH}:/data/wwwroot"
-    working_dir: /data/wwwroot/
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    privileged: true
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.200
-  
-  java-gateway:
-    image: ${IMAGE_BASE}/java_gateway:${JAVAGATEWAY_VERSION:-1.0.1}
-    container_name: java-gateway
-    restart: always
-    volumes:
-      - "./java_gateway:/app"
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.201
-
-  elasticsearch:
-    image: ${IMAGE_BASE}/elasticsearch:${ELK_VERSION:-7.17.22}
-    container_name: elasticsearch
-    restart: always
-    environment:
-      - cluster.name=cc-docker-cluster
-      - node.name=cc-docker-node
-      - bootstrap.memory_lock=true
-      - http.cors.enabled=true
-      - http.cors.allow-origin="*"
-      # - xpack.security.transport.ssl.enabled=false
-      - xpack.security.enabled=true
-      - xpack.security.authc.api_key.enabled=true
-      - "ES_JAVA_OPTS=-Xms512m -Xmx1024m"
-      # - discovery.seed_hosts=
-      # - cluster.initial_master_nodes=cc-docker-node
-      - discovery.type=single-node
-      - ELASTIC_PASSWORD=${ELK_ELASTIC_PASSWD:-qq1458513}
-    volumes:
-      - "./elasticsearch/data/${ELK_VERSION:-7.17.7}:/usr/share/elasticsearch/data:rw"
-      - "./elasticsearch/plugins/${ELK_VERSION:-7.17.7}:/usr/share/elasticsearch/plugins"
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.10
-    depends_on:
-      - redis
-
-  openresty:
-    image: ${IMAGE_BASE}/openresty:${OPENRESTY_VERSION:-1.25.3.1}
-    container_name: openresty
-    restart: always
-    ports:
-      - 80:80
-      - 443:443
-    volumes:
-      - "${WWWROOT_PATH}:/data/wwwroot"
-      - "./logs/wwwlogs:/data/wwwlogs"
-      - "./logs/nginx:/usr/local/openresty/nginx/logs"
-      - "./openresty/config/conf:/usr/local/openresty/nginx/conf"
-      - "./openresty/config/vhost:/usr/local/openresty/nginx/conf/vhost"
-      - "./openresty/config/rewrite:/usr/local/openresty/nginx/conf/rewrite"
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.2
-    depends_on:
-      - php74
-      - php73
-      - php81
-    cap_add:
-      - net_raw
-
-  redis:
-    image: ${IMAGE_BASE}/redis:${REDIS_VERSION:-7.2.5}
-    container_name: redis
-    restart: always
-    environment:
-      - REDIS_PASSWORD=${REDIS_PASSWORD:-qq1458513}
-    volumes:
-      - "./redis/redis.conf:/etc/redis/redis.conf"
-      - "./redis/data:/data/db"
-      - "./logs/redis:/data/logs"
-    command: [ "redis-server", "/etc/redis/redis.conf", "--requirepass ${REDIS_PASSWORD:-qq1458513}" ]
-    healthcheck:
-      test: [ "CMD", "redis-cli", "ping" ]
-      interval: 1s
-      timeout: 3s
-      retries: 30
-      start_period: 30s
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.3
-
-  php73:
-    image: ${IMAGE_BASE}/php:${PHP73_VERSION:-7.3.33}
-    container_name: php73
-    restart: always
-    volumes:
-      - "${WWWROOT_PATH}:/data/wwwroot:rw"
-      - "./php/php73/etc:/usr/local/etc"
-      - "./php/php73/supervisord.d:/etc/supervisord.d"
-    working_dir: /data/wwwroot/
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.73
-    healthcheck:
-      test:
-        [
-          "CMD",
-          "curl",
-          "--fail",
-          "http://${NET_SUBNET:-10.12.25}.1/ping_73"
-        ]
-      interval: 1s
-      timeout: 3s
-      retries: 30
-      start_period: 30s
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    depends_on:
-      - elasticsearch
-      - redis
-
-  php74:
-    image: ${IMAGE_BASE}/php:${PHP74_VERSION:-7.4.33}
-    container_name: php74
-    restart: always
-    volumes:
-      - "${WWWROOT_PATH}:/data/wwwroot:rw"
-      - "./php/php74/etc:/usr/local/etc"
-    working_dir: /data/wwwroot/
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.74
-    healthcheck:
-      test:
-        [
-          "CMD",
-          "curl",
-          "--fail",
-          "http://${NET_SUBNET:-10.12.25}.1/ping_74"
-        ]
-      interval: 1s
-      timeout: 3s
-      retries: 30
-      start_period: 30s
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    depends_on:
-      - elasticsearch
-      - redis
-
-  php81:
-    image: ${IMAGE_BASE}/php:${PHP81_VERSION:-8.1.29}
-    container_name: php81
-    restart: always
-    volumes:
-      - "${WWWROOT_PATH}:/data/wwwroot"
-      - "./php/php81/etc:/usr/local/etc"
-      - "./php/php81/supervisord.d:/etc/supervisord.d"
-    working_dir: /data/wwwroot/
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.81
-    healthcheck:
-      test:
-        [
-          "CMD",
-          "curl",
-          "--fail",
-          "http://${NET_SUBNET:-10.12.25}.1/ping_81"
-        ]
-      interval: 1s
-      timeout: 3s
-      retries: 30
-      start_period: 30s
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    depends_on:
-      redis:
-        condition: service_healthy
-  
-  php83:
-    image: ${IMAGE_BASE}/php:${PHP81_VERSION:-8.3.8}
-    container_name: php83
-    restart: always
-    volumes:
-      - "${WWWROOT_PATH}:/data/wwwroot"
-      - "./php/php83/etc:/usr/local/etc"
-      - "./php/php83/supervisord.d:/etc/supervisord.d"
-    working_dir: /data/wwwroot/
-    networks:
-      aix-docker-cc:
-        ipv4_address: ${NET_SUBNET:-10.12.25}.83
-    healthcheck:
-      test:
-        [
-          "CMD",
-          "curl",
-          "--fail",
-          "http://${NET_SUBNET:-10.12.25}.1/ping_83"
-        ]
-      interval: 1s
-      timeout: 3s
-      retries: 30
-      start_period: 30s
-    extra_hosts:
-      - "host.docker.internal:host-gateway"
-    depends_on:
-      redis:
-        condition: service_healthy

openresty/config/conf/.gitignore

@@ -0,0 +1 @@
+nginx.conf

openresty/config/conf/nginx.conf.example

@@ -79,30 +79,10 @@ lua_shared_dict my_limit_req_store1 100m;
       stub_status on;
       access_log off;
     }
-    location ~ ^/(status_73|ping_73)$ {
-      access_log off;
-      fastcgi_pass php73:9000;
-      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-      include fastcgi.conf;
-    }
-    location ~ ^/(status_74|ping_74)$ {
-      access_log off;
-      fastcgi_pass php74:9000;
-      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-      include fastcgi.conf;
-    }
-    location ~ ^/(status_81|ping_81)$ {
-      access_log off;
-      fastcgi_pass php81:9000;
-      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-      include fastcgi.conf;
-    }
-    location ~ ^/(status_83|ping_83)$ {
-      access_log off;
-      fastcgi_pass php83:9000;
-      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-      include fastcgi.conf;
-    }
+    include ping/php73.conf;
+    include ping/php74.conf;
+    include ping/php81.conf;
+    include ping/php83.conf;
     location /aix-agent {
   	  proxy_pass http://host.docker.internal:10115/;
     }

openresty/config/conf/ping/php73.conf

@@ -0,0 +1,6 @@
+location ~ ^/(status_73|ping_73)$ {
+    access_log off;
+    fastcgi_pass php73:9000;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    include fastcgi.conf;
+}

openresty/config/conf/ping/php74.conf

@@ -0,0 +1,6 @@
+location ~ ^/(status_74|ping_74)$ {
+    access_log off;
+    fastcgi_pass php74:9000;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    include fastcgi.conf;
+}

openresty/config/conf/ping/php81.conf

@@ -0,0 +1,6 @@
+location ~ ^/(status_81|ping_81)$ {
+    access_log off;
+    fastcgi_pass php81:9000;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    include fastcgi.conf;
+}

openresty/config/conf/ping/php83.conf

@@ -0,0 +1,6 @@
+location ~ ^/(status_83|ping_83)$ {
+    access_log off;
+    fastcgi_pass php83:9000;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    include fastcgi.conf;
+}

start.sh

@@ -1,4 +1,5 @@
 #!/bin/bash
+docker_compose_ver="2.26.0"
 docker_path="/data/aix-docker"
 cd /data
 print_error() {
@@ -15,58 +16,9 @@ query_euid=$(id -u)
 if [ $query_euid -ne 0 ]; then
     print_error "Please running as root"
 fi
-if [ -e "/root/.aix_docker.lock" ]; then
-    print_error "Initialization has been performed!"
-    exit 1
-fi
-if ! command -v jq >/dev/null 2>&1 ; then
-    if [ -f /etc/redhat-release ]; then
-        yum install -y jq
-    elif [ -f /etc/debian_version ]; then
-        apt-get install -y jq
-    else
-        print_error "Unsupported Linux distribution"
-        exit 1
-    fi
-fi
-if ! command -v docker >/dev/null 2>&1 ; then
-  wget --no-check-certificate https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/static/stable/x86_64/docker-20.10.9.tgz
-  if [ $? -ne 0 ]; then
-    print_error "Download docker failed"
-    exit 1 
-  fi
-  tar -zxvf docker-20.10.9.tgz
-  mv docker/* /usr/bin/
-  groupadd  docker
-  cat > /usr/lib/systemd/system/docker.service << EOF
-[Unit]
-Description=Docker Application Container Engine
-Documentation=https://docs.docker.com
-After=network-online.target firewalld.service
-Wants=network-online.target
-[Service]
-Type=notify
-ExecStart=/usr/bin/dockerd
-ExecReload=/bin/kill -s HUP $MAINPID
-LimitNOFILE=infinity
-LimitNPROC=infinity
-TimeoutStartSec=0
-Delegate=yes
-KillMode=process
-Restart=on-failure
-StartLimitBurst=3
-StartLimitInterval=60s
-[Install]
-WantedBy=multi-user.target
-EOF
-chmod +x /usr/lib/systemd/system/docker.service
-systemctl daemon-reload
-systemctl start docker
-systemctl enable docker
-fi
 
 if ! command -v docker-compose >/dev/null 2>&1 ; then
-  curl -L https://gh-mirrors.qra.ink/https://github.com/docker/compose/releases/download/v2.18.1/docker-compose-linux-x86_64 -o  /usr/local/bin/docker-compose
+  curl -L https://gh-proxy.com/https://github.com/docker/compose/releases/download/v${docker_compose_ver}/docker-compose-linux-x86_64 -o  /usr/local/bin/docker-compose
   chmod +x /usr/local/bin/docker-compose
 fi
 
@@ -77,7 +29,7 @@ fi
 
 
 if [ ! -d "$docker_path" ]; then
-  git clone https://opencode.jsaix.cn/chenc/aix-docker.git /data/aix-docker
+  git clone -depth=1 https://opencode.jsaix.cn/chenc/aix-docker.git /data/aix-docker
   if [ $? -ne 0 ]; then
     print_error "git clone aix-docker failed"
     exit 1