wandoubaba/devkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

集成完成

Browse Source
This commit is contained in:
chenqiang 2024-07-24 13:20:33 +08:00
commit 450dee3f6f
60 changed files with 708000 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
.env Normal file
View File

@ -0,0 +1,18 @@
SERVICE_GROUP_NAME=devkit
NETWORK_NAME=devkit
# Password for the 'elastic' user (at least 6 characters)
ELASTIC_PASSWORD=helloworld
# Password for the 'kibana_system' user (at least 6 characters)
KIBANA_PASSWORD=helloworld
# Version of Elastic products
ES_STACK_VERSION=8.14.2
# Set the cluster name
ES_CLUSTER_NAME=es-cluster
# Set to 'basic' or 'trial' to automatically start the 30-day trial
ES_LICENSE=basic
# Port to expose Elasticsearch HTTP API to the host
ES_PORT=9200
# Port to expose Kibana to the host
KIBANA_PORT=5601
# Increase or decrease based on the available host memory (in bytes)
ES_MEM_LIMIT=2147483648

361
docker-compose.yml Normal file
View File

@ -0,0 +1,361 @@
name: ${SERVICE_GROUP_NAME}
services:
# 主web入口服务代理一切web
nginx:
image: quay.io/wandoubaba517/nginx:1.27
container_name: devkit_nginx
restart: always
volumes:
- ./nginx/conf/nginx.conf:/etc/nginx/nginx.conf
- ./nginx/conf/conf.d:/etc/nginx/conf.d
- ./nginx/conf/certs:/etc/nginx/certs
- ./nginx/conf/fastcgi_params:/etc/nginx/fastcgi_params
- ./nginx/conf/mime.types:/etc/nginx/mime.types
- ./nginx/conf/scgi_params:/etc/nginx/scgi_params
- ./nginx/conf/uwsgi_params:/etc/nginx/uwsgi_params
- ./nginx/html:/usr/share/nginx/html
working_dir: /usr/share/nginx/html
stdin_open: true
networks:
- ${NETWORK_NAME}
ports:
- 44100:80
# web接口服务提供http和ws服务被nginx代理
# api:
# image: quay.io/wandoubaba517/workerman:8.1
# container_name: devkit_api
# restart: always
# volumes:
# - ./api/:/app/service
# - ./api/php.ini:/usr/local/etc/php/php.ini
# - /var/run/docker.sock:/var/run/docker.sock
# working_dir: /app/service
# stdin_open: true
# networks:
# - devkit
# ports:
# - 55601:55601
# - 55621:55621
# - 55631:55631
# command: ['php', 'start.php', 'start']
# healthcheck:
# test: ["CMD", "curl", "-f", "http://localhost:55601/"]
# interval: 5s
# retries: 3
# start_period: 5s
# timeout: 10s
# depends_on:
# es:
# condition: service_healthy
# restart: true
# postgres:
# condition: service_healthy
# restart: true
# mongo:
# condition: service_healthy
# restart: true
# redis:
# condition: service_healthy
# restart: true
# minio:
# condition: service_healthy
# restart: true
# 容器可视化管理应用被nginx代理
portainer:
image: quay.io/wandoubaba517/portainer-ce:2.20.3
container_name: devkit_portainer
networks:
- ${NETWORK_NAME}
volumes:
- ./portainer/data:/data
- /var/run/docker.sock:/var/run/docker.sock
# postgres数据库管理应用被nginx代理
pgadmin:
image: quay.io/wandoubaba517/pgadmin4:8.9
container_name: devkit_pgadmin
environment:
PGADMIN_DEFAULT_EMAIL: hello@pg.com
PGADMIN_DEFAULT_PASSWORD: helloworld
volumes:
- ./pgadmin/servers.json:/pgadmin4/servers.json
restart: always
networks:
- ${NETWORK_NAME}
depends_on:
postgres:
condition: service_healthy
restart: true
# postgres数据库
postgres:
image: quay.io/wandoubaba517/postgres:16.3
container_name: devkit_postgres
restart: always
environment:
POSTGRES_PASSWORD: helloworld
POSTGRES_USER: hello
POSTGRES_DB: hello
PGDATA: /data/pgdata
volumes:
- ./postgres/data:/data
- ./postgres/conf:/etc/postgres
networks:
- ${NETWORK_NAME}
command:
- postgres
- -c
- 'config_file=/etc/postgres/postgresql.conf'
- -c
- 'hba_file=/etc/postgres/pg_hba.conf'
- -c
- 'ident_file=/etc/postgres/pg_ident.conf'
healthcheck:
test: ["CMD-SHELL", "pg_isready -U hello"]
interval: 15s
retries: 5
start_period: 15s
timeout: 10s
# mongodb的可视化应用被nginx代理不要求登录
mongo-express:
image: quay.io/wandoubaba517/mongo-express:1.0.2
container_name: devkit_mongo-express
restart: always
networks:
- ${NETWORK_NAME}
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: hello
ME_CONFIG_MONGODB_ADMINPASSWORD: helloworld
ME_CONFIG_MONGODB_URL: mongodb://hello:helloworld@mongo:27017/
ME_CONFIG_BASICAUTH_USERNAME: hello
ME_CONFIG_BASICAUTH_PASSWORD: helloworld
ME_CONFIG_BASICAUTH: true
depends_on:
mongo:
condition: service_healthy
restart: true
# mongodb数据库
mongo:
image: quay.io/wandoubaba517/mongo:7.0
container_name: devkit_mongo
restart: always
environment:
TZ: Asia/Shanghai
MONGO_INITDB_ROOT_USERNAME: hello
MONGO_INITDB_ROOT_PASSWORD: helloworld
MONGO_INITDB_DATABASE: log
volumes:
- ./mongo/data/db:/data/db
- ./mongo/data/configdb:/data/configdb
- ./mongo/conf:/etc/mongo
networks:
- ${NETWORK_NAME}
command: ['mongod', '--config', '/etc/mongo/mongod.conf']
healthcheck:
test: ["CMD-SHELL", "mongosh -u hello -p helloworld --eval \"db.stats().ok\""]
interval: 20s
retries: 5
start_period: 15s
timeout: 10s
# redis缓存服务
redis:
image: quay.io/wandoubaba517/redis:7.2
container_name: devkit_redis
restart: always
volumes:
- ./redis/data:/data
- ./redis/conf:/etc/redis
networks:
- ${NETWORK_NAME}
command: ['redis-server', '/etc/redis/redis.conf']
healthcheck:
test: ["CMD", "redis-cli", "-a", "helloworld", "ping"]
interval: 15s
retries: 3
start_period: 15s
timeout: 10s
# minio对象存储服务
minio:
image: quay.io/minio/minio:RELEASE.2024-07-16T23-46-41Z
container_name: devkit_minio
restart: always
environment:
MINIO_ROOT_USER: hello
MINIO_ROOT_PASSWORD: helloworld
MINIO_VOLUMES: /mnt/data
networks:
- ${NETWORK_NAME}
volumes:
- ./minio/data:/mnt/data
- ./minio/config:/root/.minio/
command: server --console-address ':9001'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 15s
retries: 3
start_period: 60s
timeout: 10s
# rabbitmq消息队列服务
rabbitmq:
image: quay.io/wandoubaba517/rabbitmq:3.13.4
container_name: devkit_rabbitmq
restart: always
networks:
- ${NETWORK_NAME}
ports:
- 15672:15672
volumes:
- ./rabbitmq/data:/var/lib/rabbitmq/mnesia
- ./rabbitmq/conf/conf.d:/etc/rabbitmq/conf.d
healthcheck:
test: ["CMD", "rabbitmq-diagnostics", "check_running"]
interval: 30s
timeout: 10s
retries: 5
start_period: 5s
# es-setup、es、kibana是整套elasticsearch服务
# es-setup:
# image: quay.io/wandoubaba517/elasticsearch:${ES_STACK_VERSION}
# volumes:
# - ./elasticsearch/certs:/usr/share/elasticsearch/config/certs
# user: "0"
# networks:
# - ${NETWORK_NAME}
# command: >
# bash -c '
# if [ x${ELASTIC_PASSWORD} == x ]; then
# echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
# exit 1;
# elif [ x${KIBANA_PASSWORD} == x ]; then
# echo "Set the KIBANA_PASSWORD environment variable in the .env file";
# exit 1;
# fi;
# if [ ! -f config/certs/ca.zip ]; then
# echo "Creating CA";
# bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
# unzip config/certs/ca.zip -d config/certs;
# fi;
# if [ ! -f config/certs/certs.zip ]; then
# echo "Creating certs";
# echo -ne \
# "instances:\n"\
# " - name: es\n"\
# " dns:\n"\
# " - es\n"\
# " - localhost\n"\
# " ip:\n"\
# " - 127.0.0.1\n"\
# > config/certs/instances.yml;
# bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
# unzip config/certs/certs.zip -d config/certs;
# fi;
# echo "Setting file permissions"
# chown -R root:root config/certs;
# find . -type d -exec chmod 750 \{\} \;;
# find . -type f -exec chmod 640 \{\} \;;
# echo "Waiting for Elasticsearch availability";
# until curl -s --cacert config/certs/ca/ca.crt https://es:9200 | grep -q "missing authentication credentials"; do sleep 30; done;
# echo "Setting kibana_system password";
# until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://es:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
# echo "All done!";
# '
# healthcheck:
# test: ["CMD-SHELL", "[ -f config/certs/es/es.crt ]"]
# interval: 1s
# timeout: 5s
# retries: 120
# es:
# depends_on:
# es-setup:
# condition: service_healthy
# image: quay.io/wandoubaba517/elasticsearch:${ES_STACK_VERSION}
# container_name: devkit_es
# restart: always
# volumes:
# - ./elasticsearch/certs:/usr/share/elasticsearch/config/certs
# - ./elasticsearch/esdata:/usr/share/elasticsearch/data
# - ./elasticsearch/eslogs:/usr/share/elasticsearch/logs
# - ./elasticsearch/plugins/ik:/usr/share/elasticsearch/plugins/ik
# ports:
# - ${ES_PORT}:9200
# networks:
# - ${NETWORK_NAME}
# environment:
# - node.name=es
# - cluster.name=${ES_CLUSTER_NAME}
# - cluster.initial_master_nodes=es
# - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
# - bootstrap.memory_lock=true
# - xpack.security.enabled=true
# - xpack.security.http.ssl.enabled=true
# - xpack.security.http.ssl.key=certs/es/es.key
# - xpack.security.http.ssl.certificate=certs/es/es.crt
# - xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
# - xpack.security.transport.ssl.enabled=true
# - xpack.security.transport.ssl.key=certs/es/es.key
# - xpack.security.transport.ssl.certificate=certs/es/es.crt
# - xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
# - xpack.security.transport.ssl.verification_mode=certificate
# - xpack.license.self_generated.type=${ES_LICENSE}
# mem_limit: ${ES_MEM_LIMIT}
# ulimits:
# memlock:
# soft: -1
# hard: -1
# healthcheck:
# test:
# [
# "CMD-SHELL",
# "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
# ]
# interval: 120s
# timeout: 30s
# retries: 120
# start_period: 120s
# kibana:
# depends_on:
# es:
# condition: service_healthy
# image: quay.io/wandoubaba517/kibana:${ES_STACK_VERSION}
# container_name: devkit_kibana
# restart: always
# volumes:
# - ./elasticsearch/certs:/usr/share/kibana/config/certs
# - ./elasticsearch/kibanadata:/usr/share/kibana/data
# ports:
# - ${KIBANA_PORT}:5601
# networks:
# - ${NETWORK_NAME}
# environment:
# - SERVERNAME=kibana
# - ELASTICSEARCH_HOSTS=https://es:9200
# - ELASTICSEARCH_USERNAME=kibana_system
# - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
# - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
# - SERVER_BASEPATH="/kibana"
# mem_limit: ${ES_MEM_LIMIT}
# healthcheck:
# test:
# [
# "CMD-SHELL",
# "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
# ]
# interval: 10s
# timeout: 10s
# retries: 120
networks:
devkit:
name: ${NETWORK_NAME}
driver: bridge

25
elasticsearch/.env Normal file
View File

@ -0,0 +1,25 @@
# Password for the 'elastic' user (at least 6 characters)
ELASTIC_PASSWORD=helloworld
# Password for the 'kibana_system' user (at least 6 characters)
KIBANA_PASSWORD=helloworld
# Version of Elastic products
STACK_VERSION=8.14.2
# Set the cluster name
CLUSTER_NAME=docker-cluster
# Set to 'basic' or 'trial' to automatically start the 30-day trial
LICENSE=basic
# Port to expose Elasticsearch HTTP API to the host
ES_PORT=9200
#ES_PORT=127.0.0.1:9200
# Port to expose Kibana to the host
KIBANA_PORT=5601
#KIBANA_PORT=80
# Increase or decrease based on the available host memory (in bytes)
MEM_LIMIT=1073741824

46
elasticsearch/README.md Normal file
View File

@ -0,0 +1,46 @@
# docker-es-kibana
可以一键部署启动的容器化elasticsearch和kibana服务
## 说明
由于网络原因本项目没有使用elastic官方镜像源而是引用quay.io源目前只支持`8.14.2`版本,镜像内容与官方完全一致,未做任何修改。
## 用法
在elastic.env文件中配置环境变量
```ini
# Password for the 'elastic' user (at least 6 characters)
ELASTIC_PASSWORD=password-for-elastic
# Password for the 'kibana_system' user (at least 6 characters)
KIBANA_PASSWORD=password-for-kibana_system
# Version of Elastic products
STACK_VERSION=8.14.2
# Set the cluster name
CLUSTER_NAME=docker-cluster
# Set to 'basic' or 'trial' to automatically start the 30-day trial
LICENSE=basic
#LICENSE=trial
# Port to expose Elasticsearch HTTP API to the host
ES_PORT=9200
#ES_PORT=127.0.0.1:9200
# Port to expose Kibana to the host
KIBANA_PORT=5601
#KIBANA_PORT=80
# Increase or decrease based on the available host memory (in bytes)
MEM_LIMIT=1073741824
```
启动容器
```sh
docker compose up -d
```

2
elasticsearch/certs/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

124
elasticsearch/docker-compose.yml Normal file
View File

@ -0,0 +1,124 @@
services:
es-setup:
image: quay.io/wandoubaba517/elasticsearch:${STACK_VERSION}
volumes:
- ./certs:/usr/share/elasticsearch/config/certs
user: "0"
command: >
bash -c '
if [ x${ELASTIC_PASSWORD} == x ]; then
echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
exit 1;
elif [ x${KIBANA_PASSWORD} == x ]; then
echo "Set the KIBANA_PASSWORD environment variable in the .env file";
exit 1;
fi;
if [ ! -f config/certs/ca.zip ]; then
echo "Creating CA";
bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
unzip config/certs/ca.zip -d config/certs;
fi;
if [ ! -f config/certs/certs.zip ]; then
echo "Creating certs";
echo -ne \
"instances:\n"\
" - name: es\n"\
" dns:\n"\
" - es\n"\
" - localhost\n"\
" ip:\n"\
" - 127.0.0.1\n"\
> config/certs/instances.yml;
bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
unzip config/certs/certs.zip -d config/certs;
fi;
echo "Setting file permissions"
chown -R root:root config/certs;
find . -type d -exec chmod 750 \{\} \;;
find . -type f -exec chmod 640 \{\} \;;
echo "Waiting for Elasticsearch availability";
until curl -s --cacert config/certs/ca/ca.crt https://es:9200 | grep -q "missing authentication credentials"; do sleep 30; done;
echo "Setting kibana_system password";
until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://es:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
echo "All done!";
'
healthcheck:
test: ["CMD-SHELL", "[ -f config/certs/es/es.crt ]"]
interval: 1s
timeout: 5s
retries: 120
es:
depends_on:
es-setup:
condition: service_healthy
image: quay.io/wandoubaba517/elasticsearch:${STACK_VERSION}
container_name: es
restart: always
volumes:
- ./certs:/usr/share/elasticsearch/config/certs
- ./esdata:/usr/share/elasticsearch/data
- ./eslogs:/usr/share/elasticsearch/logs
- ./plugins/ik:/usr/share/elasticsearch/plugins/ik
ports:
- ${ES_PORT}:9200
environment:
- node.name=es
- cluster.name=${CLUSTER_NAME}
- cluster.initial_master_nodes=es
- ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
- bootstrap.memory_lock=true
- xpack.security.enabled=true
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=certs/es/es.key
- xpack.security.http.ssl.certificate=certs/es/es.crt
- xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.key=certs/es/es.key
- xpack.security.transport.ssl.certificate=certs/es/es.crt
- xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.license.self_generated.type=${LICENSE}
mem_limit: ${MEM_LIMIT}
ulimits:
memlock:
soft: -1
hard: -1
healthcheck:
test:
[
"CMD-SHELL",
"curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
]
interval: 10s
timeout: 10s
retries: 120
kibana:
depends_on:
es:
condition: service_healthy
image: quay.io/wandoubaba517/kibana:${STACK_VERSION}
container_name: kibana
restart: always
volumes:
- ./certs:/usr/share/kibana/config/certs
- ./kibanadata:/usr/share/kibana/data
ports:
- ${KIBANA_PORT}:5601
environment:
- SERVERNAME=kibana
- ELASTICSEARCH_HOSTS=https://es:9200
- ELASTICSEARCH_USERNAME=kibana_system
- ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
- ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
mem_limit: ${MEM_LIMIT}
healthcheck:
test:
[
"CMD-SHELL",
"curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
]
interval: 10s
timeout: 10s
retries: 120

2
elasticsearch/esdata/.gitignore vendored Executable file
View File

@ -0,0 +1,2 @@
*
!.gitignore

2
elasticsearch/eslogs/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

2
elasticsearch/kibanadata/.gitignore vendored Executable file
View File

@ -0,0 +1,2 @@
*
!.gitignore

BIN
elasticsearch/plugins/ik/.DS_Store vendored Normal file
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/commons-codec-1.11.jar Normal file
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/commons-logging-1.2.jar Normal file
View File

Binary file not shown.

13
elasticsearch/plugins/ik/config/IKAnalyzer.cfg.xml Normal file
View File

@ -0,0 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
<comment>IK Analyzer 扩展配置</comment>
<!--用户可以在这里配置自己的扩展字典 -->
<entry key="ext_dict"></entry>
<!--用户可以在这里配置自己的扩展停止词字典-->
<entry key="ext_stopwords"></entry>
<!--用户可以在这里配置远程扩展字典 -->
<!-- <entry key="remote_ext_dict">words_location</entry> -->
<!--用户可以在这里配置远程扩展停止词字典-->
<!-- <entry key="remote_ext_stopwords">words_location</entry> -->
</properties>

398716
elasticsearch/plugins/ik/config/extra_main.dic Normal file
View File

File diff suppressed because it is too large Load Diff

12638
elasticsearch/plugins/ik/config/extra_single_word.dic Normal file
View File

File diff suppressed because it is too large Load Diff

12638
elasticsearch/plugins/ik/config/extra_single_word_full.dic Normal file
View File

File diff suppressed because it is too large Load Diff

2714
elasticsearch/plugins/ik/config/extra_single_word_low_freq.dic Normal file
View File

File diff suppressed because it is too large Load Diff

31
elasticsearch/plugins/ik/config/extra_stopword.dic Normal file
View File

@ -0,0 +1,31 @@
也
使

275909
elasticsearch/plugins/ik/config/main.dic Normal file
View File

File diff suppressed because it is too large Load Diff

25
elasticsearch/plugins/ik/config/preposition.dic Normal file
View File

@ -0,0 +1,25 @@
使

316
elasticsearch/plugins/ik/config/quantifier.dic Normal file
View File

@ -0,0 +1,316 @@
世纪
位数
像素
克拉
公亩
公克
公分
公升
公尺
公担
公斤
公里
公顷
分钟
分米
加仑
千克
千米
厘米
周年
小时
平方
平方公尺
平方公里
平方分米
平方厘米
平方码
平方米
平方英寸
平方英尺
平方英里
平米
年代
年级
月份
毫升
毫米
毫克
海里
点钟
盎司
秒钟
立方公尺
立方分米
立方厘米
立方码
立方米
立方英寸
立方英尺
英亩
英寸
英尺
英里
阶段

33
elasticsearch/plugins/ik/config/stopword.dic Normal file
View File

@ -0,0 +1,33 @@
a
an
and
are
as
at
be
but
by
for
if
in
into
is
it
no
not
of
on
or
such
that
the
their
then
there
these
they
this
to
was
will
with

37
elasticsearch/plugins/ik/config/suffix.dic Normal file
View File

@ -0,0 +1,37 @@
斯基
维奇
诺夫

131
elasticsearch/plugins/ik/config/surname.dic Normal file
View File

@ -0,0 +1,131 @@
丁
万俟
上官
东方
令狐
仲孙
公冶
公孙
公羊
单于
司徒
司空
司马
夏侯
太叔
宇文
宗政
尉迟
慕容
欧阳
淳于
澹台
濮阳
申屠
皇甫
诸葛
赫连
轩辕
钟离
长孙
闻人
闾丘
鲜于

BIN
elasticsearch/plugins/ik/elasticsearch-analysis-ik-8.14.2.jar Normal file
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/httpclient-4.5.13.jar Normal file
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/httpcore-4.4.13.jar Normal file
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/ik-core-1.0.jar Normal file
View File

Binary file not shown.

56
elasticsearch/plugins/ik/plugin-descriptor.properties Normal file
View File

@ -0,0 +1,56 @@
# Elasticsearch plugin descriptor file
# This file must exist as 'plugin-descriptor.properties' at
# the root directory of all plugins.
#
# A plugin can be 'site', 'jvm', or both.
#
### example site plugin for "foo":
#
# foo.zip <-- zip file for the plugin, with this structure:
# _site/ <-- the contents that will be served
# plugin-descriptor.properties <-- example contents below:
#
# site=true
# description=My cool plugin
# version=1.0
#
### example jvm plugin for "foo"
#
# foo.zip <-- zip file for the plugin, with this structure:
# <arbitrary name1>.jar <-- classes, resources, dependencies
# <arbitrary nameN>.jar <-- any number of jars
# plugin-descriptor.properties <-- example contents below:
#
# jvm=true
# classname=foo.bar.BazPlugin
# description=My cool plugin
# version=2.0.0-rc1
# elasticsearch.version=2.0
# java.version=1.7
#
### mandatory elements for all plugins:
#
# 'description': simple summary of the plugin
description=IK Analyzer for Elasticsearch
#
# 'version': plugin's version
version=8.14.2
#
# 'name': the plugin name
name=analysis-ik
#
# 'classname': the name of the class to load, fully-qualified.
classname=com.infinilabs.ik.elasticsearch.AnalysisIkPlugin
#
# 'java.version' version of java the code is built against
# use the system property java.specification.version
# version string must be a sequence of nonnegative decimal integers
# separated by "."'s and may have leading zeros
java.version=1.8
#
# 'elasticsearch.version' version of elasticsearch compiled against
# You will have to release a new version of the plugin for each new
# elasticsearch release. This version is checked when the plugin
# is loaded so Elasticsearch will refuse to start in the presence of
# plugins with the incorrect elasticsearch.version.
elasticsearch.version=8.14.2

4
elasticsearch/plugins/ik/plugin-security.policy Normal file
View File

@ -0,0 +1,4 @@
grant {
// needed because of the hot reload functionality
permission java.net.SocketPermission "*", "connect,resolve";
};

2
minio/data/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

39
mongo/README.md Normal file
View File

@ -0,0 +1,39 @@
# docker-mongo
A docker based mongodb server.
## Usage
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-mongo.git
cd docker-mongo
docker compose up -d
```
## Configuration
### Password
Edit `docker-compose.yml`:
```yml
MONGO_INITDB_ROOT_USERNAME: username
MONGO_INITDB_ROOT_PASSWORD: password
```
### Port
Edit `conf/mongod.conf`:
```conf
net:
port: 27017
```
### Timezone
Edit `docker-compose.yml`
```yml
TZ: Asia/Shanghai
```

39
mongo/conf/mongod.conf Normal file
View File

@ -0,0 +1,39 @@
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /data/db
# engine:
# wiredTiger:
# where to write logging data.
# systemLog:
# destination: file
# logAppend: true
# path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfo
#security:
#operationProfiling:
#replication:
#sharding:
## Enterprise-Only Options:
#auditLog:
#snmp:

2
mongo/data/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

111
nginx/README.md Normal file
View File

@ -0,0 +1,111 @@
# docker-nginx
基于docker实现的nginx服务
## 使用方法
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-nginx.git
cd docker-nginx
docker compose up -d
```
服务启停方法
```sh
# 停止服务
./service stop
# 启动服务
./service start
# 重启服务service脚本中的容器名称要与docker-compose.yml文件中的容器名称对应
./service restart
# 重载配置
./service reload
# 服务状态
./service status
```
## 配置
- 在`docker-compose.yml`中可以修改容器名称。
- `conf/conf.d/default.conf`文件是默认站点的配置文件。
- 在`conf/conf.d/`中可以创建多个站点的配置文件,注意相互之间的域名和端口号不要同时冲突。
## SSL配置
以域名`nice.ali02.wandoubaba.com`为例。
创建文件`conf/conf.d/nice.ali02.wandoubaba.com.conf`,文件内容参考如下:
```conf
server {
listen 443 ssl;
server_name ali02.wandoubaba.com;
ssl_certificate /etc/nginx/certs/ali02_wandoubaba_com_cert.pem; # 证书文件路径
ssl_certificate_key /etc/nginx/certs/ali02_wandoubaba_com_key.pem; # 私钥文件路径
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
# 下面这行可以解决vue网页刷新后404的问题但会将所有不存在的url转到index.html上
# try_files $uri $uri/ /index.html last;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
```
其中`/etc/nginx/certs/`这个路径是容器内的路径,对应宿主机中的`conf/certs/`目录,所以我们要确保在`conf/certs`目录内存在`ali02_wandoubaba_com_cert.pem`和`ali02_wandoubaba_com_key.pem`这两个文件。至于这两个文件的来源应该来自于SSL证书的提供商文件名和文件后缀或许会不同。
### ACME自动部署SSL证书
下面我们以`freessl.cn`平台上的免费证书为例,可以通过`acme`实现证书自动化部署和续签,仍以`nice.ali02.wandoubaba.com`为例:
| 条件 | 具体值 |
|---|---|
|证书平台|freessl.cn|
|域名|nice.ali02.wandoubaba.com|
|证书文件路径(宿主机上的绝对路径)|`/app/nginx/conf/certs/nice_ali02_wandoubaba_com_cert.pem`|
|证书私钥文件路径(宿主机上的绝对路径)|`/app/nginx/conf/certs/nice_ali02_wandoubaba_com_key.pem`|
安装`acme.sh`工具:
```sh
curl https://get.acme.sh | sh -s email=my@example.com
```
安装完成后需要退出终端重新进入一次。
接下来可以使用`acme.sh`命令实现证书自动化部署了,命令示例:
```sh
acme.sh --install-cert \
-d nice.ali02.wandoubaba.com \
--key-file /app/nginx/conf/certs/nice_ali02_wandoubaba_com_key.pem \
--fullchain-file /app/nginx/conf/certs/nice_ali02_wandoubaba_com_cert.pem \
--reloadcmd "/app/nginx/service reload"
```
## 最佳实践
建议不要在本项目的目录中加入任何业务文件本项目做为单独目录只提供nginx服务。
本项目目录完全可以交给运维人员维护,前后端程序员只专注于各自的业务项目,由运维人员做好代理和转发。

2
nginx/conf/certs/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

210
nginx/conf/conf.d/default.conf Normal file
View File

@ -0,0 +1,210 @@
server {
listen 80;
listen [::]:80;
server_name localhost;
# ssl
# listen 443 ssl;
# server_name localhost;
# ssl_certificate /etc/nginx/certs/cert.pem; # 证书文件路径
# ssl_certificate_key /etc/nginx/certs/key.pem; # 私钥文件路径
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
# 下面这行可以解决vue网页刷新后404的问题但会将所有不存在的url转到index.html上
try_files $uri $uri/ /index.html last;
}
# 反向代理示例
# 将/api/的请求转到127.0.0.1:8787
#
# location /api/ {
# proxy_next_upstream http_502 http_504 error timeout invalid_header;
# proxy_pass http://127.0.0.1:8787/;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# }
location /pgadmin/ {
proxy_pass http://pgadmin:80/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Script-Name /pgadmin;
sub_filter '="/' '="/pgadmin/'; # 将资源引用路径中的=/替换为=/pgadmin/
sub_filter_once off;
}
# location /kibana/ {
# proxy_pass http://kibana:5601/; # Kibana 运行的地址和端口
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection 'upgrade';
# proxy_set_header Host $host;
# proxy_cache_bypass $http_upgrade;
# # 为了正确处理 Kibana 的资源加载,还需要拼接 URI
# proxy_redirect http://kibana:5601/ /kibana/;
# }
location /portainer/ {
rewrite ^/portainer/(.*) /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
proxy_connect_timeout 300;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Origin '';
chunked_transfer_encoding off;
proxy_pass http://portainer:9000; # This uses the upstream directive definition to load balance
sub_filter '="/' '="/portainer/'; # 将资源引用路径中的=/替换为=/portainer/
sub_filter_once off;
}
location /mongo/ {
rewrite ^/mongo/(.*) /$1 break;
proxy_pass http://mongo-express:8081/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
proxy_connect_timeout 300;
# To support websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
# Uncomment the following line to set the Origin request to an empty string
# proxy_set_header Origin '';
chunked_transfer_encoding off;
sub_filter '="/' '="/mongo/'; # 将资源引用路径中的=/替换为=/mongo/
sub_filter_once off;
}
location /minio/ {
rewrite ^/minio/(.*) /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
proxy_connect_timeout 300;
# To support websockets in MinIO versions released after January 2023
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
# Uncomment the following line to set the Origin request to an empty string
# proxy_set_header Origin '';
chunked_transfer_encoding off;
proxy_pass http://minio:9001; # This uses the upstream directive definition to load balance
sub_filter '="/' '="/minio/'; # 将资源引用路径中的=/替换为=/minio/
sub_filter_once off;
}
location /rabbitmq/ {
rewrite ^/rabbitmq/(.*) /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
proxy_connect_timeout 300;
# To support websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
# Uncomment the following line to set the Origin request to an empty string
# proxy_set_header Origin '';
chunked_transfer_encoding off;
proxy_pass http://rabbitmq:15672; # This uses the upstream directive definition to load balance
sub_filter '="/' '="/rabbitmq/'; # 将资源引用路径中的=/替换为=/rabbitmq/
sub_filter_once off;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}

25
nginx/conf/fastcgi_params Normal file
View File

@ -0,0 +1,25 @@
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

99
nginx/conf/mime.types Normal file
View File

@ -0,0 +1,99 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

32
nginx/conf/nginx.conf Normal file
View File

@ -0,0 +1,32 @@
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}

17
nginx/conf/scgi_params Normal file
View File

@ -0,0 +1,17 @@
scgi_param REQUEST_METHOD $request_method;
scgi_param REQUEST_URI $request_uri;
scgi_param QUERY_STRING $query_string;
scgi_param CONTENT_TYPE $content_type;
scgi_param DOCUMENT_URI $document_uri;
scgi_param DOCUMENT_ROOT $document_root;
scgi_param SCGI 1;
scgi_param SERVER_PROTOCOL $server_protocol;
scgi_param REQUEST_SCHEME $scheme;
scgi_param HTTPS $https if_not_empty;
scgi_param REMOTE_ADDR $remote_addr;
scgi_param REMOTE_PORT $remote_port;
scgi_param SERVER_PORT $server_port;
scgi_param SERVER_NAME $server_name;

17
nginx/conf/uwsgi_params Normal file
View File

@ -0,0 +1,17 @@
uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REQUEST_SCHEME $scheme;
uwsgi_param HTTPS $https if_not_empty;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;

27
nginx/html/404.html Executable file
View File

@ -0,0 +1,27 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>404 - Not Found</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f8f9fa;
color: #343a40;
text-align: center;
padding: 50px;
}
h1 {
font-size: 3em;
}
p {
font-size: 1.2em;
}
</style>
</head>
<body>
<h1>404 - Not Found</h1>
<p>Sorry, the page you are looking for could not be found.</p>
</body>
</html>

27
nginx/html/50x.html Executable file
View File

@ -0,0 +1,27 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>500 - Internal Server Error</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f8f9fa;
color: #343a40;
text-align: center;
padding: 50px;
}
h1 {
font-size: 3em;
}
p {
font-size: 1.2em;
}
</style>
</head>
<body>
<h1>500 - Internal Server Error</h1>
<p>Sorry, there was an internal server error. Please try again later.</p>
</body>
</html>

27
nginx/html/index.html Executable file
View File

@ -0,0 +1,27 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>欢迎</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f8f9fa;
color: #343a40;
text-align: center;
padding: 50px;
}
h1 {
font-size: 3em;
}
p {
font-size: 1.2em;
}
</style>
</head>
<body>
<h1>欢迎</h1>
<p>docker-nginx</p>
</body>
</html>

22
pgadmin/servers.json Normal file
View File

@ -0,0 +1,22 @@
{
"Servers": {
"1": {
"Name": "hello",
"Group": "Servers",
"Host": "postgres",
"Port": 5432,
"MaintenanceDB": "hello",
"Username": "hello",
"UseSSHTunnel": 0,
"TunnelPort": "22",
"TunnelAuthentication": 0,
"KerberosAuthentication": false,
"ConnectionParameters": {
"sslmode": "prefer",
"connect_timeout": 10,
"sslcert": "<STORAGE_DIR>/.postgresql/postgresql.crt",
"sslkey": "<STORAGE_DIR>/.postgresql/postgresql.key"
}
}
}
}

2
portainer/data/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

1
postgres/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
*.log

56
postgres/README.md Normal file
View File

@ -0,0 +1,56 @@
# docker启动的postgres服务
## 使用说明
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-postgres.git
cd docker-postgress
# chmod +x start
./start
```
执行结果为启动一个名为postgres的容器其中运行了postgres服务默认端口号为5432默认用户postgres默认密码123456默认数据库postgres
## 脚本工具
> 所有脚本在执行之前都需要确保具有可执行权限。
|脚本|作用|用法|
|---|---|---|
|start|启动服务|./start|
|stop|停止服务|./stop|
|fulldump|对指定数据库执行全量备份通过pg_dump实现其中<days>参数的作用是清除多少天之前的备份默认值是15天|./fulldump <database> <days>|
|clear|危险!!!清空所有数据、备份、日志等文件|./clear|
## 修改默认值
- 如何修改端口号?
在`conf/postgresql.conf`中找到`port = 5432`一行,修改(需要使用`start`脚本重启后才会生效)。
- 如何修改密码?
在`docker-compose.yml`中修改环境变量`POSTGRES_PASSWORD`的值。
- 如何修改默认用户?
在`docker-compose.yml`中设置环境变量`POSTGRES_USER`fulldump脚本中的脚本可能需要修改
- 如何修改默认数据库?
在`docker-compose.yml`中设置环境变量`POSTGRES_DB`fulldump脚本中的脚本可能需要修改
### 修改配置文件
通过start脚本启动服务时会自动将conf目录下的配置文件应用到容器内而配置文件中的大部分配置项都需要重启服务才会生效因些建议每次都直接修改conf目录中的配置文件然后再执行`./stop && ./start`重启服务。
## 定时备份
手动调用`fulldump`脚本可以实时备份数据库,将`fulldump`脚本加入到系统crontab定时任务中即可实现定时备份。
下面是一个示例:
```conf
# 每天1点备份postgres数据库并清除15天前的备份
0 1 * * * bash /app/dev/postgres/fulldump postgres 15
```

100
postgres/conf/pg_hba.conf Normal file
View File

@ -0,0 +1,100 @@
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the "Client Authentication" section in the PostgreSQL
# documentation for a complete description of this file. A short
# synopsis follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access. Records take one of these forms:
#
# local DATABASE USER METHOD [OPTIONS]
# host DATABASE USER ADDRESS METHOD [OPTIONS]
# hostssl DATABASE USER ADDRESS METHOD [OPTIONS]
# hostnossl DATABASE USER ADDRESS METHOD [OPTIONS]
# hostgssenc DATABASE USER ADDRESS METHOD [OPTIONS]
# hostnogssenc DATABASE USER ADDRESS METHOD [OPTIONS]
#
# (The uppercase items must be replaced by actual values.)
#
# The first field is the connection type:
# - "local" is a Unix-domain socket
# - "host" is a TCP/IP socket (encrypted or not)
# - "hostssl" is a TCP/IP socket that is SSL-encrypted
# - "hostnossl" is a TCP/IP socket that is not SSL-encrypted
# - "hostgssenc" is a TCP/IP socket that is GSSAPI-encrypted
# - "hostnogssenc" is a TCP/IP socket that is not GSSAPI-encrypted
#
# DATABASE can be "all", "sameuser", "samerole", "replication", a
# database name, or a comma-separated list thereof. The "all"
# keyword does not match "replication". Access to replication
# must be enabled in a separate record (see example below).
#
# USER can be "all", a user name, a group name prefixed with "+", or a
# comma-separated list thereof. In both the DATABASE and USER fields
# you can also write a file name prefixed with "@" to include names
# from a separate file.
#
# ADDRESS specifies the set of hosts the record matches. It can be a
# host name, or it is made up of an IP address and a CIDR mask that is
# an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that
# specifies the number of significant bits in the mask. A host name
# that starts with a dot (.) matches a suffix of the actual host name.
# Alternatively, you can write an IP address and netmask in separate
# columns to specify the set of hosts. Instead of a CIDR-address, you
# can write "samehost" to match any of the server's own IP addresses,
# or "samenet" to match any address in any subnet that the server is
# directly connected to.
#
# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256",
# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert".
# Note that "password" sends passwords in clear text; "md5" or
# "scram-sha-256" are preferred since they send encrypted passwords.
#
# OPTIONS are a set of options for the authentication in the format
# NAME=VALUE. The available options depend on the different
# authentication methods -- refer to the "Client Authentication"
# section in the documentation for a list of which options are
# available for which authentication methods.
#
# Database and user names containing spaces, commas, quotes and other
# special characters must be quoted. Quoting one of the keywords
# "all", "sameuser", "samerole" or "replication" makes the name lose
# its special character, and just match a database or username with
# that name.
#
# This file is read on server startup and when the server receives a
# SIGHUP signal. If you edit the file on a running system, you have to
# SIGHUP the server for the changes to take effect, run "pg_ctl reload",
# or execute "SELECT pg_reload_conf()".
#
# Put your actual configuration here
# ----------------------------------
#
# If you want to allow non-local connections, you need to add more
# "host" records. In that case you will also need to make PostgreSQL
# listen on a non-local interface via the listen_addresses
# configuration parameter, or via the -i or -h command line switches.
# CAUTION: Configuring the system for local "trust" authentication
# allows any local user to connect as any PostgreSQL user, including
# the database superuser. If you do not trust all your local users,
# use another authentication method.
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
host all all all scram-sha-256

42
postgres/conf/pg_ident.conf Normal file
View File

@ -0,0 +1,42 @@
# PostgreSQL User Name Maps
# =========================
#
# Refer to the PostgreSQL documentation, chapter "Client
# Authentication" for a complete description. A short synopsis
# follows.
#
# This file controls PostgreSQL user name mapping. It maps external
# user names to their corresponding PostgreSQL user names. Records
# are of the form:
#
# MAPNAME SYSTEM-USERNAME PG-USERNAME
#
# (The uppercase quantities must be replaced by actual values.)
#
# MAPNAME is the (otherwise freely chosen) map name that was used in
# pg_hba.conf. SYSTEM-USERNAME is the detected user name of the
# client. PG-USERNAME is the requested PostgreSQL user name. The
# existence of a record specifies that SYSTEM-USERNAME may connect as
# PG-USERNAME.
#
# If SYSTEM-USERNAME starts with a slash (/), it will be treated as a
# regular expression. Optionally this can contain a capture (a
# parenthesized subexpression). The substring matching the capture
# will be substituted for \1 (backslash-one) if present in
# PG-USERNAME.
#
# Multiple maps may be specified in this file and used by pg_hba.conf.
#
# No map names are defined in the default configuration. If all
# system user names and PostgreSQL user names are the same, you don't
# need anything in this file.
#
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal. If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect. You can
# use "pg_ctl reload" to do that.
# Put your actual configuration here
# ----------------------------------
# MAPNAME SYSTEM-USERNAME PG-USERNAME

803
postgres/conf/postgresql.conf Normal file
View File

@ -0,0 +1,803 @@
# -----------------------------
# PostgreSQL configuration file
# -----------------------------
#
# This file consists of lines of the form:
#
# name = value
#
# (The "=" is optional.) Whitespace may be used. Comments are introduced with
# "#" anywhere on a line. The complete list of parameter names and allowed
# values can be found in the PostgreSQL documentation.
#
# The commented-out settings shown in this file represent the default values.
# Re-commenting a setting is NOT sufficient to revert it to the default value;
# you need to reload the server.
#
# This file is read on server startup and when the server receives a SIGHUP
# signal. If you edit the file on a running system, you have to SIGHUP the
# server for the changes to take effect, run "pg_ctl reload", or execute
# "SELECT pg_reload_conf()". Some parameters, which are marked below,
# require a server shutdown and restart to take effect.
#
# Any parameter can also be given as a command-line option to the server, e.g.,
# "postgres -c log_connections=on". Some parameters can be changed at run time
# with the "SET" SQL command.
#
# Memory units: B = bytes Time units: us = microseconds
# kB = kilobytes ms = milliseconds
# MB = megabytes s = seconds
# GB = gigabytes min = minutes
# TB = terabytes h = hours
# d = days
#------------------------------------------------------------------------------
# FILE LOCATIONS
#------------------------------------------------------------------------------
# The default values of these variables are driven from the -D command-line
# option or PGDATA environment variable, represented here as ConfigDir.
#data_directory = 'ConfigDir' # use data in another directory
# (change requires restart)
#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file
# (change requires restart)
#ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file
# (change requires restart)
# If external_pid_file is not explicitly set, no extra PID file is written.
#external_pid_file = '' # write an extra PID file
# (change requires restart)
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*'
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
port = 5432 # (change requires restart)
max_connections = 100 # (change requires restart)
#superuser_reserved_connections = 3 # (change requires restart)
#unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories
# (change requires restart)
#unix_socket_group = '' # (change requires restart)
#unix_socket_permissions = 0777 # begin with 0 to use octal notation
# (change requires restart)
#bonjour = off # advertise server via Bonjour
# (change requires restart)
#bonjour_name = '' # defaults to the computer name
# (change requires restart)
# - TCP settings -
# see "man tcp" for details
#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds;
# 0 selects the system default
#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds;
# 0 selects the system default
#tcp_keepalives_count = 0 # TCP_KEEPCNT;
# 0 selects the system default
#tcp_user_timeout = 0 # TCP_USER_TIMEOUT, in milliseconds;
# 0 selects the system default
#client_connection_check_interval = 0 # time between checks for client
# disconnection while running queries;
# 0 for never
# - Authentication -
#authentication_timeout = 1min # 1s-600s
#password_encryption = scram-sha-256 # scram-sha-256 or md5
#db_user_namespace = off
# GSSAPI using Kerberos
#krb_server_keyfile = 'FILE:${sysconfdir}/krb5.keytab'
#krb_caseins_users = off
# - SSL -
#ssl = off
#ssl_ca_file = ''
#ssl_cert_file = 'server.crt'
#ssl_crl_file = ''
#ssl_crl_dir = ''
#ssl_key_file = 'server.key'
#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
#ssl_prefer_server_ciphers = on
#ssl_ecdh_curve = 'prime256v1'
#ssl_min_protocol_version = 'TLSv1.2'
#ssl_max_protocol_version = ''
#ssl_dh_params_file = ''
#ssl_passphrase_command = ''
#ssl_passphrase_command_supports_reload = off
#------------------------------------------------------------------------------
# RESOURCE USAGE (except WAL)
#------------------------------------------------------------------------------
# - Memory -
shared_buffers = 128MB # min 128kB
# (change requires restart)
#huge_pages = try # on, off, or try
# (change requires restart)
#huge_page_size = 0 # zero for system default
# (change requires restart)
#temp_buffers = 8MB # min 800kB
#max_prepared_transactions = 0 # zero disables the feature
# (change requires restart)
# Caution: it is not advisable to set max_prepared_transactions nonzero unless
# you actively intend to use prepared transactions.
#work_mem = 4MB # min 64kB
#hash_mem_multiplier = 1.0 # 1-1000.0 multiplier on hash table work_mem
#maintenance_work_mem = 64MB # min 1MB
#autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem
#logical_decoding_work_mem = 64MB # min 64kB
#max_stack_depth = 2MB # min 100kB
#shared_memory_type = mmap # the default is the first option
# supported by the operating system:
# mmap
# sysv
# windows
# (change requires restart)
dynamic_shared_memory_type = posix # the default is the first option
# supported by the operating system:
# posix
# sysv
# windows
# mmap
# (change requires restart)
#min_dynamic_shared_memory = 0MB # (change requires restart)
# - Disk -
#temp_file_limit = -1 # limits per-process temp file space
# in kilobytes, or -1 for no limit
# - Kernel Resources -
#max_files_per_process = 1000 # min 64
# (change requires restart)
# - Cost-Based Vacuum Delay -
#vacuum_cost_delay = 0 # 0-100 milliseconds (0 disables)
#vacuum_cost_page_hit = 1 # 0-10000 credits
#vacuum_cost_page_miss = 2 # 0-10000 credits
#vacuum_cost_page_dirty = 20 # 0-10000 credits
#vacuum_cost_limit = 200 # 1-10000 credits
# - Background Writer -
#bgwriter_delay = 200ms # 10-10000ms between rounds
#bgwriter_lru_maxpages = 100 # max buffers written/round, 0 disables
#bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round
#bgwriter_flush_after = 512kB # measured in pages, 0 disables
# - Asynchronous Behavior -
#backend_flush_after = 0 # measured in pages, 0 disables
#effective_io_concurrency = 1 # 1-1000; 0 disables prefetching
#maintenance_io_concurrency = 10 # 1-1000; 0 disables prefetching
#max_worker_processes = 8 # (change requires restart)
#max_parallel_workers_per_gather = 2 # taken from max_parallel_workers
#max_parallel_maintenance_workers = 2 # taken from max_parallel_workers
#max_parallel_workers = 8 # maximum number of max_worker_processes that
# can be used in parallel operations
#parallel_leader_participation = on
#old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate
# (change requires restart)
#------------------------------------------------------------------------------
# WRITE-AHEAD LOG
#------------------------------------------------------------------------------
# - Settings -
wal_level = replica
#wal_level = replica # minimal, replica, or logical
# (change requires restart)
#fsync = on # flush data to disk for crash safety
# (turning this off can cause
# unrecoverable data corruption)
#synchronous_commit = on # synchronization level;
# off, local, remote_write, remote_apply, or on
#wal_sync_method = fsync # the default is the first option
# supported by the operating system:
# open_datasync
# fdatasync (default on Linux and FreeBSD)
# fsync
# fsync_writethrough
# open_sync
#full_page_writes = on # recover from partial page writes
#wal_log_hints = off # also do full page writes of non-critical updates
# (change requires restart)
#wal_compression = off # enable compression of full-page writes
#wal_init_zero = on # zero-fill new WAL files
#wal_recycle = on # recycle WAL files
#wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers
# (change requires restart)
#wal_writer_delay = 200ms # 1-10000 milliseconds
#wal_writer_flush_after = 1MB # measured in pages, 0 disables
#wal_skip_threshold = 2MB
#commit_delay = 0 # range 0-100000, in microseconds
#commit_siblings = 5 # range 1-1000
# - Checkpoints -
#checkpoint_timeout = 5min # range 30s-1d
#checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0
#checkpoint_flush_after = 256kB # measured in pages, 0 disables
#checkpoint_warning = 30s # 0 disables
max_wal_size = 1GB
min_wal_size = 80MB
# - Archiving -
# archive_mode = on
# archive_command = 'test ! -f /da`ta/archived/%f && cp %p /data/archived/%f'
# archive_timeout = 10
#archive_mode = off # enables archiving; off, on, or always
# (change requires restart)
#archive_command = '' # command to use to archive a logfile segment
# placeholders: %p = path of file to archive
# %f = file name only
# e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f'
#archive_timeout = 0 # force a logfile segment switch after this
# number of seconds; 0 disables
# - Archive Recovery -
# These are only used in recovery mode.
#restore_command = '' # command to use to restore an archived logfile segment
# placeholders: %p = path of file to restore
# %f = file name only
# e.g. 'cp /mnt/server/archivedir/%f %p'
#archive_cleanup_command = '' # command to execute at every restartpoint
#recovery_end_command = '' # command to execute at completion of recovery
# - Recovery Target -
# Set these only when performing a targeted recovery.
#recovery_target = '' # 'immediate' to end recovery as soon as a
# consistent state is reached
# (change requires restart)
#recovery_target_name = '' # the named restore point to which recovery will proceed
# (change requires restart)
#recovery_target_time = '' # the time stamp up to which recovery will proceed
# (change requires restart)
#recovery_target_xid = '' # the transaction ID up to which recovery will proceed
# (change requires restart)
#recovery_target_lsn = '' # the WAL LSN up to which recovery will proceed
# (change requires restart)
#recovery_target_inclusive = on # Specifies whether to stop:
# just after the specified recovery target (on)
# just before the recovery target (off)
# (change requires restart)
#recovery_target_timeline = 'latest' # 'current', 'latest', or timeline ID
# (change requires restart)
#recovery_target_action = 'pause' # 'pause', 'promote', 'shutdown'
# (change requires restart)
#------------------------------------------------------------------------------
# REPLICATION
#------------------------------------------------------------------------------
# - Sending Servers -
# Set these on the primary and on any standby that will send replication data.
#max_wal_senders = 10 # max number of walsender processes
# (change requires restart)
#max_replication_slots = 10 # max number of replication slots
# (change requires restart)
#wal_keep_size = 0 # in megabytes; 0 disables
#max_slot_wal_keep_size = -1 # in megabytes; -1 disables
#wal_sender_timeout = 60s # in milliseconds; 0 disables
#track_commit_timestamp = off # collect timestamp of transaction commit
# (change requires restart)
# - Primary Server -
# These settings are ignored on a standby server.
#synchronous_standby_names = '' # standby servers that provide sync rep
# method to choose sync standbys, number of sync standbys,
# and comma-separated list of application_name
# from standby(s); '*' = all
#vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed
# - Standby Servers -
# These settings are ignored on a primary server.
#primary_conninfo = '' # connection string to sending server
#primary_slot_name = '' # replication slot on sending server
#promote_trigger_file = '' # file name whose presence ends recovery
hot_standby = on # "off" disallows queries during recovery
#hot_standby = on # "off" disallows queries during recovery
# (change requires restart)
#max_standby_archive_delay = 30s # max delay before canceling queries
# when reading WAL from archive;
# -1 allows indefinite delay
#max_standby_streaming_delay = 30s # max delay before canceling queries
# when reading streaming WAL;
# -1 allows indefinite delay
#wal_receiver_create_temp_slot = off # create temp slot if primary_slot_name
# is not set
#wal_receiver_status_interval = 10s # send replies at least this often
# 0 disables
#hot_standby_feedback = off # send info from standby to prevent
# query conflicts
#wal_receiver_timeout = 60s # time that receiver waits for
# communication from primary
# in milliseconds; 0 disables
#wal_retrieve_retry_interval = 5s # time to wait before retrying to
# retrieve WAL after a failed attempt
#recovery_min_apply_delay = 0 # minimum delay for applying changes during recovery
# - Subscribers -
# These settings are ignored on a publisher.
#max_logical_replication_workers = 4 # taken from max_worker_processes
# (change requires restart)
#max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers
#------------------------------------------------------------------------------
# QUERY TUNING
#------------------------------------------------------------------------------
# - Planner Method Configuration -
#enable_async_append = on
#enable_bitmapscan = on
#enable_gathermerge = on
#enable_hashagg = on
#enable_hashjoin = on
#enable_incremental_sort = on
#enable_indexscan = on
#enable_indexonlyscan = on
#enable_material = on
#enable_memoize = on
#enable_mergejoin = on
#enable_nestloop = on
#enable_parallel_append = on
#enable_parallel_hash = on
#enable_partition_pruning = on
#enable_partitionwise_join = off
#enable_partitionwise_aggregate = off
#enable_seqscan = on
#enable_sort = on
#enable_tidscan = on
# - Planner Cost Constants -
#seq_page_cost = 1.0 # measured on an arbitrary scale
#random_page_cost = 4.0 # same scale as above
#cpu_tuple_cost = 0.01 # same scale as above
#cpu_index_tuple_cost = 0.005 # same scale as above
#cpu_operator_cost = 0.0025 # same scale as above
#parallel_setup_cost = 1000.0 # same scale as above
#parallel_tuple_cost = 0.1 # same scale as above
#min_parallel_table_scan_size = 8MB
#min_parallel_index_scan_size = 512kB
#effective_cache_size = 4GB
#jit_above_cost = 100000 # perform JIT compilation if available
# and query more expensive than this;
# -1 disables
#jit_inline_above_cost = 500000 # inline small functions if query is
# more expensive than this; -1 disables
#jit_optimize_above_cost = 500000 # use expensive JIT optimizations if
# query is more expensive than this;
# -1 disables
# - Genetic Query Optimizer -
#geqo = on
#geqo_threshold = 12
#geqo_effort = 5 # range 1-10
#geqo_pool_size = 0 # selects default based on effort
#geqo_generations = 0 # selects default based on effort
#geqo_selection_bias = 2.0 # range 1.5-2.0
#geqo_seed = 0.0 # range 0.0-1.0
# - Other Planner Options -
#default_statistics_target = 100 # range 1-10000
#constraint_exclusion = partition # on, off, or partition
#cursor_tuple_fraction = 0.1 # range 0.0-1.0
#from_collapse_limit = 8
#jit = on # allow JIT compilation
#join_collapse_limit = 8 # 1 disables collapsing of explicit
# JOIN clauses
#plan_cache_mode = auto # auto, force_generic_plan or
# force_custom_plan
#------------------------------------------------------------------------------
# REPORTING AND LOGGING
#------------------------------------------------------------------------------
# - Where to Log -
#log_destination = 'stderr' # Valid values are combinations of
# stderr, csvlog, syslog, and eventlog,
# depending on platform. csvlog
# requires logging_collector to be on.
# This is used when logging to stderr:
#logging_collector = off # Enable capturing of stderr and csvlog
# into log files. Required to be on for
# csvlogs.
# (change requires restart)
# These are only used if logging_collector is on:
#log_directory = 'log' # directory where log files are written,
# can be absolute or relative to PGDATA
#log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern,
# can include strftime() escapes
#log_file_mode = 0600 # creation mode for log files,
# begin with 0 to use octal notation
#log_rotation_age = 1d # Automatic rotation of logfiles will
# happen after that time. 0 disables.
#log_rotation_size = 10MB # Automatic rotation of logfiles will
# happen after that much log output.
# 0 disables.
#log_truncate_on_rotation = off # If on, an existing log file with the
# same name as the new log file will be
# truncated rather than appended to.
# But such truncation only occurs on
# time-driven rotation, not on restarts
# or size-driven rotation. Default is
# off, meaning append to existing files
# in all cases.
# These are relevant when logging to syslog:
#syslog_facility = 'LOCAL0'
#syslog_ident = 'postgres'
#syslog_sequence_numbers = on
#syslog_split_messages = on
# This is only relevant when logging to eventlog (Windows):
# (change requires restart)
#event_source = 'PostgreSQL'
# - When to Log -
#log_min_messages = warning # values in order of decreasing detail:
# debug5
# debug4
# debug3
# debug2
# debug1
# info
# notice
# warning
# error
# log
# fatal
# panic
#log_min_error_statement = error # values in order of decreasing detail:
# debug5
# debug4
# debug3
# debug2
# debug1
# info
# notice
# warning
# error
# log
# fatal
# panic (effectively off)
#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements
# and their durations, > 0 logs only
# statements running at least this number
# of milliseconds
#log_min_duration_sample = -1 # -1 is disabled, 0 logs a sample of statements
# and their durations, > 0 logs only a sample of
# statements running at least this number
# of milliseconds;
# sample fraction is determined by log_statement_sample_rate
#log_statement_sample_rate = 1.0 # fraction of logged statements exceeding
# log_min_duration_sample to be logged;
# 1.0 logs all such statements, 0.0 never logs
#log_transaction_sample_rate = 0.0 # fraction of transactions whose statements
# are logged regardless of their duration; 1.0 logs all
# statements from all transactions, 0.0 never logs
# - What to Log -
#debug_print_parse = off
#debug_print_rewritten = off
#debug_print_plan = off
#debug_pretty_print = on
#log_autovacuum_min_duration = -1 # log autovacuum activity;
# -1 disables, 0 logs all actions and
# their durations, > 0 logs only
# actions running at least this number
# of milliseconds.
#log_checkpoints = off
#log_connections = off
#log_disconnections = off
#log_duration = off
#log_error_verbosity = default # terse, default, or verbose messages
#log_hostname = off
#log_line_prefix = '%m [%p] ' # special values:
# %a = application name
# %u = user name
# %d = database name
# %r = remote host and port
# %h = remote host
# %b = backend type
# %p = process ID
# %P = process ID of parallel group leader
# %t = timestamp without milliseconds
# %m = timestamp with milliseconds
# %n = timestamp with milliseconds (as a Unix epoch)
# %Q = query ID (0 if none or not computed)
# %i = command tag
# %e = SQL state
# %c = session ID
# %l = session line number
# %s = session start timestamp
# %v = virtual transaction ID
# %x = transaction ID (0 if none)
# %q = stop here in non-session
# processes
# %% = '%'
# e.g. '<%u%%%d> '
#log_lock_waits = off # log lock waits >= deadlock_timeout
#log_recovery_conflict_waits = off # log standby recovery conflict waits
# >= deadlock_timeout
#log_parameter_max_length = -1 # when logging statements, limit logged
# bind-parameter values to N bytes;
# -1 means print in full, 0 disables
#log_parameter_max_length_on_error = 0 # when logging an error, limit logged
# bind-parameter values to N bytes;
# -1 means print in full, 0 disables
#log_statement = 'none' # none, ddl, mod, all
#log_replication_commands = off
#log_temp_files = -1 # log temporary files equal or larger
# than the specified size in kilobytes;
# -1 disables, 0 logs all temp files
log_timezone = 'Asia/Shanghai'
#------------------------------------------------------------------------------
# PROCESS TITLE
#------------------------------------------------------------------------------
#cluster_name = '' # added to process titles if nonempty
# (change requires restart)
#update_process_title = on
#------------------------------------------------------------------------------
# STATISTICS
#------------------------------------------------------------------------------
# - Query and Index Statistics Collector -
#track_activities = on
#track_activity_query_size = 1024 # (change requires restart)
#track_counts = on
#track_io_timing = off
#track_wal_io_timing = off
#track_functions = none # none, pl, all
#stats_temp_directory = 'pg_stat_tmp'
# - Monitoring -
#compute_query_id = auto
#log_statement_stats = off
#log_parser_stats = off
#log_planner_stats = off
#log_executor_stats = off
#------------------------------------------------------------------------------
# AUTOVACUUM
#------------------------------------------------------------------------------
#autovacuum = on # Enable autovacuum subprocess? 'on'
# requires track_counts to also be on.
#autovacuum_max_workers = 3 # max number of autovacuum subprocesses
# (change requires restart)
#autovacuum_naptime = 1min # time between autovacuum runs
#autovacuum_vacuum_threshold = 50 # min number of row updates before
# vacuum
#autovacuum_vacuum_insert_threshold = 1000 # min number of row inserts
# before vacuum; -1 disables insert
# vacuums
#autovacuum_analyze_threshold = 50 # min number of row updates before
# analyze
#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum
#autovacuum_vacuum_insert_scale_factor = 0.2 # fraction of inserts over table
# size before insert vacuum
#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze
#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum
# (change requires restart)
#autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age
# before forced vacuum
# (change requires restart)
#autovacuum_vacuum_cost_delay = 2ms # default vacuum cost delay for
# autovacuum, in milliseconds;
# -1 means use vacuum_cost_delay
#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for
# autovacuum, -1 means use
# vacuum_cost_limit
#------------------------------------------------------------------------------
# CLIENT CONNECTION DEFAULTS
#------------------------------------------------------------------------------
# - Statement Behavior -
#client_min_messages = notice # values in order of decreasing detail:
# debug5
# debug4
# debug3
# debug2
# debug1
# log
# notice
# warning
# error
#search_path = '"$user", public' # schema names
#row_security = on
#default_table_access_method = 'heap'
#default_tablespace = '' # a tablespace name, '' uses the default
#default_toast_compression = 'pglz' # 'pglz' or 'lz4'
#temp_tablespaces = '' # a list of tablespace names, '' uses
# only default tablespace
#check_function_bodies = on
#default_transaction_isolation = 'read committed'
#default_transaction_read_only = off
#default_transaction_deferrable = off
#session_replication_role = 'origin'
#statement_timeout = 0 # in milliseconds, 0 is disabled
#lock_timeout = 0 # in milliseconds, 0 is disabled
#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled
#idle_session_timeout = 0 # in milliseconds, 0 is disabled
#vacuum_freeze_table_age = 150000000
#vacuum_freeze_min_age = 50000000
#vacuum_failsafe_age = 1600000000
#vacuum_multixact_freeze_table_age = 150000000
#vacuum_multixact_freeze_min_age = 5000000
#vacuum_multixact_failsafe_age = 1600000000
#bytea_output = 'hex' # hex, escape
#xmlbinary = 'base64'
#xmloption = 'content'
#gin_pending_list_limit = 4MB
# - Locale and Formatting -
datestyle = 'iso, mdy'
#intervalstyle = 'postgres'
timezone = 'Asia/Shanghai'
#timezone_abbreviations = 'Default' # Select the set of available time zone
# abbreviations. Currently, there are
# Default
# Australia (historical usage)
# India
# You can create your own file in
# share/timezonesets/.
#extra_float_digits = 1 # min -15, max 3; any value >0 actually
# selects precise output mode
#client_encoding = sql_ascii # actually, defaults to database
# encoding
# These settings are initialized by initdb, but they can be changed.
lc_messages = 'en_US.utf8' # locale for system error message
# strings
lc_monetary = 'en_US.utf8' # locale for monetary formatting
lc_numeric = 'en_US.utf8' # locale for number formatting
lc_time = 'en_US.utf8' # locale for time formatting
# default configuration for text search
default_text_search_config = 'pg_catalog.english'
# - Shared Library Preloading -
#local_preload_libraries = ''
#session_preload_libraries = ''
#shared_preload_libraries = '' # (change requires restart)
#jit_provider = 'llvmjit' # JIT library to use
# - Other Defaults -
#dynamic_library_path = '$libdir'
#extension_destdir = '' # prepend path when loading extensions
# and shared objects (added by Debian)
#gin_fuzzy_search_limit = 0
#------------------------------------------------------------------------------
# LOCK MANAGEMENT
#------------------------------------------------------------------------------
#deadlock_timeout = 1s
#max_locks_per_transaction = 64 # min 10
# (change requires restart)
#max_pred_locks_per_transaction = 64 # min 10
# (change requires restart)
#max_pred_locks_per_relation = -2 # negative values mean
# (max_pred_locks_per_transaction
# / -max_pred_locks_per_relation) - 1
#max_pred_locks_per_page = 2 # min 0
#------------------------------------------------------------------------------
# VERSION AND PLATFORM COMPATIBILITY
#------------------------------------------------------------------------------
# - Previous PostgreSQL Versions -
#array_nulls = on
#backslash_quote = safe_encoding # on, off, or safe_encoding
#escape_string_warning = on
#lo_compat_privileges = off
#quote_all_identifiers = off
#standard_conforming_strings = on
#synchronize_seqscans = on
# - Other Platforms and Clients -
#transform_null_equals = off
#------------------------------------------------------------------------------
# ERROR HANDLING
#------------------------------------------------------------------------------
#exit_on_error = off # terminate session on any error?
#restart_after_crash = on # reinitialize after backend crash?
#data_sync_retry = off # retry or panic on failure to fsync
# data?
# (change requires restart)
#recovery_init_sync_method = fsync # fsync, syncfs (Linux 5.8+)
#------------------------------------------------------------------------------
# CONFIG FILE INCLUDES
#------------------------------------------------------------------------------
# These options allow settings to be loaded from files other than the
# default postgresql.conf. Note that these are directives, not variable
# assignments, so they can usefully be given more than once.
#include_dir = '...' # include files ending in '.conf' from
# a directory, e.g., 'conf.d'
#include_if_exists = '...' # include file only if it exists
#include = '...' # include file
#------------------------------------------------------------------------------
# CUSTOMIZED OPTIONS
#------------------------------------------------------------------------------
# Add settings for extensions here

8
postgres/data/.gitignore vendored Normal file
View File

@ -0,0 +1,8 @@
pgdata/*
archived/*
backup/first/*
backup/*
!.gitignore
!pgdata
!backup/first
!archived

51
rabbitmq/README.md Normal file
View File

@ -0,0 +1,51 @@
# 基于docker启动的rabbitmq服务
## 镜像
`quay.io/wandoubaba517/rabbitmq:3.13.4`
这个镜像是基于Docker Hub上的官方`rabbitmq:3.13.4`制作,安装并开启了了`rabbitmq_delayed_message_exchange`插件,开启了`rabbitmq_stomp`服务。
支持`amd64`架构和`arm64`架构。
## 配置默认用户名密码
在首次启动前修改`conf/conf.d/10-defaults.conf`文件中的`default_user`和`default_password`,会自动创建用户。
## 启动服务
```sh
./start
```
启动脚本内容如下:
```sh
docker run -d \
-p 5672:5672 \
-p 15672:15672 \
-p 61613:61613 \
-v ./data:/var/lib/rabbitmq/mnesia \
-v ./conf/conf.d:/etc/rabbitmq/conf.d \
--hostname rabbitmq \
--name rabbitmq \
quay.io/wandoubaba517/rabbitmq:3.13.4
```
## 停止服务
用`docker stop <container_name>`或者`docker rm -f <container_name>`即可。
## 数据持久化
将容器的`/var/lib/rabbitmq/mnesia`目录映射到`./data`目录。
## 默认端口
|端口|协议/服务说明|
|---|---|
|5672|amqp|
|15672|web管理后台|
|25672|集群通信|
|61613|stomp|
|15674|web-stomp|

35
rabbitmq/conf/conf.d/10-defaults.conf Normal file
View File

@ -0,0 +1,35 @@
## DEFAULT SETTINGS ARE NOT MEANT TO BE TAKEN STRAIGHT INTO PRODUCTION
## see https://www.rabbitmq.com/configure.html for further information
## on configuring RabbitMQ
## allow access to the guest user from anywhere on the network
## https://www.rabbitmq.com/access-control.html#loopback-users
## https://www.rabbitmq.com/production-checklist.html#users
loopback_users.guest = true
## Send all logs to stdout/TTY. Necessary to see logs when running via
## a container
log.console = true
disk_free_limit.absolute = 6G
vm_memory_high_watermark.relative = 0.7
default_vhost = /
default_user = hello
default_pass = helloworld
default_permissions.configure = .*
default_permissions.read = .*
default_permissions.write = .*
## Tags for default user
##
## For more details about tags, see the documentation for the
## Management Plugin at https://rabbitmq.com/management.html.
##
default_user_tags.administrator = true
## Define other tags like this:
default_user_tags.management = true
# default_user_tags.custom_tag = true

2
rabbitmq/data/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

46
redis/README.md Normal file
View File

@ -0,0 +1,46 @@
# docker-redis
基于docker启动的redis服务
## 用法
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-redis.git
cd docker-redis
./service start
```
## 服务控制
```sh
# 启动
./service start
# 停止
./service stop
# 重启
./service restart
# 查看状态
./service status
```
## 配置
- 容器名称
在`docker-compose.yml`中设置容器名称,同时在`redis-cli`脚本和`service`脚本中修改对应的容器名称。
- 服务端口号
在`redis.conf`中修改`port 6379`一行,修改后需要重启服务生效。
- 连接密码
在`redis.conf`中修改`requirepass 123456`一行,修改后需要重启服务生效。
- 其他配置
在`redis.conf`中修改其他配置。
## 客户端
`redis-cli`脚本就是调用容器内的`redis-cli`工具实现客户端连接的,用法与`redis-cli`工具相同。

2297
redis/conf/redis.conf Normal file
View File

File diff suppressed because it is too large Load Diff

2
redis/data/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

14
redis/redis-cli Executable file
View File

@ -0,0 +1,14 @@
#!/bin/bash
# 获取脚本所在目录的绝对路径
SCRIPT_DIR=$(cd "$(dirname "$0")" && pwd)
# 切换工作目录到脚本所在目录
cd $SCRIPT_DIR
container_name="devkit_redis"
export REDIS_PASSWORD="helloworld"
export REDIS_PORT=6379
docker exec -it $container_name bash -c "redis-cli -p $REDIS_PORT -a $REDIS_PASSWORD $@"