wandoubaba/devkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

所有服务的数据都转移到storage目录下,各服务配置目录下只保留配置文件

Browse Source
This commit is contained in:
chenqiang 2024-08-21 13:52:12 +08:00
parent 450dee3f6f
commit bb150a7eee
42 changed files with 263 additions and 704066 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.env
View File

@ -1,5 +1,9 @@
SERVICE_GROUP_NAME=devkit
NETWORK_NAME=devkit
NETWORK_RANGE=192.168.123.0/24
NGINX_PORT=44100
# Password for the 'elastic' user (at least 6 characters)
ELASTIC_PASSWORD=helloworld
# Password for the 'kibana_system' user (at least 6 characters)
@ -15,4 +19,4 @@ ES_PORT=9200
# Port to expose Kibana to the host
KIBANA_PORT=5601
# Increase or decrease based on the available host memory (in bytes)
ES_MEM_LIMIT=2147483648
ES_MEM_LIMIT=2147483648

543
docker-compose.yml
View File

@ -1,5 +1,57 @@
name: ${SERVICE_GROUP_NAME}
networks:
devkit:
name: ${NETWORK_NAME}
driver: bridge
ipam:
config:
- subnet: ${NETWORK_RANGE}
volumes:
pgadmin:
driver: local
driver_opts:
type: none
o: bind
device: ./storage/pgadmin
rabbitmq:
driver: local
driver_opts:
type: none
o: bind
device: ./storage/rabbitmq
portainer:
driver: local
driver_opts:
type: none
o: bind
device: ./storage/portainer
mongo:
driver: local
driver_opts:
type: none
o: bind
device: ./storage/mongo
minio:
driver: local
driver_opts:
type: none
o: bind
device: ./storage/minio
postgres:
driver: local
driver_opts:
type: none
o: bind
device: ./storage/postgres
redis:
driver: local
driver_opts:
type: none
o: bind
device: ./storage/redis
services:
# 主web入口服务代理一切web
nginx:
@ -20,9 +72,197 @@ services:
networks:
- ${NETWORK_NAME}
ports:
- 44100:80
- ${NGINX_PORT}:80
depends_on:
rabbitmq:
condition: service_healthy
restart: true
pgadmin:
condition: service_healthy
restart: true
portainer:
condition: service_healthy
restart: true
minio:
condition: service_healthy
restart: true
mongo-express:
condition: service_healthy
restart: true
# web接口服务提供http和ws服务被nginx代理
# 容器可视化管理应用被nginx代理
portainer:
image: quay.io/wandoubaba517/portainer-ce:2.20.3
container_name: devkit_portainer
networks:
- ${NETWORK_NAME}
volumes:
- portainer:/data
- /var/run/docker.sock:/var/run/docker.sock
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000"] # 假设Portainer的HTTP接口在9000端口
interval: 30s
timeout: 10s
retries: 3
# postgres数据库管理应用被nginx代理
pgadmin:
image: quay.io/wandoubaba517/pgadmin4:8.9
container_name: devkit_pgadmin
environment:
PGADMIN_DEFAULT_EMAIL: hello@pg.com
PGADMIN_DEFAULT_PASSWORD: helloworld
volumes:
- ./pgadmin/servers.json:/pgadmin4/servers.json
- pgadmin:/var/lib/pgadmin
restart: always
networks:
- ${NETWORK_NAME}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:80"] # 假设PgAdmin的HTTP接口在80端口
interval: 30s
timeout: 10s
retries: 3
depends_on:
postgres:
condition: service_healthy
restart: true
# postgres数据库
postgres:
image: quay.io/wandoubaba517/postgres:16.3
container_name: devkit_postgres
restart: always
environment:
POSTGRES_PASSWORD: helloworld
POSTGRES_USER: hello
POSTGRES_DB: hello
PGDATA: /data/pgdata
volumes:
- postgres:/data
- ./postgres/conf:/etc/postgres
networks:
- ${NETWORK_NAME}
command:
- postgres
- -c
- 'config_file=/etc/postgres/postgresql.conf'
- -c
- 'hba_file=/etc/postgres/pg_hba.conf'
- -c
- 'ident_file=/etc/postgres/pg_ident.conf'
healthcheck:
test: ["CMD-SHELL", "pg_isready -U hello"]
interval: 15s
retries: 5
start_period: 15s
timeout: 10s
# mongodb的可视化应用被nginx代理不要求登录
mongo-express:
image: quay.io/wandoubaba517/mongo-express:1.0.2
container_name: devkit_mongo-express
restart: always
networks:
- ${NETWORK_NAME}
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: hello
ME_CONFIG_MONGODB_ADMINPASSWORD: helloworld
ME_CONFIG_MONGODB_URL: mongodb://hello:helloworld@mongo:27017/
ME_CONFIG_BASICAUTH_USERNAME: hello
ME_CONFIG_BASICAUTH_PASSWORD: helloworld
ME_CONFIG_BASICAUTH: true
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8081"] # 假设mongo-express的HTTP接口在8081端口
interval: 30s
timeout: 10s
retries: 3
depends_on:
mongo:
condition: service_healthy
restart: true
# mongodb数据库
mongo:
image: quay.io/wandoubaba517/mongo:7.0
container_name: devkit_mongo
restart: always
environment:
TZ: Asia/Shanghai
MONGO_INITDB_ROOT_USERNAME: hello
MONGO_INITDB_ROOT_PASSWORD: helloworld
MONGO_INITDB_DATABASE: log
volumes:
- mongo:/data/db
- ./mongo/conf:/etc/mongo
networks:
- ${NETWORK_NAME}
command: ['mongod', '--config', '/etc/mongo/mongod.conf']
healthcheck:
test: ["CMD-SHELL", "mongosh -u hello -p helloworld --eval \"db.stats().ok\""]
interval: 20s
retries: 5
start_period: 15s
timeout: 10s
# redis缓存服务
redis:
image: quay.io/wandoubaba517/redis:7.2
container_name: devkit_redis
restart: always
volumes:
- redis:/data
- ./redis/conf:/etc/redis
networks:
- ${NETWORK_NAME}
command: ['redis-server', '/etc/redis/redis.conf']
healthcheck:
test: ["CMD", "redis-cli", "-a", "helloworld", "ping"]
interval: 15s
retries: 3
start_period: 15s
timeout: 10s
# minio对象存储服务
minio:
image: quay.io/minio/minio:RELEASE.2024-08-17T01-24-54Z
container_name: devkit_minio
restart: always
environment:
MINIO_CONFIG_ENV_FILE: /etc/config.env
networks:
- ${NETWORK_NAME}
volumes:
- minio:/mnt/data
- ./minio/config.env:/etc/config.env
command: server --console-address ':9001'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 15s
retries: 3
start_period: 60s
timeout: 10s
# rabbitmq消息队列服务
rabbitmq:
image: quay.io/wandoubaba517/rabbitmq:3.13.4
container_name: devkit_rabbitmq
restart: always
networks:
- ${NETWORK_NAME}
ports:
- 15672:15672
volumes:
- rabbitmq:/var/lib/rabbitmq/mnesia
- ./rabbitmq/conf/conf.d:/etc/rabbitmq/conf.d
healthcheck:
test: ["CMD", "rabbitmq-diagnostics", "check_running"]
interval: 30s
timeout: 10s
retries: 5
start_period: 5s
# webman提供的web接口服务提供http和ws服务被nginx代理
# api:
# image: quay.io/wandoubaba517/workerman:8.1
# container_name: devkit_api
@ -61,301 +301,4 @@ services:
# restart: true
# minio:
# condition: service_healthy
# restart: true
# 容器可视化管理应用被nginx代理
portainer:
image: quay.io/wandoubaba517/portainer-ce:2.20.3
container_name: devkit_portainer
networks:
- ${NETWORK_NAME}
volumes:
- ./portainer/data:/data
- /var/run/docker.sock:/var/run/docker.sock
# postgres数据库管理应用被nginx代理
pgadmin:
image: quay.io/wandoubaba517/pgadmin4:8.9
container_name: devkit_pgadmin
environment:
PGADMIN_DEFAULT_EMAIL: hello@pg.com
PGADMIN_DEFAULT_PASSWORD: helloworld
volumes:
- ./pgadmin/servers.json:/pgadmin4/servers.json
restart: always
networks:
- ${NETWORK_NAME}
depends_on:
postgres:
condition: service_healthy
restart: true
# postgres数据库
postgres:
image: quay.io/wandoubaba517/postgres:16.3
container_name: devkit_postgres
restart: always
environment:
POSTGRES_PASSWORD: helloworld
POSTGRES_USER: hello
POSTGRES_DB: hello
PGDATA: /data/pgdata
volumes:
- ./postgres/data:/data
- ./postgres/conf:/etc/postgres
networks:
- ${NETWORK_NAME}
command:
- postgres
- -c
- 'config_file=/etc/postgres/postgresql.conf'
- -c
- 'hba_file=/etc/postgres/pg_hba.conf'
- -c
- 'ident_file=/etc/postgres/pg_ident.conf'
healthcheck:
test: ["CMD-SHELL", "pg_isready -U hello"]
interval: 15s
retries: 5
start_period: 15s
timeout: 10s
# mongodb的可视化应用被nginx代理不要求登录
mongo-express:
image: quay.io/wandoubaba517/mongo-express:1.0.2
container_name: devkit_mongo-express
restart: always
networks:
- ${NETWORK_NAME}
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: hello
ME_CONFIG_MONGODB_ADMINPASSWORD: helloworld
ME_CONFIG_MONGODB_URL: mongodb://hello:helloworld@mongo:27017/
ME_CONFIG_BASICAUTH_USERNAME: hello
ME_CONFIG_BASICAUTH_PASSWORD: helloworld
ME_CONFIG_BASICAUTH: true
depends_on:
mongo:
condition: service_healthy
restart: true
# mongodb数据库
mongo:
image: quay.io/wandoubaba517/mongo:7.0
container_name: devkit_mongo
restart: always
environment:
TZ: Asia/Shanghai
MONGO_INITDB_ROOT_USERNAME: hello
MONGO_INITDB_ROOT_PASSWORD: helloworld
MONGO_INITDB_DATABASE: log
volumes:
- ./mongo/data/db:/data/db
- ./mongo/data/configdb:/data/configdb
- ./mongo/conf:/etc/mongo
networks:
- ${NETWORK_NAME}
command: ['mongod', '--config', '/etc/mongo/mongod.conf']
healthcheck:
test: ["CMD-SHELL", "mongosh -u hello -p helloworld --eval \"db.stats().ok\""]
interval: 20s
retries: 5
start_period: 15s
timeout: 10s
# redis缓存服务
redis:
image: quay.io/wandoubaba517/redis:7.2
container_name: devkit_redis
restart: always
volumes:
- ./redis/data:/data
- ./redis/conf:/etc/redis
networks:
- ${NETWORK_NAME}
command: ['redis-server', '/etc/redis/redis.conf']
healthcheck:
test: ["CMD", "redis-cli", "-a", "helloworld", "ping"]
interval: 15s
retries: 3
start_period: 15s
timeout: 10s
# minio对象存储服务
minio:
image: quay.io/minio/minio:RELEASE.2024-07-16T23-46-41Z
container_name: devkit_minio
restart: always
environment:
MINIO_ROOT_USER: hello
MINIO_ROOT_PASSWORD: helloworld
MINIO_VOLUMES: /mnt/data
networks:
- ${NETWORK_NAME}
volumes:
- ./minio/data:/mnt/data
- ./minio/config:/root/.minio/
command: server --console-address ':9001'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 15s
retries: 3
start_period: 60s
timeout: 10s
# rabbitmq消息队列服务
rabbitmq:
image: quay.io/wandoubaba517/rabbitmq:3.13.4
container_name: devkit_rabbitmq
restart: always
networks:
- ${NETWORK_NAME}
ports:
- 15672:15672
volumes:
- ./rabbitmq/data:/var/lib/rabbitmq/mnesia
- ./rabbitmq/conf/conf.d:/etc/rabbitmq/conf.d
healthcheck:
test: ["CMD", "rabbitmq-diagnostics", "check_running"]
interval: 30s
timeout: 10s
retries: 5
start_period: 5s
# es-setup、es、kibana是整套elasticsearch服务
# es-setup:
# image: quay.io/wandoubaba517/elasticsearch:${ES_STACK_VERSION}
# volumes:
# - ./elasticsearch/certs:/usr/share/elasticsearch/config/certs
# user: "0"
# networks:
# - ${NETWORK_NAME}
# command: >
# bash -c '
# if [ x${ELASTIC_PASSWORD} == x ]; then
# echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
# exit 1;
# elif [ x${KIBANA_PASSWORD} == x ]; then
# echo "Set the KIBANA_PASSWORD environment variable in the .env file";
# exit 1;
# fi;
# if [ ! -f config/certs/ca.zip ]; then
# echo "Creating CA";
# bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
# unzip config/certs/ca.zip -d config/certs;
# fi;
# if [ ! -f config/certs/certs.zip ]; then
# echo "Creating certs";
# echo -ne \
# "instances:\n"\
# " - name: es\n"\
# " dns:\n"\
# " - es\n"\
# " - localhost\n"\
# " ip:\n"\
# " - 127.0.0.1\n"\
# > config/certs/instances.yml;
# bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
# unzip config/certs/certs.zip -d config/certs;
# fi;
# echo "Setting file permissions"
# chown -R root:root config/certs;
# find . -type d -exec chmod 750 \{\} \;;
# find . -type f -exec chmod 640 \{\} \;;
# echo "Waiting for Elasticsearch availability";
# until curl -s --cacert config/certs/ca/ca.crt https://es:9200 | grep -q "missing authentication credentials"; do sleep 30; done;
# echo "Setting kibana_system password";
# until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://es:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
# echo "All done!";
# '
# healthcheck:
# test: ["CMD-SHELL", "[ -f config/certs/es/es.crt ]"]
# interval: 1s
# timeout: 5s
# retries: 120
# es:
# depends_on:
# es-setup:
# condition: service_healthy
# image: quay.io/wandoubaba517/elasticsearch:${ES_STACK_VERSION}
# container_name: devkit_es
# restart: always
# volumes:
# - ./elasticsearch/certs:/usr/share/elasticsearch/config/certs
# - ./elasticsearch/esdata:/usr/share/elasticsearch/data
# - ./elasticsearch/eslogs:/usr/share/elasticsearch/logs
# - ./elasticsearch/plugins/ik:/usr/share/elasticsearch/plugins/ik
# ports:
# - ${ES_PORT}:9200
# networks:
# - ${NETWORK_NAME}
# environment:
# - node.name=es
# - cluster.name=${ES_CLUSTER_NAME}
# - cluster.initial_master_nodes=es
# - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
# - bootstrap.memory_lock=true
# - xpack.security.enabled=true
# - xpack.security.http.ssl.enabled=true
# - xpack.security.http.ssl.key=certs/es/es.key
# - xpack.security.http.ssl.certificate=certs/es/es.crt
# - xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
# - xpack.security.transport.ssl.enabled=true
# - xpack.security.transport.ssl.key=certs/es/es.key
# - xpack.security.transport.ssl.certificate=certs/es/es.crt
# - xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
# - xpack.security.transport.ssl.verification_mode=certificate
# - xpack.license.self_generated.type=${ES_LICENSE}
# mem_limit: ${ES_MEM_LIMIT}
# ulimits:
# memlock:
# soft: -1
# hard: -1
# healthcheck:
# test:
# [
# "CMD-SHELL",
# "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
# ]
# interval: 120s
# timeout: 30s
# retries: 120
# start_period: 120s
# kibana:
# depends_on:
# es:
# condition: service_healthy
# image: quay.io/wandoubaba517/kibana:${ES_STACK_VERSION}
# container_name: devkit_kibana
# restart: always
# volumes:
# - ./elasticsearch/certs:/usr/share/kibana/config/certs
# - ./elasticsearch/kibanadata:/usr/share/kibana/data
# ports:
# - ${KIBANA_PORT}:5601
# networks:
# - ${NETWORK_NAME}
# environment:
# - SERVERNAME=kibana
# - ELASTICSEARCH_HOSTS=https://es:9200
# - ELASTICSEARCH_USERNAME=kibana_system
# - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
# - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
# - SERVER_BASEPATH="/kibana"
# mem_limit: ${ES_MEM_LIMIT}
# healthcheck:
# test:
# [
# "CMD-SHELL",
# "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
# ]
# interval: 10s
# timeout: 10s
# retries: 120
networks:
devkit:
name: ${NETWORK_NAME}
driver: bridge
# restart: true

25
elasticsearch/.env
View File

@ -1,25 +0,0 @@
# Password for the 'elastic' user (at least 6 characters)
ELASTIC_PASSWORD=helloworld
# Password for the 'kibana_system' user (at least 6 characters)
KIBANA_PASSWORD=helloworld
# Version of Elastic products
STACK_VERSION=8.14.2
# Set the cluster name
CLUSTER_NAME=docker-cluster
# Set to 'basic' or 'trial' to automatically start the 30-day trial
LICENSE=basic
# Port to expose Elasticsearch HTTP API to the host
ES_PORT=9200
#ES_PORT=127.0.0.1:9200
# Port to expose Kibana to the host
KIBANA_PORT=5601
#KIBANA_PORT=80
# Increase or decrease based on the available host memory (in bytes)
MEM_LIMIT=1073741824

46
elasticsearch/README.md
View File

@ -1,46 +0,0 @@
# docker-es-kibana
可以一键部署启动的容器化elasticsearch和kibana服务
## 说明
由于网络原因本项目没有使用elastic官方镜像源而是引用quay.io源目前只支持`8.14.2`版本,镜像内容与官方完全一致,未做任何修改。
## 用法
在elastic.env文件中配置环境变量
```ini
# Password for the 'elastic' user (at least 6 characters)
ELASTIC_PASSWORD=password-for-elastic
# Password for the 'kibana_system' user (at least 6 characters)
KIBANA_PASSWORD=password-for-kibana_system
# Version of Elastic products
STACK_VERSION=8.14.2
# Set the cluster name
CLUSTER_NAME=docker-cluster
# Set to 'basic' or 'trial' to automatically start the 30-day trial
LICENSE=basic
#LICENSE=trial
# Port to expose Elasticsearch HTTP API to the host
ES_PORT=9200
#ES_PORT=127.0.0.1:9200
# Port to expose Kibana to the host
KIBANA_PORT=5601
#KIBANA_PORT=80
# Increase or decrease based on the available host memory (in bytes)
MEM_LIMIT=1073741824
```
启动容器
```sh
docker compose up -d
```

124
elasticsearch/docker-compose.yml
View File

@ -1,124 +0,0 @@
services:
es-setup:
image: quay.io/wandoubaba517/elasticsearch:${STACK_VERSION}
volumes:
- ./certs:/usr/share/elasticsearch/config/certs
user: "0"
command: >
bash -c '
if [ x${ELASTIC_PASSWORD} == x ]; then
echo "Set the ELASTIC_PASSWORD environment variable in the .env file";
exit 1;
elif [ x${KIBANA_PASSWORD} == x ]; then
echo "Set the KIBANA_PASSWORD environment variable in the .env file";
exit 1;
fi;
if [ ! -f config/certs/ca.zip ]; then
echo "Creating CA";
bin/elasticsearch-certutil ca --silent --pem -out config/certs/ca.zip;
unzip config/certs/ca.zip -d config/certs;
fi;
if [ ! -f config/certs/certs.zip ]; then
echo "Creating certs";
echo -ne \
"instances:\n"\
" - name: es\n"\
" dns:\n"\
" - es\n"\
" - localhost\n"\
" ip:\n"\
" - 127.0.0.1\n"\
> config/certs/instances.yml;
bin/elasticsearch-certutil cert --silent --pem -out config/certs/certs.zip --in config/certs/instances.yml --ca-cert config/certs/ca/ca.crt --ca-key config/certs/ca/ca.key;
unzip config/certs/certs.zip -d config/certs;
fi;
echo "Setting file permissions"
chown -R root:root config/certs;
find . -type d -exec chmod 750 \{\} \;;
find . -type f -exec chmod 640 \{\} \;;
echo "Waiting for Elasticsearch availability";
until curl -s --cacert config/certs/ca/ca.crt https://es:9200 | grep -q "missing authentication credentials"; do sleep 30; done;
echo "Setting kibana_system password";
until curl -s -X POST --cacert config/certs/ca/ca.crt -u "elastic:${ELASTIC_PASSWORD}" -H "Content-Type: application/json" https://es:9200/_security/user/kibana_system/_password -d "{\"password\":\"${KIBANA_PASSWORD}\"}" | grep -q "^{}"; do sleep 10; done;
echo "All done!";
'
healthcheck:
test: ["CMD-SHELL", "[ -f config/certs/es/es.crt ]"]
interval: 1s
timeout: 5s
retries: 120
es:
depends_on:
es-setup:
condition: service_healthy
image: quay.io/wandoubaba517/elasticsearch:${STACK_VERSION}
container_name: es
restart: always
volumes:
- ./certs:/usr/share/elasticsearch/config/certs
- ./esdata:/usr/share/elasticsearch/data
- ./eslogs:/usr/share/elasticsearch/logs
- ./plugins/ik:/usr/share/elasticsearch/plugins/ik
ports:
- ${ES_PORT}:9200
environment:
- node.name=es
- cluster.name=${CLUSTER_NAME}
- cluster.initial_master_nodes=es
- ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
- bootstrap.memory_lock=true
- xpack.security.enabled=true
- xpack.security.http.ssl.enabled=true
- xpack.security.http.ssl.key=certs/es/es.key
- xpack.security.http.ssl.certificate=certs/es/es.crt
- xpack.security.http.ssl.certificate_authorities=certs/ca/ca.crt
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.key=certs/es/es.key
- xpack.security.transport.ssl.certificate=certs/es/es.crt
- xpack.security.transport.ssl.certificate_authorities=certs/ca/ca.crt
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.license.self_generated.type=${LICENSE}
mem_limit: ${MEM_LIMIT}
ulimits:
memlock:
soft: -1
hard: -1
healthcheck:
test:
[
"CMD-SHELL",
"curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
]
interval: 10s
timeout: 10s
retries: 120
kibana:
depends_on:
es:
condition: service_healthy
image: quay.io/wandoubaba517/kibana:${STACK_VERSION}
container_name: kibana
restart: always
volumes:
- ./certs:/usr/share/kibana/config/certs
- ./kibanadata:/usr/share/kibana/data
ports:
- ${KIBANA_PORT}:5601
environment:
- SERVERNAME=kibana
- ELASTICSEARCH_HOSTS=https://es:9200
- ELASTICSEARCH_USERNAME=kibana_system
- ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
- ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=config/certs/ca/ca.crt
mem_limit: ${MEM_LIMIT}
healthcheck:
test:
[
"CMD-SHELL",
"curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
]
interval: 10s
timeout: 10s
retries: 120

BIN
elasticsearch/plugins/ik/.DS_Store vendored
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/commons-codec-1.11.jar
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/commons-logging-1.2.jar
View File

Binary file not shown.

13
elasticsearch/plugins/ik/config/IKAnalyzer.cfg.xml
View File

@ -1,13 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
<comment>IK Analyzer 扩展配置</comment>
<!--用户可以在这里配置自己的扩展字典 -->
<entry key="ext_dict"></entry>
<!--用户可以在这里配置自己的扩展停止词字典-->
<entry key="ext_stopwords"></entry>
<!--用户可以在这里配置远程扩展字典 -->
<!-- <entry key="remote_ext_dict">words_location</entry> -->
<!--用户可以在这里配置远程扩展停止词字典-->
<!-- <entry key="remote_ext_stopwords">words_location</entry> -->
</properties>

398716
elasticsearch/plugins/ik/config/extra_main.dic
View File

File diff suppressed because it is too large Load Diff

12638
elasticsearch/plugins/ik/config/extra_single_word.dic
View File

File diff suppressed because it is too large Load Diff

12638
elasticsearch/plugins/ik/config/extra_single_word_full.dic
View File

File diff suppressed because it is too large Load Diff

2714
elasticsearch/plugins/ik/config/extra_single_word_low_freq.dic
View File

File diff suppressed because it is too large Load Diff

31
elasticsearch/plugins/ik/config/extra_stopword.dic
View File

@ -1,31 +0,0 @@
也
使

275909
elasticsearch/plugins/ik/config/main.dic
View File

File diff suppressed because it is too large Load Diff

25
elasticsearch/plugins/ik/config/preposition.dic
View File

@ -1,25 +0,0 @@
使

316
elasticsearch/plugins/ik/config/quantifier.dic
View File

@ -1,316 +0,0 @@
世纪
位数
像素
克拉
公亩
公克
公分
公升
公尺
公担
公斤
公里
公顷
分钟
分米
加仑
千克
千米
厘米
周年
小时
平方
平方公尺
平方公里
平方分米
平方厘米
平方码
平方米
平方英寸
平方英尺
平方英里
平米
年代
年级
月份
毫升
毫米
毫克
海里
点钟
盎司
秒钟
立方公尺
立方分米
立方厘米
立方码
立方米
立方英寸
立方英尺
英亩
英寸
英尺
英里
阶段

33
elasticsearch/plugins/ik/config/stopword.dic
View File

@ -1,33 +0,0 @@
a
an
and
are
as
at
be
but
by
for
if
in
into
is
it
no
not
of
on
or
such
that
the
their
then
there
these
they
this
to
was
will
with

37
elasticsearch/plugins/ik/config/suffix.dic
View File

@ -1,37 +0,0 @@
斯基
维奇
诺夫

131
elasticsearch/plugins/ik/config/surname.dic
View File

@ -1,131 +0,0 @@
丁
万俟
上官
东方
令狐
仲孙
公冶
公孙
公羊
单于
司徒
司空
司马
夏侯
太叔
宇文
宗政
尉迟
慕容
欧阳
淳于
澹台
濮阳
申屠
皇甫
诸葛
赫连
轩辕
钟离
长孙
闻人
闾丘
鲜于

BIN
elasticsearch/plugins/ik/elasticsearch-analysis-ik-8.14.2.jar
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/httpclient-4.5.13.jar
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/httpcore-4.4.13.jar
View File

Binary file not shown.

BIN
elasticsearch/plugins/ik/ik-core-1.0.jar
View File

Binary file not shown.

56
elasticsearch/plugins/ik/plugin-descriptor.properties
View File

@ -1,56 +0,0 @@
# Elasticsearch plugin descriptor file
# This file must exist as 'plugin-descriptor.properties' at
# the root directory of all plugins.
#
# A plugin can be 'site', 'jvm', or both.
#
### example site plugin for "foo":
#
# foo.zip <-- zip file for the plugin, with this structure:
# _site/ <-- the contents that will be served
# plugin-descriptor.properties <-- example contents below:
#
# site=true
# description=My cool plugin
# version=1.0
#
### example jvm plugin for "foo"
#
# foo.zip <-- zip file for the plugin, with this structure:
# <arbitrary name1>.jar <-- classes, resources, dependencies
# <arbitrary nameN>.jar <-- any number of jars
# plugin-descriptor.properties <-- example contents below:
#
# jvm=true
# classname=foo.bar.BazPlugin
# description=My cool plugin
# version=2.0.0-rc1
# elasticsearch.version=2.0
# java.version=1.7
#
### mandatory elements for all plugins:
#
# 'description': simple summary of the plugin
description=IK Analyzer for Elasticsearch
#
# 'version': plugin's version
version=8.14.2
#
# 'name': the plugin name
name=analysis-ik
#
# 'classname': the name of the class to load, fully-qualified.
classname=com.infinilabs.ik.elasticsearch.AnalysisIkPlugin
#
# 'java.version' version of java the code is built against
# use the system property java.specification.version
# version string must be a sequence of nonnegative decimal integers
# separated by "."'s and may have leading zeros
java.version=1.8
#
# 'elasticsearch.version' version of elasticsearch compiled against
# You will have to release a new version of the plugin for each new
# elasticsearch release. This version is checked when the plugin
# is loaded so Elasticsearch will refuse to start in the presence of
# plugins with the incorrect elasticsearch.version.
elasticsearch.version=8.14.2

4
elasticsearch/plugins/ik/plugin-security.policy
View File

@ -1,4 +0,0 @@
grant {
// needed because of the hot reload functionality
permission java.net.SocketPermission "*", "connect,resolve";
};

15
minio/config.env Normal file
View File

@ -0,0 +1,15 @@
# MINIO_ROOT_USER and MINIO_ROOT_PASSWORD sets the root account for the MinIO server.
# This user has unrestricted permissions to perform S3 and administrative API operations on any resource in the deployment.
# Omit to use the default values 'minioadmin:minioadmin'.
# MinIO recommends setting non-default values as a best practice, regardless of environment
MINIO_ROOT_USER=hello
MINIO_ROOT_PASSWORD=helloworld
# MINIO_VOLUMES sets the storage volume or path to use for the MinIO server.
MINIO_VOLUMES="/mnt/data"
# MINIO_OPTS sets any additional commandline options to pass to the MinIO server.
# For example, `--console-address :9001` sets the MinIO Console listen port
MINIO_OPTS="--console-address :9001"

39
mongo/README.md
View File

@ -1,39 +0,0 @@
# docker-mongo
A docker based mongodb server.
## Usage
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-mongo.git
cd docker-mongo
docker compose up -d
```
## Configuration
### Password
Edit `docker-compose.yml`:
```yml
MONGO_INITDB_ROOT_USERNAME: username
MONGO_INITDB_ROOT_PASSWORD: password
```
### Port
Edit `conf/mongod.conf`:
```conf
net:
port: 27017
```
### Timezone
Edit `docker-compose.yml`
```yml
TZ: Asia/Shanghai
```

111
nginx/README.md
View File

@ -1,111 +0,0 @@
# docker-nginx
基于docker实现的nginx服务
## 使用方法
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-nginx.git
cd docker-nginx
docker compose up -d
```
服务启停方法
```sh
# 停止服务
./service stop
# 启动服务
./service start
# 重启服务service脚本中的容器名称要与docker-compose.yml文件中的容器名称对应
./service restart
# 重载配置
./service reload
# 服务状态
./service status
```
## 配置
- 在`docker-compose.yml`中可以修改容器名称。
- `conf/conf.d/default.conf`文件是默认站点的配置文件。
- 在`conf/conf.d/`中可以创建多个站点的配置文件,注意相互之间的域名和端口号不要同时冲突。
## SSL配置
以域名`nice.ali02.wandoubaba.com`为例。
创建文件`conf/conf.d/nice.ali02.wandoubaba.com.conf`,文件内容参考如下:
```conf
server {
listen 443 ssl;
server_name ali02.wandoubaba.com;
ssl_certificate /etc/nginx/certs/ali02_wandoubaba_com_cert.pem; # 证书文件路径
ssl_certificate_key /etc/nginx/certs/ali02_wandoubaba_com_key.pem; # 私钥文件路径
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
# 下面这行可以解决vue网页刷新后404的问题但会将所有不存在的url转到index.html上
# try_files $uri $uri/ /index.html last;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
```
其中`/etc/nginx/certs/`这个路径是容器内的路径,对应宿主机中的`conf/certs/`目录,所以我们要确保在`conf/certs`目录内存在`ali02_wandoubaba_com_cert.pem`和`ali02_wandoubaba_com_key.pem`这两个文件。至于这两个文件的来源应该来自于SSL证书的提供商文件名和文件后缀或许会不同。
### ACME自动部署SSL证书
下面我们以`freessl.cn`平台上的免费证书为例,可以通过`acme`实现证书自动化部署和续签,仍以`nice.ali02.wandoubaba.com`为例:
| 条件 | 具体值 |
|---|---|
|证书平台|freessl.cn|
|域名|nice.ali02.wandoubaba.com|
|证书文件路径(宿主机上的绝对路径)|`/app/nginx/conf/certs/nice_ali02_wandoubaba_com_cert.pem`|
|证书私钥文件路径(宿主机上的绝对路径)|`/app/nginx/conf/certs/nice_ali02_wandoubaba_com_key.pem`|
安装`acme.sh`工具:
```sh
curl https://get.acme.sh | sh -s email=my@example.com
```
安装完成后需要退出终端重新进入一次。
接下来可以使用`acme.sh`命令实现证书自动化部署了,命令示例:
```sh
acme.sh --install-cert \
-d nice.ali02.wandoubaba.com \
--key-file /app/nginx/conf/certs/nice_ali02_wandoubaba_com_key.pem \
--fullchain-file /app/nginx/conf/certs/nice_ali02_wandoubaba_com_cert.pem \
--reloadcmd "/app/nginx/service reload"
```
## 最佳实践
建议不要在本项目的目录中加入任何业务文件本项目做为单独目录只提供nginx服务。
本项目目录完全可以交给运维人员维护,前后端程序员只专注于各自的业务项目,由运维人员做好代理和转发。

2
portainer/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
*
!.gitignore

56
postgres/README.md
View File

@ -1,56 +0,0 @@
# docker启动的postgres服务
## 使用说明
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-postgres.git
cd docker-postgress
# chmod +x start
./start
```
执行结果为启动一个名为postgres的容器其中运行了postgres服务默认端口号为5432默认用户postgres默认密码123456默认数据库postgres
## 脚本工具
> 所有脚本在执行之前都需要确保具有可执行权限。
|脚本|作用|用法|
|---|---|---|
|start|启动服务|./start|
|stop|停止服务|./stop|
|fulldump|对指定数据库执行全量备份通过pg_dump实现其中<days>参数的作用是清除多少天之前的备份默认值是15天|./fulldump <database> <days>|
|clear|危险!!!清空所有数据、备份、日志等文件|./clear|
## 修改默认值
- 如何修改端口号?
在`conf/postgresql.conf`中找到`port = 5432`一行,修改(需要使用`start`脚本重启后才会生效)。
- 如何修改密码?
在`docker-compose.yml`中修改环境变量`POSTGRES_PASSWORD`的值。
- 如何修改默认用户?
在`docker-compose.yml`中设置环境变量`POSTGRES_USER`fulldump脚本中的脚本可能需要修改
- 如何修改默认数据库?
在`docker-compose.yml`中设置环境变量`POSTGRES_DB`fulldump脚本中的脚本可能需要修改
### 修改配置文件
通过start脚本启动服务时会自动将conf目录下的配置文件应用到容器内而配置文件中的大部分配置项都需要重启服务才会生效因些建议每次都直接修改conf目录中的配置文件然后再执行`./stop && ./start`重启服务。
## 定时备份
手动调用`fulldump`脚本可以实时备份数据库,将`fulldump`脚本加入到系统crontab定时任务中即可实现定时备份。
下面是一个示例:
```conf
# 每天1点备份postgres数据库并清除15天前的备份
0 1 * * * bash /app/dev/postgres/fulldump postgres 15
```

51
rabbitmq/README.md
View File

@ -1,51 +0,0 @@
# 基于docker启动的rabbitmq服务
## 镜像
`quay.io/wandoubaba517/rabbitmq:3.13.4`
这个镜像是基于Docker Hub上的官方`rabbitmq:3.13.4`制作,安装并开启了了`rabbitmq_delayed_message_exchange`插件,开启了`rabbitmq_stomp`服务。
支持`amd64`架构和`arm64`架构。
## 配置默认用户名密码
在首次启动前修改`conf/conf.d/10-defaults.conf`文件中的`default_user`和`default_password`,会自动创建用户。
## 启动服务
```sh
./start
```
启动脚本内容如下:
```sh
docker run -d \
-p 5672:5672 \
-p 15672:15672 \
-p 61613:61613 \
-v ./data:/var/lib/rabbitmq/mnesia \
-v ./conf/conf.d:/etc/rabbitmq/conf.d \
--hostname rabbitmq \
--name rabbitmq \
quay.io/wandoubaba517/rabbitmq:3.13.4
```
## 停止服务
用`docker stop <container_name>`或者`docker rm -f <container_name>`即可。
## 数据持久化
将容器的`/var/lib/rabbitmq/mnesia`目录映射到`./data`目录。
## 默认端口
|端口|协议/服务说明|
|---|---|
|5672|amqp|
|15672|web管理后台|
|25672|集群通信|
|61613|stomp|
|15674|web-stomp|

2
rabbitmq/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
*
!.gitignore

46
redis/README.md
View File

@ -1,46 +0,0 @@
# docker-redis
基于docker启动的redis服务
## 用法
```sh
git clone https://git.wandoubaba.com/wandoubaba/docker-redis.git
cd docker-redis
./service start
```
## 服务控制
```sh
# 启动
./service start
# 停止
./service stop
# 重启
./service restart
# 查看状态
./service status
```
## 配置
- 容器名称
在`docker-compose.yml`中设置容器名称,同时在`redis-cli`脚本和`service`脚本中修改对应的容器名称。
- 服务端口号
在`redis.conf`中修改`port 6379`一行,修改后需要重启服务生效。
- 连接密码
在`redis.conf`中修改`requirepass 123456`一行,修改后需要重启服务生效。
- 其他配置
在`redis.conf`中修改其他配置。
## 客户端
`redis-cli`脚本就是调用容器内的`redis-cli`工具实现客户端连接的,用法与`redis-cli`工具相同。

2
redis/data/.gitignore vendored
View File

@ -1,2 +0,0 @@
*
!.gitignore

0
elasticsearch/certs/.gitignore → storage/minio/.gitignore vendored Normal file → Executable file
View File

0
elasticsearch/esdata/.gitignore → storage/mongo/.gitignore vendored
View File

0
elasticsearch/eslogs/.gitignore → storage/pgadmin/.gitignore vendored Normal file → Executable file
View File

0
elasticsearch/kibanadata/.gitignore → storage/portainer/.gitignore vendored
View File

0
postgres/data/.gitignore → storage/postgres/.gitignore vendored Normal file → Executable file
View File

0
minio/data/.gitignore → storage/rabbitmq/.gitignore vendored Normal file → Executable file
View File

0
mongo/data/.gitignore → storage/redis/.gitignore vendored Normal file → Executable file
View File