sunpeng
/
docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xx

This commit is contained in:
孙小云 2025-05-16 10:57:00 +08:00
parent 8452b38d5f
commit 638b0f1b15
19 changed files with 633 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
builder/Dockerfile Normal file
View File

@ -0,0 +1,22 @@
# 使用一个基础镜像
#FROM openjdk:11-jre-slim
FROM tuoheng/centos:base
USER th
# 定义构建参数
ARG SW_APP_NAME
ARG SW_SKY_AOP
# 设置工作目录
WORKDIR /data/java/tuoheng
COPY apache-skywalking-java-agent-9.0.0.tgz .
RUN tar -zxvf apache-skywalking-java-agent-9.0.0.tgz
#复制应用程序到容器中
COPY tuoheng.jar .
# 设置环境变量
ENV PATH="/usr/java/jdk/bin:${PATH}"
ENV SW_AGENT_COLLECTOR_BACKEND_SERVICES="${SW_SKY_AOP}" \
SW_AGENT_NAME="${SW_APP_NAME}"
#暴露应用程序的端口
#EXPOSE 8090
# 运行应用程序
ENTRYPOINT ["java", "-Dfile.encoding=UTF-8","-javaagent:/data/java/tuoheng/skywalking-agent/skywalking-agent.jar","-jar","tuoheng.jar"]

22
builder/builder.sh Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
# This script builds the Docker image
# 读取第一个参数
if [ $# -ne 3 ]; then
echo "错误:调用该脚本时必须传入 3 个参数 分别为服务名 镜像名 包名"
exit 1
fi
echo "服务名: $1 Image $2 Java包: $3"
rm tuoheng.jar
cp $3 tuoheng.jar
source ../environment.sh
#docker service rm $APP_NAME
sleep 5
docker container prune -f
sleep 5
cp /data/java/apache-skywalking-java-agent-9.0.0.tgz apache-skywalking-java-agent-9.0.0.tgz
docker image rm $2
docker build --no-cache \
--build-arg SW_APP_NAME=$1 \
--build-arg SW_SKY_AOP=$SKY_AOP \
-t $2 . # 注意末尾的 `.` 表示当前路径
docker push $2

4
builder/gateway.sh Executable file
View File

@ -0,0 +1,4 @@
source ../environment.sh
rm $GATEWAY_JAR
cp $GATEWAY_REMOTE_JAR $GATEWAY_JAR
./builder.sh $GATEWAY_NAME $GATEWAY_IMAGE $GATEWAY_JAR

4
builder/oidcadmin.sh Executable file
View File

@ -0,0 +1,4 @@
source ../environment.sh
rm $OIDC_ADMIN_JAR
cp $OIDC_ADMIN_REMOTE_JAR $OIDC_ADMIN_JAR
./builder.sh $OIDC_ADMIN_NAME $OIDC_ADMIN_IMAGE $OIDC_ADMIN_JAR

4
builder/oidcservice.sh Executable file
View File

@ -0,0 +1,4 @@
source ../environment.sh
rm $OIDC_SERVER_JAR
cp $OIDC_SERVER_REMOTE_JAR $OIDC_SERVER_JAR
./builder.sh $OIDC_SERVER_NAME $OIDC_SERVER_IMAGE $OIDC_SERVER_JAR

21
nginx/temp_vhosts/consul.conf Normal file
View File

@ -0,0 +1,21 @@
server {
listen 80;
listen 443 ssl;
server_name consul-bazhong.t-aaron.com;
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://CONSUL_bazhong:8500;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

23
nginx/temp_vhosts/oidcservice.conf Normal file
View File

@ -0,0 +1,23 @@
server {
listen 80;
listen 443 ssl;
server_name oidc-bazhong.t-aaron.com;
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://OIDC_SERVER_bazhong:8090;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

21
nginx/temp_vhosts/xxljob.conf Normal file
View File

@ -0,0 +1,21 @@
server {
listen 80;
listen 443 ssl;
server_name xxljob-bazhong.t-aaron.com;
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://XXL_JOB_bazhong:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

4
nginx/vhosts/consul.conf
View File

@ -2,7 +2,7 @@
server {
listen 80;
listen 443 ssl;
server_name consul-bazhong.t-aaron.com;
server_name ${CONSUL_DOMAIN};
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
@ -12,7 +12,7 @@ server {
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://CONSUL_bazhong:8500;
proxy_pass http://${CONSUL_NAME}:8500;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

4
nginx/vhosts/oidcservice.conf
View File

@ -2,7 +2,7 @@
listen 80;
listen 443 ssl;
server_name oidc-bazhong.t-aaron.com;
server_name ${OIDC_DOMAIN};
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
@ -14,7 +14,7 @@
location / {
proxy_pass http://OIDC_SERVER_bazhong:8090;
proxy_pass http://${OIDC_SERVER_NAME}:8090;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

4
nginx/vhosts/sky.conf
View File

@ -1,7 +1,7 @@
server {
listen 80;
listen 443 ssl;
server_name sky-bazhong.t-aaron.com;
server_name ${SKYWALKING_UI_DOMAIN};
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
@ -12,7 +12,7 @@
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://SKYWALKING_UI_bazhong:8080;
proxy_pass http://${SKYWALKING_UI_NAME}:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

4
nginx/vhosts/xxljob.conf
View File

@ -1,7 +1,7 @@
server {
listen 80;
listen 443 ssl;
server_name xxljob-bazhong.t-aaron.com;
server_name ${XXL_JOB_DOMAIN};
# SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
@ -11,7 +11,7 @@ server {
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://XXL_JOB_bazhong:8080;
proxy_pass http://${XXL_JOB_NAME}:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

156
start/gateway/application.yml Normal file
View File

@ -0,0 +1,156 @@
server:
port: 7011
main:
allow-bean-definition-overriding: true
web-application-typpse: reactive
management:
endpoints:
web:
exposure:
include: prometheus,health
metrics:
tags:
application: tuoheng-gateway
spring:
application:
name: tuoheng-gateway
security:
oauth2:
resource-server:
jwt:
issuer-uri: https://${OIDC_SERVER_DOMAIN}:${NGINX_HTTPS_PORT}
cloud:
consul:
host: ${CONSUL_NAME} # consul 所在服务地址
port: 8500 # consul 服务端口
discovery:
enabled: true #默认true。Consul Discovery Client是否注册到注册中心。和register同时设置成false就不需要起consul服务。
register: true #是否将服务注册到Consul集群中心.。这个参数和上面的enabled参数同时设置成false应用才不会注册注册中心才可以不起consul服务
deregister: true #默认true服务停止时注销服务即从服务列表中删除。设置成false的话
## consul ip地址
hostname: ${CONSUL_NAME}
# 注册到consul的服务名称
service-name: ${spring.application.name} # 服务提供者名称,注册在consul上面的名字在consul的调用中是通过此名字调用的。默认服务名,不要改
instance-id: ${spring.application.name}:${spring.cloud.client.ip-address}:${server.port} #实例ID
heartbeat:
enabled: true
prefer-ip-address: true #表示注册时使用IP而不是hostname
health-check-path: /actuator/health #健康检查
health-check-interval: 10s #配置 Consul 健康检查频率,也就是心跳频率。
health-check-timeout: 10s #健康检查超时
gateway:
httpclient:
websocket:
max-frame-payload-length: 10485760 # 单次通信提交最大数据库设置成10MB
discovery:
locator:
lowerCaseServiceId: true
enabled: true
# 跨域设置
globalcors:
add-to-simple-url-handler-mapping: true
cors-configurations:
'[/**]':
allowedOrigins:
- "http://localhost:8001"
allowedMethods:
- "GET"
- "POST"
- "DELETE"
- "PUT"
- "OPTIONS"
allowedHeaders: "*"
allowCredentials: true
maxAge: 360000
routes:
# 后台管理
- id: tuoheng-dsp-admin
uri: http://dsp-admin:9014
predicates:
- Path=/api/admin/**
filters:
- StripPrefix=2
# 网站服务
- id: tuoheng-dsp-portal
uri: http://dsp-portal:9017
predicates:
- Path=/api/portal/**
filters:
- StripPrefix=2
# DSP小程序服务
- id: tuoheng-dsp-miniprogram
uri: http://dsp-mini:9016
predicates:
- Path=/api/miniprogram/**
filters:
- StripPrefix=2
# DSP api服务
- id: tuoheng-dsp-api
uri: http://dsp-api:9015
predicates:
- Path=/api/web/**
filters:
- StripPrefix=2
# DSP 巡检云
- id: tuoheng-dsp-inspection
uri: http://dsp-inspection:9018
predicates:
- Path=/api/inspection/**
filters:
- StripPrefix=2
# hhz admin服务
- id: tuoheng-hhz-admin
uri: http://hhz-admin:9055
predicates:
- Path=/hhz/admin/**
filters:
- StripPrefix=2
# hhz 小程序服务
- id: tuoheng-hhz-api
uri: http://hhz-api:9056
predicates:
- Path=/hhz/api/**
filters:
- StripPrefix=2
# Redis数据源
redis:
# 缓存库默认索引0
database: 0
# Redis服务器地址
host: ${REDIS_NAME}
# Redis服务器连接端口
port: 6379
# Redis服务器连接密码默认为空
password:
# 连接超时时间(毫秒)
timeout: 6000
# 默认的数据过期时间主要用于shiro权限管理
expire: 2592000
jedis:
pool:
max-active: 1000 # 连接池最大连接数(使用负值表示没有限制)
max-wait: -1 # 连接池最大阻塞等待时间(使用负值表示没有限制)
max-idle: 10 # 连接池中的最大空闲连接
min-idle: 1 # 连接池中的最小空闲连接
#security放行白名单配置
security:
ignore:
permitUrls: /api/system/demo/msg
oauthUrls: /api/system/demo/hello,/api/portal/serviceInst/*/getServiceInstParam/*,/api/portal/serviceInst/*/getServiceInstCaseUrl/*,/api/portal/serviceInst/*/*/application,/api/portal/serviceInst/*/*/questionList,/api/miniprogram/serviceInst/*/getServiceInstParam/*,/api/miniprogram/serviceInst/*/getServiceInstCaseUrl/*,/api/miniprogram/serviceInst/*/*/application,/api/miniprogram/serviceInst/*/*/questionList
# 获取 apiUrl 可访问的 roleIdList
tuoheng:
hhz-admin-perUrl: http://hhz-admin:9055/permission/getRoleIdList
airport-admin-perUrl: http://airport:9060/permission/getRoleIdList
freeway-admin-perUrl: http://freeway-admin:9117/permission/getRoleIdList
waterway-admin-perUrl: https://waterway.t-aaron.com/permission/getRoleIdList
airmonitor-admin-perUrl: http://airmonitor-admin:9130/permission/getRoleIdList
weptsp-admin-perUrl: http://weptsp-admin:9140/permission/getRoleIdList
telecomumale-admin-perUrl: http://telecomumale-admin:9150/permission/getRoleIdList
alert-admin-perUrl: https://alert.t-aaron.com/permission/getRoleIdList
spacetime-admin-perUrl: https://spacetime.t-aaron.com/permission/getRoleIdList
digitaltwin-admin-perUrl: https://digitaltwin.t-aaron.com/permission/getRoleIdList
dmp-admin-perUrl: https://dmp.t-aaron.com/permission/getRoleIdList
lacs-admin-perUrl: https://lacs.t-aaron.com/permission/getRoleIdList

56
start/gateway/replace_vars.sh Executable file
View File

@ -0,0 +1,56 @@
#!/bin/bash
# 确保在脚本所在目录执行
cd "$(dirname "$0")"
SCRIPT_DIR="$(pwd)"
echo "当前工作目录: $SCRIPT_DIR"
# 获取项目根目录
ROOT_DIR="$(cd ../.. && pwd)"
echo "项目根目录: $ROOT_DIR"
# 加载环境变量
source "$ROOT_DIR/environment.sh"
echo "开始替换Gateway配置文件中的环境变量..."
# 定义源配置文件和目标目录
SOURCE_FILE="$SCRIPT_DIR/application.yml"
TEMP_DIR="$SCRIPT_DIR/temp"
TARGET_FILE="$TEMP_DIR/application.yml"
# 检查源配置文件是否存在
if [ ! -f "$SOURCE_FILE" ]; then
echo "错误: 配置文件 $SOURCE_FILE 不存在!"
exit 1
fi
# 创建临时目录
rm -rf "$TEMP_DIR"
mkdir -p "$TEMP_DIR"
echo "处理文件: application.yml"
# 读取原始文件内容
content=$(cat "$SOURCE_FILE")
# 获取environment.sh中所有环境变量
env_vars=$(grep -E "^export [A-Z_]+" "$ROOT_DIR/environment.sh" | sed 's/export //')
# 逐个替换环境变量
for var in $env_vars; do
var_name=$(echo $var | cut -d= -f1)
var_value=${!var_name}
if [ ! -z "$var_value" ]; then
# 使用简单的变量替换方法
pattern="\\\${$var_name}"
echo " 替换变量: ${pattern} -> $var_value"
content=$(echo "$content" | sed "s|${pattern}|$var_value|g")
fi
done
# 写入处理后的内容到目标文件
echo "$content" > "$TARGET_FILE"
echo "环境变量替换完成! 替换后的文件位于 $TARGET_FILE"
echo "此文件将在启动Gateway容器时使用"

55
start/gateway/start.sh Executable file
View File

@ -0,0 +1,55 @@
#!/bin/bash
# 确保在脚本所在目录执行
cd "$(dirname "$0")"
SCRIPT_DIR="$(pwd)"
echo "当前工作目录: $SCRIPT_DIR"
# 获取项目根目录
ROOT_DIR="$(cd ../.. && pwd)"
echo "项目根目录: $ROOT_DIR"
# 加载环境变量
source "$ROOT_DIR/environment.sh"
echo "已加载环境变量"
# 执行变量替换脚本
echo "开始替换环境变量..."
bash "$SCRIPT_DIR/replace_vars.sh"
# 检查替换是否成功
if [ ! -f "$SCRIPT_DIR/temp/application.yml" ]; then
echo "错误: 替换后的配置文件不存在: $SCRIPT_DIR/temp/application.yml"
exit 1
fi
echo "配置文件替换成功准备启动Gateway容器..."
# 先停止和删除现有容器
if docker ps -a | grep -q ${GATEWAY_NAME}; then
echo "停止并删除已存在的 ${GATEWAY_NAME} 容器..."
docker stop ${GATEWAY_NAME} >/dev/null 2>&1
docker rm ${GATEWAY_NAME} >/dev/null 2>&1
fi
# 启动Gateway容器
echo "正在启动 ${GATEWAY_NAME} 容器..."
docker run --pull always -d \
--name ${GATEWAY_NAME} \
--network ${NETWORK} \
--env TZ=Asia/Shanghai \
--env SPRING_CONFIG_LOCATION=file:/data/java/tuoheng/application.yml \
--mount type=bind,source=/etc/localtime,target=/etc/localtime,readonly \
--mount type=bind,source="$SCRIPT_DIR/temp/application.yml",target=/data/java/tuoheng/application.yml,readonly \
--memory ${GATEWAY_MEMORY} \
--restart unless-stopped \
${GATEWAY_IMAGE}
# 检查启动结果
if [ $? -eq 0 ]; then
echo "Gateway服务已成功启动"
docker ps | grep ${GATEWAY_NAME}
else
echo "Gateway服务启动失败请检查日志"
docker logs ${GATEWAY_NAME}
fi

156
start/gateway/temp/application.yml Normal file
View File

@ -0,0 +1,156 @@
server:
port: 7011
main:
allow-bean-definition-overriding: true
web-application-typpse: reactive
management:
endpoints:
web:
exposure:
include: prometheus,health
metrics:
tags:
application: tuoheng-gateway
spring:
application:
name: tuoheng-gateway
security:
oauth2:
resource-server:
jwt:
issuer-uri: https://oidc-bazhong.t-aaron.com:2443
cloud:
consul:
host: CONSUL_bazhong # consul 所在服务地址
port: 8500 # consul 服务端口
discovery:
enabled: true #默认true。Consul Discovery Client是否注册到注册中心。和register同时设置成false就不需要起consul服务。
register: true #是否将服务注册到Consul集群中心.。这个参数和上面的enabled参数同时设置成false应用才不会注册注册中心才可以不起consul服务
deregister: true #默认true服务停止时注销服务即从服务列表中删除。设置成false的话
## consul ip地址
hostname: CONSUL_bazhong
# 注册到consul的服务名称
service-name: ${spring.application.name} # 服务提供者名称,注册在consul上面的名字在consul的调用中是通过此名字调用的。默认服务名,不要改
instance-id: ${spring.application.name}:${spring.cloud.client.ip-address}:${server.port} #实例ID
heartbeat:
enabled: true
prefer-ip-address: true #表示注册时使用IP而不是hostname
health-check-path: /actuator/health #健康检查
health-check-interval: 10s #配置 Consul 健康检查频率,也就是心跳频率。
health-check-timeout: 10s #健康检查超时
gateway:
httpclient:
websocket:
max-frame-payload-length: 10485760 # 单次通信提交最大数据库设置成10MB
discovery:
locator:
lowerCaseServiceId: true
enabled: true
# 跨域设置
globalcors:
add-to-simple-url-handler-mapping: true
cors-configurations:
'[/**]':
allowedOrigins:
- "http://localhost:8001"
allowedMethods:
- "GET"
- "POST"
- "DELETE"
- "PUT"
- "OPTIONS"
allowedHeaders: "*"
allowCredentials: true
maxAge: 360000
routes:
# 后台管理
- id: tuoheng-dsp-admin
uri: http://dsp-admin:9014
predicates:
- Path=/api/admin/**
filters:
- StripPrefix=2
# 网站服务
- id: tuoheng-dsp-portal
uri: http://dsp-portal:9017
predicates:
- Path=/api/portal/**
filters:
- StripPrefix=2
# DSP小程序服务
- id: tuoheng-dsp-miniprogram
uri: http://dsp-mini:9016
predicates:
- Path=/api/miniprogram/**
filters:
- StripPrefix=2
# DSP api服务
- id: tuoheng-dsp-api
uri: http://dsp-api:9015
predicates:
- Path=/api/web/**
filters:
- StripPrefix=2
# DSP 巡检云
- id: tuoheng-dsp-inspection
uri: http://dsp-inspection:9018
predicates:
- Path=/api/inspection/**
filters:
- StripPrefix=2
# hhz admin服务
- id: tuoheng-hhz-admin
uri: http://hhz-admin:9055
predicates:
- Path=/hhz/admin/**
filters:
- StripPrefix=2
# hhz 小程序服务
- id: tuoheng-hhz-api
uri: http://hhz-api:9056
predicates:
- Path=/hhz/api/**
filters:
- StripPrefix=2
# Redis数据源
redis:
# 缓存库默认索引0
database: 0
# Redis服务器地址
host: REDIS_bazhong
# Redis服务器连接端口
port: 6379
# Redis服务器连接密码默认为空
password:
# 连接超时时间(毫秒)
timeout: 6000
# 默认的数据过期时间主要用于shiro权限管理
expire: 2592000
jedis:
pool:
max-active: 1000 # 连接池最大连接数(使用负值表示没有限制)
max-wait: -1 # 连接池最大阻塞等待时间(使用负值表示没有限制)
max-idle: 10 # 连接池中的最大空闲连接
min-idle: 1 # 连接池中的最小空闲连接
#security放行白名单配置
security:
ignore:
permitUrls: /api/system/demo/msg
oauthUrls: /api/system/demo/hello,/api/portal/serviceInst/*/getServiceInstParam/*,/api/portal/serviceInst/*/getServiceInstCaseUrl/*,/api/portal/serviceInst/*/*/application,/api/portal/serviceInst/*/*/questionList,/api/miniprogram/serviceInst/*/getServiceInstParam/*,/api/miniprogram/serviceInst/*/getServiceInstCaseUrl/*,/api/miniprogram/serviceInst/*/*/application,/api/miniprogram/serviceInst/*/*/questionList
# 获取 apiUrl 可访问的 roleIdList
tuoheng:
hhz-admin-perUrl: http://hhz-admin:9055/permission/getRoleIdList
airport-admin-perUrl: http://airport:9060/permission/getRoleIdList
freeway-admin-perUrl: http://freeway-admin:9117/permission/getRoleIdList
waterway-admin-perUrl: https://waterway.t-aaron.com/permission/getRoleIdList
airmonitor-admin-perUrl: http://airmonitor-admin:9130/permission/getRoleIdList
weptsp-admin-perUrl: http://weptsp-admin:9140/permission/getRoleIdList
telecomumale-admin-perUrl: http://telecomumale-admin:9150/permission/getRoleIdList
alert-admin-perUrl: https://alert.t-aaron.com/permission/getRoleIdList
spacetime-admin-perUrl: https://spacetime.t-aaron.com/permission/getRoleIdList
digitaltwin-admin-perUrl: https://digitaltwin.t-aaron.com/permission/getRoleIdList
dmp-admin-perUrl: https://dmp.t-aaron.com/permission/getRoleIdList
lacs-admin-perUrl: https://lacs.t-aaron.com/permission/getRoleIdList

23
start/nginx.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
source ../environment.sh
# 检查并停止/删除已存在的容器
if docker ps -a | grep -q ${NGINX_NAME}; then
echo "停止并删除已存在的 ${NGINX_NAME} 容器..."
docker stop ${NGINX_NAME} >/dev/null 2>&1
docker rm ${NGINX_NAME} >/dev/null 2>&1
fi
# 启动Nginx容器
docker run --pull always -d \
--name ${NGINX_NAME} \
--network ${NETWORK} \
-p ${NGINX_HTTP_PORT}:80 \
-p ${NGINX_HTTPS_PORT}:443 \
--env TZ=Asia/Shanghai \
--memory ${NGINX_MEMORY} \
--restart unless-stopped \
${NGINX_IMAGE}
# 显示运行中的容器
docker ps

29
start/oidcadmin.sh Executable file
View File

@ -0,0 +1,29 @@
source ../environment.sh
if docker ps -a | grep -q ${OIDC_ADMIN_NAME}; then
echo "停止并删除已存在的 OIDC_ADMIN_NAME 容器..."
docker stop ${OIDC_ADMIN_NAME} >/dev/null 2>&1
docker rm ${OIDC_ADMIN_NAME} >/dev/null 2>&1
fi
docker run --pull always -d \
--name ${OIDC_ADMIN_NAME} \
--network ${NETWORK} \
--env SPRING_CLOUD_CONSUL_HOST=${CONSUL_NAME} \
--env SPRING_CLOUD_CONSUL_PORT=${CONSUL_PORT} \
--env SPRING_CLOUD_CONSUL_DISCOVERY_HOSTNAME=${OIDC_ADMIN_NAME} \
--env XXL_JOB_ADMIN_ADDRESSES=${XXLJOB_NAME}:${XXLJOB_PORT} \
--env XXL_ENABLE=false \
--env SPRING_REDIS_HOST=${REDIS_NAME} \
--env SPRING_REDIS_PORT=6379 \
--env SPRING_DATASOURCE_URL="jdbc:mysql://${MYSQL_NAME}:3306/tuoheng_oidc?useUnicode=true&characterEncoding=UTF-8&serverTimezone=GMT%2b8&useSSL=true&tinyInt1isBit=false" \
--env SPRING_DATASOURCE_USERNAME=root \
--env SPRING_DATASOURCE_PASSWORD=${MYSQL_ROOT_PASSWORD} \
--env TZ=Asia/Shanghai \
--env SPRING_KAFKA_COMMON_BOOTSTRAP-SERVERS=${KAFKA_NAME}:9092 \
--mount type=bind,source=/etc/localtime,target=/etc/localtime,readonly \
--memory ${OIDC_ADMIN_MEMORY} \
--restart unless-stopped \
${OIDC_ADMIN_IMAGE}

29
start/oidcservice.sh Executable file
View File

@ -0,0 +1,29 @@
source ../environment.sh
if docker ps -a | grep -q ${OIDC_SERVER_NAME}; then
echo "停止并删除已存在的 OIDC_SERVER_NAME 容器..."
docker stop ${OIDC_SERVER_NAME} >/dev/null 2>&1
docker rm ${OIDC_SERVER_NAME} >/dev/null 2>&1
fi
docker run --pull always -d \
--name ${OIDC_SERVER_NAME} \
--network ${NETWORK} \
--env SPRING_CLOUD_CONSUL_HOST=${CONSUL_NAME} \
--env SPRING_CLOUD_CONSUL_PORT=${CONSUL_PORT} \
--env SPRING_CLOUD_CONSUL_DISCOVERY_HOSTNAME=${OIDC_SERVER_NAME} \
--env XXL_JOB_ADMIN_ADDRESSES=${XXLJOB_NAME}:${XXLJOB_PORT} \
--env XXL_ENABLE=false \
--env SPRING_REDIS_HOST=${REDIS_NAME} \
--env SPRING_REDIS_PORT=6379 \
--env SPRING_DATASOURCE_URL="jdbc:mysql://${MYSQL_NAME}:3306/tuoheng_oidc?useUnicode=true&characterEncoding=UTF-8&serverTimezone=GMT%2b8&useSSL=true&tinyInt1isBit=false" \
--env SPRING_DATASOURCE_USERNAME=root \
--env SPRING_DATASOURCE_PASSWORD=${MYSQL_ROOT_PASSWORD} \
--env TZ=Asia/Shanghai \
--env SPRING_KAFKA_COMMON_BOOTSTRAP-SERVERS=${KAFKA_NAME}:9092 \
--mount type=bind,source=/etc/localtime,target=/etc/localtime,readonly \
--memory ${OIDC_SERVER_MEMORY} \
--restart unless-stopped \
${OIDC_SERVER_IMAGE}