sunpeng
/
docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

调度

This commit is contained in:
孙小云 2025-06-11 16:46:43 +08:00
parent 708ea83103
commit e5cde64b78
10 changed files with 73 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
bazhong.sh
View File

@ -1,5 +1,4 @@
#域名前缀 #域名前缀
#域名前缀
export VERSION=default export VERSION=default
export DOMAIN=bazhong export DOMAIN=bazhong
#域名后缀 #域名后缀
@ -22,19 +21,14 @@ export SRS_RTMP_PORT=1938
# Minio控制台对外爆露端口 # Minio控制台对外爆露端口
export MINIO_CONSOLE_PORT=9022 export MINIO_CONSOLE_PORT=9022
#这部分不用管
export HHZ_ADMIN_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/tuoheng_hhz_web/dist export HHZ_ADMIN_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/tuoheng_hhz_web/dist
export DSP_ADMIN_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/dsp-admin/dist export DSP_ADMIN_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/dsp-admin/dist
export AIRPORT_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/tuoheng_airport_web/dist export AIRPORT_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/tuoheng_airport_web/dist
export BUSINESS_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/business_web/dist export BUSINESS_WEB_DIST=/home/th/workspace/dockerbuilder/webs/bazhong/business_web/dist
#域名证书位置写在这边 #这部分不需要修改
#域名证书位置写在这边
export PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginx/vhosts/cert/t-aaron.com.pem
export KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginx/vhosts/cert/t-aaron.com.key
export SKYWALKING_UI_DOMAIN=sky.${DOMAIN_END} export SKYWALKING_UI_DOMAIN=sky.${DOMAIN_END}
export CONSUL_DOMAIN=consul.${DOMAIN_END} export CONSUL_DOMAIN=consul.${DOMAIN_END}
export XXLJOB_DOMAIN=xxljob.${DOMAIN_END} export XXLJOB_DOMAIN=xxljob.${DOMAIN_END}
@ -47,4 +41,22 @@ export BUSINESS_DOMAIN=business.${DOMAIN_END}
export SRS_DOMAIN=srs.${DOMAIN_END} export SRS_DOMAIN=srs.${DOMAIN_END}
export HHZ_DOMAIN=hhz.${DOMAIN_END} export HHZ_DOMAIN=hhz.${DOMAIN_END}
export DSP_DOMAIN=dsp.${DOMAIN_END} export DSP_DOMAIN=dsp.${DOMAIN_END}
export KAFKA_DOMAIN=kafka.${DOMAIN_END} export KAFKA_DOMAIN=kafka.${DOMAIN_END}
#域名证书位置写在这边
#dsp.bazhongfeifu.com hhz.bazhongfeifu.com minio.bazhongfeifu.com oidc.bazhongfeifu.com srs.bazhongfeifu.com
export DSP_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/dsp/
export DSP_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/dsp/
export HHZ_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/hhz/
export HHZ_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/hhz/
export MINIO_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/minio/
export MINIO_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/minio/
export OIDC_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/oidc/
export OIDC_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/oidc/
export SRS_PEM_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/srs/
export SRS_KEY_PATH=/Users/sunpeng/workspace/remote/docker/nginxbazhong/vhosts/certs/srs/

5
nginxbazhong/vhosts/consul.conf
View File

@ -1,11 +1,8 @@
server { server {
listen 80; listen 443;
listen 443 ssl;
server_name ${CONSUL_DOMAIN}; server_name ${CONSUL_DOMAIN};
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

4
nginxbazhong/vhosts/dsp.conf
View File

@ -5,8 +5,8 @@
server_name ${DSP_DOMAIN}; server_name ${DSP_DOMAIN};
# SSL证书配置 # SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem; ssl_certificate /etc/nginx/dsp.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key; ssl_certificate_key /etc/nginx/dsp.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

6
nginxbazhong/vhosts/hhz.conf
View File

@ -4,10 +4,10 @@
listen 443 ssl; listen 443 ssl;
server_name ${HHZ_DOMAIN}; server_name ${HHZ_DOMAIN};
root /data/tuoheng_hhz_web/dist; root /data/tuoheng_hhz_web/dist;
client_max_body_size 2g;
# SSL证书配置 # SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem; ssl_certificate /etc/nginx/hhz.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key; ssl_certificate_key /etc/nginx/hhz.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

4
nginxbazhong/vhosts/minio.conf
View File

@ -3,8 +3,8 @@ server {
listen 443 ssl; listen 443 ssl;
server_name ${MINIO_DOMAIN}; server_name ${MINIO_DOMAIN};
client_max_body_size 2g; client_max_body_size 2g;
ssl_certificate /etc/nginx/t-aaron.com.pem; ssl_certificate /etc/nginx/minio.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key; ssl_certificate_key /etc/nginx/minio.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

5
nginxbazhong/vhosts/minioconsole.conf
View File

@ -1,11 +1,8 @@
server { server {
listen 80; listen 443;
listen 443 ssl;
server_name ${MINIO_CONSOLE_DOMAIN}; server_name ${MINIO_CONSOLE_DOMAIN};
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

4
nginxbazhong/vhosts/oidcservice.conf
View File

@ -5,8 +5,8 @@ server {
server_name ${OIDC_SERVER_DOMAIN}; server_name ${OIDC_SERVER_DOMAIN};
# SSL证书配置 # SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem; ssl_certificate /etc/nginx/oidc.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key; ssl_certificate_key /etc/nginx/oidc.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

4
nginxbazhong/vhosts/srs.conf
View File

@ -3,8 +3,8 @@ server {
listen 443 ssl; listen 443 ssl;
server_name ${SRS_DOMAIN}; server_name ${SRS_DOMAIN};
client_max_body_size 2g; client_max_body_size 2g;
ssl_certificate /etc/nginx/t-aaron.com.pem; ssl_certificate /etc/nginx/srs.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key; ssl_certificate_key /etc/nginx/srs.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

5
nginxbazhong/vhosts/xxljob.conf
View File

@ -1,11 +1,8 @@
server { server {
listen 80; listen 443;
listen 443 ssl;
server_name ${XXLJOB_DOMAIN}; server_name ${XXLJOB_DOMAIN};
# SSL证书配置 # SSL证书配置
ssl_certificate /etc/nginx/t-aaron.com.pem;
ssl_certificate_key /etc/nginx/t-aaron.com.key;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

38
start/nginx.sh
View File

@ -30,6 +30,44 @@ if [ ! -z "${PEM_PATH}" ] && [ ! -z "${KEY_PATH}" ]; then
--volume ${PEM_PATH}:/etc/nginx/t-aaron.com.pem \ --volume ${PEM_PATH}:/etc/nginx/t-aaron.com.pem \
--volume ${KEY_PATH}:/etc/nginx/t-aaron.com.key" --volume ${KEY_PATH}:/etc/nginx/t-aaron.com.key"
fi fi
# 如果配置了证书,添加证书挂载
if [ ! -z "${DSP_PEM_PATH}" ] && [ ! -z "${DSP_KEY_PATH}" ]; then
echo "检测到DSP证书配置将挂载证书文件..."
DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \
--volume ${DSP_PEM_PATH}:/etc/nginx/dsp.pem \
--volume ${DSP_KEY_PATH}:/etc/nginx/dsp.key"
fi
if [ ! -z "${HHZ_PEM_PATH}" ] && [ ! -z "${HHZ_KEY_PATH}" ]; then
echo "检测到HHZ证书配置将挂载证书文件..."
DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \
--volume ${HHZ_PEM_PATH}:/etc/nginx/hhz.pem \
--volume ${HHZ_KEY_PATH}:/etc/nginx/hhz.key"
fi
if [ ! -z "${MINIO_PEM_PATH}" ] && [ ! -z "${MINIO_KEY_PATH}" ]; then
echo "检测到MINIO证书配置将挂载证书文件..."
DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \
--volume ${MINIO_PEM_PATH}:/etc/nginx/minio.pem \
--volume ${MINIO_KEY_PATH}:/etc/nginx/minio.key"
fi
if [ ! -z "${OIDC_PEM_PATH}" ] && [ ! -z "${OIDC_KEY_PATH}" ]; then
echo "检测到OIDC证书配置将挂载证书文件..."
DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \
--volume ${OIDC_PEM_PATH}:/etc/nginx/oidc.pem \
--volume ${OIDC_KEY_PATH}:/etc/nginx/oidc.key"
fi
if [ ! -z "${SRS_PEM_PATH}" ] && [ ! -z "${SRS_KEY_PATH}" ]; then
echo "检测到SRS证书配置将挂载证书文件..."
DOCKER_RUN_CMD="${DOCKER_RUN_CMD} \
--volume ${SRS_PEM_PATH}:/etc/nginx/srs.pem \
--volume ${SRS_KEY_PATH}:/etc/nginx/srs.key"
fi
echo "镜像名字------" echo "镜像名字------"
echo ${NGINX_IMAGE} echo ${NGINX_IMAGE}