From 0b18fef4b198cd256d4a4f4d9ab1efa13ccd747a Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Tue, 2 Dec 2025 10:38:47 +0800 Subject: [PATCH 01/14] =?UTF-8?q?feat(apt):=20=E6=B7=BB=E5=8A=A0USTC?= =?UTF-8?q?=E9=95=9C=E5=83=8F=E6=BA=90=E7=9A=84Debian12=E5=92=8C13?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=E6=96=87=E4=BB=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 添加Debian12和13的APT源配置文件,包括基础源、更新源、backports源和安全源 同时添加对应版本的Docker CE仓库配置,使用USTC镜像源加速下载 --- apt.list/ustc/{ => Debian12}/bookworm.sources.list | 0 apt.list/ustc/{ => Debian12}/docker.list | 0 apt.list/ustc/Debian13/docker.list | 1 + apt.list/ustc/{ => Debian13}/trixie.sources.list | 0 4 files changed, 1 insertion(+) rename apt.list/ustc/{ => Debian12}/bookworm.sources.list (100%) rename apt.list/ustc/{ => Debian12}/docker.list (100%) create mode 100644 apt.list/ustc/Debian13/docker.list rename apt.list/ustc/{ => Debian13}/trixie.sources.list (100%) diff --git a/apt.list/ustc/bookworm.sources.list b/apt.list/ustc/Debian12/bookworm.sources.list similarity index 100% rename from apt.list/ustc/bookworm.sources.list rename to apt.list/ustc/Debian12/bookworm.sources.list diff --git a/apt.list/ustc/docker.list b/apt.list/ustc/Debian12/docker.list similarity index 100% rename from apt.list/ustc/docker.list rename to apt.list/ustc/Debian12/docker.list diff --git a/apt.list/ustc/Debian13/docker.list b/apt.list/ustc/Debian13/docker.list new file mode 100644 index 0000000..222c2f1 --- /dev/null +++ b/apt.list/ustc/Debian13/docker.list @@ -0,0 +1 @@ +deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.asc] https://mirrors.ustc.edu.cn/docker-ce/linux/debian trixie stable \ No newline at end of file diff --git a/apt.list/ustc/trixie.sources.list b/apt.list/ustc/Debian13/trixie.sources.list similarity index 100% rename from apt.list/ustc/trixie.sources.list rename to apt.list/ustc/Debian13/trixie.sources.list From 384bf0b81336afe490c6fe16b12be4e5c597961e Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Tue, 2 Dec 2025 15:46:01 +0800 Subject: [PATCH 02/14] =?UTF-8?q?refactor(grafana):=20=E9=87=8D=E6=9E=84?= =?UTF-8?q?=E9=95=9C=E5=83=8F=E6=A0=87=E7=AD=BE=E9=85=8D=E7=BD=AE=E4=B8=BA?= =?UTF-8?q?=E5=8F=98=E9=87=8F=E5=BD=A2=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 将硬编码的镜像标签拆分为基础镜像和版本变量,提高配置灵活性 --- grafana/env.cfg | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/grafana/env.cfg b/grafana/env.cfg index 5e499bd..97b7021 100644 --- a/grafana/env.cfg +++ b/grafana/env.cfg @@ -1 +1,2 @@ -IMAGE_TAG=grafana/grafana:12.2.0 \ No newline at end of file +IMAGE_TAG_VER=12.2.0 +IMAGE_TAG=grafana/grafana:${IMAGE_TAG_VER} \ No newline at end of file From 31b7f1f855735feb19f789c2175b77a8abd42db5 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Wed, 3 Dec 2025 18:30:35 +0800 Subject: [PATCH 03/14] =?UTF-8?q?feat(base):=20=E6=B7=BB=E5=8A=A0cAdvisor?= =?UTF-8?q?=E7=9B=91=E6=8E=A7=E6=9C=8D=E5=8A=A1=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 添加cAdvisor的Docker Compose部署文件和环境变量配置 包含容器镜像版本定义、端口映射及必要的只读卷挂载 --- base/cadvisor.stack.yaml | 20 ++++++++++++++++++++ base/env.cfg | 2 ++ 2 files changed, 22 insertions(+) create mode 100644 base/cadvisor.stack.yaml create mode 100644 base/env.cfg diff --git a/base/cadvisor.stack.yaml b/base/cadvisor.stack.yaml new file mode 100644 index 0000000..12c0e53 --- /dev/null +++ b/base/cadvisor.stack.yaml @@ -0,0 +1,20 @@ + +## RUN:: docker compose -p base --env-file ./base/env.cfg -f ./base/cadvisor.stack.yaml up -d +services: + + cadvisor: + image: ${Cadvisor_Image} + restart: always + container_name: cadvisor-prod + ports: + - 9180:8080 + volumes: + - '/dev/disk/:/dev/disk:ro' + - '/data/docker/:/var/lib/docker:ro' + - '/sys:/sys:ro' + - '/var/run:/var/run:ro' + - '/:/rootfs:ro' + user: '1000:1000' + security_opt: + - no-new-privileges + read_only: true \ No newline at end of file diff --git a/base/env.cfg b/base/env.cfg new file mode 100644 index 0000000..17bf849 --- /dev/null +++ b/base/env.cfg @@ -0,0 +1,2 @@ +Cadvisor_Tag_Ver=0.53.0-dev +Cadvisor_Image=cleanstart/cadvisor:${Cadvisor_Tag_Ver} \ No newline at end of file From a3107467af7c607aaae23f30e04ed6bb1da0cf2e Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Wed, 3 Dec 2025 18:34:41 +0800 Subject: [PATCH 04/14] =?UTF-8?q?fix:=20=E7=A7=BB=E9=99=A4cAdvisor?= =?UTF-8?q?=E5=AE=89=E5=85=A8=E9=99=90=E5=88=B6=E5=B9=B6=E5=90=AF=E7=94=A8?= =?UTF-8?q?=E7=89=B9=E6=9D=83=E6=A8=A1=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 为了允许cAdvisor访问更多主机信息以提供完整的监控数据,移除了no-new-privileges安全选项并启用privileged模式 --- base/cadvisor.stack.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/base/cadvisor.stack.yaml b/base/cadvisor.stack.yaml index 12c0e53..d87ed73 100644 --- a/base/cadvisor.stack.yaml +++ b/base/cadvisor.stack.yaml @@ -15,6 +15,5 @@ services: - '/var/run:/var/run:ro' - '/:/rootfs:ro' user: '1000:1000' - security_opt: - - no-new-privileges + privileged: true read_only: true \ No newline at end of file From 4049240f523fee9d2710a1eda5d509dceea2b668 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Wed, 3 Dec 2025 18:41:41 +0800 Subject: [PATCH 05/14] =?UTF-8?q?chore:=20=E6=9B=B4=E6=96=B0cAdvisor?= =?UTF-8?q?=E9=95=9C=E5=83=8F=E7=89=88=E6=9C=AC=E5=8F=8A=E4=BB=93=E5=BA=93?= =?UTF-8?q?=E5=9C=B0=E5=9D=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 将cAdvisor版本从0.53.0-dev升级至0.54.0稳定版 镜像仓库地址从cleanstart迁移至官方ghcr.io --- base/env.cfg | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/base/env.cfg b/base/env.cfg index 17bf849..29a2714 100644 --- a/base/env.cfg +++ b/base/env.cfg @@ -1,2 +1,2 @@ -Cadvisor_Tag_Ver=0.53.0-dev -Cadvisor_Image=cleanstart/cadvisor:${Cadvisor_Tag_Ver} \ No newline at end of file +Cadvisor_Tag_Ver=0.54.0 +Cadvisor_Image=ghcr.io/google/cadvisor:${Cadvisor_Tag_Ver} \ No newline at end of file From a2f9f629a5f6667ea3d1dfe2a7647f0db14b71e6 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Wed, 3 Dec 2025 18:52:04 +0800 Subject: [PATCH 06/14] =?UTF-8?q?chore:=20=E6=9B=B4=E6=96=B0cAdvisor?= =?UTF-8?q?=E7=89=88=E6=9C=AC=E8=87=B3v0.53.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- base/env.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/env.cfg b/base/env.cfg index 29a2714..d31df78 100644 --- a/base/env.cfg +++ b/base/env.cfg @@ -1,2 +1,2 @@ -Cadvisor_Tag_Ver=0.54.0 +Cadvisor_Tag_Ver=v0.53.0 Cadvisor_Image=ghcr.io/google/cadvisor:${Cadvisor_Tag_Ver} \ No newline at end of file From d3a17570eb9146c59b32f010075f42546f83de6f Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Wed, 3 Dec 2025 20:38:21 +0800 Subject: [PATCH 07/14] =?UTF-8?q?refactor(base/cadvisor):=20=E4=BC=98?= =?UTF-8?q?=E5=8C=96cAdvisor=E5=AE=B9=E5=99=A8=E6=8C=82=E8=BD=BD=E5=8D=B7?= =?UTF-8?q?=E5=92=8C=E6=9D=83=E9=99=90=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 调整挂载卷顺序并移除不必要的只读限制,将/var/run改为读写模式以提升监控功能 --- base/cadvisor.stack.yaml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/base/cadvisor.stack.yaml b/base/cadvisor.stack.yaml index d87ed73..05ccfe0 100644 --- a/base/cadvisor.stack.yaml +++ b/base/cadvisor.stack.yaml @@ -9,11 +9,9 @@ services: ports: - 9180:8080 volumes: - - '/dev/disk/:/dev/disk:ro' - - '/data/docker/:/var/lib/docker:ro' - - '/sys:/sys:ro' - - '/var/run:/var/run:ro' - - '/:/rootfs:ro' - user: '1000:1000' - privileged: true - read_only: true \ No newline at end of file + - /:/rootfs:ro + - /data/docker/:/var/lib/docker:ro + - /var/run:/var/run:rw + - /sys:/sys:ro + - /dev/disk/:/dev/disk:ro + privileged: true \ No newline at end of file From bc1f519e0c55f8eb7fdf4fdbdd2d2aba36c302f7 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Wed, 3 Dec 2025 22:25:30 +0800 Subject: [PATCH 08/14] =?UTF-8?q?chore:=20=E6=9B=B4=E6=96=B0cadvisor?= =?UTF-8?q?=E9=95=9C=E5=83=8F=E4=BB=93=E5=BA=93=E5=9C=B0=E5=9D=80=E4=B8=BA?= =?UTF-8?q?=E5=86=85=E9=83=A8=E4=BB=93=E5=BA=93?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- base/env.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/env.cfg b/base/env.cfg index d31df78..d13dc53 100644 --- a/base/env.cfg +++ b/base/env.cfg @@ -1,2 +1,2 @@ Cadvisor_Tag_Ver=v0.53.0 -Cadvisor_Image=ghcr.io/google/cadvisor:${Cadvisor_Tag_Ver} \ No newline at end of file +Cadvisor_Image=hub.tp229.com:3500/google/cadvisor:${Cadvisor_Tag_Ver} \ No newline at end of file From 231050ef4e2ca70b803bd575bc55b41bbc04a43c Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Thu, 4 Dec 2025 14:11:26 +0800 Subject: [PATCH 09/14] =?UTF-8?q?feat(backup):=20=E6=B7=BB=E5=8A=A0=20gite?= =?UTF-8?q?a=20=E6=95=B0=E6=8D=AE=E5=A4=87=E4=BB=BD=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 添加定时备份 gitea 数据的脚本,包含停止容器、同步数据、重启容器的完整流程 --- gitea/backup.job | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 gitea/backup.job diff --git a/gitea/backup.job b/gitea/backup.job new file mode 100644 index 0000000..8df05a9 --- /dev/null +++ b/gitea/backup.job @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +## gitea 数据备份脚本 +## CRON:: 4 4 * * * /data/deploy/crontab/backup.job >> /dev/null 2>&1 + +DATA_PATH=/data/volumes/gitea +BACKUP_PATH=/data/backups/gitea + +docker stop gitea-app +sleep 0.3 +rsync -au --delete ${DATA_PATH} ${BACKUP_PATH} +sleep 0.3 +docker start gitea-app From 1a8ce2705350b14dd7b739f6db4950c4daedd02a Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Thu, 4 Dec 2025 19:11:50 +0800 Subject: [PATCH 10/14] =?UTF-8?q?fix(harbor):=20=E6=9B=B4=E6=96=B0?= =?UTF-8?q?=E5=AE=B9=E5=99=A8=E9=95=9C=E5=83=8F=E7=89=88=E6=9C=AC=E8=87=B3?= =?UTF-8?q?v2.14.1=E5=B9=B6=E4=BC=98=E5=8C=96=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 将所有Harbor组件镜像版本从v2.2.2升级到v2.14.1 - 统一使用绝对路径/data/harbor作为挂载点 - 移除过时的dns_search配置项 - 简化volume绑定语法,使用直接路径映射 - 调整proxy服务端口映射配置 --- harbor/compose.yaml | 131 ++++++++++++++++---------------------------- 1 file changed, 46 insertions(+), 85 deletions(-) diff --git a/harbor/compose.yaml b/harbor/compose.yaml index 60ac8d5..5e99ade 100644 --- a/harbor/compose.yaml +++ b/harbor/compose.yaml @@ -1,10 +1,8 @@ -version: '2.3' services: log: - image: goharbor/harbor-log:v2.2.2 + image: goharbor/harbor-log:v2.14.1 container_name: harbor-log restart: always - dns_search: . cap_drop: - ALL cap_add: @@ -14,18 +12,14 @@ services: - SETUID volumes: - /var/log/harbor/:/var/log/docker/:z - - type: bind - source: ./common/config/log/logrotate.conf - target: /etc/logrotate.d/logrotate.conf - - type: bind - source: ./common/config/log/rsyslog_docker.conf - target: /etc/rsyslog.d/rsyslog_docker.conf + - /data/harbor/common/config/log/logrotate.conf:/etc/logrotate.d/logrotate.conf + - /data/harbor/common/config/log/rsyslog_docker.conf:/etc/rsyslog.d/rsyslog_docker.conf ports: - 127.0.0.1:1514:10514 networks: - harbor registry: - image: goharbor/registry-photon:v2.2.2 + image: goharbor/registry-photon:v2.14.1 container_name: registry restart: always cap_drop: @@ -35,29 +29,24 @@ services: - SETGID - SETUID volumes: - - /data/registry:/storage:z - - ./common/config/registry/:/etc/registry/:z - - type: bind - source: /data/secret/registry/root.crt - target: /etc/registry/root.crt - - type: bind - source: ./common/config/shared/trust-certificates - target: /harbor_cust_cert + - /data/harbor/registry:/storage:z + - /data/harbor/common/config/registry/:/etc/registry/:z + - /data/harbor/secret/registry/root.crt:/etc/registry/root.crt + - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert networks: - harbor - dns_search: . depends_on: - log logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "registry" registryctl: - image: goharbor/harbor-registryctl:v2.2.2 + image: goharbor/harbor-registryctl:v2.14.1 container_name: registryctl env_file: - - ./common/config/registryctl/env + - /data/harbor/common/config/registryctl/env restart: always cap_drop: - ALL @@ -66,26 +55,21 @@ services: - SETGID - SETUID volumes: - - /data/registry:/storage:z - - ./common/config/registry/:/etc/registry/:z - - type: bind - source: ./common/config/registryctl/config.yml - target: /etc/registryctl/config.yml - - type: bind - source: ./common/config/shared/trust-certificates - target: /harbor_cust_cert + - /data/harbor/registry:/storage:z + - /data/harbor/common/config/registry/:/etc/registry/:z + - /data/harbor/common/config/registryctl/config.yml:/etc/registryctl/config.yml + - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert networks: - harbor - dns_search: . depends_on: - log logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "registryctl" postgresql: - image: goharbor/harbor-db:v2.2.2 + image: goharbor/harbor-db:v2.14.1 container_name: harbor-db restart: always cap_drop: @@ -96,21 +80,21 @@ services: - SETGID - SETUID volumes: - - /data/database:/var/lib/postgresql/data:z + - /data/harbor/database:/var/lib/postgresql/data:z networks: harbor: - dns_search: . env_file: - - ./common/config/db/env + - /data/harbor/common/config/db/env depends_on: - log logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "postgresql" + shm_size: '1gb' core: - image: goharbor/harbor-core:v2.2.2 + image: goharbor/harbor-core:v2.14.1 container_name: harbor-core env_file: - ./common/config/core/env @@ -121,24 +105,15 @@ services: - SETGID - SETUID volumes: - - /data/ca_download/:/etc/core/ca/:z - - /data/:/data/:z - - ./common/config/core/certificates/:/etc/core/certificates/:z - - type: bind - source: ./common/config/core/app.conf - target: /etc/core/app.conf - - type: bind - source: /data/secret/core/private_key.pem - target: /etc/core/private_key.pem - - type: bind - source: /data/secret/keys/secretkey - target: /etc/core/key - - type: bind - source: ./common/config/shared/trust-certificates - target: /harbor_cust_cert + - /data/harbor/ca_download/:/etc/core/ca/:z + - /data/harbor/:/data/:z + - /data/harbor/common/config/core/certificates/:/etc/core/certificates/:z + - /data/harbor/common/config/core/app.conf:/etc/core/app.conf + - /data/harbor/secret/core/private_key.pem:/etc/core/private_key.pem + - /data/harbor/data/harbor/secret/keys/secretkey:/etc/core/key + - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert networks: harbor: - dns_search: . depends_on: - log - registry @@ -147,10 +122,10 @@ services: logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "core" portal: - image: goharbor/harbor-portal:v2.2.2 + image: goharbor/harbor-portal:v2.14.1 container_name: harbor-portal restart: always cap_drop: @@ -161,22 +136,19 @@ services: - SETUID - NET_BIND_SERVICE volumes: - - type: bind - source: ./common/config/portal/nginx.conf - target: /etc/nginx/nginx.conf + - /data/harbor/common/config/portal/nginx.conf:/etc/nginx/nginx.conf networks: - harbor - dns_search: . depends_on: - log logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "portal" jobservice: - image: goharbor/harbor-jobservice:v2.2.2 + image: goharbor/harbor-jobservice:v2.14.1 container_name: harbor-jobservice env_file: - ./common/config/jobservice/env @@ -188,25 +160,20 @@ services: - SETGID - SETUID volumes: - - /data/job_logs:/var/log/jobs:z - - type: bind - source: ./common/config/jobservice/config.yml - target: /etc/jobservice/config.yml - - type: bind - source: ./common/config/shared/trust-certificates - target: /harbor_cust_cert + - /data/harbor/job_logs:/var/log/jobs:z + - /data/harbor/common/config/jobservice/config.yml:/etc/jobservice/config.yml + - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert networks: - harbor - dns_search: . depends_on: - core logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "jobservice" redis: - image: goharbor/redis-photon:v2.2.2 + image: goharbor/redis-photon:v2.14.1 container_name: redis restart: always cap_drop: @@ -216,19 +183,18 @@ services: - SETGID - SETUID volumes: - - /data/redis:/var/lib/redis + - /data/harbor/redis:/var/lib/redis networks: harbor: - dns_search: . depends_on: - log logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "redis" proxy: - image: goharbor/nginx-photon:v2.2.2 + image: goharbor/nginx-photon:v2.14.1 container_name: nginx restart: always cap_drop: @@ -239,17 +205,12 @@ services: - SETUID - NET_BIND_SERVICE volumes: - - ./common/config/nginx:/etc/nginx:z - - /data/secret/cert:/etc/cert:z - - type: bind - source: ./common/config/shared/trust-certificates - target: /harbor_cust_cert + - /data/harbor/common/config/nginx:/etc/nginx:z + - /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert networks: - harbor - dns_search: . ports: - - 8080:8080 - - 8443:8443 + - 80:8080 depends_on: - registry - core @@ -258,7 +219,7 @@ services: logging: driver: "syslog" options: - syslog-address: "tcp://127.0.0.1:1514" + syslog-address: "tcp://localhost:1514" tag: "proxy" networks: harbor: From 95bf2dea11490518bd2c2dd8df8c1bc0182ecaf3 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Thu, 4 Dec 2025 19:12:01 +0800 Subject: [PATCH 11/14] =?UTF-8?q?docs(dbSer/loki):=20=E6=B7=BB=E5=8A=A0lok?= =?UTF-8?q?i=E6=97=A5=E5=BF=97=E6=94=B6=E9=9B=86=E6=9C=8D=E5=8A=A1?= =?UTF-8?q?=E7=9B=B8=E5=85=B3=E6=96=87=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 添加readme.md文件包含loki docker安装文档链接 --- dbSer/loki/env.cfg | 0 dbSer/loki/readme.md | 5 +++++ dbSer/loki/stack.yml | 0 3 files changed, 5 insertions(+) create mode 100644 dbSer/loki/env.cfg create mode 100644 dbSer/loki/readme.md create mode 100644 dbSer/loki/stack.yml diff --git a/dbSer/loki/env.cfg b/dbSer/loki/env.cfg new file mode 100644 index 0000000..e69de29 diff --git a/dbSer/loki/readme.md b/dbSer/loki/readme.md new file mode 100644 index 0000000..d4d65fc --- /dev/null +++ b/dbSer/loki/readme.md @@ -0,0 +1,5 @@ +## LOKI 日志收集服务 + +[loki docker 安装文档](https://grafana.com/docs/loki/latest/setup/install/docker/) + + diff --git a/dbSer/loki/stack.yml b/dbSer/loki/stack.yml new file mode 100644 index 0000000..e69de29 From ab42bf3c8c740f81c89583fe8640605a129d9453 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Thu, 4 Dec 2025 19:25:34 +0800 Subject: [PATCH 12/14] =?UTF-8?q?fix(harbor):=20=E4=BF=AE=E6=AD=A3?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=E6=96=87=E4=BB=B6=E8=B7=AF=E5=BE=84=E5=B9=B6?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E9=83=A8=E7=BD=B2=E6=96=87=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 更新compose.yaml中core和jobservice组件的env文件路径为绝对路径 添加readme.md文档说明harbor组件功能及部署步骤 --- harbor/compose.yaml | 4 ++-- harbor/readme.md | 51 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 harbor/readme.md diff --git a/harbor/compose.yaml b/harbor/compose.yaml index 5e99ade..a7421d3 100644 --- a/harbor/compose.yaml +++ b/harbor/compose.yaml @@ -97,7 +97,7 @@ services: image: goharbor/harbor-core:v2.14.1 container_name: harbor-core env_file: - - ./common/config/core/env + - /data/harbor/common/config/core/env restart: always cap_drop: - ALL @@ -151,7 +151,7 @@ services: image: goharbor/harbor-jobservice:v2.14.1 container_name: harbor-jobservice env_file: - - ./common/config/jobservice/env + - /data/harbor/common/config/jobservice/env restart: always cap_drop: - ALL diff --git a/harbor/readme.md b/harbor/readme.md new file mode 100644 index 0000000..78babc3 --- /dev/null +++ b/harbor/readme.md @@ -0,0 +1,51 @@ +## 部署 Harbor + +[harbor github](https://github.com/goharbor/harbor) + +[Harbor Docs](https://goharbor.io/docs/) + +### 以下是harbor的各个组件 + +| 组件名称 | 核心作用 | 关键功能说明 | 端口/依赖 | +| --- | --- | --- | --- | +| harbor-core | Harbor 核心服务 | 提供 API 接口、用户权限管理、项目配置、Webhook 等核心逻辑 | 依赖 harbor-db 和 redis | +| harbor-db | 元数据存储数据库 | 存储用户信息、项目数据、镜像元数据、复制策略等(PostgreSQL) | 健康状态表明数据服务正常 | +| harbor-jobservice | 异步任务处理器 | 执行镜像复制、垃圾回收、漏洞扫描等后台任务 | 通过 redis 协调任务队列 | +| harbor-log | 集中式日志收集器 | 聚合所有组件日志,提供统一查询接口 | 127.0.0.1:1514→10514/tcp | +| harbor-portal | Web 用户界面 (UI) | 提供图形化管理界面(基于 Vue.js),操作镜像、项目、用户等 | 由 nginx 代理访问 | +| nginx | 反向代理和入口网关 | 接收外部请求,路由到后端服务(核心/UI/注册表) | 对外端口:
HTTP: 14080
HTTPS: 14443 | +| redis | 缓存与会话存储 | 缓存数据库查询、存储用户会话、管理任务队列 | 加速系统性能 | +| registry | Docker 镜像存储服务 | 实际存储镜像文件(Blobs)和清单(Manifests) | 依赖存储卷持久化数据 | +| registryctl | 注册表控制服务 | 管理 registry 组件(触发垃圾回收、配置更新等操作) | 与 registry 交互 | + +### harbor安装步骤 + +1. 到github找到最新版的安装包:https://github.com/goharbor/harbor/releases 下载最新版本的harbor-offline-installer-(版本号).tgz安装包。 + +解压安装包: +``` +tar xvf harbor-offline-installer-v2.14.1.tgz +``` + +2. 进入harbor安装目录,修改配置文件 +``` +cd ./harbor +#复制 harbor的配置文件并改名harbor.yml +cp -ar harbor.yml.tmpl harbor.yml +#修改文件 +vim harbor.yml +``` +3. 完成并保存配置文件后执行预处理 +``` +# 预处理 +./prepare + +``` +4. 修改生成的docker-compose.yml文件,修改相关配置 +5. 执行安装 +``` +# 安装 +docker compose -p harbor -f ./docker-compose.yml pull +docker compose -p harbor -f ./docker-compose.yml up -d +``` + From a1dc00a4f925295d5afe841c08ae9ffb1a410295 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Thu, 4 Dec 2025 19:28:36 +0800 Subject: [PATCH 13/14] =?UTF-8?q?fix(harbor):=20=E4=BF=AE=E6=94=B9?= =?UTF-8?q?=E7=AB=AF=E5=8F=A3=E6=98=A0=E5=B0=84=E4=BB=8E80:8080=E5=88=B080?= =?UTF-8?q?80:8080?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 避免与主机上可能运行的其它服务端口冲突 --- harbor/compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/harbor/compose.yaml b/harbor/compose.yaml index a7421d3..c831400 100644 --- a/harbor/compose.yaml +++ b/harbor/compose.yaml @@ -210,7 +210,7 @@ services: networks: - harbor ports: - - 80:8080 + - 8080:8080 depends_on: - registry - core From 8d0da00bf9a9e9e68fc3b0ad56e48904a0519495 Mon Sep 17 00:00:00 2001 From: cnphpbb Date: Thu, 4 Dec 2025 20:21:55 +0800 Subject: [PATCH 14/14] =?UTF-8?q?feat(harbor):=20=E6=B7=BB=E5=8A=A08443?= =?UTF-8?q?=E7=AB=AF=E5=8F=A3=E6=98=A0=E5=B0=84=E5=B9=B6=E6=9B=B4=E6=96=B0?= =?UTF-8?q?readme?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 在compose.yaml中添加8443端口映射以支持HTTPS访问 更新readme.md文件,添加证书文件信息 --- harbor/compose.yaml | 1 + harbor/readme.md | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/harbor/compose.yaml b/harbor/compose.yaml index c831400..470197e 100644 --- a/harbor/compose.yaml +++ b/harbor/compose.yaml @@ -211,6 +211,7 @@ services: - harbor ports: - 8080:8080 + - 8443:8443 depends_on: - registry - core diff --git a/harbor/readme.md b/harbor/readme.md index 78babc3..dac4be3 100644 --- a/harbor/readme.md +++ b/harbor/readme.md @@ -49,3 +49,9 @@ docker compose -p harbor -f ./docker-compose.yml pull docker compose -p harbor -f ./docker-compose.yml up -d ``` +``` +root@hkthyear-8015912443:/data/caddy/certificate/certificates/acme-v02.api.letsencrypt.org-directory/hub.6t7.net# lsd + hub.6t7.net.crt  hub.6t7.net.json 󰌆 hub.6t7.net.key +root@hkthyear-8015912443:/data/caddy/certificate/certificates/acme-v02.api.letsencrypt.org-directory/hub.6t7.net# +harbor#1977 +``` \ No newline at end of file