feat jenkins cicd

Public/Publish/Server/user/config/config.prod.yaml

@@ -19,6 +19,10 @@ db:
       connMaxLifetimeSec: 600
       connMaxIdleTimeSec: 180
       logLevel: "warn"
+  redis:
+    addr: "172.18.28.0:6379"
+    password: "lQ7aM8oB6lK0iD5k"
+    db: 0
 
 serve:
   grpc:

Public/Publish/cmd.txt

@@ -1,6 +0,0 @@
-docker compose -p db -f docker-compose-db.yml up -d
-docker compose -p tool -f docker-compose-tool.yml up -d
-
-chown -R 1000:1000 jenkins/
-
-ssh -L 2379:localhost:2379 root@47.108.184.184 yT1vU8fH5mP0rQ6h

Public/Publish/doc.txt

@@ -0,0 +1,60 @@
+这是部署文档，记录部署需要做哪些东西
+
+
+frps、frpc：
+git - https://github.com/fatedier/frp
+frps启动命令（没有做成服务）：nohup ./frps -c ./frps.toml &
+frpc设置成服务，开机自启：
+1. 配置文件：/etc/systemd/system/frpc.service
+[Unit]
+Description=FRP Client
+After=network.target
+
+[Service]
+ExecStart=/home/pi/Desktop/frp_0.65.0_linux_arm64/frpc -c /home/pi/Desktop/frp_0.65.0_linux_arm64/frpc.toml
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+2. 启动命令：
+sudo systemctl daemon-reload
+sudo systemctl enable frpc    # 开机自启
+sudo systemctl start frpc     # 立即启动
+3. 查看日志
+sudo journalctl -u frpc
+
+
+安装Docker
+curl -fsSL https://get.docker.com -o get-docker.sh
+sudo sh get-docker.sh
+
+Docker代理（Docker不管全局代理，必须在这里设置）：
+1. 配置文件：/etc/systemd/system/docker.service.d/proxy.conf
+[Service]
+Environment="HTTP_PROXY=http://192.168.31.150:7890"
+Environment="HTTPS_PROXY=http://192.168.31.150:7890"
+Environment="NO_PROXY=localhost,127.0.0.1,.local,192.168.0.0/16"
+2. 启动命令：
+sudo systemctl daemon-reload
+sudo systemctl restart docker
+
+以下服务需要给存档权限
+sudo chown -R 1000:1000 jenkins/
+sudo chown -R 472:472 grafana/
+sudo chown -R 65534:65534 prometheus/
+sudo chown -R 1000:1000 gitea/
+
+nginx auth：
+nginx验证：printf "admin:$(openssl passwd -crypt uF8uY4eM0nS9dA4iZ1bV4hE6)\n" >>./prometheus_passwd
+registry验证：htpasswd -Bbn admin pD4hC1jY1bB0pY4kF4tC > ./registry_passwd
+↑没有工具安装这个：sudo yum install -y httpd-tools
+
+Jenkins账密：admin 4f848ffe54ef45eda56eebd62bc90ea0
+Grafana账密：admin pT1rA0yL0mK3iA8tJ4kE
+
+ssh -L 2379:localhost:2379 root@47.108.184.184 yT1vU8fH5mP0rQ6h
+
+
+registry命令：
+curl -XGET -u admin:pD4hC1jY1bB0pY4kF4tC http://127.0.0.1:5000/v2/_catalog
+curl -XGET -u admin:pD4hC1jY1bB0pY4kF4tC http://127.0.0.1:5000/v2/server-gateway/tags/list

Public/Publish/docker-compose-db.yml

@@ -1,8 +1,8 @@
 services:
   mysql:
-    image: mysql:latest
+    image: mysql:9.5.0
     container_name: mysql
-    restart: always
+    restart: unless-stopped
     environment:
       MYSQL_ROOT_PASSWORD: gR9pV4tY7zR6qL3e
       TZ: Asia/Shanghai
@@ -12,9 +12,9 @@ services:
       - ./db/mysql:/var/lib/mysql
 
   redis:
-    image: redis:latest
+    image: redis:8.4.0
     container_name: redis
-    restart: always
+    restart: unless-stopped
     ports:
       - "6379:6379"
     volumes:
@@ -24,7 +24,7 @@ services:
   etcd:
     image: bitnami/etcd:latest
     container_name: etcd
-    restart: always
+    restart: unless-stopped
     ports:
       - "2379:2379"
     environment:

Public/Publish/docker-compose-gitea.yml

@@ -0,0 +1,14 @@
+services:
+  gitea:
+    image: docker.gitea.com/gitea:1.25.3-rootless
+    container_name: gitea
+    restart: unless-stopped
+    ports:
+      - "3001:3000"
+    volumes:
+      - ./gitea/data:/var/lib/gitea
+      - ./gitea/config:/etc/gitea
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      - GITEA__server__ROOT_URL=http://47.108.184.184/gitea/

Public/Publish/docker-compose-metric.yml

@@ -0,0 +1,35 @@
+services:
+  prometheus:
+    image: prom/prometheus:v3.8.1
+    container_name: prometheus
+    restart: unless-stopped
+    ports:
+      - "9090:9090"
+    command:
+      - '--config.file=/etc/prometheus/prometheus.yml'
+    volumes:
+      - ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
+      - ./prometheus:/prometheus
+
+  node_exporter:
+    image: quay.io/prometheus/node-exporter:v1.10.2
+    container_name: node_exporter
+    command:
+      - '--path.rootfs=/host'
+    network_mode: host
+    pid: host
+    restart: unless-stopped
+    volumes:
+      - '/:/host:ro,rslave'
+
+  grafana:
+    image: grafana/grafana:12.3.1
+    container_name: grafana
+    restart: unless-stopped
+    ports:
+      - "3000:3000"
+    environment:
+      - GF_SERVER_ROOT_URL=https://www.hlsq.asia/grafana/
+      - GF_SECURITY_ADMIN_PASSWORD=admin
+    volumes:
+      - ./grafana:/var/lib/grafana

Public/Publish/docker-compose-registry.yml

@@ -0,0 +1,28 @@
+services:
+  registry:
+    image: registry:3.0.0
+    container_name: registry
+    restart: unless-stopped
+    ports:
+      - "5000:5000"
+    environment:
+      REGISTRY_AUTH: htpasswd
+      REGISTRY_AUTH_HTPASSWD_REALM: "Registry Realm"
+      REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
+      REGISTRY_STORAGE_DELETE_ENABLED: true
+    volumes:
+      - ./registry/data:/var/lib/registry
+      - ./registry/auth:/auth
+
+  registry-browser:
+    image: klausmeyer/docker-registry-browser:1.9.0
+    container_name: registry-browser
+    restart: unless-stopped
+    ports:
+      - "8081:8080"
+    environment:
+      SECRET_KEY_BASE: "b8464de925141ff42cf99c702e1ff54f1997edc2761a7236a981954e0c2cd7f95bf00c77647f234e393db16b039e9ed6afc41c44ddae2d8745458c19c4ff1aa1"
+      ENABLE_DELETE_IMAGES: true
+      DOCKER_REGISTRY_URL: http://192.168.31.10:5000
+      SCRIPT_NAME: "/browser"
+      RAILS_RELATIVE_URL_ROOT: "/browser"

Public/Publish/docker-compose-tool.yml

@@ -1,7 +1,8 @@
 services:
   jenkins:
-    image: jenkins/jenkins:lts
+    image: jenkins/jenkins:2.543
     container_name: jenkins
+    user: "1000:984"
     command: "--prefix=/jenkins"
     restart: unless-stopped
     ports:
@@ -14,7 +15,7 @@ services:
       - TZ=Asia/Shanghai
 
   nginx:
-    image: nginx:alpine
+    image: nginx:1.29.4
     container_name: nginx
     restart: unless-stopped
     ports:
@@ -24,33 +25,4 @@ services:
       - ./nginx/conf.d:/etc/nginx/conf.d:ro
       - ./nginx/html:/var/www/html
       - ./nginx/certs:/etc/nginx/certs:ro
-
-  prometheus:
-    image: prom/prometheus:latest
-    container_name: prometheus
-    ports:
-      - "9090:9090"
-    command:
-      - '--config.file=/etc/prometheus/prometheus.yml'
-    volumes:
-      - ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
-
-  node_exporter:
-    image: quay.io/prometheus/node-exporter:latest
-    container_name: node_exporter
-    command:
-      - '--path.rootfs=/host'
-    network_mode: host
-    pid: host
-    restart: unless-stopped
-    volumes:
-      - '/:/host:ro,rslave'
-
-  grafana:
-    image: grafana/grafana:latest
-    container_name: grafana
-    ports:
-      - "3000:3000"
-    environment:
-      - GF_SERVER_ROOT_URL=https://www.hlsq.asia/grafana/
-      - GF_SECURITY_ADMIN_PASSWORD=admin
+      - ./nginx/logs:/var/log/nginx