forge/internal/controller/maker/hsnet.go

package maker

import (
	"context"
	"os"
	"path/filepath"

	"gitea.loveuer.com/yizhisec/pkg3/logger"
	"yizhisec.com/hsv2/forge/internal/opt"
)

func (m *maker) HSNet(ctx context.Context) error {
	const (
		service = `[Unit]
Description=hs-net Container Service
Documentation=https://docs.containerd.io
After=network.target containerd.service

[Service]
# 启动前清理旧容器
# ExecStartPre=-/usr/local/bin/k0s ctr -n hs-net task kill hs-net
ExecStartPre=-/usr/local/bin/k0s ctr -n hs-net container rm  hs-net

# 拉取最新镜像（按需启用/注释）
# ExecStartPre=/usr/local/bin/k0s ctr -n hs-net images pull hub.yizhisec.com/hybridscope/hsnet:release_2.1.0-std

# 容器启动命令
ExecStart=/usr/local/bin/k0s ctr -n hs-net run \
  --net-host \
  --privileged \
  --env LD_LIBRARY_PATH=/yizhisec/hs_net \
  --env RUST_BACKTRACE=1 \
  --mount type=bind,src=/etc/localtime,dst=/etc/localtime,options=rbind:ro \
  --mount type=bind,src=/etc/hosts,dst=/etc/hosts,options=rbind:ro \
  --mount type=bind,src=/etc/yizhisec,dst=/etc/yizhisec,options=rbind:rw \
  --mount type=bind,src=/tmp,dst=/tmp,options=rbind:rw \
  --mount type=bind,src=/etc/yosguard/uuid,dst=/etc/gateway/uuid.json,options=rbind:ro \
  --mount type=bind,src=/mnt/huge,dst=/mnt/huge,options=rbind:rw \
  --mount type=bind,src=/var/run,dst=/var/run,options=rbind:rw \
  --mount type=bind,src=/yizhisec,dst=/yizhisec,options=rbind:rw \
  --mount type=bind,src=/yizhisec/hs_net/conf,dst=/etc/hs_net,options=rbind:rw \
  hub.yizhisec.com/hybridscope/hsnet:release_2.1.0-std hs-net

# --cgroup host \
# --env RUSTFLAGS="-C target-cpu=nehalem" \
# 重启策略
Restart=on-failure
RestartSec=5s
StartLimitInterval=60s
StartLimitBurst=5

# 资源限制（按需调整）
MemoryLimit=2G
CPUQuota=80%

# 日志处理（将容器 stdout/stderr 交由 journald 管理）
StandardOutput=journal
StandardError=journal
SyslogIdentifier=hs-net

# 清理退出的容器
# ExecStop=/usr/local/bin/k0s ctr -n hs-net task kill hs-net
ExecStopPost=/usr/local/bin/k0s ctr -n hs-net container rm hs-net

[Install]
WantedBy=multi-user.target`
	)
	var (
		err      error
		location = filepath.Join(opt.Cfg.Make.Dir, "dependency", "hs-net")
	)

	if err = os.MkdirAll(location, 0755); err != nil {
		logger.Error("MakeHSNet: 创建目录失败s")
		logger.Debug("MakeHSNet: 创建目录失败: %s", err.Error())
		return err
	}

	logger.Fatal("MakeHSNet: 构建 hs-net 失败!!!(怎么完善,怎么完善,怎么完善???)")

	return nil
}