yizhisec/forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f4f3590aecfa86a8e68e4f79f45552d0f885c8b7
forge/internal/controller/maker/app.nginx.go
zhaoyupeng 38def02bf4 feat(front): add front app build command and minio support 
- Add new command "front" with flags for replica count and vendor
- Implement front app build logic in maker.AppFront method
- Add minio to make command list
- Add minio and minio-init images to image list
- Change EMQX dependency path to "dependency/emqx"
- Update app OEM logic to use model.GetVendor for vendor info
- Fix app OEM download and rename logic with updated vendor fields
- Modify nginx deployment manifest to allow configurable replicas
- Update user app mysql address to mysql-cluster-mysql-master.db-mysql:3306
- Add server_license_init.conf generation script for configmap upsert
- Clean and reformat imports across several files
- Remove unused package files for make.mysql.go, make.redis.go, make.longhorn.go
2025-11-27 17:35:01 +08:00

180 lines
6.9 KiB
Go
Raw Blame History

package maker
import (
"context"
"fmt"
"os"
"path/filepath"
"gitea.loveuer.com/yizhisec/pkg3/logger"
"github.com/samber/lo"
"yizhisec.com/hsv2/forge/pkg/resource"
)
type NginxOpt func(*nginxOpt)
type nginxOpt struct {
WithoutSeafile bool
Replica int
}
func WithNginxReplica(replica int) NginxOpt {
return func(o *nginxOpt) {
if replica >= 0 {
o.Replica = replica
}
}
}
func WithoutNginxSeafile() NginxOpt {
return func(o *nginxOpt) {
o.WithoutSeafile = true
}
}
func (m *maker) AppNginx(ctx context.Context, opts ...NginxOpt) error {
const (
_upsert = `#!/bin/bash
kubectl create configmap nginx-main --namespace hsv2 --from-file=nginx.conf=./conf/nginx.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-user --namespace hsv2 --from-file=user.conf=./conf/user.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-gateway --namespace hsv2 --from-file=gateway.conf=./conf/gateway.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-web --namespace hsv2 --from-file=web.conf=./conf/web.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-client --namespace hsv2 --from-file=client.conf=./conf/client.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-common --namespace hsv2 --from-file=common.conf=./conf/common.conf --dry-run=client -o yaml | kubectl apply -f -
%s
kubectl create configmap ssl-ca-crt --namespace hsv2 --from-file=ca.crt=./ssl/ca.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-ffdhe2048 --namespace hsv2 --from-file=ffdhe2048.txt=./ssl/ffdhe2048.txt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-server-crt --namespace hsv2 --from-file=server.crt=./ssl/server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-server-key --namespace hsv2 --from-file=server.key=./ssl/server.key --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-mqtt-crt --namespace hsv2 --from-file=mqtt.server.crt=./ssl/mqtt.server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-mqtt-key --namespace hsv2 --from-file=mqtt.server.key=./ssl/mqtt.server.key --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-client-server-crt --namespace hsv2 --from-file=client.server.crt=./ssl/client.server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-client-server-key --namespace hsv2 --from-file=client.server.key=./ssl/client.server.key --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-web-server-crt --namespace hsv2 --from-file=web.server.crt=./ssl/web.server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-web-server-key --namespace hsv2 --from-file=web.server.key=./ssl/web.server.key --dry-run=client -o yaml | kubectl apply -f -
kubectl apply -f nginx.yaml
kubectl rollout restart deployment nginx-deployment -n hsv2`
)
var (
err error
workdir = filepath.Join(m.workdir, "app", "nginx")
o = nginxOpt{
WithoutSeafile: false,
Replica: 2,
}
applySeafile = "kubectl create configmap nginx-seafile --namespace hsv2 --from-file=seafile.conf=./conf/seafile.conf --dry-run=client -o yaml | kubectl apply -f -"
)
logger.Info(" ☑️ maker.AppNginx: 开始构建 nginx, workdir = %s", workdir)
for _, fn := range opts {
fn(&o)
}
logger.Debug(" ☑️ maker.AppNginx: 创建工作目录 = %s", workdir)
if err = os.MkdirAll(workdir, 0755); err != nil {
return err
}
logger.Debug("✅ maker.AppNginx: 创建工作目录成功 = %s", workdir)
// 子目录: conf 与 ssl
confDir := filepath.Join(workdir, "conf")
sslDir := filepath.Join(workdir, "ssl")
logger.Debug(" ☑️ maker.AppNginx: 创建 conf 与 ssl 子目录")
if err = os.MkdirAll(confDir, 0755); err != nil {
logger.Debug("❌ maker.AppNginx: 创建 conf 目录失败: %v", err)
return err
}
if err = os.MkdirAll(sslDir, 0755); err != nil {
logger.Debug("❌ maker.AppNginx: 创建 ssl 目录失败: %v", err)
return err
}
logger.Debug("✅ maker.AppNginx: 创建 conf 与 ssl 子目录成功")
// 写入 nginx 配置文件到 conf 子目录(列表 + for 循环)
logger.Debug(" ☑️ maker.AppNginx: 写入 nginx 配置文件到 conf 子目录")
confFiles := []struct {
name string
content []byte
}{
{"nginx.conf", resource.NGINXMain},
{"user.conf", resource.NGINXUser},
{"gateway.conf", resource.NGINXGateway},
{"web.conf", resource.NGINXWeb},
{"client.conf", resource.NGINXClient},
{"common.conf", resource.NGINXCommon},
}
// 过滤 seafile.conf 文件
if !o.WithoutSeafile {
confFiles = append(confFiles, struct {
name string
content []byte
}{
"seafile.conf", resource.NGINXSeafile,
})
}
for _, f := range confFiles {
dest := filepath.Join(confDir, f.name)
if err = os.WriteFile(dest, f.content, 0644); err != nil {
logger.Debug("❌ maker.AppNginx: 写入 %s 失败: %v", f.name, err)
return err
}
logger.Debug("✅ maker.AppNginx: 写入 %s 成功, dest = %s", f.name, dest)
}
logger.Debug("✅ maker.AppNginx: 写入 nginx 配置文件成功")
// 写入 ssl 文件到 ssl 子目录
logger.Debug(" ☑️ maker.AppNginx: 写入 SSL 证书与密钥到 ssl 子目录")
sslFiles := []struct{ name, content string }{
{"ffdhe2048.txt", resource.SSLFFDHE2048},
{"ca.crt", resource.SSLCaCrt},
{"server.crt", resource.SSLServerCrt},
{"server.key", resource.SSLServerKey},
{"mqtt.server.crt", resource.SSLMQTTServerCrt},
{"mqtt.server.key", resource.SSLMQTTServerKey},
{"client.server.crt", resource.SSLClientServerCrt},
{"client.server.key", resource.SSLClientServerKey},
{"web.server.crt", resource.SSLWebServerCrt},
{"web.server.key", resource.SSLWebServerKey},
}
for _, f := range sslFiles {
dest := filepath.Join(sslDir, f.name)
if err = os.WriteFile(dest, []byte(f.content), 0644); err != nil {
logger.Debug("❌ maker.AppNginx: 写入 %s 失败: %v", f.name, err)
return err
}
logger.Debug("✅ maker.AppNginx: 写入 %s 成功, dest = %s", f.name, dest)
}
// write nginx deployment yaml
dest := filepath.Join(workdir, "nginx.yaml")
content := []byte(fmt.Sprintf(resource.YAMLAppNGINX, o.Replica))
if err = os.WriteFile(dest, content, 0644); err != nil {
logger.Debug("❌ maker.AppNginx: 写入 nginx.yaml 失败: %v", err)
return err
}
logger.Debug("✅ maker.AppNginx: 写入 nginx.yaml 成功, dest = %s", dest)
// write nginx upsert script
dest = filepath.Join(workdir, "upsert.sh")
content = []byte(fmt.Sprintf(_upsert, lo.If(o.WithoutSeafile, "").Else(applySeafile)))
if err = os.WriteFile(dest, content, 0755); err != nil {
logger.Debug("❌ maker.AppNginx: 写入 upsert.sh 失败: %v", err)
return err
}
logger.Debug("✅ maker.AppNginx: 写入 upsert.sh 成功, dest = %s", dest)
logger.Info("✅ maker.AppNginx: nginx 构建完成")
return nil
}
Reference in New Issue View Git Blame Copy Permalink