前言
Spug 面向中小型企业设计的轻量级无 Agent 的自动化运维平台,整合了主机管理、主机批量执行、主机在线终端、文件在线上传下载、应用发布部署、在线任务计划、配置中心、监控、报警等一系列功能。
部署
初始化
系统初始化,安装docker和docker-compose docker和docker-compose一键安装脚本
docker启动
代码语言:javascript复制#获取镜像
docker pull registry.aliyuncs.com/openspug/spug
#启动
mkdir -p /data/spug
docker run -d --restart=always --name=spug -p 80:80 -v /data/spug:/data registry.aliyuncs.com/openspug/spug
#初始化
docker exec spug init_spug spuga spxx@xxxwebz
#重启
docker restart spug
#升级
python3 /data/spug/spug_api/manage.py update
docker-compose启动
代码语言:javascript复制备份数据库
# 进入spug容器内部
mysqldump --single-transaction -uroot spug > spug.sql
# 宿主机执行
find / -name spug.sql
cp /var/lib/docker/overlay2/7ee58e8bdddf83f21923a82fb9bd270c76212b21c06a0a6afad2b29b14c0ef71/diff/root/spug.sql /root/spug.sql
# 建库
mysql -uroot -pxxxxx
CREATE DATABASE `spug` DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
create user 'sguser'@'%' IDENTIFIED BY 'sguser@xxx';
grant all privileges on spug.* to 'sguser'@'%';
flush privileges;
# 数据导入
mysql -usguser -psguser@xxx -h 127.0.0.1 spug < spug.sql
代码语言:javascript复制docker-compose.yml
version: "3.3"
services:
#db:
# image: mariadb:10.8.2
# container_name: spug-db
# restart: always
# command: --port 3306 --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
# volumes:
# - /data/spug/mysql:/var/lib/mysql
# environment:
# - MYSQL_DATABASE=spug
# - MYSQL_USER=spug
# - MYSQL_PASSWORD=spug.cc
# - MYSQL_ROOT_PASSWORD=spug.cc
spug:
image: openspug/spug-service
container_name: spug
privileged: true
restart: always
volumes:
- /data/spug/spug:/data/spug
- /data/spug/repos:/data/repos
ports:
# 如果80端口被占用可替换为其他端口,例如: - "8000:80"
- "803:80"
environment:
- MYSQL_DATABASE=spug
- MYSQL_USER=sguser
- MYSQL_PASSWORD=sguser@xxx
- MYSQL_HOST=172.17.0.10
- MYSQL_PORT=3306
# depends_on:
# - db
代码语言:javascript复制启动
docker-compose up -d
反向代理
代码语言:javascript复制 server {
listen 443 ssl http2;
server_name spug.itbunan.xyz;
server_tokens off;
ssl_certificate /etc/nginx/cert/spug.itbunan.xyz_bundle.crt;
ssl_certificate_key /etc/nginx/cert/spug.itbunan.xyz.key;
ssl_protocols TLSv1.2 TLSv1.3;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_redirect off;
proxy_pass http://172.17.0.10:803;
client_max_body_size 20000m;
}
location ^~ /api/ws/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://172.17.0.10:803;
client_max_body_size 20000m;
}
}
访问使用
【访问】https://spug.itbunan.xyz/
FAQ
登录出现502错误
代码语言:javascript复制进入容器---> 登录mysql ---> 更新字段值,关闭安全认证
docker exec -it spug /bin/bash
mysql
use spug
update settings set value = 'false' where id = 1;
update settings set value = '{"enable": false}' where id = 3;
构建仓库失败
检查git clone权限问题,更新ssh-key后,确认docker内 /root/.ssh/id_rsa 是否更新,是否可以访问 gitlab
重置管理员密码
代码语言:javascript复制docker exec -it spug_1 bash
cd /data/spug/spug_api/
python3 manage.py user reset -u admin -pxxxxxx