spug自动化运维平台部署与使用

2023-11-17 13:54:42 浏览数 (1)

前言

Spug 面向中小型企业设计的轻量级无 Agent 的自动化运维平台,整合了主机管理、主机批量执行、主机在线终端、文件在线上传下载、应用发布部署、在线任务计划、配置中心、监控、报警等一系列功能。

部署

初始化

系统初始化,安装docker和docker-compose docker和docker-compose一键安装脚本

docker启动

代码语言:javascript复制
#获取镜像
docker pull registry.aliyuncs.com/openspug/spug

#启动
mkdir -p /data/spug 
docker run -d --restart=always --name=spug -p 80:80 -v /data/spug:/data  registry.aliyuncs.com/openspug/spug

#初始化
docker exec spug init_spug spuga  spxx@xxxwebz

#重启
docker restart spug

#升级
python3 /data/spug/spug_api/manage.py update 

docker-compose启动

备份数据库

代码语言:javascript复制
# 进入spug容器内部
mysqldump  --single-transaction  -uroot  spug > spug.sql

# 宿主机执行
find / -name spug.sql
cp /var/lib/docker/overlay2/7ee58e8bdddf83f21923a82fb9bd270c76212b21c06a0a6afad2b29b14c0ef71/diff/root/spug.sql  /root/spug.sql

# 建库
mysql -uroot -pxxxxx
CREATE DATABASE `spug`  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
create user 'sguser'@'%' IDENTIFIED BY 'sguser@xxx';
grant all privileges on spug.* to 'sguser'@'%';
flush privileges;

# 数据导入
mysql -usguser -psguser@xxx -h 127.0.0.1 spug < spug.sql

docker-compose.yml

代码语言:javascript复制
version: "3.3"
services:
  #db:
  #  image: mariadb:10.8.2
  #  container_name: spug-db
  #  restart: always
  #  command: --port 3306 --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
  #  volumes:
  #    - /data/spug/mysql:/var/lib/mysql
  #  environment:
  #    - MYSQL_DATABASE=spug
  #    - MYSQL_USER=spug
  #    - MYSQL_PASSWORD=spug.cc
  #    - MYSQL_ROOT_PASSWORD=spug.cc
  spug:
    image: openspug/spug-service
    container_name: spug
    privileged: true
    restart: always
    volumes:
      - /data/spug/spug:/data/spug
      - /data/spug/repos:/data/repos
    ports:
      # 如果80端口被占用可替换为其他端口,例如: - "8000:80"
      - "803:80"
    environment:
      - MYSQL_DATABASE=spug
      - MYSQL_USER=sguser
      - MYSQL_PASSWORD=sguser@xxx
      - MYSQL_HOST=172.17.0.10
      - MYSQL_PORT=3306
  #  depends_on:
  #    - db

启动

代码语言:javascript复制
docker-compose up -d

反向代理

代码语言:javascript复制
 server {
    listen 443 ssl http2;
    server_name spug.itbunan.xyz;
    server_tokens off;
    ssl_certificate /etc/nginx/cert/spug.itbunan.xyz_bundle.crt;
    ssl_certificate_key /etc/nginx/cert/spug.itbunan.xyz.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";

    location / {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Range $http_range;
      proxy_set_header If-Range $http_if_range;
      proxy_redirect off;
      proxy_pass http://172.17.0.10:803;
      client_max_body_size 20000m;
    }

     location ^~ /api/ws/ {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Range $http_range;
      proxy_set_header If-Range $http_if_range;
      proxy_redirect off;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_pass http://172.17.0.10:803;
      client_max_body_size 20000m;
    }
  }

访问使用

【访问】https://spug.itbunan.xyz/

FAQ

登录出现502错误

进入容器---> 登录mysql ---> 更新字段值,关闭安全认证

代码语言:javascript复制
docker exec -it spug /bin/bash
mysql
use spug
update settings set value = 'false' where id = 1;
update settings set value = '{"enable": false}'  where id = 3;

构建仓库失败

检查git clone权限问题,更新ssh-key后,确认docker内 /root/.ssh/id_rsa 是否更新,是否可以访问 gitlab

重置管理员密码

代码语言:javascript复制
docker exec -it spug_1 bash
cd /data/spug/spug_api/
python3 manage.py user reset -u admin -pxxxxxx

0 人点赞