Skip to content

P
piplus-backend-v5-server-dockers
Commit 31ef8529 authored by focus's avatar focus
Browse files
Options

add rabbitmq&orange

parent 1fcc5824
Hide whitespace changes
Inline Side-by-side
Showing with 1202 additions and 6 deletions
piplus-backend-v5-orange-docker/Dockerfile 0 → 100644
View file @ 31ef8529
FROM openresty/openresty:latest-centos
MAINTAINER focus@hudongpai.com
# Docker Build Arguments, For further upgrade
ENV ORANGE_PATH /usr/local/orange
ENV LOR_VERSION 0.2.6
ENV ORANGE_VERSION 0.6.0
ENV RUN_ENV dev
# 1) Install yum dependencies
# 2) Cleanup
RUN \
yum install -y \
libuuid-devel \
dnsmasq \
&& yum clean all
# 1) Install lor
# 2) Install orange
# 3) Cleanup
# 4) dnsmasq
RUN \
cd /tmp \
&& ln -s /usr/local/openresty/nginx/sbin/nginx /usr/local/bin/nginx \
&& ln -s /usr/local/openresty/bin/resty /usr/local/bin/resty \
&& curl -fSL https://github.com/sumory/lor/archive/v${LOR_VERSION}.tar.gz -o lor.tar.gz \
&& tar zxf lor.tar.gz \
&& cd /tmp/lor-${LOR_VERSION} \
&& sh install.sh \
&& cd /tmp \
&& curl -fSL https://github.com/sumory/orange/archive/${ORANGE_VERSION}.tar.gz -o orange.tar.gz \
&& tar zxf orange.tar.gz \
&& cd orange-${ORANGE_VERSION} \
&& make install \
&& cd / \
&& rm -rf /tmp/* \
&& echo "user=root" > /etc/dnsmasq.conf \
&& echo 'domain-needed' >> /etc/dnsmasq.conf \
&& echo 'listen-address=127.0.0.1' >> /etc/dnsmasq.conf \
&& echo 'resolv-file=/etc/resolv.dnsmasq.conf' >> /etc/dnsmasq.conf \
&& echo 'conf-dir=/etc/dnsmasq.d' >> /etc/dnsmasq.conf \
# This upstream dns server will cause some issues
&& echo 'nameserver 8.8.8.8' >> /etc/resolv.dnsmasq.conf \
&& echo 'nameserver 8.8.4.4' >> /etc/resolv.dnsmasq.conf
# 1) Add User
# 2) Add configuration file & bootstrap file
# 3) Fix file permission
RUN \
useradd www \
&& echo "www:www" | chpasswd \
&& echo "www ALL=(ALL) ALL" >> /etc/sudoers
ADD conf-dev ${ORANGE_PATH}/conf-dev
ADD conf-sandbox ${ORANGE_PATH}/conf-sandbox
ADD conf-prod ${ORANGE_PATH}/conf-prod
RUN \
mkdir -p ${ORANGE_PATH}/logs \
&& chown -R www:www ${ORANGE_PATH}/*
# Show installization info for debug
RUN \
nginx -V
# Set the default command to execute
# when creating a new container
ADD docker-entrypoint.sh docker-entrypoint.sh
RUN \
cp docker-entrypoint.sh /usr/local/bin \
&& chmod 755 /usr/local/bin/docker-entrypoint.sh
EXPOSE 7777 8888 9999
# Daemon
ENTRYPOINT ["docker-entrypoint.sh"]
piplus-backend-v5-orange-docker/README.md 0 → 100644
View file @ 31ef8529
# Orange in Docker
![](https://img.shields.io/docker/pulls/syhily/orange.svg) ![](https://img.shields.io/docker/stars/syhily/orange.svg) ![](https://img.shields.io/badge/license-MIT-blue.svg)
This is an unofficial Docker image for Orange distribution.
## What is Orange?
API Gateway based on OpenResty.
## How to use this image
First, orange requires a running mysql cluster before it starts. You can either use the official MySQL containers, or use your own.
### Link Orange To A MySQL Container
- Run a MySQL container
```bash
docker run --name orange-database -e MYSQL_ROOT_PASSWORD=your_root_pwd -p 3306:3306 mysql:5.7
```
This is not the only way to get a runing mysql instance.
- Create orange user and grant privileges
```sql
CREATE DATABASE your_database_name;
CREATE USER 'your_database_user'@'%' IDENTIFIED BY 'your_database_password';
GRANT ALL PRIVILEGES ON your_database_name.* TO 'your_database_name'@'%';
```
Import the initial data from a database [dump](https://github.com/sumory/orange/blob/master/install/orange-v0.6.0.sql).
- Runing a orange instance and initialize database scheme.
Modify the `{block}` content, and execute it.
`ORANGE_INIT_DB` variable would be deployment friendly on production.
```bash
docker run -d --name orange \
--link orange-database:orange-database \
-p 7777:7777 \
-p 8888:8888 \
-p 9999:9999 \
--security-opt seccomp:unconfined \
-e ORANGE_DATABASE={your_database_name} \
-e ORANGE_HOST=orange-database \
-e ORANGE_PORT={your_database_port} \
-e ORANGE_USER={your_database_user} \
-e ORANGE_PWD={your_database_password} \
syhily/orange
```
Access orange [dashboard](http://127.0.0.1:9999) (Default Username: admin, Default Password: orange_admin)
### Relative Link's
1. [Orange Dashboard](http://127.0.0.1:9999)
2. [Orange API Endpoint](http://127.0.0.1:7777)
3. [Orange Gateway Access Endpoint](http://127.0.0.1:8888)
### Operation Your Orange
```bash
docker exec -it orange orange COMMAND [OPTIONS]
The commands are:
start Start the Orange Gateway
stop Stop current Orange
reload Reload the config of Orange
restart Restart Orange
version Show the version of Orange
help Show help tips
```
## User Feedback
### Issues
If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/syhily/docker-orange/issues).
### Contributing
You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.
Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/syhily/docker-orange/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.
piplus-backend-v5-orange-docker/conf-dev/mime.types 0 → 100644
View file @ 31ef8529
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
piplus-backend-v5-orange-docker/conf-dev/nginx.conf 0 → 100644
View file @ 31ef8529
worker_processes 4;
events {
worker_connections 4096;
}
# optional: path of orange.conf
env ORANGE_CONF;
http {
resolver 114.114.114.114; # replace it with your favorite config
charset UTF-8;
include ./mime.types;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log ./logs/access.log main;
error_log ./logs/error.log info;
sendfile on;
keepalive_timeout 65;
upstream default_upstream {
server localhost:8001;
}
#----------------------------Orange configuration-----------------------------
lua_package_path '../?.lua;/usr/local/lor/?.lua;;';
lua_code_cache on;
lua_shared_dict orange_data 20m; # should not removed. used for orange data, e.g. plugins configurations..
lua_shared_dict status 1m; # used for global statistic, see plugin: stat
lua_shared_dict waf_status 1m; # used for waf statistic, see plugin: waf
lua_shared_dict monitor 10m; # used for url monitor statistic, see plugin: monitor
lua_shared_dict rate_limit 10m; # used for rate limiting count, see plugin: rate_limiting
init_by_lua_block {
local orange = require("orange.orange")
local env_orange_conf = os.getenv("ORANGE_CONF")
print(string.char(27) .. "[34m" .. "[INFO]" .. string.char(27).. "[0m", [[the env[ORANGE_CONF] is ]], env_orange_conf)
local config_file = env_orange_conf or "./conf/orange.conf"
local config, store = orange.init({
config = config_file
})
-- the orange context
context = {
orange = orange,
store = store,
config = config
}
}
init_worker_by_lua_block {
local orange = context.orange
orange.init_worker()
}
# main server
server {
listen 80;
#server_name my_domain.com;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location / {
set $upstream_host $host;
set $upstream_url 'http://default_upstream';
rewrite_by_lua_block {
local orange = context.orange
orange.redirect()
orange.rewrite()
}
access_by_lua_block {
local orange = context.orange
orange.access()
}
# proxy
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header Host $upstream_host;
proxy_pass $upstream_url;
header_filter_by_lua_block {
local orange = context.orange
orange.header_filter()
}
body_filter_by_lua_block {
local orange = context.orange
orange.body_filter()
}
log_by_lua_block {
local orange = context.orange
orange.log()
}
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
}
# default upstream server
server {
listen 8001;
server_name localhost 127.0.0.1;
access_log ./logs/default_upstream_access.log main;
error_log ./logs/default_upstream_error.log;
location / {
content_by_lua_block {
ngx.status = 404
ngx.say([[404! upstream not found. Host: ]] .. ngx.var.host .. " URI: " .. ngx.var.uri)
}
}
}
# orange dashboard server
server {
listen 9999;
#server_name localhost;
access_log ./logs/dashboard_access.log main;
error_log ./logs/dashboard_error.log info;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
# dashboard的静态文件
location ~* /static/(.*) {
alias ./dashboard/static/$1;
}
location / {
set $template_root '';
content_by_lua_block {
context.views_path = ngx.config.prefix() .. "/dashboard/views"
local main = require("dashboard.main")
main:run()
}
}
}
# api server
server {
listen 7777;
#server_name localhost;
access_log ./logs/api_access.log main;
error_log ./logs/api_error.log info;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
location / {
content_by_lua_block {
local main = require("api.main")
main:run()
}
}
}
}
piplus-backend-v5-orange-docker/conf-dev/orange.conf 0 → 100644
View file @ 31ef8529
{
"plugins": [
"stat",
"monitor",
"redirect",
"rewrite",
"rate_limiting",
"basic_auth",
"key_auth",
"waf",
"divide",
"kvstore"
],
"store": "mysql",
"store_mysql": {
"timeout": 5000,
"connect_config": {
"host": "dev.terran.vip",
"port": 3306,
"database": "orange",
"user": "future",
"password": "future123456",
"max_packet_size": 1048576
},
"pool_config": {
"max_idle_timeout": 10000,
"pool_size": 3
},
"desc": "mysql configuration"
},
"dashboard": {
"auth": true,
"session_secret": "y0ji4pdj61aaf3f11c2e65cd2263d3e7e5",
"whitelist": [
"^/auth/login$",
"^/error/$"
]
},
"api": {
"auth_enable": true,
"credentials": [
{
"username":"terran",
"password":"terran123456"
}
]
}
}
piplus-backend-v5-orange-docker/conf-prod/mime.types 0 → 100644
View file @ 31ef8529
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
piplus-backend-v5-orange-docker/conf-prod/nginx.conf 0 → 100644
View file @ 31ef8529
worker_processes 4;
events {
worker_connections 4096;
}
# optional: path of orange.conf
env ORANGE_CONF;
http {
resolver 114.114.114.114; # replace it with your favorite config
charset UTF-8;
include ./mime.types;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log ./logs/access.log main;
error_log ./logs/error.log info;
sendfile on;
keepalive_timeout 65;
upstream default_upstream {
server localhost:8001;
}
#----------------------------Orange configuration-----------------------------
lua_package_path '../?.lua;/usr/local/lor/?.lua;;';
lua_code_cache on;
lua_shared_dict orange_data 20m; # should not removed. used for orange data, e.g. plugins configurations..
lua_shared_dict status 1m; # used for global statistic, see plugin: stat
lua_shared_dict waf_status 1m; # used for waf statistic, see plugin: waf
lua_shared_dict monitor 10m; # used for url monitor statistic, see plugin: monitor
lua_shared_dict rate_limit 10m; # used for rate limiting count, see plugin: rate_limiting
init_by_lua_block {
local orange = require("orange.orange")
local env_orange_conf = os.getenv("ORANGE_CONF")
print(string.char(27) .. "[34m" .. "[INFO]" .. string.char(27).. "[0m", [[the env[ORANGE_CONF] is ]], env_orange_conf)
local config_file = env_orange_conf or "./conf/orange.conf"
local config, store = orange.init({
config = config_file
})
-- the orange context
context = {
orange = orange,
store = store,
config = config
}
}
init_worker_by_lua_block {
local orange = context.orange
orange.init_worker()
}
# main server
server {
listen 80;
#server_name my_domain.com;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location / {
set $upstream_host $host;
set $upstream_url 'http://default_upstream';
rewrite_by_lua_block {
local orange = context.orange
orange.redirect()
orange.rewrite()
}
access_by_lua_block {
local orange = context.orange
orange.access()
}
# proxy
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header Host $upstream_host;
proxy_pass $upstream_url;
header_filter_by_lua_block {
local orange = context.orange
orange.header_filter()
}
body_filter_by_lua_block {
local orange = context.orange
orange.body_filter()
}
log_by_lua_block {
local orange = context.orange
orange.log()
}
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
}
# default upstream server
server {
listen 8001;
server_name localhost 127.0.0.1;
access_log ./logs/default_upstream_access.log main;
error_log ./logs/default_upstream_error.log;
location / {
content_by_lua_block {
ngx.status = 404
ngx.say([[404! upstream not found. Host: ]] .. ngx.var.host .. " URI: " .. ngx.var.uri)
}
}
}
# orange dashboard server
server {
listen 9999;
#server_name localhost;
access_log ./logs/dashboard_access.log main;
error_log ./logs/dashboard_error.log info;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
# dashboard的静态文件
location ~* /static/(.*) {
alias ./dashboard/static/$1;
}
location / {
set $template_root '';
content_by_lua_block {
context.views_path = ngx.config.prefix() .. "/dashboard/views"
local main = require("dashboard.main")
main:run()
}
}
}
# api server
server {
listen 7777;
#server_name localhost;
access_log ./logs/api_access.log main;
error_log ./logs/api_error.log info;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
location / {
content_by_lua_block {
local main = require("api.main")
main:run()
}
}
}
}
piplus-backend-v5-orange-docker/conf-prod/orange.conf 0 → 100644
View file @ 31ef8529
{
"plugins": [
"stat",
"monitor",
"redirect",
"rewrite",
"rate_limiting",
"basic_auth",
"key_auth",
"waf",
"divide",
"kvstore"
],
"store": "mysql",
"store_mysql": {
"timeout": 5000,
"connect_config": {
"host": "dev.internal.terran.vip",
"port": 3306,
"database": "orange",
"user": "future",
"password": "future123456",
"max_packet_size": 1048576
},
"pool_config": {
"max_idle_timeout": 10000,
"pool_size": 3
},
"desc": "mysql configuration"
},
"dashboard": {
"auth": true,
"session_secret": "y0ji4pdj61aaf3f11c2e65cd2263d3e7e5",
"whitelist": [
"^/auth/login$",
"^/error/$"
]
},
"api": {
"auth_enable": true,
"credentials": [
{
"username":"terran",
"password":"terran123456"
}
]
}
}
piplus-backend-v5-orange-docker/conf-sandbox/mime.types 0 → 100644
View file @ 31ef8529
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
piplus-backend-v5-orange-docker/conf-sandbox/nginx.conf 0 → 100644
View file @ 31ef8529
worker_processes 4;
events {
worker_connections 4096;
}
# optional: path of orange.conf
env ORANGE_CONF;
http {
resolver 114.114.114.114; # replace it with your favorite config
charset UTF-8;
include ./mime.types;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log ./logs/access.log main;
error_log ./logs/error.log info;
sendfile on;
keepalive_timeout 65;
upstream default_upstream {
server localhost:8001;
}
#----------------------------Orange configuration-----------------------------
lua_package_path '../?.lua;/usr/local/lor/?.lua;;';
lua_code_cache on;
lua_shared_dict orange_data 20m; # should not removed. used for orange data, e.g. plugins configurations..
lua_shared_dict status 1m; # used for global statistic, see plugin: stat
lua_shared_dict waf_status 1m; # used for waf statistic, see plugin: waf
lua_shared_dict monitor 10m; # used for url monitor statistic, see plugin: monitor
lua_shared_dict rate_limit 10m; # used for rate limiting count, see plugin: rate_limiting
init_by_lua_block {
local orange = require("orange.orange")
local env_orange_conf = os.getenv("ORANGE_CONF")
print(string.char(27) .. "[34m" .. "[INFO]" .. string.char(27).. "[0m", [[the env[ORANGE_CONF] is ]], env_orange_conf)
local config_file = env_orange_conf or "./conf/orange.conf"
local config, store = orange.init({
config = config_file
})
-- the orange context
context = {
orange = orange,
store = store,
config = config
}
}
init_worker_by_lua_block {
local orange = context.orange
orange.init_worker()
}
# main server
server {
listen 80;
#server_name my_domain.com;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location / {
set $upstream_host $host;
set $upstream_url 'http://default_upstream';
rewrite_by_lua_block {
local orange = context.orange
orange.redirect()
orange.rewrite()
}
access_by_lua_block {
local orange = context.orange
orange.access()
}
# proxy
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header Host $upstream_host;
proxy_pass $upstream_url;
header_filter_by_lua_block {
local orange = context.orange
orange.header_filter()
}
body_filter_by_lua_block {
local orange = context.orange
orange.body_filter()
}
log_by_lua_block {
local orange = context.orange
orange.log()
}
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
}
# default upstream server
server {
listen 8001;
server_name localhost 127.0.0.1;
access_log ./logs/default_upstream_access.log main;
error_log ./logs/default_upstream_error.log;
location / {
content_by_lua_block {
ngx.status = 404
ngx.say([[404! upstream not found. Host: ]] .. ngx.var.host .. " URI: " .. ngx.var.uri)
}
}
}
# orange dashboard server
server {
listen 9999;
#server_name localhost;
access_log ./logs/dashboard_access.log main;
error_log ./logs/dashboard_error.log info;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
# dashboard的静态文件
location ~* /static/(.*) {
alias ./dashboard/static/$1;
}
location / {
set $template_root '';
content_by_lua_block {
context.views_path = ngx.config.prefix() .. "/dashboard/views"
local main = require("dashboard.main")
main:run()
}
}
}
# api server
server {
listen 7777;
#server_name localhost;
access_log ./logs/api_access.log main;
error_log ./logs/api_error.log info;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location /robots.txt {
return 200 'User-agent: *\nDisallow: /';
}
location / {
content_by_lua_block {
local main = require("api.main")
main:run()
}
}
}
}
piplus-backend-v5-orange-docker/conf-sandbox/orange.conf 0 → 100644
View file @ 31ef8529
{
"plugins": [
"stat",
"monitor",
"redirect",
"rewrite",
"rate_limiting",
"basic_auth",
"key_auth",
"waf",
"divide",
"kvstore"
],
"store": "mysql",
"store_mysql": {
"timeout": 5000,
"connect_config": {
"host": "sandbox.internal.terran.vip",
"port": 3306,
"database": "orange",
"user": "future",
"password": "future123456",
"max_packet_size": 1048576
},
"pool_config": {
"max_idle_timeout": 10000,
"pool_size": 3
},
"desc": "mysql configuration"
},
"dashboard": {
"auth": true,
"session_secret": "y0ji4pdj61aaf3f11c2e65cd2263d3e7e5",
"whitelist": [
"^/auth/login$",
"^/error/$"
]
},
"api": {
"auth_enable": true,
"credentials": [
{
"username":"terran",
"password":"terran123456"
}
]
}
}
piplus-backend-v5-orange-docker/docker-entrypoint.sh 0 → 100644
View file @ 31ef8529
#!/bin/bash
ORANGE_CONF="/usr/local/orange/conf/orange.conf"
NGINX_CONF="/usr/local/orange/conf/nginx.conf"
#over configuration file
rm -rf /usr/local/orange/conf/*
cp -a /usr/local/orange/conf-${RUN_ENV}/* /usr/local/orange/conf/
chown -R www:www /usr/local/orange/*
# DNS resolve for nginx
dnsmasq
# if command starts with option, init mysql
if [[ "X${ORANGE_DATABASE}" != "X" ]]; then
sed -i "s/\"host\": \"127.0.0.1\"/\"host\": \"${ORANGE_HOST}\"/g" ${ORANGE_CONF}
sed -i "s/\"port\": \"3306\"/\"port\": \"${ORANGE_PORT}\"/g" ${ORANGE_CONF}
sed -i "s/\"database\": \"orange\"/\"database\": \"${ORANGE_DATABASE}\"/g" ${ORANGE_CONF}
sed -i "s/\"user\": \"root\"/\"user\": \"${ORANGE_USER}\"/g" ${ORANGE_CONF}
sed -i "s/\"password\": \"\"/\"password\": \"${ORANGE_PWD}\"/g" ${ORANGE_CONF}
fi
# Nginx conf modify
grep "www www" ${NGINX_CONF} > /dev/null
if [ $? -ne 0 ];then
sed -i "s/worker_processes 4;/user www www;\nworker_processes 4;\ndaemon off;/g" ${NGINX_CONF}
fi
sed -i "s/resolver 114.114.114.114;/resolver 127.0.0.1 ipv6=off;/g" ${NGINX_CONF}
sed -i "s/lua_package_path '..\/?.lua;\/usr\/local\/lor\/?.lua;;';/lua_package_path '\/usr\/local\/orange\/?.lua;\/usr\/local\/lor\/?.lua;;';/g" ${NGINX_CONF}
sed -i "s/listen 80;/listen 8888;/g" ${NGINX_CONF}
/usr/local/bin/orange start
piplus-backend-v5-rabbitmq-docker/Dockerfile
View file @ 31ef8529
...@@ -69,8 +69,8 @@ ADD erlang.cookie /var/lib/rabbitmq/.erlang.cookie ...@@ -69,8 +69,8 @@ ADD erlang.cookie /var/lib/rabbitmq/.erlang.cookie
RUN chown -R rabbitmq:rabbitmq /var/lib/rabbitmq/.erlang.cookie RUN chown -R rabbitmq:rabbitmq /var/lib/rabbitmq/.erlang.cookie
RUN chmod 600 /var/lib/rabbitmq/.erlang.cookie RUN chmod 600 /var/lib/rabbitmq/.erlang.cookie
RUN mkdir -p /var/lib/rabbitmq /etc/rabbitmq /opt/rabbit \ RUN mkdir -p /var/lib/rabbitmq /etc/rabbitmq \
&& chown -R rabbitmq:rabbitmq /var/lib/rabbitmq /etc/rabbitmq /opt/rabbit \ && chown -R rabbitmq:rabbitmq /var/lib/rabbitmq /etc/rabbitmq \
&& chmod 777 /var/lib/rabbitmq /etc/rabbitmq && chmod 777 /var/lib/rabbitmq /etc/rabbitmq
VOLUME /var/lib/rabbitmq VOLUME /var/lib/rabbitmq
......
piplus-backend-v5-rabbitmq-docker/docker-compose.yml
View file @ 31ef8529
...@@ -5,6 +5,7 @@ rabbit1: ...@@ -5,6 +5,7 @@ rabbit1:
- "5672:5672" - "5672:5672"
- "15672:15672" - "15672:15672"
environment: environment:
- CLUSTERED=true
- RABBITMQ_ERLANG_COOKIE=terran123456 - RABBITMQ_ERLANG_COOKIE=terran123456
volumes: volumes:
- /var/lib/rabbitmq - /var/lib/rabbitmq
...@@ -18,6 +19,8 @@ rabbit2: ...@@ -18,6 +19,8 @@ rabbit2:
- CLUSTERED=true - CLUSTERED=true
- RABBITMQ_ERLANG_COOKIE=terran123456 - RABBITMQ_ERLANG_COOKIE=terran123456
- CLUSTER_WITH=rabbit1 - CLUSTER_WITH=rabbit1
- MIRROR_POLICY_PATTERN=^
- MIRROR_POLICY_DEF={"ha-mode":"all","ha-sync-mode":"automatic"}
- RAM_NODE=true - RAM_NODE=true
ports: ports:
- "5673:5672" - "5673:5672"
...@@ -35,6 +38,8 @@ rabbit3: ...@@ -35,6 +38,8 @@ rabbit3:
- CLUSTERED=true - CLUSTERED=true
- RABBITMQ_ERLANG_COOKIE=terran123456 - RABBITMQ_ERLANG_COOKIE=terran123456
- CLUSTER_WITH=rabbit1 - CLUSTER_WITH=rabbit1
- MIRROR_POLICY_PATTERN=^
- MIRROR_POLICY_DEF={"ha-mode":"all","ha-sync-mode":"automatic"}
ports: ports:
- "5674:5672" - "5674:5672"
volumes: volumes:
......
piplus-backend-v5-rabbitmq-docker/startrabbit.sh
View file @ 31ef8529
#!/bin/bash #!/bin/bash
logfile=/var/lib/rabbitmq/log/rabbit\@$HOSTNAME.log
ln -sf /dev/stdout $logfile
if [ "$CLUSTERED" == "false" ]; then if [ "$CLUSTERED" == "false" ]; then
# if not clustered then start it normally as if it is a single server # if not clustered then start it normally as if it is a single server
/usr/sbin/rabbitmq-server /usr/sbin/rabbitmq-server >$logfile &
else else
if [ -z "$CLUSTER_WITH" ]; then if [ -z "$CLUSTER_WITH" ]; then
# If clustered, but cluster with is not specified then again start normally, could be the first server in the # If clustered, but cluster with is not specified then again start normally, could be the first server in the
# cluster # cluster
/usr/sbin/rabbitmq-server /usr/sbin/rabbitmq-server >$logfile &
else else
/usr/sbin/rabbitmq-server >/var/lib/rabbitmq/log/rabbit\@$HOSTNAME.log & /usr/sbin/rabbitmq-server >$logfile &
rabbitmqctl stop_app rabbitmqctl stop_app
if [ -z "$RAM_NODE" ]; then if [ -z "$RAM_NODE" ]; then
rabbitmqctl join_cluster rabbit@$CLUSTER_WITH rabbitmqctl join_cluster rabbit@$CLUSTER_WITH
...@@ -17,6 +20,5 @@ else ...@@ -17,6 +20,5 @@ else
rabbitmqctl join_cluster --ram rabbit@$CLUSTER_WITH rabbitmqctl join_cluster --ram rabbit@$CLUSTER_WITH
fi fi
rabbitmqctl start_app rabbitmqctl start_app
tail -f var/lib/rabbitmq/log/rabbit\@$HOSTNAME.log
fi fi
fi fi
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment