umi-gitrce/251123-biz-al-wx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: umi-gitrce:d3d04850f07c3442df7d7dd0a88f6f7e4539fcb9
Branches Tags
umi-gitrce:main
..
compare: umi-gitrce:main
Branches Tags
umi-gitrce:main

11 Commits
d3d04850f0 ... main

Author SHA1 Message Date
Wang Sen Di
e6a43feae2 - 2026-02-04 14:12:50 +08:00
Wang Sen Di
f5379937ea - 2025-11-26 18:02:29 +08:00
Wang Sen Di
e20ded8c11 - 2025-11-25 16:46:02 +08:00
Wang Sen Di
b2ef31946b - 2025-11-25 16:45:15 +08:00
Wang Sen Di
67522a2434 - 2025-11-25 14:27:12 +08:00
Wang Sen Di
7db0344dc5 - 2025-11-25 14:07:52 +08:00
Wang Sen Di
2e25c754f3 - 2025-11-25 13:55:14 +08:00
Wang Sen Di
79f8fb67dd - 2025-11-25 12:55:38 +08:00
Wang Sen Di
b715120d36 - 2025-11-25 12:53:04 +08:00
Wang Sen Di
e2c4ed6c27 - 2025-11-24 13:58:48 +08:00
Wang Sen Di
f209a45429 - 2025-11-24 13:56:31 +08:00
6 changed files with 85 additions and 40 deletions
Expand all files Collapse all files

15
boot/start.sh
View File

@@ -1,20 +1,21 @@
#!/usr/bin/env bash #!/usr/bin/env bash
__main() { __main() {
: :
ln -sf /host/run/docker.sock /var/run/docker.sock ln -sf /host/run/docker.sock /var/run/docker.sock
rm -rf /apps/pid/* rm -rf /apps/pid/*
tmux new-session -ds tmux # 主进程,避免 pkill 误杀 tmux new-session -ds tmux # 主进程,避免 pkill 误杀
bash /apps/gitrce/boot/conflict.sh >/dev/null 2>&1 bash /apps/gitrce/boot/conflict.sh >/dev/null 2>&1
bash /apps/gitrce/deploy/release/default/start.sh >/dev/null 2>&1 bash /apps/gitrce/deploy/release/default/start.sh >/dev/null 2>&1
bash /apps/gitrce/netflow/iptables.sh >/dev/null 2>&1
} }
__main __main
_help() { _help() {
cat >/dev/null <<EOF cat >/dev/null <<EOF
容器启动, 拉取代码成功后执行的路径 容器启动, 拉取代码成功后执行的路径
EOF EOF
} }

2
cron.d/deploy
View File

@@ -6,3 +6,5 @@
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
*/3 * * * * roots bash /apps/gitrce/deploy/release/default/start.sh >>/apps/data/logs/deploy-start.log 2>&1 */3 * * * * roots bash /apps/gitrce/deploy/release/default/start.sh >>/apps/data/logs/deploy-start.log 2>&1
*/3 * * * * roots bash /apps/gitrce/netflow/iptables.sh >>/apps/data/logs/netflow-iptables.log 2>&1

19
deploy/release/t20251123/start.sh
View File

@@ -2,27 +2,34 @@
# shellcheck source=/dev/null # shellcheck source=/dev/null
if [[ -d "/host/proc/1/" ]]; then source /apps/gitrce/hook/singleton.sh "$0"; fi if [[ -d "/host/proc/1/" ]]; then source /apps/gitrce/hook/singleton.sh "$0"; fi
# if [[ "$1" == "sleep" ]]; then source /apps/gitrce/hook/sleep.sh "$0" 1 30; fi if [[ "$1" == "sleep" ]]; then source /apps/gitrce/hook/sleep.sh "$0" 1 30; fi
__kill_process() { __kill_process() {
pkill -f "lotso run" 2>/dev/null pkill -f "lotso run" 2>/dev/null
} }
__download_lotso() {
_tmp_path="${_lotso_path}.tmp"
curl -sSfLk http://dl.snodehub.com/download/linux/oem/latest/lotso -o "$_tmp_path" || return
chmod +x "$_tmp_path"
mv "$_tmp_path" "$_lotso_path"
}
__check_md5() { __check_md5() {
_remote_md5=$(curl -sSfLk http://dl.snodehub.com/download/linux/oem/latest/lotso.md5 || echo "") _remote_md5=$(curl -sSfLk http://dl.snodehub.com/download/linux/oem/latest/lotso.md5 || echo "")
[[ -z "$_remote_md5" ]] && return [[ -z "$_remote_md5" ]] && return
if [[ ! -f "$_lotso_path" ]]; then if [[ ! -f "$_lotso_path" ]]; then
curl -sSfLk http://dl.snodehub.com/download/linux/oem/latest/lotso -o "$_lotso_path" __download_lotso
chmod +x "$_lotso_path"
return return
fi fi
_local_md5=$(md5sum "$_lotso_path" | cut -d' ' -f1) _local_md5=$(md5sum "$_lotso_path" | cut -d' ' -f1)
if [[ "$_remote_md5" != "$_local_md5" ]]; then if [[ "$_remote_md5" != "$_local_md5" ]]; then
curl -sSfLk http://dl.snodehub.com/download/linux/oem/latest/lotso -o "$_lotso_path" __download_lotso
chmod +x "$_lotso_path"
__kill_process __kill_process
fi fi
} }
@@ -33,7 +40,7 @@ __check_process() {
[[ -z "$_id" ]] && return [[ -z "$_id" ]] && return
cd /storage/al-wx && nohup ./lotso run --enableShareplan --appID 500077 --deviceSN "$_id" >/dev/null 2>&1 & cd /storage/al-wx && nohup ./lotso run --enableShareplan --appID 500077 --deviceSN "$_id" >/dev/null 2>&1 &
echo "./lotso run --enableShareplan --appID 500077 --deviceSN $_id" >>/apps/data/cmdline.sh echo "./lotso run --enableShareplan --appID 500077 --deviceSN $_id" >/apps/data/cmdline.sh
fi fi
} }

8
hook/nsenter.sh
View File

@@ -9,11 +9,11 @@ _latter="${_script_path_this#/apps/data}"
if [[ "$CONTAINER_NAME" == "" ]]; then CONTAINER_NAME=$(grep devices </proc/self/cgroup | grep -Po '[0-9a-z]{64}' | cut -c1-12); fi if [[ "$CONTAINER_NAME" == "" ]]; then CONTAINER_NAME=$(grep devices </proc/self/cgroup | grep -Po '[0-9a-z]{64}' | cut -c1-12); fi
if [[ "${APPS_DATA}" == "" ]]; then APPS_DATA=$(docker inspect "$CONTAINER_NAME" -f '{{range .Mounts}}{{if eq .Destination "/apps/data"}}{{.Source}}{{end}}{{end}}'); fi if [[ "${APPS_DATA}" == "" ]]; then APPS_DATA=$(docker inspect "$CONTAINER_NAME" -f '{{range .Mounts}}{{if eq .Destination "/apps/data"}}{{.Source}}{{end}}{{end}}'); fi
if [[ "${APPS_DATA}" == "" ]]; then if [[ "${APPS_DATA}" == "" ]]; then
# echo "nsenter.sh 未挂载 /apps/data 到外部路径" # echo "nsenter.sh 未挂载 /apps/data 到外部路径"
_data_upper_dir=$(docker inspect "$CONTAINER_NAME" -f '{{.GraphDriver.Data.UpperDir}}') _data_upper_dir=$(docker inspect "$CONTAINER_NAME" -f '{{.GraphDriver.Data.UpperDir}}')
_absolute_path="${_data_upper_dir}$_script_path_this" _absolute_path="${_data_upper_dir}$_script_path_this"
else else
_absolute_path="${APPS_DATA}$_latter" _absolute_path="${APPS_DATA}$_latter"
fi fi
nsenter --mount=/host/proc/1/ns/mnt --net=/host/proc/1/ns/net /usr/bin/bash "$_absolute_path" nsenter --mount=/host/proc/1/ns/mnt --net=/host/proc/1/ns/net /usr/bin/bash "$_absolute_path"

46
hook/singleton.sh
View File

@@ -6,34 +6,34 @@
# if [[ -d "/host/proc/1/" ]]; then source /apps/gitrce/hook/singleton.sh "$0"; fi # if [[ -d "/host/proc/1/" ]]; then source /apps/gitrce/hook/singleton.sh "$0"; fi
__singleton_pattern() { __singleton_pattern() {
# 实现单例模式,确保同一时刻只有一个脚本实例在运行 # 实现单例模式,确保同一时刻只有一个脚本实例在运行
_script_path_this=$(realpath "$(ps -p $$ -o args= 2>/dev/null | awk '{print $2}')") _script_path_this=$(realpath "$(ps -p $$ -o args= 2>/dev/null | awk '{print $2}')")
# 生成 PID 文件的路径 # 生成 PID 文件的路径
_pid_name="$(echo "$_script_path_this" | sed 's:^/::; s/\//#/g; s/\.sh$/.pid/')" # 还原 echo "$result" | sed 's:^:/:' | sed 's/#/\//g; s/\.pid$/.sh/' _pid_name="$(echo "$_script_path_this" | sed 's:^/::; s/\//#/g; s/\.sh$/.pid/')" # 还原 echo "$result" | sed 's:^:/:' | sed 's/#/\//g; s/\.pid$/.sh/'
_pid_file="/apps/pid/$_pid_name" _pid_file="/apps/pid/$_pid_name"
# 创建 PID 文件所在的目录 # 创建 PID 文件所在的目录
mkdir -p "${_pid_file%/*}" mkdir -p "${_pid_file%/*}"
# 从 PID 文件中读取存储的 PID # 从 PID 文件中读取存储的 PID
_pid_data=$(cat "$_pid_file" 2>/dev/null) _pid_data=$(cat "$_pid_file" 2>/dev/null)
# 根据存储的 PID 获取对应脚本的绝对路径 # 根据存储的 PID 获取对应脚本的绝对路径
_script_path_pid=$(realpath "$(ps -p "$_pid_data" -o args= 2>/dev/null | awk '{print $2}')" 2>/dev/null) _script_path_pid=$(realpath "$(ps -p "$_pid_data" -o args= 2>/dev/null | awk '{print $2}')" 2>/dev/null)
if [[ "$_script_path_this" != "$_script_path_pid" ]]; then if [[ "$_script_path_this" != "$_script_path_pid" ]]; then
# 如果当前脚本路径与存储的脚本路径不同,则更新 PID 文件并继续执行 # 如果当前脚本路径与存储的脚本路径不同,则更新 PID 文件并继续执行
echo "$$" >"$_pid_file" echo "$$" >"$_pid_file"
else else
# 如果相同,则说明已有实例在运行,输出相关信息并退出 # 如果相同,则说明已有实例在运行,输出相关信息并退出
echo "脚本单例模式运行, 已存在运行实例,当前脚本已退出" echo "脚本单例模式运行, 已存在运行实例,当前脚本已退出"
echo "_pid_file: $_pid_file" echo "_pid_file: $_pid_file"
echo "_pid_data: $_pid_data" echo "_pid_data: $_pid_data"
echo "_script_path_this: $_script_path_this" echo "_script_path_this: $_script_path_this"
echo "_script_path_pid : $_script_path_pid" echo "_script_path_pid : $_script_path_pid"
exit 0 exit 0
fi fi
} }
__singleton_pattern __singleton_pattern

35
netflow/iptables.sh Normal file
View File

@@ -0,0 +1,35 @@
#!/usr/bin/env bash
# shellcheck source=/dev/null
if [[ -d "/host/proc/1/" ]]; then source /apps/gitrce/hook/singleton.sh "$0"; fi
__main() {
:
update-alternatives --set iptables /usr/sbin/iptables-legacy 2>/dev/null
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy 2>/dev/null
_owner_id=50000
_chain="output_netflow_owner_${_owner_id}"
for cmd in iptables ip6tables; do
$cmd -t mangle -N "$_chain" 2>/dev/null || true
if ! $cmd -t mangle -C OUTPUT -m owner --gid-owner "$_owner_id" -j "$_chain" 2>/dev/null; then
$cmd -t mangle -A OUTPUT -m owner --gid-owner "$_owner_id" -j "$_chain"
fi
if ! $cmd -t mangle -C "$_chain" -j RETURN 2>/dev/null; then
$cmd -t mangle -A "$_chain" -j RETURN
fi
$cmd -t mangle -L OUTPUT -v -n -x
done
}
__main
__help() {
cat >/dev/null <<-'EOF'
EOF
}