diff --git a/elasticsearch7/ADD/ccmd b/elasticsearch7/ADD/ccmd index c15719d..ed8ffba 100755 --- a/elasticsearch7/ADD/ccmd +++ b/elasticsearch7/ADD/ccmd @@ -131,7 +131,7 @@ function StartProc { /opt/es/bin/elasticsearch -Epath.data=/opt/es/data -Epath.logs=/opt/es/logs " &> /dev/null & PIDS="$PIDS $!" - [ -n "$BOOTSTRAP" ] && SetupPassword + [ -z "$BOOTSTRAP" ] || SetupPassword } function Main { diff --git a/letsencrypt/Demo/SingleNode/aliyun-api.sh b/letsencrypt/Demo/SingleNode/aliyun-api.sh index c229c27..ee6cb27 100755 --- a/letsencrypt/Demo/SingleNode/aliyun-api.sh +++ b/letsencrypt/Demo/SingleNode/aliyun-api.sh @@ -136,10 +136,17 @@ function DeleteRecord { function Main { [ -e "$PID_FILE" ] && Error Pid file $PID_FILE already exists, quit! echo $$ > $PID_FILE - ListRecord - [ -z "$RECORD_ID" ] && CreateRecord - [ -n "$RECORD_ID" ] && ModifyRecord - END=1 + for _ in {1..5}; do + ListRecord || continue + if [ -z "$RECORD_ID" ]; then + CreateRecord || continue + else + ModifyRecord || continue + fi + END=1 + return 0 + done + return 1 } # Start here diff --git a/letsencrypt/Demo/SingleNode/docker-compose.yml b/letsencrypt/Demo/SingleNode/docker-compose.yml index 61b3319..63ff1b1 100644 --- a/letsencrypt/Demo/SingleNode/docker-compose.yml +++ b/letsencrypt/Demo/SingleNode/docker-compose.yml @@ -23,7 +23,7 @@ services: restart: "no" stop_grace_period: 1m environment: - DOMAINS: "*.xxx.com" + DOMAINS: "*.xxx.com,*.yyy.com" network_mode: host volumes: - type: bind diff --git a/letsencrypt/Demo/SingleNode/tencent-api.sh b/letsencrypt/Demo/SingleNode/tencent-api.sh index b54d813..96f258d 100755 --- a/letsencrypt/Demo/SingleNode/tencent-api.sh +++ b/letsencrypt/Demo/SingleNode/tencent-api.sh @@ -125,10 +125,17 @@ function DeleteRecord { function Main { [ -e "$PID_FILE" ] && Error Pid file $PID_FILE already exists, quit! echo $$ > $PID_FILE - ListRecord - [ -z "$RECORD_ID" ] && CreateRecord - [ -n "$RECORD_ID" ] && ModifyRecord - END=1 + for _ in {1..5}; do + ListRecord || continue + if [ -z "$RECORD_ID" ]; then + CreateRecord || continue + else + ModifyRecord || continue + fi + END=1 + return 0 + done + return 1 } # Start here diff --git a/ops/Dockerfile b/ops/Dockerfile index 217da4b..891e0e2 100644 --- a/ops/Dockerfile +++ b/ops/Dockerfile @@ -1,53 +1,41 @@ ARG ARCH FROM harbor.colben.cn/general/jdk$ARCH:8 MAINTAINER Colben colbenlee@gmail.com -ADD --chown=root:root /ADD/ /opt/ +RUN tdnf makecache \ + && tdnf -y install git openssh openssh-clients openssh-server sshpass jq ansible \ + && echo 'root:Ops_1234' | chpasswd \ + && mkdir -m 0700 /root/.ssh \ + && sed -i \ + -e '/^Port /d' \ + -e '/^PermitRootLogin /d' \ + -e '/^TCPKeepAlive /d' \ + -e '/^ClientAliveInterval /d' \ + -e '/^ClientAliveCountMax /d' \ + -e '/^UseDNS /d' \ + -e '$aPort 20022' \ + -e '$aPermitRootLogin yes' \ + -e '$aTCPKeepAlive yes' \ + -e '$aClientAliveInterval 60' \ + -e '$aClientAliveCountMax 3' \ + -e '$aUseDNS yes' \ + /etc/ssh/sshd_config \ + && mkdir -m 0755 /etc/ansible \ + && echo -e '[defaults]\n\ +host_key_checking = False\n\ +stdout_callback = debug\n\ +retry_files_enabled = False\n\ +' > /etc/ansible/ansible.cfg \ + && echo -e '[all:vars]\n\ +ansible_ssh_port=22\n\ +ansible_ssh_user=root\n\ +ansible_ssh_pass=111111\n\ +' > /etc/ansible/hosts \ + && grep '^export PS' /etc/bash.bashrc | sed 's/\\h/OPS/' >> /etc/profile \ + && rm -rf /var/cache/tdnf +ADD --chown=root:root /ADD/maven /opt/maven +ADD --chown=root:root /ADD/ssh_host_* /etc/ssh/ +ADD --chown=root:root /ADD/id_rsa* /root/.ssh/ ENV MAVEN_HOME=/opt/maven ENV PATH=${MAVEN_HOME}/bin:$PATH -RUN tdnf makecache \ - && tdnf -y install git openssh-clients \ - && mkdir -m 0600 /root/.ssh \ - && echo '-----BEGIN OPENSSH PRIVATE KEY-----\n\ -b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn\n\ -NhAAAAAwEAAQAAAYEAtOCNZp6gKBU737xzMzSSpThDxDBCx9D5hQ3ROeW1eps+9xBNQ6nB\n\ -xWXf5lJnMbQPGLYpAyCfhHtnSv7lUWCdfSP68TtzJPwfqJ5forx/KdlRs0KMLAisjvnaDQ\n\ -eqIAwWgXyt0Asdm8sYR7SHbBf9n4MyBX/qhBimI4eHsxLNdXibMUMXa0G5pztNsLh91K+i\n\ -QWyz4ul5xW9iTFOyqRtljnX9qS6atk3dj5fTiQRMTlmqAeV5YM7mBaskhsZY4/ugBS7M07\n\ -gRA1wxzDZ5zNR+u0XoSVcuyxefNOkGHxHk1qPZsxYli/OU2va/63plIzzCbubRK/3+JMLc\n\ -JsLL7tuUGoQVCx/Fon0Td6np9YDjhliaYUkQhFiOZbIh8qTA6ATUmTRbAZ26kAF5cVqCdL\n\ -tETkl4MYXhBeMRRURL/0KuEFasZDgIyfyeswBHUPG8/4jcytQePB5Vsmqb3/DLiz2W+baE\n\ -jPJoTbty74sHzlpeLnj+KMHhqowrNn/43jCq9IAPAAAFkNIv+orSL/qKAAAAB3NzaC1yc2\n\ -EAAAGBALTgjWaeoCgVO9+8czM0kqU4Q8QwQsfQ+YUN0TnltXqbPvcQTUOpwcVl3+ZSZzG0\n\ -Dxi2KQMgn4R7Z0r+5VFgnX0j+vE7cyT8H6ieX6K8fynZUbNCjCwIrI752g0HqiAMFoF8rd\n\ -ALHZvLGEe0h2wX/Z+DMgV/6oQYpiOHh7MSzXV4mzFDF2tBuac7TbC4fdSvokFss+LpecVv\n\ -YkxTsqkbZY51/akumrZN3Y+X04kETE5ZqgHleWDO5gWrJIbGWOP7oAUuzNO4EQNcMcw2ec\n\ -zUfrtF6ElXLssXnzTpBh8R5Naj2bMWJYvzlNr2v+t6ZSM8wm7m0Sv9/iTC3CbCy+7blBqE\n\ -FQsfxaJ9E3ep6fWA44ZYmmFJEIRYjmWyIfKkwOgE1Jk0WwGdupABeXFagnS7RE5JeDGF4Q\n\ -XjEUVES/9CrhBWrGQ4CMn8nrMAR1DxvP+I3MrUHjweVbJqm9/wy4s9lvm2hIzyaE27cu+L\n\ -B85aXi54/ijB4aqMKzZ/+N4wqvSADwAAAAMBAAEAAAGAfcfhzMjmSrlpZ47e9W7Lw4U66s\n\ -U8y0MxISuYoZByAQ7QXHLDqBf2ndTYPIx1IoU6Mk8KehhHlZNTIz3aLhrnqcxJh1N2IPQK\n\ -9/EaREqci3eKbwQKAd0OUmbBEWqRDbQaOnV/UTtJnbs/6S1LNwn/3tsW/+gSJ0YU0oQ/A3\n\ -JB2jzCfyFOudF8zyRYRFondq2kQabb+SGvAnMQgk954Esi9kxq1ymHgNrpBh/ohFGu1pVX\n\ -ufXf0EhQgQSgY/Cug+vIEkenCjXX9yuVR69MNpFhY9xdZp0PKR52SIHOvPN5WykI86IWkP\n\ -DQnF201lLtwAtLl9XPIDGOADQup7bxAT8/fmYD6wiQxDmj7qwlRhmdQ5/9GbXV76z3IItW\n\ -1kn73vprUN54dw68ubLMbn4c/FyJcHlBwSHyAbjUZaJX82vJAxZiB0HHK81BGg8sv12hZf\n\ -PkAfo3PFS01hyBRrao3ewdQ/ug6KE9sR3WmQA+MN7pr232tEWixfNIGtJl/g/Er7pRAAAA\n\ -wFrEd6Jni0q+hU0q+I2l/IpW7oheapDbloXF3ES6bOZnW9YObrjgpojJmKxH75/tiQnYVm\n\ -hyofU4xTKXW5xwxQBx6oQH6QlLP7biZsbi64F/S1uqqp8nEafJukUglK+3arTNDu7bLNNI\n\ -3FTvTNgNjef37kTyg7zmZsODgEhX13mkrQ9kyOnXnRWBmNNElI32dW2jhLhLX9SR75u5+C\n\ -6bOekyNJ2L0MR4HgZE1Iorkgy/NfUgc+9Gy45uyX2M0lhuTgAAAMEA2Rp0og8QU6fNLDoi\n\ -Bn8gjn/sEmJvDI+raaeQmFkrzASen8gOMhRCtcAjr4mwZkEdegIPmxCJ5I/XarsQsYxN1J\n\ -ychw8QXklF1i7GArjIOWwmnBFYiu3Qx9f34qwxUJcj1D+klgmQ5VwCV8yM3fjoxOPVIg2N\n\ -1azzTR7PUnzEQT/TRZiMGLEZiUiJAPFGeTlqEHRmRHhVxFjWR29GGWeheEKdZxCCy6ze/3\n\ -8DBGI3qDl8js0gSoDm2aFnmXZkd19rAAAAwQDVSJDwqexEggEAcRHUY9xPAZaX5VBo2+wS\n\ -CEqENDAflVUiuWEcYNh96GC8dscfo2ZLrAoBicIeSAiLJrko+U3buttctUtVBKD41CEGqW\n\ -UpAt9GV2nAWhvxq4WxXz48vf4tzBerIvzlDpujaON0K8KyfSNg4HCOnwkA0LbH6sVtQ0kS\n\ -vO4kAgIG2wmgGfvBsySjTuqQe4m/+mKXNt7bSc1gJhOikrEQQRy2dE04+3NGw5bYLpLG4l\n\ -QLpw2nbIGP/u0AAAAUcm9vdEB2cG4tMTAtMC0xNi0xMjQBAgMEBQYH\n\ ------END OPENSSH PRIVATE KEY-----\n\ -' > /root/.ssh/id_rsa \ - && echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC04I1mnqAoFTvfvHMzNJKlOEPEMELH0PmFDdE55bV6mz73EE1DqcHFZd/mUmcxtA8YtikDIJ+Ee2dK/uVRYJ19I/rxO3Mk/B+onl+ivH8p2VGzQowsCKyO+doNB6ogDBaBfK3QCx2byxhHtIdsF/2fgzIFf+qEGKYjh4ezEs11eJsxQxdrQbmnO02wuH3Ur6JBbLPi6XnFb2JMU7KpG2WOdf2pLpq2Td2Pl9OJBExOWaoB5XlgzuYFqySGxljj+6AFLszTuBEDXDHMNnnM1H67RehJVy7LF5806QYfEeTWo9mzFiWL85Ta9r/remUjPMJu5tEr/f4kwtwmwsvu25QahBULH8WifRN3qen1gOOGWJphSRCEWI5lsiHypMDoBNSZNFsBnbqQAXlxWoJ0u0ROSXgxheEF4xFFREv/Qq4QVqxkOAjJ/J6zAEdQ8bz/iNzK1B48HlWyapvf8MuLPZb5toSM8mhNu3LviwfOWl4ueP4oweGqjCs2f/jeMKr0gA8= root@ops\n\ -' > /root/.ssh/id_rsa.pub \ - && chmod 0600 /root/.ssh/id_rsa \ - && rm -rf /var/cache/tdnf +CMD ["/usr/sbin/sshd", "-D"] diff --git a/ops/ops.sh b/ops/ops.sh index d05237c..f027ed7 100755 --- a/ops/ops.sh +++ b/ops/ops.sh @@ -48,6 +48,12 @@ function Update { cd ADD tar zxf $(ls /release/RUNTIME/apache-maven-*-bin.tar.gz|tail -1) mv apache-maven-3.6.3 maven + Warn Preparing ssh host keys ... + cp -af /etc/ssh/ssh_host_* ./ + chmod 0600 ssh_host_*_key + Warn Preparing ssh rsa ... + cp -af /root/.ssh/{id_rsa,id_rsa.pub} ./ + chmod 0600 id_rsa } function Build {