├── bin ├── notification ├── randpasswd ├── randtext ├── matrixpasswd ├── wireguard ├── chpasswd.sh └── cicd ├── src ├── __init__.py └── netkiller │ └── network │ └── __init__.py ├── doc ├── dingtalk.md ├── gitsync.md ├── logviewer.md ├── docker │ ├── development │ │ └── netkiller │ │ │ └── Dockerfile │ ├── service.py │ ├── redis.py │ └── docker.md ├── mysql │ ├── database.md │ ├── MySQL.md │ ├── database.dump.md │ └── database.struct.md ├── wechat.md ├── dockerfile │ └── dockerfile.py ├── voice.md └── merge.md ├── share ├── saltstack │ ├── salt │ │ ├── vim │ │ │ ├── .vimrc │ │ │ └── init.sls │ │ ├── common │ │ │ ├── centos.sls │ │ │ └── ubuntu.sls │ │ ├── mysql │ │ │ ├── init.sls │ │ │ ├── client.sls │ │ │ └── server.sls │ │ ├── rsync │ │ │ ├── rsyncd.passwd │ │ │ ├── rsyncd.conf │ │ │ ├── init.sls │ │ │ └── rsync │ │ ├── php │ │ │ ├── cli.sls │ │ │ ├── php-fpm.sls │ │ │ └── init.sls │ │ ├── pypy │ │ │ └── init.sls │ │ ├── redis │ │ │ └── init.sls │ │ ├── nginx │ │ │ └── init.sls │ │ ├── httpd │ │ │ ├── mod_php.sls │ │ │ └── init.sls │ │ ├── haproxy │ │ │ └── init.sls │ │ ├── top.sls │ │ ├── ntp │ │ │ └── init.sls │ │ ├── iptables │ │ │ ├── init.sls │ │ │ └── iptables │ │ └── ldap │ │ │ └── init.sls │ ├── pillar │ │ ├── services.sls │ │ ├── top.sls │ │ └── packages.sls │ ├── .gitignore │ ├── README.md │ └── LICENSE ├── Nagios │ └── README.md ├── example │ ├── exclude │ │ └── testing │ │ │ └── www.example.com.lst │ ├── config │ │ └── testing │ │ │ └── www.example.com.ini │ ├── production │ │ └── x64.me.ini │ └── testing │ │ └── example.com.ini ├── profile.d │ └── devops.sh ├── puppet │ ├── README.md │ ├── nodes.pp │ ├── site.pp │ ├── .gitignore │ ├── www.pp │ ├── pkgs.pp │ └── LICENSE ├── zabbix │ ├── .gitignore │ ├── Mototrbo │ │ ├── README.md │ │ └── userparameter_mototrbo.conf │ ├── redis │ │ ├── README.md │ │ └── userparameter_redis.conf │ ├── Oracle │ │ ├── src │ │ │ ├── main │ │ │ │ └── resources │ │ │ │ │ └── jdbc.properties │ │ │ └── test │ │ │ │ └── java │ │ │ │ └── cn │ │ │ │ └── netkiller │ │ │ │ └── zabbix │ │ │ │ └── AppTest.java │ │ ├── .settings │ │ │ ├── org.eclipse.m2e.core.prefs │ │ │ ├── org.eclipse.core.resources.prefs │ │ │ └── org.eclipse.jdt.core.prefs │ │ ├── jdbc.properties │ │ ├── .classpath │ │ ├── README.md │ │ └── oracle │ ├── Dependency │ │ ├── dependency.conf │ │ ├── userparameter_dependency.conf │ │ ├── README.md │ │ └── dependency │ ├── mongodb │ │ ├── mongodb-0.0.1.sh │ │ ├── userparameter_mongodb.conf │ │ ├── mongodb.ps1 │ │ └── mongodb.sh │ ├── README.md │ ├── nginx │ │ ├── userparameter_nginx.conf │ │ ├── default.conf │ │ └── nginx.sh │ ├── php-fpm │ │ ├── userparameter_php-fpm.conf │ │ ├── php-fpm.xml.sh │ │ ├── php-fpm.sh │ │ └── default.conf │ ├── elasticsearch │ │ ├── userparameter_elasticsearch.conf │ │ └── README.md │ ├── tcpstats │ │ ├── userparameter_tcpstats.conf │ │ └── tcpstats │ ├── postfix │ │ ├── userparameter_postfix.conf │ │ └── README.md │ └── LICENSE ├── ant │ └── build.xml └── git │ ├── zentao │ ├── hooks │ │ └── api.py │ └── zentaoclose │ └── gitlab │ └── hooks │ └── post-commit ├── nodekeeper ├── status ├── README.md ├── test ├── etc │ ├── commands.cfg │ └── protocol.cfg ├── setup.py ├── install └── .gitignore ├── container ├── docker │ ├── docker-compose │ │ ├── testing │ │ │ ├── docker-compose.yml │ │ │ └── rabbitmq.yml │ │ ├── registry │ │ │ ├── etc │ │ │ │ └── htpasswd │ │ │ └── docker-compose.yml │ │ ├── swarms │ │ │ ├── redis │ │ │ │ ├── docker-entrypoint.sh │ │ │ │ └── redis.yml │ │ │ └── spring │ │ │ │ ├── springcloud │ │ │ │ └── docker-compose.yml │ │ │ │ └── springboot │ │ │ │ └── docker-compose.yml │ │ ├── redis │ │ │ ├── cluster │ │ │ │ ├── run.sh │ │ │ │ ├── redis.conf │ │ │ │ ├── redis.conf.tpl │ │ │ │ ├── docker-entrypoint.sh │ │ │ │ ├── README.md │ │ │ │ ├── Dockerfile │ │ │ │ └── master │ │ │ │ │ └── docker-compose.yml │ │ │ └── docker-compose.yml │ │ ├── jenkins.yml │ │ ├── gitlab │ │ │ ├── docker.sh │ │ │ └── docker-compose.yaml │ │ ├── nginx.yaml │ │ ├── blockchain │ │ │ └── hyperledger │ │ │ │ └── couchdb │ │ │ │ └── docker-compose.yml │ │ ├── visualizer.yml │ │ ├── wordpress.yml │ │ ├── eos │ │ │ └── docker-compose.yml │ │ └── java.yaml │ ├── images │ │ ├── centos │ │ │ ├── nginx │ │ │ │ ├── startup.sh │ │ │ │ └── Dockerfile │ │ │ ├── jre-tomcat │ │ │ │ ├── README.md │ │ │ │ └── setenv.sh │ │ │ └── tomcat │ │ │ │ ├── setenv.sh │ │ │ │ ├── README.md │ │ │ │ └── Dockerfile │ │ ├── alpine │ │ │ └── nginx │ │ │ │ ├── Dockerfile │ │ │ │ ├── vhost.conf │ │ │ │ └── nginx.conf │ │ └── ubuntu │ │ │ ├── build.sh │ │ │ ├── php │ │ │ └── Dockerfile │ │ │ └── java │ │ │ └── Dockerfile │ ├── bin │ │ ├── clean.none.sh │ │ ├── redis │ │ │ ├── port.sh │ │ │ ├── test.sh │ │ │ └── redis.sh │ │ ├── registry │ │ │ ├── registry.sh │ │ │ ├── registry.ssl.sh │ │ │ ├── registry.auth.sh │ │ │ └── certs │ │ │ │ └── domain.crt │ │ ├── addhosts.sh │ │ ├── rancher.sh │ │ ├── adduser.sh │ │ ├── logging │ │ │ └── elasticsearch.sh │ │ ├── prometheus │ │ │ ├── service.sh │ │ │ ├── run.sh │ │ │ └── prometheus.yml │ │ ├── mysql │ │ │ └── mysql.sh │ │ ├── minikube.sh │ │ └── jenkins │ │ │ └── docker.sh │ ├── prometheus │ │ ├── alertmanager │ │ │ ├── Shanghai │ │ │ ├── email.tmpl │ │ │ └── config.yml │ │ ├── cadvisor │ │ │ ├── prometheus.yml │ │ │ └── docker-compose.yml │ │ ├── node-exporter │ │ │ └── node-exporter.json │ │ ├── prometheus │ │ │ └── rules │ │ │ │ ├── recording.yml │ │ │ │ ├── eample.yml │ │ │ │ ├── node.yml │ │ │ │ ├── memory.yml │ │ │ │ ├── blackbox.rules │ │ │ │ └── alerting.yml │ │ ├── mac.sh │ │ └── blackbox-exporter │ │ │ └── config.yml │ ├── compose │ │ ├── volumes │ │ │ └── redis.py │ │ ├── database.py │ │ ├── homeassistant.py │ │ ├── devops.py │ │ ├── service │ │ │ ├── kubernetes.py │ │ │ ├── log.py │ │ │ ├── zentao.py │ │ │ ├── redis.py │ │ │ ├── portainer.py │ │ │ ├── mosquitto.py │ │ │ ├── mysql.py │ │ │ ├── elasticsearch.py │ │ │ ├── minio.py │ │ │ └── gitlab.py │ │ └── demo.py │ ├── config │ │ └── daemon.json │ ├── README.md │ └── docker.py ├── kubernetes │ ├── elasticsearch │ │ ├── namespace.yaml │ │ └── account.yaml │ ├── spring │ │ ├── Namespace.yaml │ │ └── springboot.yml │ ├── nginx.yaml │ ├── registry.yaml │ └── filebeat.yaml └── README.md ├── etc ├── oscm.ini ├── backup.cfg ├── notification.ini ├── git.ini ├── schedule.cfg ├── logviewer.ini ├── os.ini ├── deployment.cfg ├── dump.ini ├── mongo.ini.sample ├── dump.ini.sample ├── cron.d │ └── backup └── task.cfg ├── .vscode ├── settings.json ├── extensions.json └── launch.json ├── demo ├── k8s │ ├── config.env │ ├── demo.py │ ├── k3d │ │ ├── ingress.crt │ │ └── ingress.key │ └── config.py ├── example │ ├── namespace.yaml │ ├── test.yaml │ ├── pod.yaml │ ├── service.yaml │ ├── job.yaml │ ├── ingress.yaml │ └── key-value.yaml ├── incomeCostDayBill.xlsx ├── incomeCostDayBill2.xlsx ├── compose.yaml ├── image │ └── Dockerfile ├── prometheus │ └── prometheus.yaml ├── logging │ └── serviceaccount.yaml ├── pipeline │ └── demo.py ├── redis-cluster.py └── sentinel.py ├── CHANGES.txt ├── netkiller ├── __init__.py ├── network │ └── cisco.py ├── svg.py ├── wework.py └── rsync.py ├── libexec ├── Web │ ├── Gradle │ │ ├── README.md │ │ ├── gradle.properties │ │ └── .settings │ │ │ └── org.eclipse.buildship.core.prefs │ ├── README.md │ ├── Ant │ │ ├── development.properties │ │ ├── deployment │ │ ├── build.properties │ │ ├── README.md │ │ ├── gulpfile.js │ │ └── INSTALL.md │ ├── .gitignore │ └── Spring │ │ ├── deployment │ │ └── README.md ├── Application │ └── Springboot │ │ ├── systemd │ │ ├── README.md │ │ ├── install.sh │ │ ├── sysconfig │ │ │ ├── springboot │ │ │ └── springboot.service │ │ └── spring.service │ │ ├── service │ │ ├── README.md │ │ └── springbootd │ │ ├── resources │ │ └── logback.xml │ │ ├── build.properties │ │ ├── deployment │ │ └── README.md └── Gitlab │ ├── README.md │ ├── deploy.sh │ ├── index.php │ └── deploy.gitlab.sh ├── ansible ├── CentOS │ ├── update.yml │ ├── slim.yml │ ├── selinux.yml │ ├── ntp.yml │ ├── README.md │ └── nginx │ │ ├── yum.yml │ │ └── official.yml └── README.md ├── .gitmodules ├── .gitignore ├── pyproject.toml ├── LICENSE ├── .github └── workflows │ └── python-package.yml ├── README.md └── setup.old.py /bin/notification: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /doc/dingtalk.md: -------------------------------------------------------------------------------- 1 | # 钉钉工具 -------------------------------------------------------------------------------- /share/saltstack/salt/vim/.vimrc: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/netkiller/network/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /share/saltstack/salt/common/centos.sls: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /share/saltstack/salt/common/ubuntu.sls: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /share/saltstack/salt/mysql/init.sls: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /doc/gitsync.md: -------------------------------------------------------------------------------- 1 | GIT Sync 2 | ======== 3 | 4 | -------------------------------------------------------------------------------- /nodekeeper/status: -------------------------------------------------------------------------------- 1 | netstat -nlp | grep 7800 2 | -------------------------------------------------------------------------------- /share/Nagios/README.md: -------------------------------------------------------------------------------- 1 | # Nagios 2 | Nagios Plugin 3 | -------------------------------------------------------------------------------- /share/example/exclude/testing/www.example.com.lst: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /share/saltstack/pillar/services.sls: -------------------------------------------------------------------------------- 1 | bind: named 2 | -------------------------------------------------------------------------------- /container/docker/docker-compose/testing/docker-compose.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /etc/oscm.ini: -------------------------------------------------------------------------------- 1 | [mysql] 2 | install=ls 3 | remove=ls /tmp 4 | -------------------------------------------------------------------------------- /share/profile.d/devops.sh: -------------------------------------------------------------------------------- 1 | export PATH=$PATH:/srv/devops/bin 2 | -------------------------------------------------------------------------------- /share/puppet/README.md: -------------------------------------------------------------------------------- 1 | puppet 2 | ====== 3 | 4 | puppet modules -------------------------------------------------------------------------------- /share/zabbix/.gitignore: -------------------------------------------------------------------------------- 1 | /Oracle/target 2 | /Oracle/*.log 3 | -------------------------------------------------------------------------------- /share/saltstack/salt/rsync/rsyncd.passwd: -------------------------------------------------------------------------------- 1 | www:xxxxxxxxxxxxxxxx 2 | -------------------------------------------------------------------------------- /bin/randpasswd: -------------------------------------------------------------------------------- 1 | cat /dev/urandom | tr -dc [:alnum:] | head -c 32 2 | echo -------------------------------------------------------------------------------- /share/saltstack/pillar/top.sls: -------------------------------------------------------------------------------- 1 | base: 2 | '*': 3 | - packages 4 | -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "python.formatting.provider": "black" 3 | } -------------------------------------------------------------------------------- /doc/logviewer.md: -------------------------------------------------------------------------------- 1 | # 日志查看 2 | 3 | ## Docker 版 4 | 5 | 6 | 7 | ## Kubernetes 版 -------------------------------------------------------------------------------- /nodekeeper/README.md: -------------------------------------------------------------------------------- 1 | nodekeeper 2 | ========== 3 | 4 | remote control 5 | -------------------------------------------------------------------------------- /share/saltstack/salt/php/cli.sls: -------------------------------------------------------------------------------- 1 | php-cli: 2 | pkg: 3 | - installed 4 | -------------------------------------------------------------------------------- /share/saltstack/salt/pypy/init.sls: -------------------------------------------------------------------------------- 1 | pypy: 2 | pkg: 3 | - installed 4 | -------------------------------------------------------------------------------- /bin/randtext: -------------------------------------------------------------------------------- 1 | cat /dev/urandom | tr -dc [:graph:] | fold -w32 | head -n 10 2 | echo -------------------------------------------------------------------------------- /share/saltstack/salt/mysql/client.sls: -------------------------------------------------------------------------------- 1 | mysql: 2 | pkg: 3 | - installed 4 | -------------------------------------------------------------------------------- /bin/matrixpasswd: -------------------------------------------------------------------------------- 1 | cat /dev/urandom | tr -cd [:alnum:] | fold -w32 | head -n 10 2 | echo -------------------------------------------------------------------------------- /demo/k8s/config.env: -------------------------------------------------------------------------------- 1 | key=value 2 | dev.logfile=/tmp/logfile.log 3 | dev.tmpdir=/tmp 4 | -------------------------------------------------------------------------------- /nodekeeper/test: -------------------------------------------------------------------------------- 1 | bin/nodekeeper --protocol=etc/protocol.cfg -h 172.16.0.10 -p 7801 2 | -------------------------------------------------------------------------------- /share/zabbix/Mototrbo/README.md: -------------------------------------------------------------------------------- 1 | Motorole Mototrbo Trbonet for Zabbbix 3.2 2 | ===== 3 | -------------------------------------------------------------------------------- /share/zabbix/redis/README.md: -------------------------------------------------------------------------------- 1 | # zabbix redis 2 | 3 | 安装及使用请参考《Netkiller Monitoring 手札》 -------------------------------------------------------------------------------- /container/docker/images/centos/nginx/startup.sh: -------------------------------------------------------------------------------- 1 | /usr/sbin/nginx -c /etc/nginx/nginx.conf 2 | -------------------------------------------------------------------------------- /container/docker/bin/clean.none.sh: -------------------------------------------------------------------------------- 1 | docker rmi -f $(docker images | grep none | awk '{print $3}') -------------------------------------------------------------------------------- /container/docker/bin/redis/port.sh: -------------------------------------------------------------------------------- 1 | docker run --name redis -p 6379:6379 -d redis redis-server 2 | -------------------------------------------------------------------------------- /demo/example/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: logging -------------------------------------------------------------------------------- /.vscode/extensions.json: -------------------------------------------------------------------------------- 1 | { 2 | "recommendations": [ 3 | "ms-python.python" 4 | ] 5 | } -------------------------------------------------------------------------------- /CHANGES.txt: -------------------------------------------------------------------------------- 1 | # Changes 2 | ## v0.3.0 3 | 4 | Add - Kubernetes compose 5 | ## v0.4.0 6 | Add - Dockerfile -------------------------------------------------------------------------------- /container/docker/bin/registry/registry.sh: -------------------------------------------------------------------------------- 1 | docker run -d -p 0.0.0.0:5000:5000 --name registry registry:latest -------------------------------------------------------------------------------- /demo/incomeCostDayBill.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netkiller/devops/HEAD/demo/incomeCostDayBill.xlsx -------------------------------------------------------------------------------- /demo/incomeCostDayBill2.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netkiller/devops/HEAD/demo/incomeCostDayBill2.xlsx -------------------------------------------------------------------------------- /netkiller/__init__.py: -------------------------------------------------------------------------------- 1 | __version__ = '1.1.0' 2 | __author__ = 'Neo Chen' 3 | __all__ = ['docker','.'] 4 | -------------------------------------------------------------------------------- /share/zabbix/Oracle/src/main/resources/jdbc.properties: -------------------------------------------------------------------------------- 1 | jdbc.url= 2 | jdbc.username=monitor 3 | jdbc.password= -------------------------------------------------------------------------------- /container/docker/bin/addhosts.sh: -------------------------------------------------------------------------------- 1 | su - root -c "echo '192.168.3.6 registry.netkiller.cn' >> /etc/hosts; cat /etc/hosts" -------------------------------------------------------------------------------- /container/kubernetes/elasticsearch/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: logging -------------------------------------------------------------------------------- /container/kubernetes/spring/Namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: spring-cloud -------------------------------------------------------------------------------- /etc/backup.cfg: -------------------------------------------------------------------------------- 1 | [environment] 2 | logfile=backup.log 3 | rsync=/usr/bin/rsync 4 | 5 | [volume] 6 | volume=/tmp 7 | -------------------------------------------------------------------------------- /container/docker/bin/redis/test.sh: -------------------------------------------------------------------------------- 1 | docker pull redis 2 | 3 | docker run --name redis -d redis redis-server --appendonly yes -------------------------------------------------------------------------------- /libexec/Web/Gradle/README.md: -------------------------------------------------------------------------------- 1 | # Gradle 2 | 3 | This is an Gradle script. 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /share/zabbix/Dependency/dependency.conf: -------------------------------------------------------------------------------- 1 | 2 | MySQL 11.84.21.16 3306 3 | Redis 11.84.21.16 6379 4 | Web 23.17.79.14 80 5 | -------------------------------------------------------------------------------- /container/README.md: -------------------------------------------------------------------------------- 1 | # container 2 | 3 | ## install netkiller-devops 4 | 5 | ``` 6 | pip3 install netkiller-devops 7 | ``` 8 | -------------------------------------------------------------------------------- /container/docker/docker-compose/registry/etc/htpasswd: -------------------------------------------------------------------------------- 1 | neo:$2y$05$P2.66mM5mFnpErdsGCMXdOJY9jeOlumVbsxvZSaa8D6QKTSRSZow2 2 | 3 | -------------------------------------------------------------------------------- /share/zabbix/mongodb/mongodb-0.0.1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netkiller/devops/HEAD/share/zabbix/mongodb/mongodb-0.0.1.sh -------------------------------------------------------------------------------- /etc/notification.ini: -------------------------------------------------------------------------------- 1 | [redis] 2 | ;host=127.0.0.1 3 | host=192.168.30.5 4 | port=6379 5 | db=5 6 | password= 7 | channel=notification -------------------------------------------------------------------------------- /ansible/CentOS/update.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | user: root 4 | tasks: 5 | - name: YUM Update 6 | yum: name=* state=latest 7 | -------------------------------------------------------------------------------- /container/docker/docker-compose/swarms/redis/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | /usr/local/bin/redis-server /usr/local/etc/redis.conf -------------------------------------------------------------------------------- /share/saltstack/salt/php/php-fpm.sls: -------------------------------------------------------------------------------- 1 | php-fpm: 2 | pkg: 3 | - installed 4 | service: 5 | - name: php-fpm 6 | - running 7 | -------------------------------------------------------------------------------- /container/docker/images/centos/jre-tomcat/README.md: -------------------------------------------------------------------------------- 1 | # Centos 7 + Server Jre + Tomcat 8.5.15 2 | 3 | docker build -t "centos:tomcat" . 4 | -------------------------------------------------------------------------------- /share/puppet/nodes.pp: -------------------------------------------------------------------------------- 1 | file { "/tmp/cache": 2 | owner => "www", 3 | group => "www", 4 | mode => 700, 5 | ensure => directory; 6 | } 7 | -------------------------------------------------------------------------------- /ansible/CentOS/slim.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | user: root 4 | tasks: 5 | - name: Silm CentOS 6 | yum: name=dhclient state=absent 7 | -------------------------------------------------------------------------------- /libexec/Application/Springboot/systemd/README.md: -------------------------------------------------------------------------------- 1 | # 查看控制台日志 2 | 3 | journalctl -u spring.service 4 | journalctl -f -u spring.service 5 | -------------------------------------------------------------------------------- /ansible/CentOS/selinux.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | user: root 4 | tasks: 5 | - name: no selinux 6 | action: command /usr/sbin/setenforce 0 7 | -------------------------------------------------------------------------------- /container/docker/prometheus/alertmanager/Shanghai: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netkiller/devops/HEAD/container/docker/prometheus/alertmanager/Shanghai -------------------------------------------------------------------------------- /share/saltstack/salt/redis/init.sls: -------------------------------------------------------------------------------- 1 | redis: 2 | service: 3 | - running 4 | - require: 5 | - pkg: redis 6 | pkg: 7 | - installed 8 | -------------------------------------------------------------------------------- /demo/compose.yaml: -------------------------------------------------------------------------------- 1 | services: 2 | image: 3 | container_name: image 4 | build: ./demo/image/ 5 | image: netkiller:openjdk8 6 | version: '3.9' 7 | -------------------------------------------------------------------------------- /share/zabbix/Oracle/.settings/org.eclipse.m2e.core.prefs: -------------------------------------------------------------------------------- 1 | activeProfiles= 2 | eclipse.preferences.version=1 3 | resolveWorkspaceProjects=true 4 | version=1 5 | -------------------------------------------------------------------------------- /container/docker/bin/redis/redis.sh: -------------------------------------------------------------------------------- 1 | docker pull redis 2 | 3 | docker run --name redis -v /var/lib/redis:/data -p 6379:6379 -d redis redis-server --appendonly yes -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/cluster/run.sh: -------------------------------------------------------------------------------- 1 | docker rm -f $(docker ps -a -q) 2 | docker volume rm $(docker volume ls -q) 3 | docker-compose up 4 | -------------------------------------------------------------------------------- /ansible/CentOS/ntp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | user: root 4 | tasks: 5 | - name: Install The NTP daemon and utilities 6 | yum: name=ntp state=present 7 | -------------------------------------------------------------------------------- /container/docker/bin/rancher.sh: -------------------------------------------------------------------------------- 1 | docker run -d --name rancher --restart=unless-stopped -p 80:80 -p 443:443 \ 2 | -v /var/lib/rancher/:/var/lib/rancher/ rancher/rancher:stable -------------------------------------------------------------------------------- /container/docker/bin/adduser.sh: -------------------------------------------------------------------------------- 1 | groupadd --system -g 80 www 2 | adduser -r -o --home /www --uid 80 --gid 80 -s /sbin/nologin -c "Web Application" www 3 | chown www:www -R /www -------------------------------------------------------------------------------- /libexec/Web/README.md: -------------------------------------------------------------------------------- 1 | # build 2 | Build Tools 3 | 4 | 传统 Web 项目编译,例如 Struts2, Spring 3.x/4.x (非 Spring boot 项目) 5 | 6 | # Struts 项目编译 7 | 8 | # Maven + Spring + Tomcat 编译 9 | -------------------------------------------------------------------------------- /share/saltstack/salt/nginx/init.sls: -------------------------------------------------------------------------------- 1 | nginx: 2 | pkg: 3 | - installed 4 | service: 5 | - running 6 | - enable: True 7 | - require: 8 | - pkg: nginx 9 | -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/cluster/redis.conf: -------------------------------------------------------------------------------- 1 | port REDIS_PORT 2 | cluster-enabled yes 3 | cluster-config-file nodes.conf 4 | cluster-node-timeout 5000 5 | appendonly yes -------------------------------------------------------------------------------- /container/docker/prometheus/cadvisor/prometheus.yml: -------------------------------------------------------------------------------- 1 | scrape_configs: 2 | - job_name: cadvisor 3 | scrape_interval: 5s 4 | static_configs: 5 | - targets: 6 | - cadvisor:8080 -------------------------------------------------------------------------------- /libexec/Web/Ant/development.properties: -------------------------------------------------------------------------------- 1 | git.branch=development 2 | git.merge= 3 | remote.host=www@www.netkiller.cn 4 | catalina.home=/srv/apache-tomcat/www.netkiller.cn 5 | gulp=true -------------------------------------------------------------------------------- /share/puppet/site.pp: -------------------------------------------------------------------------------- 1 | node default { file { "/tmp/puppettest1.txt": content => "hello,first puppet manifest"; } } 2 | import "pkgs.pp" 3 | import "www.pp" 4 | import "nodes.pp" 5 | -------------------------------------------------------------------------------- /share/saltstack/salt/httpd/mod_php.sls: -------------------------------------------------------------------------------- 1 | include: 2 | - httpd 3 | 4 | php: 5 | pkg: 6 | - installed 7 | service: 8 | - name: httpd 9 | - reload: True 10 | -------------------------------------------------------------------------------- /container/docker/compose/volumes/redis.py: -------------------------------------------------------------------------------- 1 | try: 2 | from netkiller.docker import * 3 | 4 | redis = Volumes("redis") 5 | except ImportError as err: 6 | print("%s" % (err)) 7 | -------------------------------------------------------------------------------- /demo/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM openjdk:8 2 | VOLUME ["/srv"] 3 | RUN apt update -y && apt install -y procps net-tools iputils-ping iproute2 telnet 4 | EXPOSE 80 443 5 | WORKDIR /srv 6 | -------------------------------------------------------------------------------- /container/docker/images/centos/tomcat/setenv.sh: -------------------------------------------------------------------------------- 1 | export JAVA_OPTS="-server -Xms2048m -Xmx4096m -Djava.security.egd=file:/dev/./urandom" 2 | # -Dfile.encoding=UTF8 -Duser.timezone=GMT+08" 3 | -------------------------------------------------------------------------------- /share/zabbix/Oracle/.settings/org.eclipse.core.resources.prefs: -------------------------------------------------------------------------------- 1 | eclipse.preferences.version=1 2 | encoding//src/main/java=UTF-8 3 | encoding//src/test/java=UTF-8 4 | encoding/=UTF-8 5 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "shell"] 2 | path = shell 3 | url = https://github.com/oscm/shell.git 4 | [submodule "container"] 5 | path = container 6 | url = git@github.com:netkiller/container.git 7 | -------------------------------------------------------------------------------- /share/saltstack/pillar/packages.sls: -------------------------------------------------------------------------------- 1 | {% if grains['os'] == 'RedHat' %} 2 | apache: httpd 3 | git: git 4 | {% elif grains['os'] == 'Debian' %} 5 | apache: apache2 6 | git: git-core 7 | {% endif %} 8 | -------------------------------------------------------------------------------- /ansible/CentOS/README.md: -------------------------------------------------------------------------------- 1 | ansible 2 | ======= 3 | 4 | ansible playbook 5 | 6 | Install 7 | ----- 8 | curl -s https://raw.githubusercontent.com/oscm/shell/master/automate/ansible/ansible.sh | bash 9 | -------------------------------------------------------------------------------- /container/docker/prometheus/node-exporter/node-exporter.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "targets": [ "node-exporter:9100" ], 4 | "labels": { 5 | "job": "node-exporter" 6 | } 7 | } 8 | ] -------------------------------------------------------------------------------- /etc/git.ini: -------------------------------------------------------------------------------- 1 | [www.example.com] 2 | origin=git@192.168.2.1:example.com/www.example.com 3 | remote=mirror git@192.168.6.1:example.com/www.example.com,backup git@192.168.3.1:example.com/www.example.com 4 | 5 | -------------------------------------------------------------------------------- /share/example/config/testing/www.example.com.ini: -------------------------------------------------------------------------------- 1 | [config/memcache.php] 2 | host=192.168.1.1 3 | [config.php] 4 | dbhost=192.168.2.1 5 | dbuser=www 6 | dbpass=123456 7 | [config/lang.php] 8 | default=zh-cn 9 | -------------------------------------------------------------------------------- /etc/schedule.cfg: -------------------------------------------------------------------------------- 1 | [hourly] 2 | www=True 3 | mrtg=True 4 | [daily] 5 | database=True 6 | 7 | [weekly] 8 | www=True 9 | images=False 10 | 11 | [monthly] 12 | test=True 13 | test1=True 14 | test2=True 15 | -------------------------------------------------------------------------------- /nodekeeper/etc/commands.cfg: -------------------------------------------------------------------------------- 1 | [os] 2 | os.hosts.vim = vim /etc/hosts 3 | [httpd] 4 | httpd.conf.vhost.vim = vim /usr/local/apache/conf/extra/httpd-vhosts.conf 5 | [mysql] 6 | mysql.client = mysql -uroot -p 7 | 8 | -------------------------------------------------------------------------------- /share/saltstack/salt/php/init.sls: -------------------------------------------------------------------------------- 1 | 2 | php: 3 | pkg: 4 | - installed 5 | - require_in: 6 | - service: apache2 7 | cmd: 8 | - run: a2enmod php5 9 | - require: 10 | pkg: php 11 | -------------------------------------------------------------------------------- /container/docker/bin/logging/elasticsearch.sh: -------------------------------------------------------------------------------- 1 | docker run -d --name es -p 9200:9200 -p 9300:9300 -e ES_JAVA_OPTS="-Xms512m -Xmx512m" -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:7.9.2 -------------------------------------------------------------------------------- /container/docker/prometheus/prometheus/rules/recording.yml: -------------------------------------------------------------------------------- 1 | # groups: 2 | # - name: example 3 | # rules: 4 | # - record: job:http_inprogress_requests:sum 5 | # expr: sum(http_inprogress_requests) by (job) -------------------------------------------------------------------------------- /doc/docker/development/netkiller/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM openjdk:latest 2 | VOLUME ["/opt/netkiller","/app"] 3 | RUN apt update -y && apt install -y procps 4 | EXPOSE 80 443 5 | WORKDIR /opt 6 | COPY index.html /var/www 7 | -------------------------------------------------------------------------------- /share/example/production/x64.me.ini: -------------------------------------------------------------------------------- 1 | [bg7nyt] 2 | repository=https://github.com/netkiller/phalcon.git 3 | remote= 192.168.6.1 4 | destination=x64.me/bg7nyt.x64.me 5 | logfile=/tmp/bg7nyt.x64.me.log 6 | delete=Y 7 | -------------------------------------------------------------------------------- /container/docker/images/centos/jre-tomcat/setenv.sh: -------------------------------------------------------------------------------- 1 | export JAVA_HOME=/srv/java 2 | export JAVA_OPTS="-server -Xms2048m -Xmx4096m -Djava.security.egd=file:/dev/./urandom" 3 | # -Dfile.encoding=UTF8 -Duser.timezone=GMT+08" 4 | -------------------------------------------------------------------------------- /demo/example/test.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | name: springboot 5 | spec: 6 | backend: 7 | service: 8 | name: springboot 9 | port: 10 | number: 80 -------------------------------------------------------------------------------- /libexec/Application/Springboot/service/README.md: -------------------------------------------------------------------------------- 1 | Service script 2 | ===== 3 | 4 | # wget https://raw.githubusercontent.com/oscm/devops/master/build/Application/Springboot/service/springbootd 5 | # chmod +x springbootd 6 | -------------------------------------------------------------------------------- /container/docker/prometheus/prometheus/rules/eample.yml: -------------------------------------------------------------------------------- 1 | groups: 2 | - name: cpu-node 3 | rules: 4 | - record: job_instance_mode:node_cpu_seconds:avg_rate5m 5 | expr: avg by (job, instance, mode) (rate(node_cpu_seconds_total[5m])) -------------------------------------------------------------------------------- /demo/prometheus/prometheus.yaml: -------------------------------------------------------------------------------- 1 | - name: alertmanager 2 | image: prom/alertmanager:v0.15.3 3 | imagePullPolicy: IfNotPresent 4 | args: 5 | - "--config.file=/etc/alertmanager/config.yml" 6 | - "--storage.path=/alertmanager/data" -------------------------------------------------------------------------------- /ansible/CentOS/nginx/yum.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | user: root 4 | tasks: 5 | - name: Install nginx is a high performance web server 6 | yum: name=nginx state=present 7 | action: command cp /etc/nginx/nginx.conf{,.original} 8 | -------------------------------------------------------------------------------- /share/saltstack/salt/vim/init.sls: -------------------------------------------------------------------------------- 1 | vim: 2 | pkg: 3 | - installed 4 | - name: vim-enhanced 5 | 6 | vimrc: 7 | file: 8 | - managed 9 | - name: ~/.vimrc 10 | - source: salt://vim/.vimrc 11 | - mode: 644 12 | -------------------------------------------------------------------------------- /container/docker/images/alpine/nginx/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM nginx 2 | 3 | MAINTAINER NGINX Docker Maintainers "netkiller@msn.com" 4 | 5 | ENV NGINX_VERSION 1.13.1 6 | 7 | COPY nginx.conf /etc/nginx/nginx.conf 8 | 9 | CMD ["nginx", "-g", "daemon off;"] -------------------------------------------------------------------------------- /libexec/Application/Springboot/systemd/install.sh: -------------------------------------------------------------------------------- 1 | wget -q https://raw.githubusercontent.com/netkiller/build/master/Application/Spring/systemd/spring.service -O /usr/lib/systemd/system/spring.service 2 | systemctl enable spring 3 | systemctl start spring -------------------------------------------------------------------------------- /etc/logviewer.ini: -------------------------------------------------------------------------------- 1 | [DEFAULT] 2 | logdir=/var/log 3 | ;[development] 4 | ;logdir=/var/log 5 | ;[testing] 6 | ;logdir=/var/log 7 | ;[staging] 8 | ;logfile=/var/11.log,/var/12.log,/var/13.log 9 | ;[production] 10 | ;logfile=/var/11.log,/var/12.log,/var/13.log -------------------------------------------------------------------------------- /demo/example/pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: counter 5 | spec: 6 | containers: 7 | - name: count 8 | image: busybox 9 | args: [/bin/sh, -c, 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 5; done'] 10 | -------------------------------------------------------------------------------- /share/puppet/.gitignore: -------------------------------------------------------------------------------- 1 | *.gem 2 | *.rbc 3 | .bundle 4 | .config 5 | coverage 6 | InstalledFiles 7 | lib/bundler/man 8 | pkg 9 | rdoc 10 | spec/reports 11 | test/tmp 12 | test/version_tmp 13 | tmp 14 | 15 | # YARD artifacts 16 | .yardoc 17 | _yardoc 18 | doc/ 19 | -------------------------------------------------------------------------------- /libexec/Web/.gitignore: -------------------------------------------------------------------------------- 1 | .gradle 2 | build/ 3 | 4 | # Ignore Gradle GUI config 5 | gradle-app.setting 6 | 7 | # Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored) 8 | !gradle-wrapper.jar 9 | 10 | # Cache of project 11 | .gradletasknamecache 12 | -------------------------------------------------------------------------------- /container/docker/bin/prometheus/service.sh: -------------------------------------------------------------------------------- 1 | docker service create --replicas 1 --name my-prometheus \ 2 | --mount type=bind,source=./prometheus.yml,destination=/etc/prometheus/prometheus.yml \ 3 | --publish published=9090,target=9090,protocol=tcp \ 4 | prom/prometheus 5 | -------------------------------------------------------------------------------- /share/zabbix/README.md: -------------------------------------------------------------------------------- 1 | # Netkiller zabbix templates 2 | Zabbix Plugin 3 | 4 | 5 | Donations 6 | --------- 7 | We accept PayPal through: 8 | 9 | https://www.paypal.me/netkiller 10 | 11 | Wechat (微信) / Alipay (支付宝) 打赏: 12 | 13 | http://www.netkiller.cn/home/donations.html -------------------------------------------------------------------------------- /share/saltstack/salt/haproxy/init.sls: -------------------------------------------------------------------------------- 1 | haproxy: 2 | pkg: 3 | - installed 4 | service: 5 | - running 6 | - require: 7 | - pkg: haproxy 8 | file: 9 | - managed 10 | - name: /etc/haproxy/haproxy.cfg 11 | - source: salt://haproxy/haproxy.cfg 12 | -------------------------------------------------------------------------------- /etc/os.ini: -------------------------------------------------------------------------------- 1 | [main] 2 | logfile=~/log/osconf.log 3 | logdir=~/log 4 | repositories=~/.osconf 5 | backup=~/.backup 6 | ;backup=/tmp 7 | suffix='' 8 | 9 | [www.example.com] 10 | user=www 11 | file.iptable=/etc/sysconfig/iptables 12 | [news.example.com] 13 | host=www@news.example.com 14 | -------------------------------------------------------------------------------- /doc/mysql/database.md: -------------------------------------------------------------------------------- 1 | Database 2 | ======== 3 | 4 | Backup struct of database 5 | ----- 6 | [Struct backup](https://github.com/oscm/devops/blob/master/doc/database.struct.md). 7 | 8 | Backup data 9 | ----- 10 | [Data backup](https://github.com/oscm/devops/blob/master/doc/database.dump.md). 11 | -------------------------------------------------------------------------------- /libexec/Web/Gradle/gradle.properties: -------------------------------------------------------------------------------- 1 | gitUrl="git@www.netkiller.cn:example.com/www.example.com.git" 2 | gitUrl=hello 3 | gitDir=src 4 | gitBranch=master 5 | gitMerge=testing 6 | 7 | deployHost=www@www.netkiller.cn 8 | deployDir=/www/example.com/www.example.com 9 | 10 | 11 | backupDir=backup 12 | 13 | -------------------------------------------------------------------------------- /container/docker/docker-compose/jenkins.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | 3 | services: 4 | jenkins: 5 | container_name: jenkins-lts 6 | ports: 7 | - 8080:8080 8 | - 50000:50000 9 | image: jenkins/jenkins:lts 10 | volumes: 11 | - /home/jenkins/jenkins_home:/var/jenkins_home 12 | -------------------------------------------------------------------------------- /share/zabbix/Oracle/.settings/org.eclipse.jdt.core.prefs: -------------------------------------------------------------------------------- 1 | eclipse.preferences.version=1 2 | org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5 3 | org.eclipse.jdt.core.compiler.compliance=1.5 4 | org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning 5 | org.eclipse.jdt.core.compiler.source=1.5 6 | -------------------------------------------------------------------------------- /libexec/Gitlab/README.md: -------------------------------------------------------------------------------- 1 | # Gitlab Webhooks 2 | 3 | ## Startup web server 4 | 5 | [root@www.netkiller.cn deploy]# ./deploy.gitlab.sh 6 | Usage: ./deploy.gitlab.sh {start|stop|status|restart|log} 7 | 8 | # ./deploy.gitlab.sh start 9 | 10 | ## Add Webhook 11 | 12 | URL is http://localhost:8000/index.php -------------------------------------------------------------------------------- /share/zabbix/Oracle/jdbc.properties: -------------------------------------------------------------------------------- 1 | jdbc.url=jdbc\:oracle\:thin\:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=202.126.39.133)(PORT=28022))(LOAD_BALANCE=yes)(FAILOVER=ON)(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=proda07)(FAILOVER_MODE=(TYPE=SESSION)(METHOD=BASIC)))) 2 | jdbc.username=b01 3 | jdbc.password=jI0CfJly7y5YB06 -------------------------------------------------------------------------------- /share/saltstack/salt/top.sls: -------------------------------------------------------------------------------- 1 | base: 2 | '*': 3 | - ntp 4 | - iptables 5 | 'os:(RedHat|CentOS)': 6 | - match: grain_pcre 7 | - repos.epel 8 | - common.centos 9 | 'os:Ubuntu': 10 | - common.ubuntu 11 | 'www': 12 | - nginx 13 | - php.php-fpm 14 | 'mysql': 15 | - mysql 16 | -------------------------------------------------------------------------------- /ansible/CentOS/nginx/official.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | user: root 4 | tasks: 5 | - name: Install nginx is a high performance web server 6 | yum: name=http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm state=present 7 | action: command cp /etc/nginx/nginx.conf{,.original} 8 | -------------------------------------------------------------------------------- /container/docker/bin/mysql/mysql.sh: -------------------------------------------------------------------------------- 1 | 2 | docker run --name mysql -d \ 3 | --restart always \ 4 | -e MYSQL_ROOT_PASSWORD=D120852B-CFEA-4CC3-951B-AA934B5A527C \ 5 | -e MYSQL_DATABASE=test \ 6 | -e MYSQL_USER=test \ 7 | -e MYSQL_PASSWORD=D120852B-CFEA-4CC3-951B-AA934B5A527C \ 8 | -p 3306:3306 \ 9 | mysql:latest -------------------------------------------------------------------------------- /nodekeeper/setup.py: -------------------------------------------------------------------------------- 1 | from distutils.core import setup 2 | 3 | setup ( 4 | name = 'nodekeeper', 5 | version = '1.0.0', 6 | py_modules = ['nodekeeper'], 7 | author = 'neo.chen', 8 | author_email = 'netkiller@msn.com', 9 | description = 'nodekeeper', 10 | url = 'http://netkiller.github.io', 11 | ) 12 | -------------------------------------------------------------------------------- /share/saltstack/salt/ntp/init.sls: -------------------------------------------------------------------------------- 1 | ntp: 2 | pkg: 3 | - installed 4 | 5 | service: 6 | {% if grains['os'] == 'CentOS' or grains['os'] == 'RedHat' %} 7 | - name: ntpd 8 | {% endif %} 9 | - running 10 | - enable: True 11 | watch: 12 | - file: /etc/ntp.conf 13 | require: 14 | - pkg: ntp 15 | -------------------------------------------------------------------------------- /demo/example/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: my-service 5 | spec: 6 | selector: 7 | app: MyApp 8 | ports: 9 | - name: http 10 | protocol: TCP 11 | port: 80 12 | targetPort: 80 13 | - name: https 14 | protocol: TCP 15 | port: 443 16 | targetPort: 443 17 | -------------------------------------------------------------------------------- /libexec/Application/Springboot/systemd/sysconfig/springboot: -------------------------------------------------------------------------------- 1 | # Spring boot Application 2 | 3 | JAVA_OPTS="-server -Xms2048m -Xmx4096m -Djava.security.egd=file:/dev/./urandom" 4 | APPLICATION=api.netkiller.cn-0.0.1-SNAPSHOT.jar 5 | APPLICATION_OPTIONS="--spring.config.location=appliction-production.properties --spring.profiles.active=profile" 6 | -------------------------------------------------------------------------------- /demo/example/job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: busybox 5 | spec: 6 | completions: 3 7 | template: 8 | metadata: 9 | name: busybox 10 | spec: 11 | containers: 12 | - name: busybox 13 | image: busybox 14 | command: ["echo", "hello"] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /container/docker/compose/database.py: -------------------------------------------------------------------------------- 1 | from netkiller.docker import * 2 | from compose.service.mysql import * 3 | from compose.service.redis import * 4 | from compose.volumes.redis import redis as data 5 | 6 | database = Composes("database") 7 | database.version("3.9") 8 | database.services(mysql) 9 | database.services(redis) 10 | database.volumes(data) 11 | -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/cluster/redis.conf.tpl: -------------------------------------------------------------------------------- 1 | port ${PORT} 2 | protected-mode no 3 | appendonly yes 4 | 5 | cluster-enabled yes 6 | cluster-config-file nodes.conf 7 | cluster-node-timeout 5000 8 | cluster-announce-ip 123.207.67.174 9 | cluster-announce-port ${PORT} 10 | cluster-announce-bus-port 1${PORT} 11 | cluster-node-timeout 5000 12 | -------------------------------------------------------------------------------- /container/docker/prometheus/mac.sh: -------------------------------------------------------------------------------- 1 | # sudo useradd -rs /bin/false prometheus 2 | # sudo useradd -rs /bin/false node_exporter 3 | 4 | mkdir -p /var/lib/{prometheus,grafana,alertmanager} /var/log/grafana 5 | chown neo:staff /var/lib/{prometheus,grafana,alertmanager} 6 | chmod 777 /var/lib/{prometheus,grafana,alertmanager} /var/log/grafana 7 | docker-compose up 8 | -------------------------------------------------------------------------------- /container/docker/compose/homeassistant.py: -------------------------------------------------------------------------------- 1 | from netkiller.docker import * 2 | from compose.service.mosquitto import * 3 | from compose.service.elasticsearch import * 4 | 5 | homeassistant = Composes("homeassistant") 6 | homeassistant.version("3.9") 7 | homeassistant.services(mosquitto) 8 | homeassistant.services(elasticsearch) 9 | homeassistant.volumes(volumes) 10 | -------------------------------------------------------------------------------- /container/docker/config/daemon.json: -------------------------------------------------------------------------------- 1 | { 2 | "registry-mirrors": [ 3 | "https://registry.docker-cn.com", 4 | "http://hub-mirror.c.163.com", 5 | "https://docker.mirrors.ustc.edu.cn" 6 | ], 7 | "insecure-registries": [ 8 | "127.0.0.1:5000", 9 | "10.96.97.241" 10 | ], 11 | "debug": true, 12 | "experimental": false 13 | } -------------------------------------------------------------------------------- /container/docker/prometheus/prometheus/rules/node.yml: -------------------------------------------------------------------------------- 1 | groups: 2 | - name: node-up 3 | rules: 4 | - alert: node-up 5 | expr: up{job="node-exporter"} == 0 6 | for: 15s 7 | labels: 8 | severity: 1 9 | team: node 10 | annotations: 11 | summary: "{{ $labels.instance }} 已停止运行!" 12 | description: "{{ $labels.instance }} 检测到异常停止!请重点关注!!!" -------------------------------------------------------------------------------- /share/saltstack/salt/httpd/init.sls: -------------------------------------------------------------------------------- 1 | apache: 2 | pkg: 3 | {% if grains['os'] == 'RedHat' %} 4 | - name: httpd 5 | {% elif grains['os'] == 'CentOS' %} 6 | - name: httpd 7 | {% elif grains['os'] == 'Ubuntu' %} 8 | - name: apache2 9 | {% endif %} 10 | - installed 11 | service: 12 | - name: httpd 13 | - enable: True 14 | - running 15 | -------------------------------------------------------------------------------- /libexec/Application/Springboot/resources/logback.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | -------------------------------------------------------------------------------- /share/saltstack/salt/mysql/server.sls: -------------------------------------------------------------------------------- 1 | mysql-server: 2 | pkg: 3 | - installed 4 | - pkgs: 5 | - mysql-server 6 | service: 7 | - running 8 | - name: mysqld 9 | - enable: True 10 | - require: 11 | - pkg: mysql-server 12 | # mysql_user: 13 | # - present 14 | # - name: dba 15 | # - password: 'dba' 16 | # - require: 17 | # - service: mysqld 18 | -------------------------------------------------------------------------------- /container/docker/docker-compose/registry/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | services: 3 | registry: 4 | image: registry:latest 5 | #restart: always 6 | container_name: registry 7 | ports: 8 | - 0.0.0.0:5000:5000 9 | environment: 10 | REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /var/lib/registry 11 | volumes: 12 | - /var/lib/registry:/var/lib/registry 13 | -------------------------------------------------------------------------------- /share/zabbix/nginx/userparameter_nginx.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Netkiller Nginx - statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | 10 | # Return statistics 11 | UserParameter=nginx.status[*],/etc/zabbix/scripts/nginx.sh $1 12 | -------------------------------------------------------------------------------- /container/docker/bin/registry/registry.ssl.sh: -------------------------------------------------------------------------------- 1 | mkdir -p cert 2 | openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt 3 | 4 | docker run -d -p 443:443 --name=registry --restart=always \ 5 | -v ./certs:/certs \ 6 | -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ 7 | -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \ 8 | -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \ 9 | registry:latest -------------------------------------------------------------------------------- /share/zabbix/php-fpm/userparameter_php-fpm.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Netkiller PHP-FPM - statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | 10 | # Return statistics 11 | UserParameter=php-fpm.status[*],/srv/zabbix/libexec/php-fpm.xml.sh $1 -------------------------------------------------------------------------------- /nodekeeper/install: -------------------------------------------------------------------------------- 1 | PREFIX=/srv/nodekeeper 2 | 3 | #mkdir $PREFIX 4 | mkdir -p $PREFIX/{bin,etc,run,log} 5 | 6 | cp bin/nodekeeper $PREFIX/bin/ 7 | cp bin/console $PREFIX/bin/ 8 | #cp protocol.cfg $PREFIX/etc/nodekeeper.cfg 9 | #cp commands.cfg $PREFIX/etc/ 10 | touch $PREFIX/etc/nodekeeper.cfg 11 | cp -r etc/* $PREFIX/etc/ 12 | #cp nodekeeper.script /etc/init.d/nodekeeper 13 | cp nodekeeper.ubuntu /etc/init.d/nodekeeper 14 | 15 | -------------------------------------------------------------------------------- /share/zabbix/elasticsearch/userparameter_elasticsearch.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Elasticsearch - statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | 10 | # Return statistics 11 | UserParameter=elasticsearch.status[*],/srv/zabbix/libexec/elasticsearch $1 $2 -------------------------------------------------------------------------------- /share/zabbix/mongodb/userparameter_mongodb.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # MongoDB - statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | 10 | # Return MongoDB statistics 11 | UserParameter=mongodb.status[*],/srv/zabbix/libexec/mongodb.sh $1 $2 $3 $4 $5 12 | -------------------------------------------------------------------------------- /share/puppet/www.pp: -------------------------------------------------------------------------------- 1 | node www { 2 | user { "www": 3 | uid => 80, 4 | shell => "/bin/bash", 5 | home => "/www", 6 | } 7 | file { "/var/www": 8 | owner => "nginx", 9 | group => "nginx", 10 | mode => 700, 11 | ensure => directory; 12 | } 13 | 14 | file { "/var/www/index.html": 15 | source => "/tmp/something", 16 | mode => 666; 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /share/zabbix/tcpstats/userparameter_tcpstats.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Netkiller Netkiller state statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | # UserParameter= 10 | # Return statistics 11 | UserParameter=tcp.stats[*],/srv/zabbix/libexec/tcpstats $1 12 | -------------------------------------------------------------------------------- /demo/k8s/demo.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | # command = "docker run -it --rm --name pipeline -v ~/.m2:/root/.m2 -v /root/project:/tmp -w /root/project nginx:latext /bin/bash" 3 | command = "/bin/ls" 4 | p = subprocess.call(command, shell=True, stdin = subprocess.PIPE, stdout= subprocess.PIPE) 5 | p.communicate() 6 | # p.wait() 7 | print(p.stdout.read()) 8 | p.stdin.write("echo Hello".encode('utf-8')) 9 | p.stdin.flush() 10 | print(p.stdout.read()) -------------------------------------------------------------------------------- /libexec/Web/Ant/deployment: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | stage=$1 3 | shift 4 | #echo $# 5 | if [ -f ${stage}.properties ]; then 6 | ant -propertyfile ${stage}.properties $@ 7 | else 8 | echo "The file ${stage}.properties isn't exist!" 9 | fi 10 | 11 | #!/bin/sh 12 | stage=$1 13 | shift 14 | #echo $# 15 | if [ -f ${stage}.properties ]; then 16 | ant -propertyfile ${stage}.properties $@ 17 | else 18 | echo "The file ${stage}.properties isn't exist!" 19 | fi -------------------------------------------------------------------------------- /.vscode/launch.json: -------------------------------------------------------------------------------- 1 | { 2 | // 使用 IntelliSense 了解相关属性。 3 | // 悬停以查看现有属性的描述。 4 | // 欲了解更多信息,请访问: https://go.microsoft.com/fwlink/?linkid=830387 5 | "version": "0.2.0", 6 | "configurations": [ 7 | { 8 | "name": "Python: 当前文件", 9 | "type": "python", 10 | "request": "launch", 11 | "program": "${file}", 12 | "console": "integratedTerminal" 13 | } 14 | ] 15 | } -------------------------------------------------------------------------------- /etc/deployment.cfg: -------------------------------------------------------------------------------- 1 | [scm] 2 | ;basedir=/usr/local 3 | cfgdir=/srv/devops/etc 4 | logdir=~/log 5 | logfile=deployment.log 6 | pidfile=/tmp/oscm.pid 7 | 8 | ;Software Configuration Management Engineer 9 | moderator=neo 10 | development=dev 11 | testing=testing 12 | production=neo 13 | administrator=www 14 | 15 | [project] 16 | cfgdir=~ 17 | logdir=~/log 18 | source=~/.repositories 19 | backup=~/.backup 20 | 21 | [gulp] 22 | gulp.path=~/devops/gulp 23 | -------------------------------------------------------------------------------- /container/docker/compose/devops.py: -------------------------------------------------------------------------------- 1 | from netkiller.docker import * 2 | from compose.service.kubernetes import * 3 | from compose.service.gitlab import * 4 | from compose.service.zentao import * 5 | 6 | devops = Composes('devops') 7 | devops.version('3.9') 8 | # devops.volumes(volumes) 9 | devops.services(gitlab) 10 | devops.services(runner) 11 | # devops.services(portainer) 12 | # devops.services(agent) 13 | devops.services(rancher) 14 | devops.services(zentao) -------------------------------------------------------------------------------- /ansible/README.md: -------------------------------------------------------------------------------- 1 | ansible 2 | ======= 3 | 4 | Netkiller ansible playbook 5 | 6 | # Install ansible 7 | 8 | yum install -y ansible 9 | git clone https://github.com/oscm/ansible.git 10 | 11 | ## Config hosts 12 | vim /etc/ansible/hosts 13 | 14 | Example: 15 | 16 | 192.168.1.100 17 | 192.168.1.110 18 | 19 | ## Test 20 | 21 | # ansible 192.168.1.100 -m ping 22 | 192.168.1.100 | success >> { 23 | "changed": false, 24 | "ping": "pong" 25 | } 26 | -------------------------------------------------------------------------------- /container/docker/bin/prometheus/run.sh: -------------------------------------------------------------------------------- 1 | docker run -d -p 9090:9090 --user 996:996 \ 2 | --net=host \ 3 | -v /etc/prometheus/prometheus.yml \ 4 | -v /data/prometheus \ 5 | prom/prometheus \ 6 | --config.file="/etc/prometheus/prometheus.yml" \ 7 | --storage.tsdb.path="/var/lib/prometheus" 8 | 9 | docker run -d -p 9100:9100 --user 995:995 \ 10 | -v "/:/hostfs" \ 11 | --net="host" \ 12 | prom/node-exporter \ 13 | --path.rootfs=/hostfs 14 | 15 | # prometheus 16 | -------------------------------------------------------------------------------- /container/docker/docker-compose/gitlab/docker.sh: -------------------------------------------------------------------------------- 1 | docker pull gitlab/gitlab-ce 2 | 3 | --rm --detach \ 4 | --hostname gitlab.netkiller.cn \ 5 | --restart always \ 6 | --publish 22:22 7 | 8 | docker container rm gitlab 9 | docker run --name gitlab --rm \ 10 | --publish 443:443 --publish 80:80 \ 11 | --volume /opt/gitlab/config:/etc/gitlab \ 12 | --volume /opt/gitlab/logs:/var/log/gitlab \ 13 | --volume /opt/gitlab/data:/var/opt/gitlab \ 14 | gitlab/gitlab-ce:latest -------------------------------------------------------------------------------- /share/zabbix/postfix/userparameter_postfix.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Postfix - statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | UserParameter=postfix.discovery,/srv/zabbix/libexec/postfix discovery 10 | # Return statistics 11 | UserParameter=postfix[*],/srv/zabbix/libexec/postfix $1 $2 -------------------------------------------------------------------------------- /container/docker/prometheus/prometheus/rules/memory.yml: -------------------------------------------------------------------------------- 1 | groups: 2 | - name: example 3 | rules: 4 | - alert: NodeMemoryUsage 5 | expr: (1 - (node_memory_MemAvailable_bytes / (node_memory_MemTotal_bytes))) * 100 > 80 6 | for: 1m 7 | labels: 8 | severity: warning 9 | annotations: 10 | summary: "{{$labels.instance}}: High Memory usage detected" 11 | description: "{{$labels.instance}}: Memory usage is above 80% (current value is:{{ $value }})" -------------------------------------------------------------------------------- /nodekeeper/.gitignore: -------------------------------------------------------------------------------- 1 | *.py[cod] 2 | 3 | # C extensions 4 | *.so 5 | 6 | # Packages 7 | *.egg 8 | *.egg-info 9 | dist 10 | build 11 | eggs 12 | parts 13 | var 14 | sdist 15 | develop-eggs 16 | .installed.cfg 17 | lib 18 | lib64 19 | 20 | # Installer logs 21 | pip-log.txt 22 | 23 | # Unit test / coverage reports 24 | .coverage 25 | .tox 26 | nosetests.xml 27 | 28 | # Translations 29 | *.mo 30 | 31 | # Mr Developer 32 | .mr.developer.cfg 33 | .project 34 | .pydevproject 35 | -------------------------------------------------------------------------------- /container/docker/docker-compose/swarms/spring/springcloud/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | volumes: 4 | redis_data: 5 | mysql_data: 6 | elasticsearch_data: 7 | 8 | networks: 9 | frontend: 10 | backend: 11 | 12 | services: 13 | redis: 14 | image: redis:latest 15 | container_name: redis 16 | ports: 17 | - "6379:6379" 18 | volumes: 19 | - redis_data:/var/lib/redis 20 | restart: always 21 | networks: 22 | - backend 23 | -------------------------------------------------------------------------------- /share/saltstack/salt/rsync/rsyncd.conf: -------------------------------------------------------------------------------- 1 | uid = www 2 | gid = www 3 | use chroot = no 4 | max connections = 8 5 | pid file = /var/run/rsyncd.pid 6 | lock file = /var/run/rsync.lock 7 | log file = /var/log/rsyncd.log 8 | 9 | hosts deny=* 10 | hosts allow=192.168.2.0/255.255.255.0 11 | 12 | [www] 13 | uid = www 14 | gid = www 15 | path = /www 16 | ignore errors 17 | read only = no 18 | list = no 19 | auth users = www 20 | secrets file = /etc/rsyncd.passwd 21 | -------------------------------------------------------------------------------- /share/saltstack/.gitignore: -------------------------------------------------------------------------------- 1 | *.py[cod] 2 | 3 | # C extensions 4 | *.so 5 | 6 | # Packages 7 | *.egg 8 | *.egg-info 9 | dist 10 | build 11 | eggs 12 | parts 13 | bin 14 | var 15 | sdist 16 | develop-eggs 17 | .installed.cfg 18 | lib 19 | lib64 20 | 21 | # Installer logs 22 | pip-log.txt 23 | 24 | # Unit test / coverage reports 25 | .coverage 26 | .tox 27 | nosetests.xml 28 | 29 | # Translations 30 | *.mo 31 | 32 | # Mr Developer 33 | .mr.developer.cfg 34 | .project 35 | .pydevproject 36 | -------------------------------------------------------------------------------- /share/zabbix/Mototrbo/userparameter_mototrbo.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Mototrbo Trbonet - statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | # Discovery 8 | UserParameter=mototrbo.discovery,/srv/zabbix/libexec/mototrbo discovery 9 | # Return statistics 10 | UserParameter=mototrbo.status[*],/srv/zabbix/libexec/mototrbo ping $1 11 | -------------------------------------------------------------------------------- /etc/dump.ini: -------------------------------------------------------------------------------- 1 | [DEFAULT] 2 | ;directory=/opt/backup 3 | ;设置备份目录 4 | directory=/tmp/backup 5 | ;设置日志文件 6 | logfile=/tmp/dump.log 7 | 8 | [dev] 9 | host=192.168.30.11 10 | user=root 11 | pass=test 12 | dbname=test 13 | description=这是测试环境的数据库 14 | 15 | [test] 16 | host=192.168.10.10 17 | user=test 18 | pass=test 19 | dbname=test test1 test2 test3 test4 20 | 21 | [stage] 22 | user=root 23 | dbname=stage 24 | pass= 25 | dbname=test 26 | 27 | [prod] 28 | user=root 29 | dbname=prod 30 | pass= 31 | dbname=test -------------------------------------------------------------------------------- /libexec/Web/Ant/build.properties: -------------------------------------------------------------------------------- 1 | git.repository=git@58.96.11.18:example.com/admin.example.com.git 2 | #git.branch=master 3 | #git.merge=testing 4 | #git.revert= 5 | #remote.host=www@www.netkiller.cn 6 | remote.host=www@www.netkiller.cn 7 | remote.destination=/srv/www/netkiller.cn/www.netkiller.cn 8 | catalina.home=/srv/apache-tomcat/www.netkiller.cn 9 | 10 | sendmail=false 11 | mail.host=localhost 12 | mail.from=neo@netkiller.cn 13 | mail.tolist=dev@netkiller.cn,ops@netkiller.cn,pd@netkiller.cn,mkt@netkiller.cn -------------------------------------------------------------------------------- /container/docker/bin/minikube.sh: -------------------------------------------------------------------------------- 1 | minikube stop 2 | 3 | minikube start --memory 4096mb --cpus 2 --cache-images=true --driver=hyperkit \ 4 | --extra-config="kubelet.allowed-unsafe-sysctls=kernel.msg*,net.core.somaxconn,vm.*" \ 5 | --image-mirror-country=cn \ 6 | --insecure-registry="127.0.0.1:5000,192.168.3.0/24,192.168.64.0/24,172.17.0.0/16,10.10.0.0/24" \ 7 | --registry-mirror="https://registry.docker-cn.com,https://docker.mirrors.ustc.edu.cn" \ 8 | --service-cluster-ip-range='10.10.0.0/24' 9 | 10 | minikube dashboard -------------------------------------------------------------------------------- /bin/wireguard: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python3 2 | # -*- coding: UTF-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | ############################################## 7 | import os,sys 8 | 9 | from netkiller.network.wireguard import Wireguard 10 | 11 | def main(): 12 | try: 13 | run = Wireguard() 14 | run.main() 15 | except KeyboardInterrupt as e: 16 | print(e) 17 | 18 | if __name__ == "__main__": 19 | main() -------------------------------------------------------------------------------- /container/docker/bin/jenkins/docker.sh: -------------------------------------------------------------------------------- 1 | docker pull jenkins/jenkins:lts 2 | 3 | #docker run -d \ 4 | #-p 8080:8080 \ 5 | #-p 50000:50000 \ 6 | #--name jenkins \ 7 | #--link gitlab:gitlab.bill.com \ 8 | #-u root \ 9 | #-v ~/jenkins:/var/jenkins_home \ 10 | #-v /usr/share/maven:/usr/local/maven \ 11 | #-v /usr/lib/jvm/jdk1.8:/usr/local/jdk 12 | #jenkins/jenkins:latest 13 | 14 | docker run -d -p 8080:8080 -p 50000:50000 --name jenkins -v jenkins_home:/var/jenkins_home jenkins/jenkins:lts 15 | 16 | docker logs -f jenkins -------------------------------------------------------------------------------- /container/docker/docker-compose/nginx.yaml: -------------------------------------------------------------------------------- 1 | services: 2 | nginx: 3 | container_name: nginx 4 | environment: 5 | - TZ=Asia/Shanghai 6 | extra_hosts: 7 | - db.netkiller.cn:127.0.0.1 8 | - cache.netkiller.cn:127.0.0.1 9 | - api.netkiller.cn:127.0.0.1 10 | hostname: www.netkiller.cn 11 | image: nginx:latest 12 | links: 13 | - nginx:web1.netkiller.cn 14 | ports: 15 | - 80:80 16 | - 443:443 17 | restart: always 18 | volumes: 19 | - /tmp:/tmp 20 | version: '3.9' 21 | -------------------------------------------------------------------------------- /demo/example/ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | name: simple-ingress 5 | namespace: default 6 | annotations: 7 | nginx.ingress.kubernetes.io/rewrite-target: / 8 | # kubernetes.io/ingress.class: nginx 9 | spec: 10 | rules: 11 | - host: www.netkiller.cn 12 | http: 13 | paths: 14 | - path: / 15 | pathType: Prefix 16 | backend: 17 | service: 18 | name: springboot 19 | port: 20 | number: 80 -------------------------------------------------------------------------------- /libexec/Application/Springboot/build.properties: -------------------------------------------------------------------------------- 1 | git.repository=git@gitlab.netkiller.cn:netkiller.cn/api.netkiller.cn.git 2 | remote.java.home=/srv/java 3 | #git.branch=development 4 | #git.merge=development 5 | remote.host=www@www.netkiller.com 6 | remote.destination=/www/netkiller.cn/www.netkiller.cn 7 | project.package=api.netkiller.cn-0.0.1-master.war 8 | 9 | gulp=false 10 | sendmail=false 11 | mail.host=localhost 12 | mail.from=neo@netkiller.cn 13 | mail.tolist=dev@netkiller.cn,ops@netkiller.cn,pd@netkiller.cn,mkt@netkiller.cn -------------------------------------------------------------------------------- /share/zabbix/postfix/README.md: -------------------------------------------------------------------------------- 1 | Zabbix for Postfix 3.2 2 | ===== 3 | 4 | Install agent 5 | ----- 6 | 7 | yum install -y logcheck 8 | mkdir -p /srv/zabbix/libexec 9 | wget https://raw.githubusercontent.com/oscm/zabbix/master/postfix/postfix -P /srv/zabbix/libexec 10 | chmod +x /srv/zabbix/libexec/postfix 11 | 12 | wget https://raw.githubusercontent.com/oscm/zabbix/master/postfix/userparameter_postfix.conf -P /etc/zabbix/zabbix_agentd.d/ 13 | systemctl restart zabbix-agent 14 | 15 | zabbix_get -s 13.24.22.53 -k 'agent.ping' -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/cluster/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | # echo never | tee /sys/kernel/mm/transparent_hugepage/enabled 5 | # echo never | tee /sys/kernel/mm/transparent_hugepage/defrag 6 | 7 | # allow the container to be started with `--user` 8 | if [ "$1" = 'redis-server' -a "$(id -u)" = '0' ]; then 9 | sed -i 's/REDIS_PORT/'$REDIS_PORT'/g' /etc/redis/redis.conf 10 | # envsubst < redis.conf.template > /etc/redis/redis.conf 11 | chown -R redis . 12 | exec gosu redis "$0" "$@" 13 | fi 14 | 15 | exec "$@" -------------------------------------------------------------------------------- /container/docker/docker-compose/swarms/spring/springboot/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | networks: 4 | outside: 5 | inside: 6 | 7 | services: 8 | config: 9 | image: 127.0.0.1:5000/netkiller/config:latest 10 | ports: 11 | - "8888:8888" 12 | volumes: 13 | - /tmp/config:/tmp 14 | networks: 15 | - outside 16 | deploy: 17 | replicas: 1 18 | restart_policy: 19 | condition: on-failure 20 | resources: 21 | limits: 22 | cpus: "0.1" 23 | memory: 256M 24 | -------------------------------------------------------------------------------- /container/docker/images/alpine/nginx/vhost.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | server_name *.example.com example.com; 4 | if ($host = 'example.com' ) { 5 | rewrite ^/(.*)$ http://www.example.com/$1 permanent; 6 | } 7 | 8 | if ( $host ~* (.*)\.(.*)\.(.*)) { 9 | set $subdomain $1; 10 | set $domain $2.$3; 11 | } 12 | 13 | root /www/$domain/$subdomain; 14 | index index.html index.php; 15 | 16 | location ~ .*\.(php|shtml)?$ { 17 | fastcgi_pass 127.0.0.1:9000; 18 | fastcgi_index index.php; 19 | include fcgi.conf; 20 | } 21 | } -------------------------------------------------------------------------------- /demo/logging/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: elasticsearch 7 | name: elasticsearch-admin 8 | namespace: ns-elastic 9 | --- 10 | apiVersion: rbac.authorization.k8s.io/v1 11 | kind: ClusterRoleBinding 12 | metadata: 13 | name: elasticsearch-admin 14 | labels: 15 | app: elasticsearch 16 | roleRef: 17 | apiGroup: rbac.authorization.k8s.io 18 | kind: ClusterRole 19 | name: cluster-admin 20 | subjects: 21 | - kind: ServiceAccount 22 | name: elasticsearch-admin 23 | namespace: ns-elastic -------------------------------------------------------------------------------- /container/docker/compose/service/kubernetes.py: -------------------------------------------------------------------------------- 1 | try: 2 | import os, sys 3 | module = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 4 | sys.path.insert(0, module) 5 | from netkiller.docker import * 6 | except ImportError as err: 7 | print("%s" %(err)) 8 | 9 | rancher = Services('rancher') 10 | rancher.container_name('rancher') 11 | rancher.image('rancher/rancher:stable').restart('unless-stopped').volumes([ 12 | '/var/lib/rancher/:/var/lib/rancher/', 13 | '/var/log/auditlog:/var/log/auditlog' 14 | ]).ports(['8080:80','443:443']).privileged() -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.9' 2 | 3 | services: 4 | redis: 5 | image: redis:alpine 6 | container_name: redis 7 | restart: always 8 | hostname: redis.netkiller.cn 9 | environment: 10 | - TZ=Asia/Shanghai 11 | - LANG=en_US.UTF-8 12 | ports: 13 | - 6379:6379 14 | volumes: 15 | - redis:/data 16 | sysctls: 17 | - net.core.somaxconn=511 18 | command: 19 | --logfile /data/redis.log 20 | --requirepass passw0rd 21 | --appendonly yes 22 | volumes: 23 | redis: -------------------------------------------------------------------------------- /share/ant/build.xml: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | 9 | 10 | 15 | 16 | 17 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /container/docker/docker-compose/blockchain/hyperledger/couchdb/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | 3 | networks: 4 | basic: 5 | 6 | services: 7 | couchdb: 8 | container_name: couchdb 9 | image: hyperledger/fabric-couchdb 10 | # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password 11 | # for CouchDB. This will prevent CouchDB from operating in an "Admin Party" mode. 12 | environment: 13 | - COUCHDB_USER=admin 14 | - COUCHDB_PASSWORD=passw0rd 15 | ports: 16 | - 172.16.0.17:5984:5984 17 | networks: 18 | - basic -------------------------------------------------------------------------------- /bin/chpasswd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | datetime=`date +%Y-%m-%d" "%H":"%M` 3 | email="neo.chan@live.com" 4 | #password=$(cat /dev/urandom | tr -cd [:alnum:] | fold -w30 | head -n 1) 5 | string=$(date -u "+%Y$1%m$2%d$3%H$4%M") 6 | password=$(echo $string | md5sum | cut -c 2-9 | base64 | tr -d "=" | cut -c 1-32) 7 | echo $string 8 | echo $password > ~/.lastpasswd 9 | exit 10 | echo $password | passwd www --stdin > /dev/null 11 | 12 | #for pts in $(w | awk -F' ' '{if ($1 == "www") print $2}') 13 | #do 14 | # pkill -9 -t $pts 15 | #done 16 | 17 | #cat $password | mutt -s "$datetime new passwd" $email 18 | -------------------------------------------------------------------------------- /container/docker/prometheus/alertmanager/email.tmpl: -------------------------------------------------------------------------------- 1 | {{ define "email.from" }}xxxxxxxx@qq.com{{ end }} 2 | {{ define "email.to" }}xxxxxxxx@qq.com{{ end }} 3 | {{ define "email.to.html" }} 4 | {{ range .Alerts }} 5 | =========start==========
6 | 告警程序: prometheus_alert
7 | 告警级别: {{ .Labels.severity }} 级
8 | 告警类型: {{ .Labels.alertname }}
9 | 故障主机: {{ .Labels.instance }}
10 | 告警主题: {{ .Annotations.summary }}
11 | 告警详情: {{ .Annotations.description }}
12 | 触发时间: {{ .StartsAt.Format "2019-08-04 16:58:15" }}
13 | =========end==========
14 | {{ end }} 15 | {{ end }} -------------------------------------------------------------------------------- /share/zabbix/Dependency/userparameter_dependency.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Netkiller Service dependency check 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | UserParameter=dependency.discovery, /srv/zabbix/libexec/dependency --discovery 10 | # Return statistics 11 | UserParameter=dependency.ping[*],/srv/zabbix/libexec/dependency --ping $1 12 | UserParameter=dependency.check[*],/srv/zabbix/libexec/dependency --check $1 $2 13 | -------------------------------------------------------------------------------- /share/zabbix/redis/userparameter_redis.conf: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Redis - statistics 3 | # 4 | # Author: Neo Chen 5 | # Website: http://www.netkiller.cn 6 | ############################################################ 7 | 8 | # Discovery 9 | 10 | # Return Redis statistics 11 | UserParameter=redis.local[*],redis-cli -h 127.0.0.1 -p 6379 info|grep $1|grep -v _human|cut -d : -f2 12 | UserParameter=redis.status[*],redis-cli -h $1 -p $2 info|grep $3|grep -v _human|cut -d : -f2 13 | UserParameter=redis.proc,pidof redis-server | wc -l 14 | -------------------------------------------------------------------------------- /share/puppet/pkgs.pp: -------------------------------------------------------------------------------- 1 | package { 2 | ["telnet", "wget", "rsync", "bind-utils", "vim-enhanced", "system-config-network-tui", "lrzsz"]: 3 | ensure => installed; 4 | ["dhclient"]: 5 | provider => yum, 6 | ensure=>absent; 7 | "epel-release-6-7": 8 | ensure => present, 9 | provider => rpm, 10 | source=>"http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm"; 11 | "rpmforge-release-0.5.2-2.el6.rf": 12 | ensure => present, 13 | provider => rpm, 14 | source=>"http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm" 15 | } 16 | 17 | -------------------------------------------------------------------------------- /etc/mongo.ini.sample: -------------------------------------------------------------------------------- 1 | [DEFAULT] 2 | ;directory=/opt/backup 3 | ;设置备份目录 4 | directory=/tmp/backup 5 | ;设置日志文件 6 | logfile=/tmp/dump.log 7 | 8 | [dev] 9 | host=192.168.30.11 10 | username=test 11 | password=test 12 | db=test 13 | description=这是测试环境的数据库 14 | 15 | [test] 16 | host=192.168.30.10 17 | port=27017 18 | username=neo 19 | password=neo 20 | db=neo 21 | 22 | [stage] 23 | host=localhost 24 | username=root 25 | password= 26 | db=stage 27 | recipient=netkiller@msn.com 28 | 29 | [prod] 30 | host=localhost 31 | username=root 32 | password= 33 | db=prod 34 | authenticationDatabase=test 35 | recipient=netkiller@msn.com -------------------------------------------------------------------------------- /doc/mysql/MySQL.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | pip3 install mysql-connector-python --user 4 | 5 | docker run -d -p 3306:3306 --name mysql \ 6 | -e MYSQL_ROOT_PASSWORD=123456 \ 7 | -e TIMEZONE=Asia/Shanghai \ 8 | -e MYSQL_GENERAL_LOG=1 \ 9 | mysql:latest 10 | 11 | CREATE TABLE `employees` ( 12 | `emp_no` int(11) NOT NULL AUTO_INCREMENT, 13 | `birth_date` date NOT NULL, 14 | `first_name` varchar(14) NOT NULL, 15 | `last_name` varchar(16) NOT NULL, 16 | `gender` enum('M','F') NOT NULL, 17 | `hire_date` date NOT NULL, 18 | PRIMARY KEY (`emp_no`) 19 | ) ENGINE=InnoDB; 20 | 21 | 22 | mysqldiff --overwrite 覆盖 -------------------------------------------------------------------------------- /container/docker/bin/registry/registry.auth.sh: -------------------------------------------------------------------------------- 1 | htpasswd -Bbn netkiller passw0rd > /var/lib/registry/passwd 2 | 3 | docker run -d -p 5000:5000 --name registry \ 4 | --restart=always \ 5 | -v /var/lib/registry:/var/lib/registry \ 6 | -e REGISTRY_AUTH=htpasswd \ 7 | -e REGISTRY_AUTH_HTPASSWD_REALM=Registry_Realm \ 8 | -e REGISTRY_AUTH_HTPASSWD_PATH=/var/lib/registry/passwd \ 9 | registry:latest 10 | 11 | docker run -d -p 5001:5001 --name registry-ui \ 12 | -e REGISTRY_HOST=registry.netkiller.cn \ 13 | -e REGISTRY_SSL=true \ 14 | -e REGISTRY_DOMAIN=registry.netkiller.cn \ 15 | -e REGISTRY_USER=netkiller \ 16 | -e REGISTRY_PASS=passw0rd \ 17 | jc21/registry-ui -------------------------------------------------------------------------------- /share/zabbix/nginx/default.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | server_name localhost; 4 | 5 | location / { 6 | root /usr/share/nginx/html; 7 | index index.html index.htm; 8 | } 9 | 10 | #error_page 404 /404.html; 11 | 12 | # redirect server error pages to the static page /50x.html 13 | # 14 | error_page 500 502 503 504 /50x.html; 15 | location = /50x.html { 16 | root /usr/share/nginx/html; 17 | } 18 | 19 | location /stub_status { 20 | stub_status on; 21 | access_log off; 22 | allow 127.0.0.1; 23 | deny all; 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /share/saltstack/salt/iptables/init.sls: -------------------------------------------------------------------------------- 1 | iptables: 2 | pkg: 3 | - installed 4 | service: 5 | - running 6 | - watch: 7 | - pkg: iptables 8 | - file: iptables 9 | file: 10 | - managed 11 | - source: salt://iptables/iptables 12 | {% if grains['os'] == 'CentOS' or grains['os'] == 'Fedora' %} 13 | - name: /etc/sysconfig/iptables 14 | {% elif grains['os'] == 'Arch' %} 15 | - name: /etc/conf.d/iptables 16 | {% endif %} 17 | 18 | #/etc/sysconfig/iptables: 19 | # file: 20 | # - managed 21 | # - source: salt://iptables 22 | # - user: root 23 | # - group: root 24 | # - mode: 644 25 | # - backup: minion 26 | -------------------------------------------------------------------------------- /container/docker/README.md: -------------------------------------------------------------------------------- 1 | docker 2 | ====== 3 | 4 | Docker 5 | 6 | ## Install docker ec for CentOS 7 7 | 8 | curl -s https://raw.githubusercontent.com/oscm/shell/master/os/personalise.sh | bash 9 | curl -s https://raw.githubusercontent.com/oscm/shell/master/virtualization/docker/docker.centos7.ce.sh | bash 10 | 11 | ## docker-compose 12 | 13 | curl -s https://raw.githubusercontent.com/oscm/shell/master/virtualization/docker/docker-compose/docker-compose.sh | bash 14 | 15 | Donations 16 | --------- 17 | We accept PayPal through: 18 | 19 | https://www.paypal.me/netkiller 20 | 21 | Wechat (微信) / Alipay (支付宝) 打赏: 22 | 23 | http://www.netkiller.cn/home/donations.html 24 | -------------------------------------------------------------------------------- /etc/dump.ini.sample: -------------------------------------------------------------------------------- 1 | [DEFAULT] 2 | ;directory=/opt/backup 3 | ;设置备份目录 4 | directory=/tmp/backup 5 | ;设置日志文件 6 | logfile=/tmp/dump.log 7 | 8 | [dev] 9 | host=192.168.30.11 10 | user=root 11 | pass=test 12 | dbname=test 13 | description=这是测试环境的数据库 14 | recipient=netkiller@msn.com 15 | 16 | [test] 17 | host=192.168.10.10 18 | user=test 19 | pass=test 20 | dbname=test test1 test2 test3 test4 21 | recipient=netkiller@msn.com 22 | 23 | [stage] 24 | host=127.0.0.1 25 | user=root 26 | pass= 27 | dbname=stage 28 | description=test 29 | recipient=netkiller@msn.com 30 | 31 | [prod] 32 | host=127.0.0.1 33 | user=root 34 | pass= 35 | dbname=prod 36 | description==test 37 | recipient=netkiller@msn.com -------------------------------------------------------------------------------- /container/docker/images/ubuntu/build.sh: -------------------------------------------------------------------------------- 1 | 2 | #set -euxo pipefail 3 | 4 | #DOCKER_REGISTRY=${DOCKER_REGISTRY:hub.docker.com} 5 | #PREFIX=${PREFIX:-agent-} 6 | VERSION=${VERSION:-latest} 7 | 8 | # TODO check $1 and DOCKER_REGISTRY 9 | #if [ -z $1 ]; then 10 | # echo "no image name provided." 11 | # exit 1 12 | #fi 13 | 14 | 15 | for agent in $(ls -1) 16 | do 17 | echo $agent 18 | echo "cat $agent/Dockerfile | docker build -t $agent:$VERSION -f - $agent/" 19 | #echo cat $agent/Dockerfile | docker build -t $DOCKER_REGISTRY/$agent:$VERSION -f - $agent/ 20 | 21 | if [ -n $DOCKER_REGISTRY ]; then 22 | echo "docker push $DOCKER_REGISTRY$agent:$VERSION" 23 | fi 24 | 25 | 26 | done 27 | -------------------------------------------------------------------------------- /share/saltstack/salt/iptables/iptables: -------------------------------------------------------------------------------- 1 | # Firewall configuration written by system-config-firewall 2 | # Manual customization of this file is not recommended. 3 | *filter 4 | :INPUT ACCEPT [0:0] 5 | :FORWARD ACCEPT [0:0] 6 | :OUTPUT ACCEPT [0:0] 7 | -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 8 | -A INPUT -p icmp -j ACCEPT 9 | -A INPUT -i lo -j ACCEPT 10 | -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT 11 | -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT 12 | -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT 13 | -A INPUT -j REJECT --reject-with icmp-host-prohibited 14 | -A FORWARD -j REJECT --reject-with icmp-host-prohibited 15 | COMMIT 16 | -------------------------------------------------------------------------------- /container/docker/images/centos/tomcat/README.md: -------------------------------------------------------------------------------- 1 | # Centos 7 + Server Jre + Tomcat 8.5.15 2 | 3 | ## for testing 4 | 5 | docker build -t "centos:tomcat" . 6 | 7 | docker run --name my-centos-tomcat -d centos:tomcat 8 | 9 | docker exec -it my-centos-tomcat /bin/bash 10 | 11 | ## for production 12 | 13 | instance=www.netkiller.cn 14 | mkdir -p /var/log/tomcat/${instance} 15 | docker image rm -f centos:tomcat 16 | docker build -t "centos:tomcat" . 17 | docker rm ${instance} -f 18 | docker run --rm --name ${instance} \ 19 | -v /var/log/tomcat/${instance}:/srv/tomcat/logs:rw \ 20 | -v /www/${instance}:/srv/tomcat/webapps/ROOT:ro \ 21 | -p 8080:8080 -d centos:tomcat 22 | docker exec -it ${instance} /bin/bash -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/cluster/README.md: -------------------------------------------------------------------------------- 1 | # Redis Cluster 2 | 3 | $ firewall-cmd --permanent --zone=public --add-port=7000-7005/tcp 4 | $ firewall-cmd --permanent --zone=public --add-port=17000-17005/tcp 5 | //重新加载配置 6 | $ firewall-cmd --reload 7 | //查看开放的端口 8 | $ firewall-cmd --permanent --zone=public --list-ports 9 | 10 | 11 | You can change the Redis port by setting REDIS_PORT when running the container. 12 | 13 | docker run -e REDIS_PORT=9999 publicisworldwide/redis-cluster 14 | 15 | redis-cli -a 123123123 --cluster create 172.25.3.21:7000 172.25.3.22:7000 172.25.3.21:7001 172.25.3.22:7001 172.25.3.21:7002 172.25.3.22:7002 172.25.3.21:7003 172.25.3.22:7003 --cluster-replicas 1 -------------------------------------------------------------------------------- /libexec/Application/Springboot/systemd/spring.service: -------------------------------------------------------------------------------- 1 | #################################################### 2 | # Homepage: http://netkiller.github.io 3 | # Author: netkiller 4 | # Script: https://github.com/oscm/shell 5 | # Date: 2016-08-12 6 | #################################################### 7 | [Unit] 8 | Description=Spring Boot Application 9 | After=network.target 10 | 11 | [Service] 12 | User=www 13 | Group=www 14 | Type=simple 15 | WorkingDirectory=/www/netkiller.cn/api.netkiller.cn 16 | Environment="package=api.netkiller.cn-0.0.1-SNAPSHOT.jar" 17 | ExecStart=/srv/java/bin/java -server -Xms2048m -Xmx4096m -Djava.security.egd=file:/dev/./urandom -jar ${package} 18 | 19 | [Install] 20 | WantedBy=multi-user.target 21 | -------------------------------------------------------------------------------- /demo/pipeline/demo.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | from multiprocessing.connection import Pipe 4 | import sys 5 | sys.path.insert(0, '/Users/neo/workspace/GitHub/devops') 6 | 7 | from netkiller.kubernetes import * 8 | from netkiller.git import * 9 | from netkiller.pipeline import * 10 | 11 | def test(): 12 | pipeline = Pipeline('kkk') 13 | pipeline.env('JAVA_HOME','/Library/Java/JavaVirtualMachines/jdk1.8.0_341.jdk/Contents/Home') 14 | pipeline.begin('name').checkout('url','branch').build('build').dockerfile(registry="registry",dir="module").startup(['ls']).end(["docker images | grep none | awk '{ print $3; }' | xargs docker rmi"]).debug() 15 | 16 | 17 | def main(): 18 | test() 19 | 20 | if __name__ == "__main__": 21 | main() -------------------------------------------------------------------------------- /libexec/Web/Gradle/.settings/org.eclipse.buildship.core.prefs: -------------------------------------------------------------------------------- 1 | arguments=--init-script /var/folders/t3/lfr6_nn943ld09d3z7rvmk6w0000gn/T/d146c9752a26f79b52047fb6dc6ed385d064e120494f96f08ca63a317c41f94c.gradle --init-script /var/folders/t3/lfr6_nn943ld09d3z7rvmk6w0000gn/T/52cde0cfcf3e28b8b7510e992210d9614505e0911af0c190bd590d7158574963.gradle 2 | auto.sync=false 3 | build.scans.enabled=false 4 | connection.gradle.distribution=GRADLE_DISTRIBUTION(VERSION(7.4.2)) 5 | connection.project.dir= 6 | eclipse.preferences.version=1 7 | gradle.user.home= 8 | java.home=/Library/Java/JavaVirtualMachines/jdk-19.jdk/Contents/Home 9 | jvm.arguments= 10 | offline.mode=false 11 | override.workspace.settings=true 12 | show.console.view=true 13 | show.executions.view=true 14 | -------------------------------------------------------------------------------- /libexec/Application/Springboot/systemd/sysconfig/springboot.service: -------------------------------------------------------------------------------- 1 | #################################################### 2 | # Homepage: http://www.netkiller.cn 3 | # Author: netkiller 4 | # Script: https://github.com/oscm/devops/ 5 | # Date: 2021-07-20 6 | #################################################### 7 | [Unit] 8 | Description=Spring Boot Application 9 | After=network.target 10 | 11 | [Service] 12 | User=www 13 | Group=www 14 | Type=simple 15 | WorkingDirectory=/www/netkiller.cn/api.netkiller.cn 16 | EnvironmentFile=/etc/sysconfig/springboot 17 | ExecStart=/usr/bin/java $JAVA_OPTS -jar $APPLICATION $APPLICATION_OPTIONS 18 | SuccessExitStatus=143 19 | Restart=always 20 | RestartSec=5 21 | 22 | [Install] 23 | WantedBy=multi-user.target -------------------------------------------------------------------------------- /container/docker/docker-compose/visualizer.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | web: 4 | # replace username/repo:tag with your name and image details 5 | image: nginx 6 | deploy: 7 | replicas: 5 8 | restart_policy: 9 | condition: on-failure 10 | resources: 11 | limits: 12 | cpus: "0.1" 13 | memory: 50M 14 | ports: 15 | - "80:80" 16 | networks: 17 | - webnet 18 | visualizer: 19 | image: dockersamples/visualizer:stable 20 | ports: 21 | - "8080:8080" 22 | volumes: 23 | - "/var/run/docker.sock:/var/run/docker.sock" 24 | deploy: 25 | placement: 26 | constraints: [node.role == manager] 27 | networks: 28 | - webnet 29 | networks: 30 | webnet: -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/cluster/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM redis:latest 2 | 3 | ARG node 4 | ENV REDIS_PORT 6379 5 | 6 | #COPY ${node}/redis.conf /etc/redis/redis.conf 7 | COPY redis.conf /etc/redis/redis.conf 8 | COPY docker-entrypoint.sh / 9 | 10 | #修复时区 11 | RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime 12 | RUN echo 'Asia/Shanghai' >/etc/timezone 13 | RUN echo 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' > /etc/rc.local 14 | 15 | #修改文件权限,使之可以通过config rewrite重写 16 | RUN chmod +rw /etc/redis/redis.conf 17 | RUN chmod +x /docker-entrypoint.sh 18 | 19 | # Redis客户端连接端口 20 | EXPOSE 6379 21 | EXPOSE 16379 22 | EXPOSE $REDIS_PORT 23 | 24 | #使用自定义conf启动 25 | ENTRYPOINT ["/docker-entrypoint.sh"] 26 | CMD [ "redis-server", "/etc/redis/redis.conf" ] -------------------------------------------------------------------------------- /demo/example/key-value.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: db-config 5 | namespace: default 6 | data: 7 | db.host: 172.16.0.10 8 | db.port: '3306' 9 | db.user: neo 10 | db.pass: chen 11 | --- 12 | apiVersion: v1 13 | kind: Pod 14 | metadata: 15 | name: test-pod 16 | spec: 17 | containers: 18 | - name: test-container 19 | image: busybox 20 | command: [ "/bin/sh", "-c", "env" ] 21 | env: 22 | - name: DBHOST 23 | valueFrom: 24 | configMapKeyRef: 25 | name: db-config 26 | key: db.host 27 | - name: DBPORT 28 | valueFrom: 29 | configMapKeyRef: 30 | name: db-config 31 | key: db.port 32 | restartPolicy: Never 33 | -------------------------------------------------------------------------------- /container/docker/prometheus/prometheus/rules/blackbox.rules: -------------------------------------------------------------------------------- 1 | # 链接监控 2 | groups: 3 | - name: blackbox_http 4 | rules: 5 | - alert: 网站不能访问 6 | expr: probe_success == 0 7 | for: 1m 8 | labels: 9 | status: 严重告警 10 | kind: blackbox_http 11 | # severity: critical 12 | annotations: 13 | summary: "{{$labels.instance}} 不能访问" 14 | description: "{{$labels.instance}} 不能访问" 15 | 16 | - name: ssl_expiry.rules 17 | rules: 18 | - alert: SSLCertExpiringSoon 19 | expr: probe_ssl_earliest_cert_expiry{job="blackbox"} - time() < 86400 * 30 20 | for: 10m 21 | labels: 22 | status: 注意告警 23 | kind: ssl 24 | # severity: critical 25 | annotations: 26 | summary: "{{$labels.instance}} 证书即将过期" 27 | description: "SSL 证书即将过期" -------------------------------------------------------------------------------- /doc/mysql/database.dump.md: -------------------------------------------------------------------------------- 1 | Database 2 | ======== 3 | 4 | Backup database 5 | 6 | Installion 7 | ------ 8 | # cp shell/backup.mysql.sh /etc/cron.daily 9 | 10 | Create backup user for your database. 11 | ------ 12 | CREATE USER 'backup'@'localhost' IDENTIFIED BY 'SaJePoM6BAPOmOFOd7Xo3e1A52vEPE'; 13 | GRANT SELECT, LOCK TABLES ON *.* TO 'backup'@'localhost'; 14 | FLUSH PRIVILEGES; 15 | SHOW GRANTS FOR 'backup'@'localhost'; 16 | 17 | 18 | Database connect infomation 19 | ------ 20 | BACKUP_HOST="localhost" 21 | BACKUP_USER="backup" 22 | BACKUP_PASS="SaJePoM6BAPOmOFOd7Xo3e1A52vEPE" 23 | BACKUP_DIR=/backup/database 24 | BACKUP_DBNAME="dbname" 25 | 26 | Initialize the working directory 27 | ------ 28 | $ mkdir -p /backup/database 29 | 30 | Running 31 | ------ 32 | # /etc/cron.daily/backup.mysql.sh -------------------------------------------------------------------------------- /container/docker/images/ubuntu/php/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | 3 | RUN apt-get update && apt-get install -y build-essential 4 | 5 | # RUN apt upgrade 6 | RUN apt install -y --allow-downgrades ca-certificates apt-transport-https 7 | RUN apt update && apt install -y php7.2 && apt install -y php7.2-cgi php7.2-cli php7.2-dev php7.2-common php7.2-curl php7.2-imap php7.2-json php7.2-mbstring php7.2-mysql php7.2-xml php7.2-zip php7.2-opcache 8 | 9 | RUN wget https://dl.laravel-china.org/composer.phar -O /usr/local/bin/composer \ 10 | && chmod a+x /usr/local/bin/composer \ 11 | && composer config -g repo.packagist composer https://packagist.laravel-china.org 12 | 13 | 14 | ENV PATH /home/jenkins/.composer/vendor/bin/:$PATH 15 | 16 | RUN composer config -g repo.packagist composer https://packagist.phpcomposer.com 17 | -------------------------------------------------------------------------------- /share/zabbix/php-fpm/php-fpm.xml.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################## 3 | # AUTHOR: Neo 4 | # WEBSITE: http://www.netkiller.cn 5 | # Description:zabbix 通过 status 模块监控 php-fpm 6 | # Note:Zabbix 3.2 7 | # DateTime: 2016-11-22 8 | ################################################## 9 | 10 | HOST="localhost" 11 | PORT="80" 12 | status="status" 13 | 14 | function query() { 15 | curl -s http://${HOST}:${PORT}/${status}?xml | grep "<$1>" | awk -F'>|<' '{ print $3}' 16 | } 17 | 18 | if [ $# == 0 ]; then 19 | echo $"Usage $0 {pool|process-manager|start-time|start-since|accepted-conn|listen-queue|max-listen-queue|listen-queue-len|idle-processes|active-processes|total-processes|max-active-processes|max-children-reached|slow-requests}" 20 | exit 21 | else 22 | query "$1" 23 | fi -------------------------------------------------------------------------------- /container/docker/compose/demo.py: -------------------------------------------------------------------------------- 1 | from netkiller.docker import * 2 | 3 | dockerfile = Dockerfile() 4 | dockerfile.image('openjdk:8').volume(['/srv']).run( 5 | 'apt update -y && apt install -y procps net-tools iputils-ping iproute2 telnet' 6 | ).expose(['80', '443']).workdir('/srv') 7 | 8 | image = Services('image') 9 | image.build(dockerfile) 10 | image.image('netkiller:openjdk8') 11 | 12 | 13 | demo = Composes('demo') 14 | demo.version('3.9') 15 | demo.services(image) 16 | # demo.build('') 17 | 18 | if __name__ == "__main__": 19 | try: 20 | docker = Docker() 21 | # docker.env({'DOCKER_HOST':'ssh://root@192.168.30.13','COMPOSE_PROJECT_NAME':'experiment'}) 22 | docker.environment(demo) 23 | docker.main() 24 | except KeyboardInterrupt: 25 | print("Crtl+C Pressed. Shutting down.") -------------------------------------------------------------------------------- /share/zabbix/php-fpm/php-fpm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################## 3 | # AUTHOR: Neo 4 | # WEBSITE: http://www.netkiller.cn 5 | # Description:zabbix 通过 status 模块监控 php-fpm 6 | # Note:Zabbix 3.2 7 | # DateTime: 2016-11-22 8 | ################################################## 9 | 10 | HOST="localhost" 11 | PORT="80" 12 | status="status" 13 | 14 | function query() { 15 | curl -s http://${HOST}:${PORT}/${status} | grep "$1" | cut -d : -f 2 | awk '{print $1}' 16 | } 17 | 18 | if [ $# == 0 ]; then 19 | echo $"Usage $0 \"{pool|process manager|start time|start since|accepted conn|listen queue|max listen queue|listen queue len|idle processes|active processes|total processes|max active processes|max children reached|slow requests}\"" 20 | exit 21 | else 22 | query "$1" 23 | fi -------------------------------------------------------------------------------- /container/docker/prometheus/cadvisor/docker-compose.yml: -------------------------------------------------------------------------------- 1 | 2 | version: '3.8' 3 | services: 4 | prometheus: 5 | image: prom/prometheus:latest 6 | container_name: prometheus 7 | ports: 8 | - 9090:9090 9 | command: 10 | - --config.file=/etc/prometheus/prometheus.yml 11 | volumes: 12 | - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro 13 | depends_on: 14 | - cadvisor 15 | cadvisor: 16 | image: gcr.io/google-containers/cadvisor:latest 17 | container_name: cadvisor 18 | ports: 19 | - 8080:8080 20 | volumes: 21 | - /:/rootfs:ro 22 | - /var/run:/var/run:rw 23 | - /sys:/sys:ro 24 | - /var/lib/docker/:/var/lib/docker:ro 25 | depends_on: 26 | - redis 27 | redis: 28 | image: redis:latest 29 | container_name: redis 30 | ports: 31 | - 6379:6379 -------------------------------------------------------------------------------- /etc/cron.d/backup: -------------------------------------------------------------------------------- 1 | # m h dom mon dow command 2 | # 3 | 17 * * * * test -x /srv/sbin/backup || ( cd / && run-parts --report /srv/etc/cron.hourly ) 4 | 25 6 * * * test -x /srv/sbin/backup || ( cd / && run-parts --report /srv/etc/cron.daily ) 5 | 47 6 * * 7 test -x /srv/sbin/backup || ( cd / && run-parts --report /srv/etc/cron.weekly ) 6 | 52 6 1 * * test -x /srv/sbin/backup || ( cd / && run-parts --report /srv/etc/cron.monthly ) 7 | # 8 | 17 * * * * test -x /srv/sbin/backup || ( cd /srv/sbin && backup schedule run hourly ) 9 | 25 6 * * * test -x /srv/sbin/backup || ( backup schedule run daily ) 10 | 47 6 * * 7 test -x /srv/sbin/backup || ( backup schedule run weekly ) 11 | 52 6 1 * * test -x /srv/sbin/backup || ( backup schedule run monthly ) 12 | 13 | 14 | */30 * * * * /srv/sbin/backup task run www 15 | -------------------------------------------------------------------------------- /container/docker/docker-compose/testing/rabbitmq.yml: -------------------------------------------------------------------------------- 1 | version: "3.7" 2 | services: 3 | 4 | rabbit1: 5 | image: rabbitmq 6 | hostname: rabbit1 7 | ports: 8 | - "5672:5672" 9 | - "15672:15672" 10 | environment: 11 | - RABBITMQ_DEFAULT_USER=admin 12 | - RABBITMQ_DEFAULT_PASS=mypass 13 | 14 | rabbit2: 15 | image: rabbitmq 16 | hostname: rabbit2 17 | links: 18 | - rabbit1 19 | environment: 20 | - CLUSTERED=true 21 | - CLUSTER_WITH=rabbit1 22 | - RAM_NODE=true 23 | ports: 24 | - "5673:5672" 25 | - "15673:15672" 26 | 27 | rabbit3: 28 | image: rabbitmq 29 | hostname: rabbit3 30 | links: 31 | - rabbit1 32 | - rabbit2 33 | environment: 34 | - CLUSTERED=true 35 | - CLUSTER_WITH=rabbit1 36 | ports: 37 | - "5674:5672" 38 | -------------------------------------------------------------------------------- /share/zabbix/tcpstats/tcpstats: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################## 3 | # AUTHOR: Neo 4 | # WEBSITE: http://www.netkiller.cn 5 | # Description: Netkiller state statistics 6 | # Note:Zabbix 3.2 7 | # DateTime: 2016-12-09 8 | ################################################## 9 | TTL=1 10 | CACHE=/dev/shm/tcpstat.cch 11 | ################################################## 12 | 13 | if [ -f ${CACHE} ]; then 14 | find ${CACHE} -type f -mmin +${TTL} -delete 15 | fi 16 | 17 | if [ ! -f ${CACHE} ]; then 18 | ss -ant | awk 'BEGIN {stats["CLOSE-WAIT"]=0;stats["ESTAB"]=0;stats["FIN-WAIT-1"]=0;stats["FIN-WAIT-2"]=0;stats["LAST-ACK"]=0;stats["SYN-RECV"]=0;stats["SYN-SENT"]=0;stats["TIME-WAIT"]=0} {++stats[$1]} END {for(a in stats) print a, stats[a]}' > ${CACHE} 19 | fi 20 | 21 | grep $1 ${CACHE} | cut -d " " -f2 -------------------------------------------------------------------------------- /container/docker/compose/service/log.py: -------------------------------------------------------------------------------- 1 | try: 2 | import os, sys 3 | module = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 4 | sys.path.insert(0, module) 5 | from netkiller.docker import * 6 | except ImportError as err: 7 | print("%s" %(err)) 8 | 9 | fluentd = Services('fluentd') 10 | fluentd.image('fluent/fluentd:latest').container_name('fluentd').hostname('fluentd.sfzito.com').restart('always') 11 | fluentd.volumes( 12 | [ 13 | '/opt/sfzito.com/ops.sfzito.com/fluentd/conf/fluentd.conf:/fluentd/etc/fluentd.conf', 14 | '/var/log/fluentd:/var/log/fluentd' 15 | ] 16 | ).ports("24224:24224").environment(['FLUENTD_CONF=fluentd.conf']) 17 | 18 | logging = Composes('logging') 19 | logging.version('3.9') 20 | # logging.env({'DOCKER_HOST': 'ssh://root@192.168.30.11'}) 21 | # logging.volumes(volumes) 22 | logging.services(fluentd) -------------------------------------------------------------------------------- /share/saltstack/salt/rsync/init.sls: -------------------------------------------------------------------------------- 1 | rsync: 2 | pkg: 3 | - installed 4 | service: 5 | - name: rsync 6 | - running 7 | - enable: True 8 | - file: /etc/rsyncd.conf 9 | - file: /etc/rsyncd.passwd 10 | - file: /etc/init.d/rsync 11 | 12 | /etc/init.d/rsync: 13 | file: 14 | - managed 15 | - user: root 16 | - group: root 17 | - mode: 700 18 | - source: salt://rsync/rsync 19 | cmd.run: 20 | - unless: chkconfig --add rsync 21 | 22 | 23 | /etc/rsyncd.conf: 24 | file: 25 | - managed 26 | - user: root 27 | - group: root 28 | - mode: 600 29 | - name: /etc/rsyncd.conf 30 | - source: salt://rsync/rsyncd.conf 31 | 32 | /etc/rsyncd.passwd: 33 | file: 34 | - managed 35 | - user: root 36 | - group: root 37 | - mode: 600 38 | - source: salt://rsync/rsyncd.passwd 39 | -------------------------------------------------------------------------------- /share/saltstack/salt/ldap/init.sls: -------------------------------------------------------------------------------- 1 | ldap: 2 | pkg: 3 | - installed 4 | - names: 5 | - openldap-servers 6 | - openldap-clients 7 | file: 8 | - managed 9 | {% if grains['os'] == 'RedHat' or grains['os'] == 'CentOS' %} 10 | - name: /etc/openldap/ldap.conf 11 | {% elif grains['os'] == 'Ubuntu' %} 12 | - name: /etc/ldap/ldap.conf 13 | {% elif grains['os'] == 'Debian' %} 14 | - name: /etc/ldap/ldap.conf 15 | {% endif %} 16 | - source: salt://ldap/ldap.conf 17 | - template: jinja 18 | - user: root 19 | - context: { 20 | ldap_uri: "ldaps://ldap01.domain.com/ ldaps://p-chi-ldap02.domain.com/", 21 | ldap_base: "dc=domain,dc=com" } 22 | - group: root 23 | - mode: 644 24 | - makedirs: True 25 | - require: 26 | - pkg: openldap-servers 27 | - pkg: openldap-clients 28 | -------------------------------------------------------------------------------- /container/docker/prometheus/prometheus/rules/alerting.yml: -------------------------------------------------------------------------------- 1 | groups: 2 | - name: example 3 | rules: 4 | 5 | # Alert for any instance that is unreachable for >5 minutes. 6 | - alert: InstanceDown 7 | expr: up == 0 8 | for: 5m 9 | labels: 10 | severity: page 11 | annotations: 12 | summary: "Instance {{ $labels.instance }} down" 13 | description: "{{ $labels.instance }} of job {{ $labels.job }} has been down for more than 5 minutes." 14 | 15 | # Alert for any instance that has a median request latency >1s. 16 | - alert: APIHighRequestLatency 17 | expr: api_http_request_latencies_second{quantile="0.5"} > 1 18 | for: 10m 19 | annotations: 20 | summary: "High request latency on {{ $labels.instance }}" 21 | description: "{{ $labels.instance }} has a median request latency above 1s (current value: {{ $value }}s)" -------------------------------------------------------------------------------- /share/zabbix/elasticsearch/README.md: -------------------------------------------------------------------------------- 1 | # Elasticsearch for Zabbix 3.2 2 | 3 | ## install python3 4 | 5 | # yum install -y python34 6 | 7 | # wget https://raw.githubusercontent.com/oscm/zabbix/master/elasticsearch/userparameter_elasticsearch.conf -P /etc/zabbix/zabbix_agentd.d/ 8 | 9 | # wget https://raw.githubusercontent.com/oscm/zabbix/master/elasticsearch/elasticsearch -P /srv/zabbix/libexec 10 | 11 | # chmod +x /srv/zabbix/libexec/elasticsearch 12 | 13 | # /srv/zabbix/libexec/elasticsearch indices _all.total.flush.total_time_in_millis 14 | 25557 15 | 16 | # systemctl restart zabbix-agent 17 | 18 | ## Test Agent 19 | 20 | # zabbix_get -s 10.47.33.124 -k 'elasticsearch.status[indices,_all.total.flush.total_time_in_millis]' 21 | 25557 22 | 23 | ## Import template 24 | 25 | https://github.com/oscm/zabbix/blob/master/elasticsearch/zbx_export_templates.xml 26 | 27 | -------------------------------------------------------------------------------- /netkiller/network/cisco.py: -------------------------------------------------------------------------------- 1 | class Cisco(): 2 | TERMINAL = 'terminal' 3 | ios = [] 4 | 5 | def __init__(self): 6 | self.ios = [] 7 | pass 8 | 9 | def enanble(self): 10 | self.ios.append('enable') 11 | 12 | def configure(self, value): 13 | self.ios.append('configure %s' % value) 14 | 15 | def interface(self, value): 16 | self.ios.append('interface %s' % value) 17 | def write(self): 18 | self.ios.append('write') 19 | def debug(self): 20 | # print(self.ios) 21 | print('\n'.join(self.ios)) 22 | 23 | class Switch(Cisco): 24 | def __init__(self): 25 | pass 26 | class Route(Cisco): 27 | def __init__(self): 28 | pass 29 | 30 | cisco = Cisco() 31 | cisco.enanble() 32 | cisco.configure(cisco.TERMINAL) 33 | cisco.interface('fastethernet0/3') 34 | cisco.write() 35 | cisco.debug() 36 | -------------------------------------------------------------------------------- /container/docker/docker-compose/wordpress.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | web: 4 | image: wordpress:4 5 | environment: 6 | - WORDPRESS_DB_PASSWORD=password 7 | - WORDPRESS_AUTH_KEY=changeme 8 | - WORDPRESS_SECURE_AUTH_KEY=changeme 9 | - WORDPRESS_LOGGED_IN_KEY=changeme 10 | - WORDPRESS_NONCE_KEY=changeme 11 | - WORDPRESS_AUTH_SALT=changeme 12 | - WORDPRESS_SECURE_AUTH_SALT=changeme 13 | - WORDPRESS_LOGGED_IN_SALT=changeme 14 | - WORDPRESS_NONCE_SALT=changeme 15 | - WORDPRESS_NONCE_AA=changeme 16 | ports: 17 | - 80:80 18 | depends_on: 19 | - mysql 20 | deploy: 21 | replicas: 3 22 | restart_policy: 23 | condition: on-failure 24 | mysql: 25 | image: mysql:5.7 26 | environment: 27 | - MYSQL_ROOT_PASSWORD=password 28 | deploy: 29 | restart_policy: 30 | condition: on-failure -------------------------------------------------------------------------------- /container/docker/prometheus/alertmanager/config.yml: -------------------------------------------------------------------------------- 1 | global: 2 | smtp_smarthost: 'smtp.exmail.qq.com:25' # smtp地址 3 | smtp_from: '13721218@qq.com' # 谁发邮件 4 | smtp_auth_username: '13721218@qq.com' # 邮箱用户 5 | smtp_auth_password: 'passw0rd' # 邮箱密码 6 | smtp_require_tls: false 7 | 8 | route: 9 | group_by: ["alertname"] # 分组名 10 | group_wait: 10s # 当收到告警的时候,等待三十秒看是否还有告警,如果有就一起发出去 11 | group_interval: 10s # 发送警告间隔时间 12 | repeat_interval: 1h # 重复报警的间隔时间 13 | receiver: webhook # 全局报警组,这个参数是必选的,和下面报警组名要相同 14 | 15 | receivers: 16 | - name: 'mail' # 报警组名 17 | email_configs: 18 | - to: 'netkiller@msn.com' # 发送给谁 19 | - name: 'webhook' 20 | webhook_configs: 21 | #- url: 'http://192.168.30.19:8080/debug' 22 | - url: 'http://alertmanager-webhook:8080/webhook' -------------------------------------------------------------------------------- /share/zabbix/mongodb/mongodb.ps1: -------------------------------------------------------------------------------- 1 | # Zabbix wrapper for mongodb running on local MS Windows 2 | # UserParameter=mongodb.status[*],powershell -NoProfile -ExecutionPolicy Bypass -File C:\zabbix\scripts\mongodb.ps1 $1 $2 $3 $4 $5 3 | 4 | param( 5 | [string] $arg1, 6 | [string] $arg2, 7 | [string] $arg3, 8 | [string] $arg4, 9 | [string] $arg5 10 | ) 11 | 12 | # Replace here : exact path to mongo.exe 13 | $MONGO_BIN="C:\Program Files\MongoDB\Server\3.4\bin\mongo.exe" 14 | 15 | $MONGO_CMD=""; 16 | $ParameterList = (Get-Command -Name $MyInvocation.InvocationName).Parameters; 17 | foreach ($key in $MyInvocation.BoundParameters.keys) 18 | { 19 | $value = (get-variable $key).Value 20 | $MONGO_CMD="$MONGO_CMD.$value" 21 | } 22 | $MONGO_CMD="db.serverStatus()$MONGO_CMD" 23 | 24 | 25 | # Replace here : database host, port, and name 26 | invoke-expression '& "$MONGO_BIN" localhost:27017/admin --eval "$MONGO_CMD" --quiet' 27 | -------------------------------------------------------------------------------- /share/zabbix/php-fpm/default.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | server_name localhost; 4 | 5 | location / { 6 | root /usr/share/nginx/html; 7 | index index.html index.htm; 8 | } 9 | 10 | #error_page 404 /404.html; 11 | 12 | # redirect server error pages to the static page /50x.html 13 | # 14 | error_page 500 502 503 504 /50x.html; 15 | location = /50x.html { 16 | root /usr/share/nginx/html; 17 | } 18 | 19 | location /stub_status { 20 | stub_status on; 21 | access_log off; 22 | allow 127.0.0.1; 23 | deny all; 24 | } 25 | location ~ ^/(status|ping)$ { 26 | access_log off; 27 | allow 127.0.0.1; 28 | deny all; 29 | fastcgi_pass 127.0.0.1:9000; 30 | fastcgi_param SCRIPT_FILENAME $fastcgi_script_name; 31 | include fastcgi_params; 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /container/docker/images/ubuntu/java/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | 3 | RUN apt-get update && apt-get install -y build-essential 4 | 5 | # java 8 6 | RUN apt-get install -y openjdk-8-jdk maven gradle 7 | 8 | # maven central 镜像源 9 | RUN cd /usr/share/maven/conf/ \ 10 | && sed -i "//a \ 11 | \n\tnexus-tencentyun \ 12 | \n\tcentral \ 13 | \n\tNexus tencentyun \ 14 | \n\thttps://mirrors.cloud.tencent.com/nexus/repository/maven-public/ \ 15 | \n" settings.xml 16 | 17 | # gradle 全局镜像源 18 | RUN mkdir -p ~/.gradle \ 19 | && echo 'allprojects { \ 20 | repositories { \ 21 | maven { \ 22 | url "https://mirrors.cloud.tencent.com/nexus/content/groups/public" \ 23 | } \ 24 | } \ 25 | }' \ 26 | > ~/.gradle/init.gradle 27 | -------------------------------------------------------------------------------- /share/zabbix/Oracle/src/test/java/cn/netkiller/zabbix/AppTest.java: -------------------------------------------------------------------------------- 1 | //package cn.netkiller.zabbix; 2 | // 3 | //import junit.framework.Test; 4 | //import junit.framework.TestCase; 5 | //import junit.framework.TestSuite; 6 | // 7 | ///** 8 | // * Unit test for simple App. 9 | // */ 10 | //public class AppTest 11 | // extends TestCase 12 | //{ 13 | // /** 14 | // * Create the test case 15 | // * 16 | // * @param testName name of the test case 17 | // */ 18 | // public AppTest( String testName ) 19 | // { 20 | // super( testName ); 21 | // } 22 | // 23 | // /** 24 | // * @return the suite of tests being tested 25 | // */ 26 | // public static Test suite() 27 | // { 28 | // return new TestSuite( AppTest.class ); 29 | // } 30 | // 31 | // /** 32 | // * Rigourous Test :-) 33 | // */ 34 | // public void testApp() 35 | // { 36 | // assertTrue( true ); 37 | // } 38 | //} 39 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.py[cod] 2 | 3 | # C extensions 4 | *.so 5 | 6 | # Packages 7 | *.egg 8 | *.egg-info 9 | dist 10 | build 11 | eggs 12 | parts 13 | #bin 14 | var 15 | sdist 16 | develop-eggs 17 | .installed.cfg 18 | lib 19 | lib64 20 | __pycache__ 21 | 22 | # Installer logs 23 | pip-log.txt 24 | 25 | # Unit test / coverage reports 26 | .coverage 27 | .tox 28 | nosetests.xml 29 | 30 | # Translations 31 | *.mo 32 | 33 | # Mr Developer 34 | .mr.developer.cfg 35 | .project 36 | .pydevproject 37 | /shell/*.bak 38 | MANIFEST 39 | MANIFEST.in 40 | 41 | .DS_Store 42 | debug.log 43 | development.yaml 44 | backup.log 45 | lrsync.log 46 | dump.log 47 | demo/redis-master-slave.yaml 48 | demo/k8s/ensd 49 | *.pdf 50 | *.gv 51 | libexec/Web/Gradle/.settings 52 | netkiller-gantt/netkiller/netkiller_gantt.egg-info 53 | netkiller-gantt/test 54 | *.xlsx 55 | /.idea 56 | /netkiller/network/wg0.conf 57 | /netkiller/network/*.conf 58 | -------------------------------------------------------------------------------- /libexec/Application/Springboot/deployment: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ######################################## 3 | # Website: http://www.netkiller.cn 4 | # Author: neo 5 | # Date: 2017-08-03 6 | ######################################## 7 | 8 | if [ "$(uname)" == "Darwin" ]; then 9 | ANT=/usr/local/Cellar/ant\@1.9/1.9.9/bin/ant 10 | else 11 | ANT=/srv/apache-ant/bin/ant 12 | fi 13 | 14 | ######################################## 15 | domain=$1 16 | stage=$2 17 | ######################################## 18 | 19 | if [ ! -d ${domain} ]; then 20 | echo "The domain ${domain} isn't exist!" 21 | exit 1 22 | fi 23 | 24 | if [ -z ${stage} ]; then 25 | echo "No stage..." && exit 1 26 | fi 27 | 28 | shift 2 29 | #echo $# 30 | if [ -f ${domain}/${stage}.properties ]; then 31 | ${ANT} -Dproject.name=${domain} -Dbasedir=$(pwd)/${domain} -f etc/build.xml -propertyfile ${domain}/${stage}.properties $@ 32 | else 33 | echo "The file ${stage}.properties isn't exist!" 34 | fi 35 | -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- 1 | [build-system] 2 | requires = ["setuptools"] 3 | build-backend = "setuptools.build_meta" 4 | 5 | [project] 6 | name = "netkiller-devops" 7 | version = "0.7.12" 8 | authors = [ 9 | { name = "Neo", email = "netkiller@msn.com" }, 10 | ] 11 | description = "DevOps of useful deployment and automation" 12 | readme = "README.md" 13 | requires-python = ">=3.12" 14 | classifiers = [ 15 | "Programming Language :: Python :: 3", 16 | "Operating System :: OS Independent", 17 | ] 18 | license = "MIT" 19 | license-files = ["LICEN[CS]E*"] 20 | 21 | dependencies = [ 22 | "ruamel.yaml", 23 | "requests", 24 | "redis", 25 | "pyttsx3", 26 | "simple_term_menu", 27 | "prompt_toolkit", 28 | ] 29 | 30 | [project.urls] 31 | Homepage = "https://www.netkiller.cn" 32 | Issues = "https://github.com/netkiller/netkiller-devops/issues" 33 | 34 | 35 | 36 | #[project.scripts] 37 | #gantt = "netkiller.gantt:main" 38 | #mindmap = "netkiller.mindmap:main" -------------------------------------------------------------------------------- /libexec/Gitlab/deploy.sh: -------------------------------------------------------------------------------- 1 | ############################################ 2 | # Author: netkiller 3 | # Homepage: http://www.netkiller.cn 4 | ############################################ 5 | 6 | GROUP=$1 7 | BRANCH=$2 8 | PROJECT=$3 9 | 10 | DEPLOYLOG=/var/tmp/deploy-$GROUP.$PROJECT.$BRANCH.$(date '+%Y-%m-%d.%H:%M:%S').log 11 | PROJECT_DIR=/www/$GROUP/$PROJECT/$BRANCH 12 | TMPFILE=$(mktemp) 13 | 14 | echo $PROJECT_DIR > $DEPLOYLOG 15 | echo "--------------------------------------------------" >> $DEPLOYLOG 16 | 17 | if [ -d $PROJECT_DIR ]; then 18 | cd $PROJECT_DIR 19 | ant pull | tail -n +2 > $TMPFILE 20 | cat $TMPFILE >> $DEPLOYLOG 21 | ant deploy >> $DEPLOYLOG 22 | 23 | if egrep -q "(\.java|\.xml|\.jar|\.properties)" $TMPFILE; then 24 | echo "--------------------------------------------------" >> $DEPLOYLOG 25 | ant restart >> $DEPLOYLOG 26 | echo "--------------------------------------------------" >> $DEPLOYLOG 27 | fi 28 | 29 | rm -rf $TMPFILE 30 | fi -------------------------------------------------------------------------------- /container/docker/docker-compose/eos/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.9' 2 | volumes: 3 | eos: 4 | alertmanager: 5 | grafana: 6 | 7 | services: 8 | eos: 9 | image: eostudio/eos:latest 10 | container_name: eos 11 | hostname: eos 12 | restart: always 13 | # restart: unless-stopped 14 | environment: 15 | - TZ=Asia/Shanghai 16 | working_dir: /tmp 17 | volumes: 18 | # - /var/lib/prometheus:/var/lib/prometheus 19 | # - /var/lib/prometheus:/prometheus 20 | command: 21 | --data-dir /eosio/data/ 22 | --config-dir /eosio/config/" 23 | # -e -p eosio --plugin eosio::wallet_api_plugin --plugin eosio::wallet_plugin --plugin eosio::producer_plugin --plugin eosio::chain_api_plugin --plugin eosio::http_plugin -d /mnt/dev/data --data-dir /eosio/data/ --config-dir /eosio/config/ --http-server-address=0.0.0.0:8888 --access-control-allow-origin=* --contracts-console 24 | # keosd -d /root/eos/eosio-wallet/ --config-dir /root/eos/eosio-wallet/ -------------------------------------------------------------------------------- /container/docker/prometheus/blackbox-exporter/config.yml: -------------------------------------------------------------------------------- 1 | modules: 2 | http_2xx: 3 | prober: http 4 | timeout: 10s 5 | http: 6 | method: GET 7 | http_post_2xx: 8 | prober: http 9 | http: 10 | method: POST 11 | tcp_connect: 12 | prober: tcp 13 | timeout: 10s 14 | pop3s_banner: 15 | prober: tcp 16 | timeout: 10s 17 | tcp: 18 | query_response: 19 | - expect: "^+OK" 20 | tls: true 21 | tls_config: 22 | insecure_skip_verify: false 23 | ssh_banner: 24 | prober: tcp 25 | tcp: 26 | query_response: 27 | - expect: "^SSH-2.0-" 28 | - send: "SSH-2.0-blackbox-ssh-check" 29 | irc_banner: 30 | prober: tcp 31 | tcp: 32 | query_response: 33 | - send: "NICK prober" 34 | - send: "USER prober prober prober :prober" 35 | - expect: "PING :([^ ]+)" 36 | send: "PONG ${1}" 37 | - expect: "^:[^ ]+ 001" 38 | icmp: 39 | prober: icmp 40 | timeout: 2s 41 | -------------------------------------------------------------------------------- /libexec/Web/Spring/deployment: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ######################################## 3 | # Website: http://www.netkiller.cn 4 | # Author: neo 5 | # Date: 2017-08-03 6 | ######################################## 7 | 8 | if [ "$(uname)" == "Darwin" ]; then 9 | ANT=/usr/local/Cellar/ant\@1.9/1.9.9/bin/ant 10 | else 11 | ANT=/srv/apache-ant/bin/ant 12 | fi 13 | 14 | BUILDXML=/usr/local/etc/deployment/tomcat/build.xml 15 | ######################################## 16 | domain=$1 17 | stage=$2 18 | ######################################## 19 | 20 | if [ ! -d ${domain} ]; then 21 | echo "The domain ${domain} isn't exist!" 22 | exit 1 23 | fi 24 | 25 | if [ -z ${stage} ]; then 26 | echo "No stage..." && exit 1 27 | fi 28 | 29 | shift 2 30 | #echo $# 31 | if [ -f ${domain}/${stage}.properties ]; then 32 | ${ANT} -Dproject.name=${domain} -Dbasedir=$(pwd)/${domain} -f ${BUILDXML} -propertyfile ${domain}/${stage}.properties $@ 33 | else 34 | echo "The file ${stage}.properties isn't exist!" 35 | fi 36 | -------------------------------------------------------------------------------- /container/docker/compose/service/zentao.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | #-*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Data. : 2023-02-21 7 | ############################################## 8 | try: 9 | from netkiller.docker import * 10 | except ImportError as err: 11 | print("%s" %(err)) 12 | 13 | # extra_hosts = [] 14 | 15 | zentao = Services('zentao') 16 | zentao.image('easysoft/zentao:latest') 17 | zentao.container_name('zentao') 18 | zentao.restart('always') 19 | zentao.hostname('zentao.netkiller.cn') 20 | # zentao.extra_hosts(extra_hosts) 21 | # zentao.environment(['TA=Asia/Shanghai']) 22 | zentao.environment({'TA':'Asia/Shanghai','MYSQL_ROOT_PASSWORD':'123456'}) 23 | zentao.ports(['80:80']) # ,'443:443' 24 | zentao.volumes([ 25 | '/opt/zentao/zentaopms:/www/zentaopms' 26 | ]) 27 | # .privileged(True) 28 | 29 | # compose = Composes('zentao') 30 | # compose.version('3.9') 31 | # compose.services(zentao) -------------------------------------------------------------------------------- /container/kubernetes/spring/springboot.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: springboot 5 | namespace: default 6 | labels: 7 | app: springboot 8 | spec: 9 | type: LoadBalancer 10 | ports: 11 | - port: 8080 12 | # nodePort: 30080 13 | selector: 14 | app: springboot 15 | --- 16 | apiVersion: apps/v1 17 | kind: Deployment 18 | metadata: 19 | name: springboot 20 | spec: 21 | replicas: 2 22 | selector: 23 | matchLabels: 24 | app: springboot 25 | template: 26 | metadata: 27 | labels: 28 | app: springboot 29 | spec: 30 | containers: 31 | - name: springboot 32 | image: registry.netkiller.cn:5000/netkiller/welcome:latest 33 | #image: 127.0.0.1:5000/netkiller/welcome:latest 34 | imagePullPolicy: IfNotPresent 35 | # imagePullPolicy: Always 36 | # imagePullPolicy: Never 37 | ports: 38 | - containerPort: 8080 39 | name: http 40 | #imagePullSecrets: 41 | # - name: docker-hub -------------------------------------------------------------------------------- /share/zabbix/Dependency/README.md: -------------------------------------------------------------------------------- 1 | Service Dependency Check 2 | ===== 3 | 4 | # mkdir -p /srv/zabbix/libexec 5 | # wget https://raw.githubusercontent.com/oscm/zabbix/master/Dependency/dependency /srv/zabbix/libexec/ 6 | 7 | chmod +x /srv/zabbix/libexec/dependency 8 | 9 | [root@netkiller zabbix_agentd.d]# /srv/zabbix/libexec/dependency -h 10 | /srv/zabbix/libexec/dependency - Software dependency check 11 | author neo 12 | -d/--discovery 13 | -p/--ping 192.168.0.1/www.netkiller.cn 14 | -c/--check 192.186.0.1 80 15 | -h/--help 16 | 17 | zabbix_get -s 10.24.15.18 -k 'dependency.discovery' 18 | 19 | 20 | Zabbix Agent 21 | ----- 22 | # wget https://raw.githubusercontent.com/oscm/zabbix/master/Dependency/userparameter_dependency.conf -P /etc/zabbix/zabbix_agentd.d/ 23 | # systemctl restart zabbix-agent 24 | 25 | 26 | Config 27 | ----- 28 | 29 | mkdir -p /srv/zabbix/conf 30 | cat >> /srv/zabbix/conf/dependency.conf << EOF 31 | Redis 127.0.0.1 80 32 | EOF 33 | -------------------------------------------------------------------------------- /netkiller/svg.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python3 2 | # -*- coding: UTF-8 -*- 3 | ############################################## 4 | # Home : http://netkiller.github.io 5 | # Author: Neo 6 | # Data: 2023-03-23 7 | ############################################## 8 | 9 | 10 | 11 | class Line: 12 | def __init__(self, x1, y1, x2, y2, **attribute) -> None: 13 | print(x1, y1, x2, y2) 14 | print(attribute) 15 | postion = (x1, y1, x2, y2) 16 | print(type(postion)) 17 | 18 | 19 | class ScalableVectorGraphics: 20 | svg = [] 21 | def __init__(self) -> None: 22 | # self.svg = [] 23 | pass 24 | 25 | def appendChild(self, child): 26 | self.svg.append(child) 27 | 28 | def display(self): 29 | print(self.svg) 30 | 31 | 32 | def save(self): 33 | pass 34 | def debug(self): 35 | self.display() 36 | 37 | 38 | # line = Line(1,1,10,10) 39 | # print(line) 40 | svg = ScalableVectorGraphics() 41 | svg.Line(1,1,10,10) 42 | # svg.debug() 43 | -------------------------------------------------------------------------------- /share/zabbix/Oracle/.classpath: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /container/docker/compose/service/redis.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Data. : 2023-07-21 7 | ############################################## 8 | try: 9 | from netkiller.docker import * 10 | except ImportError as err: 11 | print("%s" % (err)) 12 | 13 | # extra_hosts = [] 14 | 15 | redis = Services("redis") 16 | redis.image("redis:latest") 17 | redis.container_name("redis") 18 | redis.restart("always") 19 | # redis.hostname("redis.netkiller.cn") 20 | # redis.extra_hosts(extra_hosts) 21 | # redis.environment(['TZ=Asia/Shanghai']) 22 | redis.environment( 23 | { 24 | "TZ": "Asia/Shanghai", 25 | "LANG": "en_US.UTF-8", 26 | } 27 | ) 28 | redis.ports(["6379:6379"]) 29 | redis.volumes(["redis:/data"]) 30 | redis.sysctls({'net.core.somaxconn':'511'}) 31 | redis.command( 32 | [ 33 | '--requirepass passw0rd', 34 | '--appendonly yes' 35 | ] 36 | ) 37 | # .privileged(True) -------------------------------------------------------------------------------- /container/docker/compose/service/portainer.py: -------------------------------------------------------------------------------- 1 | try: 2 | import os, sys 3 | module = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 4 | sys.path.insert(0, module) 5 | from netkiller.docker import * 6 | except ImportError as err: 7 | print("%s" %(err)) 8 | 9 | gui = Services('portainer') 10 | gui.container_name('portainer') 11 | gui.image('portainer/portainer-ce').restart('always').volumes([ 12 | '/var/run/docker.sock:/var/run/docker.sock', 13 | 'portainter:/data' 14 | ]).ports(['8000:8000','9000:9000']) 15 | 16 | agent = Services('portainer-agent') 17 | agent.container_name('portainer-agent') 18 | agent.image('portainer/agent').restart('always').volumes([ 19 | '/var/run/docker.sock:/var/run/docker.sock', 20 | '/var/lib/docker/volumes:/var/lib/docker/volumes' 21 | ]).ports(['8000:8000','9000:9000']) 22 | 23 | volumes = Volumes() 24 | volumes.create('portainter') 25 | 26 | portainer = Composes('portainer') 27 | portainer.version('3.9') 28 | portainer.volumes(volumes) 29 | portainer.services(gui) 30 | portainer.services(agent) 31 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | Copyright © 2021 netkiller 3 | 4 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 5 | 6 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 7 | 8 | THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- /doc/wechat.md: -------------------------------------------------------------------------------- 1 | # Wechat 2 | 3 | 企业微信通知 4 | 5 | ## 安装 6 | 7 | pip3 install -i https://pypi.org/project netkiller- 8 | 9 | ## 帮助信息 10 | 11 | [root@localhost ~]# wechat 12 | Usage: wechat [options] message 13 | 14 | Options: 15 | -h, --help show this help message and exit 16 | -c /usr/local/etc/wechat.ini, --config=/usr/local/etc/wechat.ini 17 | config file 18 | -e default, --corporate=default 19 | corporate 20 | -t "1|2|3", --totag="1|2|3" 21 | tag 22 | -s, --stdin stdin 23 | --debug debug mode 24 | 25 | Homepage: https://www.netkiller.cn Author: Neo 26 | 27 | ## 配置企业微信 28 | 29 | [root@gitlab ~]# cat /usr/local/etc/wechat.ini 30 | [default] 31 | corpid=ww585b1e2860543c3b 32 | secret=xamgd6K_6SOSzyPjTxw9kdqVv7IgePb4zdylgiv6kIc 33 | agentid=1000004 34 | 35 | ## 测试 36 | 37 | wechat --debug -t 4 测试 38 | 39 | ### 标准输入 40 | 41 | [root@localhost ~]# cat /etc/passwd | wechat -t 2 --stdin -------------------------------------------------------------------------------- /share/saltstack/salt/rsync/rsync: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | # 3 | # chkconfig: 2345 50 50 4 | # description: The rsync daemon 5 | #pidfile: /var/run/rsyncd.pid 6 | 7 | # source function library 8 | . /etc/rc.d/init.d/functions 9 | 10 | if [ -f /etc/sysconfig/rsync ]; then 11 | . /etc/sysconfig/rsync 12 | fi 13 | 14 | PROG='/usr/bin/rsync' 15 | BASE=${0##*/} 16 | 17 | # The config file must contain following line: 18 | # pid file = /var/run/rsync.pid 19 | OPTIONS="--daemon" 20 | 21 | case "$1" in 22 | start) 23 | echo -n $"Starting $BASE: " 24 | daemon $PROG $OPTIONS 25 | RETVAL=$? 26 | [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$BASE 27 | echo 28 | ;; 29 | stop) 30 | echo -n $"Shutting down $BASE: " 31 | killproc $PROG 32 | RETVAL=$? 33 | [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$BASE 34 | echo 35 | ;; 36 | restart|force-reload) 37 | $0 stop 38 | sleep 1 39 | $0 start 40 | ;; 41 | status) 42 | status $PROG 43 | ;; 44 | *) 45 | echo "Usage: $0 {start|stop|restart|status|force-reload}" >&2 46 | exit 1 47 | ;; 48 | esac 49 | -------------------------------------------------------------------------------- /container/docker/docker-compose/java.yaml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | api: 5 | image: openjdk:8 6 | container_name: api 7 | restart: always 8 | hostname: api.netkiller.cn 9 | extra_hosts: 10 | - www.netkiller.cn:192.168.30.10 11 | - admin.netkiller.cn:192.168.30.10 12 | - explorer.netkiller.cn:192.168.30.10 13 | - cfca.netkiller.cn:192.168.30.10 14 | - eos.netkiller.cn:192.168.30.10 15 | - db.netkiller.cn:192.168.30.10 16 | - redis.netkiller.cn:192.168.30.10 17 | - mongo.netkiller.cn:192.168.30.5 18 | environment: 19 | TZ: Asia/Shanghai 20 | JAVA_OPTS: -Xms256m -Xmx2048m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m 21 | ports: 22 | - 8088:8080 23 | volumes: 24 | - /opt/netkiller.cn/api.netkiller.cn:/app 25 | - /opt/netkiller.cn/api.netkiller.cn/logs:/app/logs 26 | - /opt/netkiller.cn/api.netkiller.cn/CFCA:/CFCA 27 | working_dir: /app 28 | entrypoint: java -jar /app/zito-admin.jar 29 | command: --spring.profiles.active=test 30 | --server.port=8080 31 | --logging.file.name=/app/logs/spring.log 32 | -------------------------------------------------------------------------------- /doc/dockerfile/dockerfile.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | #-*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : http://netkiller.github.io 5 | # Author: Neo 6 | # Upgrade: 2021-09-05 7 | ############################################## 8 | try: 9 | import os, sys 10 | module = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 11 | sys.path.insert(0,module) 12 | from netkiller.docker import * 13 | except ImportError as err: 14 | print("%s" %(err)) 15 | 16 | def main(): 17 | vhost = { 18 | 'www.netkiller.cn':['80','443'], 19 | 'api.netkiller.cn':['8080'], 20 | 'img.netkiller.cn':['81','82','83'] 21 | } 22 | 23 | for host, port in vhost.items(): 24 | nginx = Dockerfile() 25 | (nginx.image('nginx:latest').volume(['/etc/nginx','/var/log/nginx']).run('apt update -y && apt install -y procps') 26 | .expose(port).workdir(f'/var/www/{host}')) 27 | nginx.show() 28 | print('-' * 50) 29 | 30 | if __name__ == '__main__': 31 | try: 32 | main() 33 | except KeyboardInterrupt: 34 | print ("Crtl+C Pressed. Shutting down.") -------------------------------------------------------------------------------- /container/docker/docker-compose/gitlab/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3.9' 2 | services: 3 | gitlab: 4 | image: 'gitlab/gitlab-ce:latest' 5 | container_name: gitlab 6 | restart: unless-stopped 7 | privileged: true 8 | hostname: 'gitlab.netkiller.cn' 9 | environment: 10 | TZ: 'Asia/Shanghai' 11 | GITLAB_OMNIBUS_CONFIG: | 12 | external_url 'https://gitlab.netkiller.cn' 13 | gitlab_rails['time_zone'] = 'Asia/Shanghai' 14 | gitlab_rails['gitlab_shell_ssh_port'] = 22 15 | ports: 16 | - '80:80' 17 | - '443:443' 18 | - '22:22' 19 | volumes: 20 | - /opt/gitlab/config:/etc/gitlab 21 | - /opt/gitlab/logs:/var/log/gitlab 22 | - /opt/gitlab/data:/var/opt/gitlab 23 | 24 | gitlab-runner: 25 | image: gitlab/gitlab-runner:alpine 26 | container_name: gitlab-runner 27 | restart: unless-stopped 28 | depends_on: 29 | - gitlab 30 | privileged: true 31 | volumes: 32 | - ./config/gitlab-runner:/etc/gitlab-runner 33 | - /var/run/docker.sock:/var/run/docker.sock 34 | - /bin/docker:/bin/docker 35 | -------------------------------------------------------------------------------- /doc/docker/service.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | #-*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Upgrade: 2025-07-24 7 | ############################################## 8 | import os, sys 9 | 10 | module = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 11 | sys.path.insert(0, module) 12 | from netkiller.docker import * 13 | 14 | target = 'init' 15 | 16 | dockerfile = Dockerfile("neo",'/srv/netkiller') 17 | dockerfile.image('openjdk:latest').volume(['/opt/netkiller','/app']).run('apt update -y && apt install -y procps').expose(['80','443']).workdir('/opt') 18 | dockerfile.copy('index.html','/var/www') 19 | # dockerfile.show() 20 | # print('-'*60) 21 | 22 | neo = Services('netkiller') 23 | neo.build(dockerfile) 24 | neo.image("netkiller:1.3.0") 25 | # neo.show() 26 | # print('-'*60) 27 | 28 | development = Composes('development') 29 | development.version('3.9') 30 | development.services(neo) 31 | development.show() 32 | # development.workdir("/tmp/test") 33 | 34 | # print('-'*60) 35 | development.save('/tmp/neo.yaml') 36 | development.debug() 37 | -------------------------------------------------------------------------------- /share/puppet/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2013 Neo Chen 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /libexec/Application/Springboot/README.md: -------------------------------------------------------------------------------- 1 | Spring boot 2 | ===== 3 | 4 | spring boot 1.5.6 5 | 6 | ## Install build.xml 7 | 8 | mkdir deployment 9 | cd deployment 10 | wget https://raw.githubusercontent.com/oscm/devops/master/build/Application/Springboot/build.xml -O /usr/local/etc/build.xml 11 | wget https://raw.githubusercontent.com/oscm/devops/master/build/Application/Springboot/build.properties -O /usr/local/etc/build.properties 12 | wget https://raw.githubusercontent.com/oscm/devops/master/build/Application/Springboot/deployment -O /usr/local/bin/deployment 13 | 14 | chmod +x /usr/local/bin/deployment 15 | 16 | ## Common config 17 | cd 18 | cat common.properties 19 | git.repository=git@58.96.11.168:netkiller.cn/api.netkiller.cn.git 20 | remote.java.home=/srv/java 21 | remote.host=www@www.netkiller.cn 22 | remote.destination=/www/netkiller.cn/www.netkiller.cn 23 | logging.file=/tmp/spring.log 24 | 25 | ## Stage config 26 | 27 | cat development.properties 28 | git.branch=testing 29 | git.merge=development 30 | 31 | ## Deploy 32 | 33 | ./deployment 34 | 35 | for example: 36 | ./deployment development deploy start 37 | -------------------------------------------------------------------------------- /share/saltstack/README.md: -------------------------------------------------------------------------------- 1 | saltstack 2 | ========= 3 | 4 | Install 5 | ------- 6 | git clone https://github.com/oscm/saltstack.git 7 | ln -s saltstack/salt /srv/salt 8 | ln -s saltstack/pillar /srv/pillar 9 | 10 | Demo 11 | ---- 12 | salt '*' state.sls httpd 13 | 14 | - - - 15 | 16 | Node 17 | ---- 18 | rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm 19 | yum install -y salt-minion 20 | chkconfig salt-minion on 21 | 22 | cp /etc/salt/minion{,.original} 23 | sed -i '12,12imaster: salt.example.org' /etc/salt/minion 24 | 25 | cat >> /etc/hosts <<'EOF' 26 | 27 | 192.168.2.1 salt.example.org 28 | EOF 29 | 30 | service salt-minion start 31 | grep HOSTNAME /etc/sysconfig/network 32 | 33 | Master 34 | ------ 35 | salt-key -a host.example.org 36 | 37 | salt 'localhost.localdomain' state.sls ntp 38 | salt 'localhost.localdomain' state.sls vim 39 | salt 'localhost.localdomain' state.sls rsync 40 | salt 'localhost.localdomain' state.sls nginx 41 | salt 'localhost.localdomain' state.sls php.cli 42 | salt 'localhost.localdomain' state.sls php.php-fpm 43 | -------------------------------------------------------------------------------- /share/zabbix/LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 (os) Configuration Management 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /share/saltstack/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2013 (OS) Configuration Management 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /libexec/Web/Spring/README.md: -------------------------------------------------------------------------------- 1 | Spring boot 2 | ===== 3 | 4 | spring boot 1.5.6 5 | 6 | ## Install build.xml 7 | 8 | mkdir deployment 9 | cd deployment 10 | mkdir -p /usr/local/etc/deployment/tomcat 11 | wget https://raw.githubusercontent.com/oscm/devops/master/build/Web/Spring/build.xml -O /usr/local/etc/deployment/tomcat/build.xml 12 | wget https://raw.githubusercontent.com/oscm/devops/master/build/Web/Spring/build.properties -O /usr/local/etc/deployment/tomcat/build.properties 13 | wget https://raw.githubusercontent.com/oscm/devops/master/build/Web/Spring/deployment -O /usr/local/bin/deployment 14 | 15 | chmod +x /usr/local/bin/deployment 16 | 17 | ## Common config 18 | cd 19 | cat common.properties 20 | git.repository=git@58.96.11.168:netkiller.cn/api.netkiller.cn.git 21 | remote.java.home=/srv/java 22 | remote.host=www@www.netkiller.cn 23 | remote.destination=/www/netkiller.cn/www.netkiller.cn 24 | logging.file=/tmp/spring.log 25 | 26 | ## Stage config 27 | 28 | cat development.properties 29 | git.branch=testing 30 | git.merge=development 31 | 32 | ## Deploy 33 | 34 | ./deployment 35 | 36 | for example: 37 | ./deployment development deploy start 38 | -------------------------------------------------------------------------------- /bin/cicd: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python3 2 | # -*- coding: UTF-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | ############################################## 7 | import sys 8 | 9 | sys.path.insert(0, '.') 10 | sys.path.insert(1, '/Users/neo/workspace/Github/devops') 11 | sys.path.insert(2, '../devops') 12 | 13 | try: 14 | import os 15 | from config import * 16 | from netkiller.cicd import * 17 | except ImportError as err: 18 | print("Error: %s" % (err)) 19 | 20 | if __name__ == '__main__': 21 | try: 22 | 23 | os.putenv( 24 | 'JAVA_HOME', '/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.x86_64') 25 | cd = CICD() 26 | (options, args) = cd.parser.parse_args() 27 | # print(options, args) 28 | # print(template) 29 | cd.env( 30 | {'JAVA_HOME': '/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.x86_64'}) 31 | cd.registry(registry) 32 | cd.template(template) 33 | cd.nacos(server, username, password) 34 | cd.config(getCofnig(options.branch)) 35 | cd.main() 36 | except KeyboardInterrupt as err: 37 | print(err) 38 | -------------------------------------------------------------------------------- /doc/voice.md: -------------------------------------------------------------------------------- 1 | # Voice 2 | 3 | Usage: voice [options] message 4 | 5 | Options: 6 | -h, --help show this help message and exit 7 | --config=/usr/local/etc/notification.ini 8 | config file 9 | --debug debug mode 10 | 11 | Subscribe: 12 | -d, --daemon run as daemon 13 | 14 | Publish: 15 | -c notification, --channel=notification 16 | pubsub channel 17 | 18 | Homepage: http://www.netkiller.cn Author: Neo 19 | 20 | ## 配置 Redis 21 | 22 | vim /usr/local/etc/notification.ini 23 | 24 | [redis] 25 | ;host=127.0.0.1 26 | host=192.168.30.5 27 | port=6379 28 | db=5 29 | password= 30 | channel=notification 31 | 32 | ## 启动播报端 33 | 34 | neo@MacBook-Pro-Neo ~ % voice -d 35 | 36 | # 指定配置文件 37 | neo@MacBook-Pro-Neo ~ % voice --config=etc/notification.ini 38 | 39 | ## 发布通知 40 | 41 | neo@MacBook-Pro-Neo ~ % bin/voice 开发环境升级完成 42 | 43 | # 指定配置文件 44 | neo@MacBook-Pro-Neo ~ % bin/voice --config=etc/notification.ini 测试环境升级完成 45 | 46 | # 指定播报频道 47 | neo@MacBook-Pro-Neo ~ % bin/voice -c office --config=etc/notification.ini 测试环境升级完成 -------------------------------------------------------------------------------- /share/zabbix/Oracle/README.md: -------------------------------------------------------------------------------- 1 | # Netkiller Oracle templates 2 | 3 | ## Create monitor user 4 | 5 | CREATE USER ZABBIX 6 | IDENTIFIED BY 7 | DEFAULT TABLESPACE USERS 8 | TEMPORARY TABLESPACE TEMP 9 | PROFILE DEFAULT 10 | ACCOUNT UNLOCK; 11 | GRANT ALTER SESSION TO ZABBIX; 12 | GRANT CREATE SESSION TO ZABBIX; 13 | GRANT CONNECT TO ZABBIX; 14 | ALTER USER ZABBIX DEFAULT ROLE ALL; 15 | GRANT SELECT ON V_$INSTANCE TO ZABBIX; 16 | GRANT SELECT ON DBA_USERS TO ZABBIX; 17 | GRANT SELECT ON V_$LOG_HISTORY TO ZABBIX; 18 | GRANT SELECT ON V_$PARAMETER TO ZABBIX; 19 | GRANT SELECT ON SYS.DBA_AUDIT_SESSION TO ZABBIX; 20 | GRANT SELECT ON V_$LOCK TO ZABBIX; 21 | GRANT SELECT ON DBA_REGISTRY TO ZABBIX; 22 | GRANT SELECT ON V_$LIBRARYCACHE TO ZABBIX; 23 | GRANT SELECT ON V_$SYSSTAT TO ZABBIX; 24 | GRANT SELECT ON V_$PARAMETER TO ZABBIX; 25 | GRANT SELECT ON V_$LATCH TO ZABBIX; 26 | GRANT SELECT ON V_$PGASTAT TO ZABBIX; 27 | GRANT SELECT ON V_$SGASTAT TO ZABBIX; 28 | GRANT SELECT ON V_$LIBRARYCACHE TO ZABBIX; 29 | GRANT SELECT ON V_$PROCESS TO ZABBIX; 30 | GRANT SELECT ON DBA_DATA_FILES TO ZABBIX; 31 | GRANT SELECT ON DBA_TEMP_FILES TO ZABBIX; 32 | GRANT SELECT ON DBA_FREE_SPACE TO ZABBIX; 33 | GRANT SELECT ON V_$SYSTEM_EVENT TO ZABBIX; 34 | -------------------------------------------------------------------------------- /container/docker/compose/service/mosquitto.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Data. : 2023-06-28 7 | ############################################## 8 | try: 9 | from netkiller.docker import * 10 | except ImportError as err: 11 | print("%s" % (err)) 12 | 13 | # extra_hosts = [] 14 | 15 | mosquitto = Services("mosquitto") 16 | mosquitto.image("eclipse-mosquitto:latest") 17 | mosquitto.container_name("mosquitto") 18 | mosquitto.restart("always") 19 | # mosquitto.hostname("mosquitto.netkiller.cn") 20 | # mosquitto.extra_hosts(extra_hosts) 21 | # mosquitto.environment(['TZ=Asia/Shanghai']) 22 | # mosquitto.environment({"TA": "Asia/Shanghai", "MYSQL_ROOT_PASSWORD": "123456"}) 23 | mosquitto.ports(["1883:1883", "9001:9001"]) 24 | mosquitto.volumes(["/srv/mosquitto/config/mosquitto.conf:/mosquitto/config/mosquitto.conf", "/srv/mosquitto/config/pwfile.conf:/mosquitto/config/pwfile.conf"]) 25 | mosquitto.privileged(True) 26 | 27 | # mosquitto_passwd -b /mosquitto/config/pwfile.conf netkiller passw0rd 28 | 29 | # compose = Composes('mosquitto') 30 | # compose.version('3.9') 31 | # compose.services(mosquitto) 32 | -------------------------------------------------------------------------------- /container/kubernetes/elasticsearch/account.yaml: -------------------------------------------------------------------------------- 1 | # RBAC authn and authz 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: logging 6 | namespace: logging 7 | # namespace: kube-system 8 | labels: 9 | app: logging 10 | kubernetes.io/cluster-service: "true" 11 | # addonmanager.kubernetes.io/mode: Reconcile 12 | --- 13 | kind: ClusterRole 14 | apiVersion: rbac.authorization.k8s.io/v1 15 | metadata: 16 | name: logging 17 | labels: 18 | app: logging 19 | kubernetes.io/cluster-service: "true" 20 | # addonmanager.kubernetes.io/mode: Reconcile 21 | rules: 22 | - apiGroups: 23 | - "" 24 | resources: 25 | - "services" 26 | - "namespaces" 27 | - "endpoints" 28 | verbs: 29 | - "get" 30 | --- 31 | kind: ClusterRoleBinding 32 | apiVersion: rbac.authorization.k8s.io/v1 33 | metadata: 34 | namespace: logging 35 | # namespace: kube-system 36 | name: logging 37 | labels: 38 | app: logging 39 | kubernetes.io/cluster-service: "true" 40 | # addonmanager.kubernetes.io/mode: Reconcile 41 | subjects: 42 | - kind: ServiceAccount 43 | name: logging 44 | namespace: logging 45 | # namespace: kube-system 46 | apiGroup: "" 47 | roleRef: 48 | kind: ClusterRole 49 | name: logging 50 | apiGroup: "" -------------------------------------------------------------------------------- /container/docker/images/alpine/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | 2 | user nginx; 3 | worker_processes auto; 4 | worker_rlimit_nofile 65530; 5 | 6 | error_log /var/log/nginx/error.log warn; 7 | pid /var/run/nginx.pid; 8 | 9 | 10 | events { 11 | worker_connections 4096; 12 | } 13 | 14 | 15 | http { 16 | include /etc/nginx/mime.types; 17 | default_type application/octet-stream; 18 | 19 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 20 | '$status $body_bytes_sent "$http_referer" ' 21 | '"$http_user_agent" "$http_x_forwarded_for"'; 22 | 23 | access_log /var/log/nginx/access.log main; 24 | 25 | sendfile on; 26 | #tcp_nopush on; 27 | 28 | keepalive_timeout 65; 29 | 30 | server_tokens off; 31 | gzip on; 32 | gzip_types text/plain text/css application/json application/x-javascript application/xml; 33 | 34 | ssi on; 35 | ssi_silent_errors on; 36 | ssi_types application/javascript text/javascript text/css application/json application/xml; 37 | ssi_value_length 256; 38 | server_names_hash_bucket_size 128; 39 | client_header_buffer_size 32k; 40 | large_client_header_buffers 4 32k; 41 | 42 | include /etc/nginx/conf.d/*.conf; 43 | } 44 | -------------------------------------------------------------------------------- /share/git/zentao/hooks/api.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python3 2 | # -*- coding: UTF-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Help : https://github.com/netkiller/devops/blob/master/doc/zentao.md 7 | ############################################## 8 | 9 | import requests 10 | 11 | # url = 'http://172.18.200.10/zentao/api.php/v1' 12 | url = 'http://172.18.200.10/api.php' 13 | 14 | 15 | class Zentao(): 16 | def __init__(self) -> None: 17 | pass 18 | 19 | def token(self): 20 | # headers = {"content-type": "application/json"} 21 | data = {"account": "test", "password": "Qwe123"} 22 | # data = json.dumps(json) 23 | request = requests.post(url + '/tokens', json=data) # , headers=headers 24 | print(request) 25 | print(request.text) 26 | 27 | def main(self): 28 | pass 29 | 30 | 31 | # print(request.text) 32 | # print(json.loads(request.content.decode())) 33 | # try: 34 | # json_string = request.json() 35 | # if json_string['status'] == 'success': 36 | # data = json.loads(json_string['data']) 37 | # value = data['title'] 38 | # except requests.exceptions.JSONDecodeError: 39 | # value = None 40 | # return (value) 41 | zentao = Zentao() 42 | zentao.token() 43 | -------------------------------------------------------------------------------- /.github/workflows/python-package.yml: -------------------------------------------------------------------------------- 1 | # This workflow will install Python dependencies, run tests and lint with a variety of Python versions 2 | # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions 3 | 4 | name: Python package 5 | 6 | on: 7 | push: 8 | branches: [ master ] 9 | pull_request: 10 | branches: [ master ] 11 | 12 | jobs: 13 | build: 14 | 15 | runs-on: ubuntu-latest 16 | strategy: 17 | fail-fast: false 18 | matrix: 19 | python-version: [3.9] 20 | 21 | steps: 22 | - uses: actions/checkout@v2 23 | with: 24 | submodules: 'true' 25 | - name: Set up Python ${{ matrix.python-version }} 26 | uses: actions/setup-python@v2 27 | with: 28 | python-version: ${{ matrix.python-version }} 29 | - name: Install dependencies 30 | run: | 31 | python -m pip install --upgrade pip 32 | python -m pip install pytest 33 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi 34 | - name: Build and Install 35 | run: | 36 | python3 setup.py sdist 37 | # bdist_wheel 38 | python3 setup.py install 39 | # - name: Test with pytest 40 | # run: | 41 | # pytest 42 | -------------------------------------------------------------------------------- /container/kubernetes/nginx.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx 5 | labels: 6 | app: nginx 7 | spec: 8 | replicas: 3 9 | selector: 10 | matchLabels: 11 | app: nginx 12 | template: 13 | metadata: 14 | labels: 15 | app: nginx 16 | spec: 17 | containers: 18 | - name: nginx 19 | image: nginx:latest 20 | ports: 21 | - containerPort: 80 22 | --- 23 | apiVersion: v1 24 | kind: Service 25 | metadata: 26 | name: nginx 27 | labels: 28 | app: nginx 29 | spec: 30 | ports: 31 | - port: 80 32 | protocol: TCP 33 | targetPort: 80 34 | selector: 35 | app: nginx 36 | type: NodePort 37 | --- 38 | apiVersion: networking.k8s.io/v1 39 | kind: Ingress 40 | metadata: 41 | name: nginx 42 | annotations: 43 | kubernetes.io/ingress.class: nginx 44 | spec: 45 | # defaultBackend: 46 | # service: 47 | # name: nginx 48 | # port: 49 | # number: 80 50 | rules: 51 | - host: foo.bar.com 52 | http: 53 | paths: 54 | - pathType: Prefix 55 | path: "/" 56 | backend: 57 | # serviceName: nginx 58 | # servicePort: 80 59 | service: 60 | name: nginx 61 | port: 62 | number: 80 -------------------------------------------------------------------------------- /share/example/testing/example.com.ini: -------------------------------------------------------------------------------- 1 | [www] 2 | ;repository=git@192.168.2.1:example.com/www.example.com 3 | repository=https://github.com/oscm/shell.git 4 | source=example.com 5 | option=--delete --password-file=confure/production/example.com/passwd 6 | exclude=testing/www.example.com.lst 7 | logfile=/tmp/www.example.com.log 8 | remote=www@192.168.2.15 9 | destination=example.com/www.example.com 10 | 11 | [bbs] 12 | repository=https://github.com/oscm/shell.git 13 | remote=www@192.168.2.15 14 | destination=example.com/bbs.example.com 15 | 16 | [news] 17 | repository=https://github.com/oscm/shell.git 18 | remote=www@192.168.2.15 19 | destination=example.com/bbs.example.com 20 | branch=freebsd 21 | 22 | [blog] 23 | repository=https://github.com/oscm/shell.git 24 | remote=www@192.168.2.15 25 | destination=example.com/bbs.example.com 26 | backup=/tmp/blog.example.com.log 27 | 28 | [music] 29 | repository=https://github.com/oscm/shell.git 30 | remote= www@192.168.2.15, www@192.168.2.10 ,www@192.168.2.11 31 | destination=example.com/bbs.example.com 32 | backup=/tmp/blog.example.com.log 33 | 34 | [video] 35 | repository=https://github.com/oscm/shell.git 36 | remote= www@192.168.2.15, www@192.168.2.16 ,www@192.168.2.17 37 | destination=example.com/bbs.example.com 38 | logfile=/tmp/blog.example.com.log 39 | delete=Y 40 | -------------------------------------------------------------------------------- /demo/k8s/k3d/ingress.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDYDCCAkgCCQD+MXOWc1zGgDANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJD 3 | TjELMAkGA1UECAwCR0QxCzAJBgNVBAcMAlNaMQwwCgYDVQQKDANOZW8xCzAJBgNV 4 | BAsMAklUMQwwCgYDVQQDDANOZW8xIDAeBgkqhkiG9w0BCQEWEW5ldGtpbGxlckBt 5 | c24uY29tMB4XDTIyMDExNzAxMTIzMVoXDTMyMDExNTAxMTIzMVowcjELMAkGA1UE 6 | BhMCQ04xCzAJBgNVBAgMAkdEMQswCQYDVQQHDAJTWjEMMAoGA1UECgwDTmVvMQsw 7 | CQYDVQQLDAJJVDEMMAoGA1UEAwwDTmVvMSAwHgYJKoZIhvcNAQkBFhFuZXRraWxs 8 | ZXJAbXNuLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALY2urPZ 9 | 6TFWBbETL9ZjcT5PKjzd069lArMmRaWa2LWYwsXy6mGbkb1reX9xP4gOj8WShfKk 10 | zUyY3qYq4toVBS46QvzNqYBTSGWJCGjy5srkv6gtaeZVtA7YD+S6mWykD06U+3/V 11 | tJquMC+yJ9OE9otVDUmu007LXb0Eop6D1fGDoTpyrMPpwG7FYssXMDCcm7v2EKul 12 | 4Z6sf9HEPSITjlWJjaWff1R+ONBolC5J6fGDvqXnZm4if64BrSyLRrIML2QuGeKK 13 | MJ44qnIJ1dBau4biSiVdt9HHgjgvTdF62GMcRykce7RNtM/OiDR2ZEM9fUqaKv2N 14 | NtmnuW/QdvwmsBUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAjNaQRzwQ7s5Y4rXz 15 | +J3FJseehcVU1qT17rM4a9LvB/Mlp/br/zAjT1p1To+6R+WQU6YlUCbpC2GV2ebf 16 | 86cL6EqUr0FR2Sf70t40NrOOBV9nv1S5+Tv2/sRJRtwo5UkGwIM+9c778uhIqAR+ 17 | eChvurS3m9WMLBH2sit+OFZljhb27i1XWsXOGLfYje2zhVEtfZVZNnyrvd+SusZX 18 | Ep2sUvyN1AIWG6/pz2ipIBLN+8kSq20GMH+1Sk6sZJ+v0hYGwsLWdSCjuCm2ocQw 19 | Jp95RYoHPfZTTsOWXHn6KoY/Dk2wlEENCOpvbVJ54rSH/U77NQ8s9WOGGjORnIfG 20 | wXNyuQ== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /libexec/Gitlab/index.php: -------------------------------------------------------------------------------- 1 | 4 | * Homepage: http://www.netkiller.cn 5 | * ======================================== 6 | */ 7 | 8 | define("TOKEN", ""); 9 | if($_SERVER['HTTP_X_GITLAB_TOKEN'] != TOKEN){ 10 | error_log("failed token"); 11 | exit(0); 12 | } 13 | 14 | $cmd = null; 15 | if($data = file_get_contents('php://input')) { 16 | error_log( $data ); 17 | try { 18 | $payloads = json_decode($data); 19 | $branch = "development" ; 20 | $project = $payloads->project->name; 21 | $group = $payloads->project->namespace; 22 | 23 | if($payloads->ref == "refs/heads/master") { 24 | $branch = "production"; 25 | // disable production 26 | exit(); 27 | } 28 | if($payloads->ref == "refs/heads/testing") { 29 | $branch = "testing"; 30 | } 31 | 32 | if($payloads->ref === 'refs/heads/development'){ 33 | $branch = "development"; 34 | } 35 | 36 | //$cmd="sudo -u www -i /srv/deploy/deploy.sh $group $branch $project"; 37 | $cmd="/srv/deploy/deploy.sh $group $branch $project"; 38 | $result=system($cmd); 39 | 40 | error_log($cmd); 41 | error_log($result); 42 | 43 | } catch(Exception $ex) { 44 | error_log($ex); 45 | } 46 | } else { 47 | error_log("failed request"); 48 | } 49 | ?> 50 | -------------------------------------------------------------------------------- /container/docker/images/centos/nginx/Dockerfile: -------------------------------------------------------------------------------- 1 | ############################################################ 2 | # Dockerfile to build Nginx container 3 | # Based on centos7 4 | ############################################################ 5 | 6 | FROM centos:latest 7 | 8 | MAINTAINER Netkiller 9 | 10 | #USER www 11 | #WORKDIR /www 12 | 13 | # Install EPEL 14 | RUN yum install -y epel-release && yum clean all 15 | 16 | # Update RPM Packages 17 | RUN yum -y update 18 | 19 | # Install Nginx 20 | RUN rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm 21 | RUN yum install -y nginx 22 | RUN yum clean all 23 | 24 | # forward request and error logs to docker log collector 25 | RUN ln -sf /dev/stdout /var/log/nginx/access.log 26 | RUN ln -sf /dev/stderr /var/log/nginx/error.log 27 | 28 | # be backwards compatible with pre-official images 29 | #RUN ln -sf ../share/nginx /usr/local/nginx 30 | 31 | # prepare container 32 | #ADD prepare.sh /prepare.sh 33 | #RUN chmod 755 /prepare.sh 34 | #RUN /prepare.sh 35 | 36 | # add startup script 37 | ADD startup.sh /root/startup.sh 38 | RUN chmod 755 /root/startup.sh 39 | 40 | #VOLUME ["/etc/nginx"] 41 | #VOLUME ["/usr/share/nginx/html"] 42 | #VOLUME ["/var/www"] 43 | 44 | EXPOSE 80 443 45 | 46 | CMD ["nginx", "-g", "daemon off;"] 47 | #CMD /startup.sh 48 | -------------------------------------------------------------------------------- /container/docker/compose/service/mysql.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Data. : 2023-07-21 7 | ############################################## 8 | try: 9 | from netkiller.docker import * 10 | except ImportError as err: 11 | print("%s" % (err)) 12 | 13 | # extra_hosts = [] 14 | 15 | mysql = Services("mysql") 16 | mysql.image("mysql:latest") 17 | mysql.container_name("mysql") 18 | mysql.restart("always") 19 | # mysql.hostname("mysql.netkiller.cn") 20 | # mysql.extra_hosts(extra_hosts) 21 | # mysql.environment(['TZ=Asia/Shanghai']) 22 | mysql.environment( 23 | { 24 | "TZ": "Asia/Shanghai", 25 | "MYSQL_ROOT_PASSWORD": "0E8AAA08-D7CB-403C-8761-0FA8F23DB326", 26 | } 27 | ) 28 | mysql.ports(["3306:3306"]) 29 | mysql.volumes(["/var/lib/mysql:/var/lib/mysql"]) 30 | mysql.command( 31 | [ 32 | "--character-set-server=utf8mb4", 33 | "--collation-server=utf8mb4_general_ci", 34 | "--explicit_defaults_for_timestamp=true", 35 | "--lower_case_table_names=1", 36 | "--max_allowed_packet=128M", 37 | '--sql-mode="STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ERROR_FOR_DIVISION_BY_ZERO"', 38 | ] 39 | ) 40 | # .privileged(True) 41 | -------------------------------------------------------------------------------- /container/docker/bin/prometheus/prometheus.yml: -------------------------------------------------------------------------------- 1 | # my global config 2 | global: 3 | scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. 4 | evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. 5 | # scrape_timeout is set to the global default (10s). 6 | 7 | # Attach these labels to any time series or alerts when communicating with 8 | # external systems (federation, remote storage, Alertmanager). 9 | external_labels: 10 | monitor: 'codelab-monitor' 11 | 12 | # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. 13 | rule_files: 14 | # - "first.rules" 15 | # - "second.rules" 16 | 17 | # A scrape configuration containing exactly one endpoint to scrape: 18 | # Here it's Prometheus itself. 19 | scrape_configs: 20 | # The job name is added as a label `job=` to any timeseries scraped from this config. 21 | - job_name: 'prometheus' 22 | 23 | # metrics_path defaults to '/metrics' 24 | # scheme defaults to 'http'. 25 | 26 | static_configs: 27 | - targets: ['host.docker.internal:9090'] # Only works on Docker Desktop for Mac 28 | 29 | - job_name: 'docker' 30 | # metrics_path defaults to '/metrics' 31 | # scheme defaults to 'http'. 32 | 33 | static_configs: 34 | - targets: ['docker.for.mac.host.internal:9323'] -------------------------------------------------------------------------------- /container/docker/compose/service/elasticsearch.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Data. : 2023-06-28 7 | ############################################## 8 | try: 9 | from netkiller.docker import * 10 | except ImportError as err: 11 | print("%s" % (err)) 12 | 13 | volumes = Volumes() 14 | volumes.create("elasticdata") 15 | volumes.create("elasticplugins") 16 | 17 | # extra_hosts = [] 18 | 19 | elasticsearch = Services("elasticsearch") 20 | elasticsearch.image("docker.elastic.co/elasticsearch/elasticsearch:8.8.1") 21 | elasticsearch.container_name("elasticsearch") 22 | elasticsearch.restart("always") 23 | # elasticsearch.hostname("elasticsearch.netkiller.cn") 24 | # elasticsearch.extra_hosts(extra_hosts) 25 | # elasticsearch.environment(['TZ=Asia/Shanghai']) 26 | elasticsearch.environment({"TZ": "Asia/Shanghai", "ES_JAVA_OPTS": "-Xms1g -Xmx1g", "discovery.type": "single-node", "xpack.security.enabled": "false", "ELASTIC_PASSWORD": "passw0rd"}) 27 | elasticsearch.ports(["9200:9200", "9300:9300"]) 28 | elasticsearch.volumes(["elasticdata:/usr/share/elasticsearch/data", "elasticplugins:/usr/share/elasticsearch/plugins"]) 29 | elasticsearch.privileged(True) 30 | 31 | # compose = Composes('elasticsearch') 32 | # compose.version('3.9') 33 | # compose.services(elasticsearch) 34 | -------------------------------------------------------------------------------- /libexec/Gitlab/deploy.gitlab.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ############################################## 3 | # Author: netkiller 4 | # Homepage: http://www.netkiller.cn 5 | # $Author$ 6 | # $Id$ 7 | ############################################## 8 | NAME=deploy.gitlab 9 | BASEDIR='/srv/deploy' 10 | PROG=$BASEDIR/bin/$(basename $0) 11 | LOGFILE=/var/tmp/$NAME.log 12 | PIDFILE=/var/tmp/$NAME.pid 13 | ACCESS_LOG=/var/tmp/$NAME.access.log 14 | ############################################## 15 | PHP=/srv/php/bin/php 16 | #HOST=0.0.0.0 17 | HOST=127.0.0.1 18 | PORT=8000 19 | ############################################## 20 | #echo $$ 21 | #echo $BASHPID 22 | function start(){ 23 | if [ -f "$PIDFILE" ]; then 24 | echo $PIDFILE 25 | exit 2 26 | fi 27 | 28 | $PHP -d error_log=$LOGFILE -c /srv/php/etc/php-cli.ini -S $HOST:$PORT -t $BASEDIR & 29 | echo $! > $PIDFILE 30 | } 31 | function stop(){ 32 | [ -f $PIDFILE ] && kill `cat $PIDFILE` && rm -rf $PIDFILE 33 | } 34 | function status(){ 35 | #ps ax | grep $NAME | grep -v grep | grep -v status 36 | ps ax | grep $BASEDIR | grep -v grep | grep -v status 37 | } 38 | case "$1" in 39 | start) 40 | start 41 | ;; 42 | stop) 43 | stop 44 | ;; 45 | status) 46 | status 47 | ;; 48 | restart) 49 | stop 50 | start 51 | ;; 52 | log) 53 | tail -f $LOGFILE 54 | ;; 55 | *) 56 | echo $"Usage: $0 {start|stop|status|restart|log}" 57 | exit 2 58 | esac 59 | 60 | exit $? 61 | -------------------------------------------------------------------------------- /container/docker/images/centos/tomcat/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:latest 2 | 3 | MAINTAINER Netkiller 4 | 5 | ENV CATALINA_HOME /srv/tomcat 6 | ENV PATH $CATALINA_HOME/bin:$PATH 7 | RUN mkdir -p "$CATALINA_HOME" 8 | WORKDIR $CATALINA_HOME 9 | 10 | RUN yum install -y java-1.8.0-openjdk wget 11 | 12 | ENV TOMCAT_MAJOR 8 13 | ENV TOMCAT_VERSION 8.5.15 14 | 15 | # https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 16 | ENV TOMCAT_TGZ_URL https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz 17 | # not all the mirrors actually carry the .asc files :'( 18 | ENV TOMCAT_ASC_URL https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc 19 | 20 | RUN set -x \ 21 | \ 22 | && wget -O tomcat.tar.gz "$TOMCAT_TGZ_URL" \ 23 | && tar -xvf tomcat.tar.gz --strip-components=1 \ 24 | && rm bin/*.bat \ 25 | && rm tomcat.tar.gz* \ 26 | && rm -rf $CATALINA_HOME/webapps/{docs,examples,manager,host-manager,ROOT/*} \ 27 | && rm -rf $CATALINA_HOME/logs/* \ 28 | && sed -i "16s/3manager.org.apache.juli.AsyncFileHandler, 4host-manager.org.apache.juli.AsyncFileHandler,//" $CATALINA_HOME/conf/logging.properties 29 | 30 | ADD setenv.sh $CATALINA_HOME/bin 31 | 32 | VOLUME $CATALINA_HOME/work 33 | VOLUME $CATALINA_HOME/temp 34 | 35 | EXPOSE 8080 36 | CMD ["catalina.sh", "run"] 37 | -------------------------------------------------------------------------------- /etc/task.cfg: -------------------------------------------------------------------------------- 1 | [www] 2 | policy=mirror 3 | from=/www/www.example.com/* 4 | to=/tmp/www 5 | exclude=.svn 6 | include=* 7 | 8 | [htdocs] 9 | policy=full 10 | from=neo@172.16.0.5:/tmp 11 | to=/src/backup 12 | 13 | [test] 14 | policy=differential 15 | copy=loop,3 16 | from=/tmp/aaa 17 | to=/tmp/bbb 18 | 19 | [test1] 20 | policy=incremental 21 | from=/tmp/aaa 22 | to=/tmp/ccc 23 | 24 | [test2] 25 | policy=copy.cp 26 | from=/tmp/aaa 27 | to=/tmp/ddd 28 | 29 | [mrtg] 30 | policy=loop 31 | copies=daily 32 | from=/www/mrtg 33 | to=/tmp/mrtg 34 | 35 | [nfs] 36 | policy=copy.cp 37 | copy=weekly 38 | from.nfs=172.16.0.5:/www/mrtg 39 | to=/tmp/mrtg 40 | 41 | [webdav] 42 | policy=wget 43 | copy=weekly 44 | from.davfs=http://192.168.3.5/test 45 | to=/tmp/webdav 46 | 47 | [http] 48 | policy=mirror.axel -n 64 49 | copy=yweekly 50 | from.http=http://192.168.3.5/test 51 | to=/tmp/http 52 | 53 | [ftp] 54 | policy=mirror.wget 55 | from.ftp=ftp://user:passwd@192.168.3.5/test 56 | to=/tmp/ftp 57 | 58 | [ftpupload] 59 | policy=mirror.ftp 60 | from.ftp=ftp://user:passwd@192.168.3.5/test 61 | to.ftp=ftp://user:passwd@192.168.3.5/test1 62 | 63 | [iscsi] 64 | policy=clone 65 | from.iscsi=ip:172.16.0.30:3260,1 iqn.2006-01.com.openfiler:tsn.0b232d1cc3ee 66 | to.iscsi=ip:172.16.0.30:3260,1 iqn.2006-01.com.openfiler:tsn.0b232d1cc3ee 67 | 68 | 69 | [database] 70 | policy=mysql 71 | host=192.168.2.1 72 | port=3306 73 | user=www 74 | password=qwer123 75 | database=test 76 | compress=gzip 77 | to=/tmp 78 | -------------------------------------------------------------------------------- /demo/k8s/config.py: -------------------------------------------------------------------------------- 1 | import os 2 | import sys 3 | sys.path.insert(0, '/Users/neo/workspace/devops') 4 | 5 | from netkiller.kubernetes import * 6 | 7 | print("=" * 40, "ConfigMap", "=" * 40) 8 | config = ConfigMap('test') 9 | config.apiVersion('v1') 10 | config.metadata().name('test').namespace('test') 11 | config.data({'host': 'localhost', 'port': '3306', 12 | 'user': 'root', 'pass': '123456'}) 13 | config.data({'logfile': '/var/log', 'tmp': '/tmp'}) 14 | config.debug() 15 | 16 | config = ConfigMap('test') 17 | config.apiVersion('v1') 18 | config.metadata().name('test').namespace('test') 19 | config.data({'redis.conf': pss( 20 | 'pidfile /var/lib/redis/redis.pid\n' 21 | 'dir /var/lib/redis\n' 22 | 'port 6379\n' 23 | 'bind 0.0.0.0\n' 24 | 'appendonly yes\n' 25 | 'protected-mode no\n' 26 | 'requirepass 123456\n' 27 | ) 28 | }).data({'db.ini': pss('''\ 29 | mysql.db = devops 30 | mysql.host = 127.0.0.1 31 | mysql.user = root 32 | mysql.pwd = root123 33 | mysql.port = 3306 34 | ''')}) 35 | # config.json() 36 | config.debug() 37 | 38 | print("=" * 40, "ConfigMap", "=" * 40) 39 | 40 | config = ConfigMap('test') 41 | config.apiVersion('v1') 42 | config.metadata().name('test').namespace('test') 43 | config.from_file('resolv.conf', '/etc/resolv.conf') 44 | config.debug() 45 | 46 | config = ConfigMap('test') 47 | config.apiVersion('v1') 48 | config.metadata().name('test').namespace('test') 49 | config.from_env_file('config.env') 50 | config.debug() 51 | -------------------------------------------------------------------------------- /container/docker/docker.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | import sys 3 | 4 | sys.path.insert(0, ".") 5 | sys.path.insert(1, "/Users/neo/workspace/devops") 6 | sys.path.insert(2, "/Users/neo/Github/devops") 7 | sys.path.insert(3, "/srv/devops") 8 | 9 | try: 10 | from netkiller.docker import * 11 | 12 | # from environment.experiment import experiment 13 | # from environment.development import development 14 | # from environment.production import production 15 | 16 | from compose.devops import devops 17 | from compose.demo import demo 18 | 19 | # from libexec.portainer import portainer 20 | from compose.database import database 21 | from compose.homeassistant import homeassistant 22 | 23 | except ModuleNotFoundError as err: 24 | print("pip install netkiller-devops, %s" % (err)) 25 | exit() 26 | 27 | if __name__ == "__main__": 28 | try: 29 | docker = Docker() 30 | # docker.env({'DOCKER_HOST':'ssh://root@192.168.30.13','COMPOSE_PROJECT_NAME':'experiment'}) 31 | # docker.sysctl({"vm.max_map_count": "262144"}) 32 | docker.environment(database) 33 | # docker.environment(development) 34 | # docker.environment(logging) 35 | docker.environment(devops) 36 | docker.environment(homeassistant) 37 | # docker.environment(portainer) 38 | docker.environment(demo) 39 | docker.main() 40 | except KeyboardInterrupt: 41 | print("Crtl+C Pressed. Shutting down.") 42 | -------------------------------------------------------------------------------- /container/docker/docker-compose/swarms/redis/redis.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | services: 4 | redis: 5 | image: redis:latest 6 | environment: 7 | - TZ=Asia/Shanghai 8 | hostname: redis 9 | ports: 10 | - 6379:6379 11 | networks: 12 | - test 13 | volumes: 14 | # - /var/lib/redis:/var/lib/redis:rw 15 | # - /var/log/redis:/var/log/redis 16 | - data:/var/lib/redis 17 | configs: 18 | # - redis_config 19 | # - source: docker-entrypoint 20 | # target: /usr/local/bin/docker-entrypoint.sh 21 | # mode: 0755 22 | - source: redis.conf 23 | target: /usr/local/etc/redis.conf 24 | mode: 0440 25 | # command: 26 | # echo 511 > /proc/sys/net/core/somaxconn && echo never > /sys/kernel/mm/transparent_hugepage/enabled 27 | # redis-server /usr/local/etc/redis.conf --appendonly yes 28 | # entrypoint: 29 | # docker-entrypoint.sh /usr/local/etc/redis.conf 30 | deploy: 31 | replicas: 1 32 | restart_policy: 33 | condition: on-failure 34 | resources: 35 | limits: 36 | cpus: "1" 37 | memory: 512M 38 | update_config: 39 | parallelism: 1 40 | delay: 5s 41 | monitor: 10s 42 | max_failure_ratio: 0.1 43 | order: start-first 44 | 45 | configs: 46 | redis.conf: 47 | file: ./redis.conf 48 | # docker-entrypoint: 49 | # file: ./docker-entrypoint.sh 50 | 51 | volumes: 52 | data: 53 | 54 | networks: 55 | test: 56 | driver: overlay 57 | # external: true -------------------------------------------------------------------------------- /container/docker/compose/service/minio.py: -------------------------------------------------------------------------------- 1 | from netkiller.docker import * 2 | 3 | minio = Services('minio') 4 | minio.image('minio/minio:latest') 5 | minio.container_name('minio') 6 | minio.restart('always') 7 | minio.hostname('minio.netkiller.cn') 8 | minio.environment([ 9 | 'TZ=Asia/Shanghai', 'MINIO_ROOT_USER=admin', 'MINIO_ROOT_PASSWORD=123456', 10 | 'MINIO_ACCESS_KEY=minio', 'MINIO_SECRET_KEY=minio123456' 11 | ]) 12 | minio.ports(['9000:9000', '9090:9090']) 13 | minio.volumes([ 14 | # '/opt/minio/data:/data', 15 | # '/opt/minio/config:/root/.minio' 16 | '/tmp/minio:/data' 17 | ]) 18 | # minio.command("server --console-address ':9090' /data") 19 | minio.command("server /data") 20 | minio.privileged() 21 | 22 | compose = Composes('storage') 23 | compose.version('3.9') 24 | compose.services(minio) 25 | 26 | if __name__ == "__main__": 27 | try: 28 | docker = Docker() 29 | docker.environment(compose) 30 | docker.main() 31 | except KeyboardInterrupt: 32 | print("Crtl+C Pressed. Shutting down.") 33 | 34 | # runner = Services('gitlab-runner') 35 | # runner.image('gitlab/gitlab-runner:alpine') 36 | # runner.container_name('gitlab-runner') 37 | # runner.restart('always') 38 | # runner.hostname('gitlabrunner.netkiller.cn') 39 | # # runner.extra_hosts(extra_hosts) 40 | # runner.environment(['TA=Asia/Shanghai']) 41 | # # runner.ports(['80:80','443:443']) 42 | # runner.volumes(['./gitlab/config:/etc/gitlab-runner','/var/run/docker.sock:/var/run/docker.sock','/usr/bin/docker:/usr/bin/docker']) 43 | # runner.privileged(True) -------------------------------------------------------------------------------- /libexec/Web/Ant/README.md: -------------------------------------------------------------------------------- 1 | # build.xml 2 | 3 | This is an ant build.xml. 4 | 5 | ## Workflow 6 | 7 | git ---> clone | pull ---> branch ---> local ---> build ---> config ---> deploy ---> remote 8 | local ---> start | stop | kill | status ---> remote 9 | 10 | ## Download Script 11 | 12 | wget https://raw.githubusercontent.com/oscm/build/master/Web/Ant/build.xml 13 | wget https://raw.githubusercontent.com/oscm/build/master/Web/Ant/build.properties 14 | 15 | ## Setup and config 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | ## Deploy 25 | 26 | ### trial 27 | $ ant pull trial 28 | 29 | ### Deploy 30 | 31 | $ ant pull deploy 32 | 33 | ### merge and push 34 | 35 | $ ant merge 36 | $ ant push 37 | 38 | or 39 | 40 | $ ant push 41 | 42 | ### revert to reversion 43 | 44 | $ vim build.xml 45 | 46 | 47 | $ ant revert 48 | $ ant deploy 49 | 50 | ### Only compile, not deploy 51 | 52 | $ ant compile 53 | 54 | ### package 55 | $ ant package 56 | 57 | 58 | 59 | ## Other 60 | 61 | ### Clone 62 | 63 | $ ant clone 64 | 65 | ### Pull 66 | $ ant pull 67 | 68 | ### backup 69 | $ ant backup 70 | 71 | ### reset / clean 72 | 73 | $ ant clean 74 | $ ant reset 75 | 76 | 77 | 78 | 79 | -------------------------------------------------------------------------------- /container/kubernetes/registry.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: registry 5 | namespace: default 6 | labels: 7 | app: registry 8 | # kubernetes.io/cluster-service: "true" 9 | spec: 10 | type: NodePort 11 | selector: 12 | app: registry 13 | ports: 14 | - name: registry 15 | port: 5000 16 | nodePort: 32050 17 | protocol: TCP 18 | --- 19 | apiVersion: apps/v1 20 | kind: Deployment 21 | metadata: 22 | name: registry 23 | namespace: default 24 | labels: 25 | app: registry 26 | # kubernetes.io/cluster-service: "true" 27 | spec: 28 | replicas: 1 29 | selector: 30 | matchLabels: 31 | app: registry 32 | template: 33 | metadata: 34 | labels: 35 | app: registry 36 | # kubernetes.io/cluster-service: "true" 37 | spec: 38 | containers: 39 | - name: registry 40 | image: registry:latest 41 | resources: 42 | limits: 43 | cpu: 100m 44 | memory: 100Mi 45 | env: 46 | - name: REGISTRY_HTTP_ADDR 47 | value: :5000 48 | - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY 49 | value: /var/lib/registry 50 | # volumeMounts: 51 | # - name: image-store 52 | # mountPath: /var/lib/registry 53 | ports: 54 | - containerPort: 5000 55 | name: registry 56 | protocol: TCP 57 | # volumes: 58 | # - name: image-store 59 | # nfs: 60 | # Use real NFS server address here. 61 | # server: 192.168.125.5 62 | # Use real NFS server export directory. 63 | # path: "/nfs" -------------------------------------------------------------------------------- /demo/redis-cluster.py: -------------------------------------------------------------------------------- 1 | from netkiller.docker import * 2 | 3 | image = 'redis:latest' 4 | requirepass='11223344' 5 | 6 | compose = Composes('redis-master-slave') 7 | compose.version('3.9') 8 | 9 | # master = Services('master') 10 | # master.image(image) 11 | # master.container_name('master') 12 | # master.restart('always') 13 | # master.environment(['TZ=Asia/Shanghai']) 14 | # master.ports('6379:6379') 15 | # master.volumes(['/tmp/master:/data']) 16 | # master.sysctls(['net.core.somaxconn=1024']) 17 | # master.command([ 18 | # '--requirepass '+requirepass, 19 | # '--appendonly yes']) 20 | # # master.debug() 21 | # # print(master.dump()) 22 | # compose.services(master) 23 | 24 | 25 | for i in range(5) : 26 | slave = Services('slave-'+str(i)) 27 | slave.image(image).container_name('slave-'+str(i)).restart('always') 28 | slave.ports(['638{port}:6379'.format(port=i)]).environment(['TZ=Asia/Shanghai']) 29 | slave.volumes(['/tmp/slave{n}:/data'.format(n=i)]) 30 | slave.sysctls(['net.core.somaxconn=1024']).command([ 31 | '--port 6379', 32 | '--cluster-enabled yes', 33 | # cluster-config-file nodes-6371.conf 34 | 'cluster-node-timeout 5000' 35 | '--appendonly yes' 36 | 'protected-mode no', 37 | '--masterauth '+requirepass, 38 | '--requirepass ' + requirepass, 39 | 'cluster-announce-ip 10.12.12.10', 40 | # 这里是宿主机IP 41 | 'cluster-announce-port 6371', 42 | 'cluster-announce-bus-port 16371' 43 | ]) 44 | 45 | # print(cluster.dump()) 46 | compose.services(slave) 47 | 48 | # print (compose.debug()) 49 | print(compose.dump()) 50 | # compose.save() 51 | compose.up() 52 | 53 | # compose.save('/tmp/docker-compost.yaml') -------------------------------------------------------------------------------- /share/git/zentao/zentaoclose: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: UTF-8 -*- 3 | ################################### 4 | # git branch merge 5 | # Author: netkiller@msn.com 6 | # Home: http://www.netkiller.cn 7 | ################################### 8 | # zentaoclose $(date -d "-15 day" "+%Y-%m-%d") 9 | ################################### 10 | try: 11 | import subprocess 12 | import re 13 | import sys 14 | import requests 15 | except ImportError as err: 16 | print("Error: %s" % (err)) 17 | 18 | if len(sys.argv) == 1: 19 | exit() 20 | date = sys.argv[1] 21 | 22 | api_address = 'http://zentao.netkiller.cn/zentao/gitlab.php' 23 | 24 | 25 | def zentao(type, id): 26 | url = api_address + \ 27 | "?id={id}&type={type}&func=close".format(id=id, type=type) 28 | request = requests.get(url) 29 | if request.status_code == 200: 30 | id, status = request.text.split(', ') 31 | # print(id, status) 32 | if status != '0': 33 | print(request.status_code, request.reason, id, status) 34 | 35 | 36 | commit = subprocess.getoutput( 37 | 'git log --no-merges --pretty=format:"%s" --since={date} | egrep "BUG|TASK"'.format(date=date)) 38 | 39 | tasks = set() 40 | 41 | for id in re.findall(r"TASK#(\d+)\s", commit, re.M): 42 | tasks.add(id) 43 | for id in re.findall(r"TASK\s#(\d+)\s", commit, re.M): 44 | tasks.add(id) 45 | # ids.extend(re.findall(r"\[TASK\s#(\d+)\]", commit, re.M)) 46 | tasks = sorted(tasks) 47 | print('TASK', tasks) 48 | for task in tasks: 49 | zentao('task', task) 50 | 51 | bugs = set() 52 | for id in re.findall(r"BUG #(\d+)\s", commit, re.M): 53 | bugs.add(id) 54 | bugs = sorted(bugs) 55 | print('BUG', bugs) 56 | for bug in bugs: 57 | zentao('bug', bug) 58 | -------------------------------------------------------------------------------- /container/docker/docker-compose/redis/cluster/master/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.7" 2 | services: 3 | redis-master: 4 | build: 5 | context: . 6 | dockerfile: Dockerfile 7 | args: 8 | - node=master 9 | # image: redis:latest 10 | container_name: redis-master 11 | restart: always 12 | ports: 13 | - "6379:6379" 14 | volumes: 15 | - redis-master:/data 16 | # - ./docker-entrypoint.sh:/docker-entrypoint.sh:ro 17 | # - "/etc/timezone:/etc/timezone:ro" 18 | # - "/etc/localtime:/etc/localtime:ro" 19 | links: 20 | - redis-slave1 21 | - redis-slave2 22 | networks: 23 | - redis 24 | privileged: true 25 | sysctls: 26 | net.core.somaxconn: '511' 27 | ulimits: 28 | nproc: 65535 29 | nofile: 30 | soft: 65535 31 | hard: 65535 32 | # entrypoint: /docker-entrypoint.sh 33 | depends_on: 34 | - redis-slave1 35 | - redis-slave2 36 | 37 | redis-slave1: 38 | image: redis:latest 39 | container_name: redis-slave1 40 | restart: always 41 | ports: 42 | - "6377:6379" 43 | volumes: 44 | - redis-slave1:/data 45 | networks: 46 | - redis 47 | privileged: true 48 | sysctls: 49 | net.core.somaxconn: '511' 50 | 51 | redis-slave2: 52 | image: redis:latest 53 | container_name: redis-slave2 54 | restart: always 55 | ports: 56 | - "6378:6379" 57 | volumes: 58 | - redis-slave2:/data 59 | networks: 60 | - redis 61 | privileged: true 62 | sysctls: 63 | net.core.somaxconn: '511' 64 | 65 | networks: 66 | redis: 67 | driver: bridge 68 | 69 | volumes: 70 | redis-master: 71 | redis-slave1: 72 | redis-slave2: -------------------------------------------------------------------------------- /container/kubernetes/filebeat.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | labels: 5 | app: filebeat 6 | name: filebeat-daemonset 7 | spec: 8 | selector: 9 | matchLabels: 10 | app: filebeat 11 | template: 12 | metadata: 13 | labels: 14 | app: filebeat 15 | spec: 16 | containers: 17 | - name: filebeat-daemonset 18 | image: 'elastic/filebeat:7.9.2' 19 | securityContext: 20 | runAsUser: 0 21 | volumeMounts: 22 | - mountPath: /usr/share/filebeat/filebeat.yml 23 | name: volume-configmap 24 | subPath: filebeat.yml 25 | - mountPath: /var/lib/docker/containers 26 | name: volume-containerlog 27 | volumes: 28 | - name: volume-configmap 29 | configMap: 30 | defaultMode: 420 31 | name: filebeat-configmap 32 | - name: volume-containerlog 33 | hostPath: 34 | path: /var/lib/docker/containers 35 | --- 36 | apiVersion: v1 37 | data: 38 | filebeat.yml: |- 39 | filebeat.config: 40 | modules: 41 | path: ${path.config}/modules.d/*.yml 42 | reload.enabled: false 43 | processors: 44 | - add_cloud_metadata: ~ 45 | - add_docker_metadata: ~ 46 | filebeat.inputs: 47 | - type: docker 48 | containers: 49 | path: "/var/lib/docker/containers" 50 | json.keys_under_root: true 51 | ids: 52 | - "*" 53 | output.elasticsearch: 54 | hosts: ["elasticsearch-service:9200"] 55 | username: "elastic" 56 | password: "xxx" 57 | setup.kibana: 58 | host: "kibana-service:5601" 59 | kind: ConfigMap 60 | metadata: 61 | name: filebeat-configmap -------------------------------------------------------------------------------- /netkiller/wework.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python 2 | # -*- coding: UTF-8 -*- 3 | ############################################## 4 | # Home : http://netkiller.github.io 5 | # Author: Neo 6 | ############################################## 7 | 8 | try: 9 | import requests, sys 10 | import logging, logging.handlers 11 | from configparser import ConfigParser 12 | from optparse import OptionParser, OptionGroup 13 | except ImportError as err: 14 | print("Error: %s" %(err)) 15 | 16 | class WeWork(): 17 | def __init__(self, corpid, secret, agentid): 18 | self.CORPID = corpid 19 | self.SECRET = secret 20 | self.AGENTID = agentid 21 | self.token = None 22 | def getToken(self): 23 | url = "https://qyapi.weixin.qq.com/cgi-bin/gettoken" 24 | json = { 25 | "corpid": self.CORPID, 26 | "corpsecret": self.SECRET 27 | } 28 | response = requests.get(url=url, params=json) 29 | res = response.json() 30 | if res['errmsg'] == 'ok': 31 | self.token = res["access_token"] 32 | return True 33 | else: 34 | print(res) 35 | return False 36 | 37 | def sendMessage(self, json): 38 | if not self.getToken() : 39 | return False 40 | url = "https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=%s" % self.token 41 | response = requests.post(url=url, json=json) 42 | res = response.json() 43 | if res['errmsg'] == 'ok': 44 | return True 45 | else: 46 | print(res) 47 | return False 48 | 49 | def sendTextMessage(self,totag, content): 50 | data = { 51 | # "touser": to_user, # 发送个人填用户账号 52 | # "toparty": to_user, # 发送组内成员填部门ID 53 | "totag": totag, 54 | "msgtype": "text", 55 | "agentid": self.AGENTID, 56 | "text": {"content": content}, 57 | "safe": "0" 58 | } 59 | self.sendMessage(json=data) -------------------------------------------------------------------------------- /container/docker/compose/service/gitlab.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | #-*- coding: utf-8 -*- 3 | ############################################## 4 | # Home : http://netkiller.github.io 5 | # Author: Neo 6 | # Upgrade: 2021-11-18 7 | ############################################## 8 | try: 9 | import os, sys 10 | module = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 11 | sys.path.insert(0, module) 12 | from netkiller.docker import * 13 | except ImportError as err: 14 | print("%s" %(err)) 15 | 16 | # extra_hosts = [] 17 | 18 | gitlab = Services('gitlab') 19 | gitlab.image('gitlab/gitlab-ce:latest') 20 | gitlab.container_name('gitlab') 21 | gitlab.restart('always') 22 | gitlab.hostname('gitlab.netkiller.cn') 23 | # gitlab.extra_hosts(extra_hosts) 24 | # gitlab.environment(['TA=Asia/Shanghai']) 25 | gitlab.environment({'TA':'Asia/Shanghai','GITLAB_OMNIBUS_CONFIG':pss( 26 | '''\ 27 | external_url 'http://gitlab.netkiller.cn' 28 | registry_external_url 'http://registry.netkiller.cn' 29 | gitlab_rails['time_zone'] = 'Asia/Shanghai' 30 | ''') 31 | }) 32 | gitlab.ports(['80:80']) # ,'443:443' 33 | gitlab.volumes([ 34 | '/opt/gitlab/config:/etc/gitlab', 35 | '/opt/gitlab/logs:/var/log/gitlab', 36 | '/opt/gitlab/data:/var/opt/gitlab' 37 | ]) 38 | 39 | runner = Services('gitlab-runner') 40 | runner.image('gitlab/gitlab-runner:alpine') 41 | runner.container_name('gitlab-runner') 42 | runner.restart('always') 43 | runner.hostname('gitlabrunner.netkiller.cn') 44 | # runner.extra_hosts(extra_hosts) 45 | runner.environment(['TA=Asia/Shanghai']) 46 | # runner.ports(['80:80','443:443']) 47 | runner.volumes(['./gitlab/config:/etc/gitlab-runner','/var/run/docker.sock:/var/run/docker.sock','/usr/bin/docker:/usr/bin/docker']) 48 | runner.privileged(True) -------------------------------------------------------------------------------- /share/git/gitlab/hooks/post-commit: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python3 2 | # -*- coding: UTF-8 -*- 3 | ############################################## 4 | # Home : https://www.netkiller.cn 5 | # Author: Neo 6 | # Help : https://github.com/netkiller/devops/blob/master/doc/zentao.md 7 | ############################################## 8 | 9 | import os, re, requests, subprocess 10 | 11 | api_address = 'http://zentao.netkiller.cn/zentao/gitlab.php' 12 | gitlab_address = 'https://gitlab.netkiller.cn' 13 | 14 | def zentao(type, id, commit): 15 | origin = subprocess.getoutput('git ls-remote --get-url origin') 16 | project = os.path.basename(os.getcwd()) 17 | group = re.findall(r"/(\w+)/"+project+"\.", origin)[0] 18 | # print(origin, project) 19 | # print(group) 20 | message = gitlab_address + '/' + group + '/' + project + '/-/commit/{commit}'.format( 21 | commit=commit) 22 | message = '' + message + '' 23 | url = api_address + "?id={id}&type={type}&message={message}".format( 24 | id=id, type=type, message=message) 25 | request = requests.get(url) 26 | 27 | 28 | file = open('.git/COMMIT_EDITMSG', 'r', encoding='utf-8') 29 | # lines = file.readlines() 30 | message = file.read() 31 | file.close() 32 | # print(message) 33 | commit = subprocess.getoutput('git rev-parse HEAD') 34 | 35 | ids = [] 36 | ids.extend(re.findall(r"TASK#(\d+)\s", message, re.M)) 37 | ids.extend(re.findall(r"TASK\s#(\d+)\s", message, re.M)) 38 | # ids.extend(re.findall(r"\[TASK\s#(\d+)\]", message, re.M)) 39 | 40 | # print(ids) 41 | for id in ids: 42 | zentao('task', id, commit) 43 | 44 | ids = [] 45 | ids.extend(re.findall(r"BUG #(\d+)\s", message, re.M)) 46 | # print(ids) 47 | for id in ids: 48 | zentao('bug', id, commit) 49 | -------------------------------------------------------------------------------- /demo/k8s/k3d/ingress.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAtja6s9npMVYFsRMv1mNxPk8qPN3Tr2UCsyZFpZrYtZjCxfLq 3 | YZuRvWt5f3E/iA6PxZKF8qTNTJjepiri2hUFLjpC/M2pgFNIZYkIaPLmyuS/qC1p 4 | 5lW0DtgP5LqZbKQPTpT7f9W0mq4wL7In04T2i1UNSa7TTstdvQSinoPV8YOhOnKs 5 | w+nAbsViyxcwMJybu/YQq6Xhnqx/0cQ9IhOOVYmNpZ9/VH440GiULknp8YO+pedm 6 | biJ/rgGtLItGsgwvZC4Z4oownjiqcgnV0Fq7huJKJV230ceCOC9N0XrYYxxHKRx7 7 | tE20z86INHZkQz19Spoq/Y022ae5b9B2/CawFQIDAQABAoIBAGJctPi1n46Ec1od 8 | k2tWDyGltpVY4hcCnix7coltR6LwLeSRtzittETeqZ3EUplt0urCqBBOKo040Kg+ 9 | 6mrzgfJsfRDfLKsbSi+Vg7azuSa5yUROD6bJiQOiWyIMIRpmjeTLw+BEStRdR6HX 10 | uGwUkMqyRRQLjgIxAg8xW1/apzlR/ccyfC6Aa1E53OTnRAi0vBr8NZvnxJoUWceW 11 | F+3xRg3es/VpP/MvarUUpntVbyScYE03lBFMhxne9+G1m9EuM9Td2H0UsiVQGcP+ 12 | 069Dcq54PCMidiHLXAGN3eQyy7K4BndQ/fIDUxCrWBQIVEdJHH4qMF1BRSNrGL+h 13 | 02HxpNkCgYEA4/vfWkNOFcupGrooDaPPqmNC+71HNl/S7MRFWF8En/kNsOlnftbB 14 | 9nxzU3YFudBwnHmnFZOQG5qXwc7cdr8ci4LqpYCqWoeY/Gvr1qUjBXtMB1AHMLLI 15 | XhyWgl149ya6MJrjPYnEIPHsmAERJWGWB8rsIJBTyorLkpGW/PPZsrMCgYEAzJr6 16 | oT0mAh/lda1dHhBVXfLMScTAhtlOONGNbWFCrxg92Yzt2cKdDsJ5EcWYjtIpMnUE 17 | yDb5FVCaHSVJwX/7koyEJnxhBXh0W0Gbv6Y8+rszipOzsO37lRJdTaF5aDUxQ7pw 18 | uGuusPEKeD6ffoiGGhyRnQUzRP8SmGXTVqny1hcCgYEA1+mrXv3NDuFBdvmEg153 19 | huPZBTb+IWXhCbDcB9R9OdASAlEaXkqfiYPVaN6mj5Lzg43HCq0k1q+zN65kpuVZ 20 | 8Fp9RV60d2ZiIfVHdpIQt9lMaMSG+rzm/BJRDIffzxnTTcLyoU4+/ACCVHb2ORPR 21 | lfG9bR2i7XhDUb0mZMvAifcCgYEAp0EFIis/V7tFMqYOGZZWgl8I2kCo9VLMG6xJ 22 | RSGdhk51uNH4WOs6wib9GycAp7dqj+GSkCxH/0GNScgCe9goCUsud9ty4CrwSuzd 23 | 6ZN2A6xl3KES4c4Yu2pwtRYLjcD1zZypqkf0XJYd7d+bN69YmB3EdqwalgtA4y1R 24 | zmVMqe8CgYBRL+7RBDc6ZjYvzIIO1aa+yESy4NpMcknP8ggED4KvrU7m4iPsGbUA 25 | kCHH+zPADUxJtAO582EgPRy924PLlX854hc+/oHP8ni5Ac+1C7eIA3Yr9k8zVr/Y 26 | L6wG/YAdH6SeInkF3Z1mz2sM1KhKoEkFgVQbV6C9DQ938NuyJSFPww== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /doc/docker/redis.py: -------------------------------------------------------------------------------- 1 | import os,sys 2 | 3 | module = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 4 | # print(module) 5 | sys.path.insert(0,module) 6 | 7 | from netkiller.docker import * 8 | 9 | image = 'redis:latest' 10 | requirepass='11223344' 11 | environment=['TZ=Asia/Shanghai'] 12 | 13 | compose = Composes('redis-master-slave') 14 | compose.version('3.9') 15 | 16 | master = Services('master') 17 | master.image(image) 18 | master.container_name('master') 19 | master.restart('always') 20 | master.environment(environment) 21 | master.ports(['6379:6379']) 22 | master.volumes(['/tmp/master:/data']) 23 | master.sysctls(['net.core.somaxconn=1024']) 24 | master.command([ 25 | '--requirepass '+requirepass, 26 | '--appendonly yes']) 27 | # master.debug() 28 | # print(master.dump()) 29 | compose.services(master) 30 | 31 | 32 | for i in range(5) : 33 | slave = Services('slave-'+str(i)) 34 | slave.image(image).container_name('slave-'+str(i)).restart('always') 35 | slave.ports(['638{port}:6379'.format(port=i)]).environment(environment) 36 | slave.volumes(['/tmp/slave{n}:/data'.format(n=i)]) 37 | slave.sysctls(['net.core.somaxconn=1024']).command([ 38 | '--slaveof master 6379', 39 | '--masterauth '+requirepass, 40 | '--requirepass ' + requirepass, 41 | '--appendonly yes' 42 | ]) 43 | 44 | # print(cluster.dump()) 45 | compose.services(slave) 46 | 47 | # print (compose.debug()) 48 | # print(compose.dump()) 49 | # compose.save() 50 | # compose.up() 51 | 52 | if __name__ == '__main__': 53 | try: 54 | docker = Docker() 55 | docker.environment(compose) 56 | # docker.environment(development) 57 | # docker.environment(testing) 58 | docker.main() 59 | except KeyboardInterrupt: 60 | print ("Crtl+C Pressed. Shutting down.") -------------------------------------------------------------------------------- /demo/sentinel.py: -------------------------------------------------------------------------------- 1 | from netkiller.docker import * 2 | 3 | image = 'redis:latest' 4 | requirepass='11223344' 5 | 6 | compose = Composes('redis-master-slave') 7 | compose.version('3.9') 8 | 9 | master = Services('master') 10 | master.image(image) 11 | master.container_name('master') 12 | master.restart('always') 13 | master.environment(['TZ=Asia/Shanghai']) 14 | master.ports('6379:6379') 15 | master.volumes(['/tmp/master:/data']) 16 | master.sysctls(['net.core.somaxconn=1024']) 17 | master.command([ 18 | '--requirepass '+requirepass, 19 | '--appendonly yes']) 20 | # master.debug() 21 | # print(master.dump()) 22 | compose.services(master) 23 | 24 | 25 | with open("sentinel.conf","w") as file: 26 | file.write( 27 | ''' 28 | #port 6379 29 | dir /tmp 30 | sentinel monitor mymaster 172.19.0.3 6379 2 31 | sentinel down-after-milliseconds mymaster 30000 32 | sentinel parallel-syncs mymaster 1 33 | sentinel auth-pass mymaster redispwd 34 | sentinel failover-timeout mymaster 180000 35 | sentinel deny-scripts-reconfig yes 36 | ''' 37 | ) 38 | 39 | for i in range(5) : 40 | name = 'sentinel-'+str(i) 41 | slave = Services(name) 42 | slave.image(image).container_name(name).restart('always') 43 | slave.ports(['638{port}:6379'.format(port=i)]).environment(['TZ=Asia/Shanghai']) 44 | slave.volumes(['/tmp/slave{n}:/data'.format(n=i)]) 45 | slave.sysctls(['net.core.somaxconn=1024']).command([ 46 | '--slaveof master 6379', 47 | '--masterauth '+requirepass, 48 | '--requirepass ' + requirepass, 49 | '--appendonly yes' 50 | ]) 51 | 52 | # print(cluster.dump()) 53 | compose.services(slave) 54 | 55 | # print (compose.debug()) 56 | print(compose.dump()) 57 | # compose.save() 58 | compose.up() 59 | 60 | # compose.save('/tmp/docker-compost.yaml') -------------------------------------------------------------------------------- /doc/mysql/database.struct.md: -------------------------------------------------------------------------------- 1 | Database 2 | ======== 3 | 4 | Backup struct of database 5 | 6 | Help 7 | ------ 8 | cp /usr/local/libexec/devops/backup.mysql.struct.sh /usr/local/bin/ 9 | chmod +x /usr/local/bin/backup.mysql.struct.sh 10 | backup.mysql.struct.sh 11 | Usage: ./backup.mysql.struct.sh {init|start|stop|status|restart} 12 | 13 | Create backup user for your database. 14 | ------ 15 | CREATE USER 'backup'@'localhost' IDENTIFIED BY 'SaJePoM6BAPOmOFOd7Xo3e1A52vEPE'; 16 | GRANT SELECT, LOCK TABLES ON *.* TO 'backup'@'localhost'; 17 | FLUSH PRIVILEGES; 18 | SHOW GRANTS FOR 'backup'@'localhost'; 19 | 20 | 21 | Database connect infomation 22 | ------ 23 | BACKUP_HOST="localhost" 24 | BACKUP_USER="netkiller" 25 | BACKUP_PASS="chen" 26 | BACKUP_DBNAME="test aabbcc" 27 | BACKUP_DIR=~/backup 28 | 29 | Initialize the working directory 30 | ------ 31 | $ ./backup.mysql.struct.sh init 32 | Initialized empty Git repository in /home/neo/backup/.git/ 33 | 34 | Start 35 | ------ 36 | $ ./backup.mysql.struct.sh start 37 | 38 | Stop 39 | ------ 40 | $ ./backup.mysql.struct.sh stop 41 | 42 | Status 43 | ----- 44 | $ ./backup.mysql.struct.sh status 45 | 19837 pts/0 S 0:00 /bin/bash ./backup.mysql.struct.sh start 46 | 47 | Diff 48 | ----- 49 | $ cd ~/backup 50 | $ git diff HEAD^ test.sql 51 | diff --git a/localhost/test.sql b/localhost/test.sql 52 | index a749b5a..402d6d1 100644 53 | --- a/localhost/test.sql 54 | +++ b/localhost/test.sql 55 | @@ -53,6 +53,7 @@ DROP TABLE IF EXISTS `test`; 56 | /*!40101 SET character_set_client = utf8 */; 57 | CREATE TABLE `test` ( 58 | `id` int(11) DEFAULT NULL, 59 | + `key` char(50) DEFAULT NULL, 60 | `val` char(10) DEFAULT NULL 61 | ) ENGINE=BLACKHOLE DEFAULT CHARSET=latin1; 62 | /*!40101 SET character_set_client = @saved_cs_client */; -------------------------------------------------------------------------------- /container/docker/bin/registry/certs/domain.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIE4jCCAsoCCQDMEuUiawobZjANBgkqhkiG9w0BAQsFADAzMQswCQYDVQQGEwJD 3 | TjELMAkGA1UECAwCR0QxCzAJBgNVBAcMAlNaMQowCAYDVQQDDAEqMB4XDTIwMDky 4 | ODAzMzczMVoXDTIxMDkyODAzMzczMVowMzELMAkGA1UEBhMCQ04xCzAJBgNVBAgM 5 | AkdEMQswCQYDVQQHDAJTWjEKMAgGA1UEAwwBKjCCAiIwDQYJKoZIhvcNAQEBBQAD 6 | ggIPADCCAgoCggIBAM+U9p1wsFoqejyKtZnBU72bqhbW66/IalSRXfkKTLCRbT46 7 | 22FZSZAGPnZhHV0w9rQMNh0xOBsG4kYfDFsn9MlDF/+kg+E8g+BisWR/sjneGVpP 8 | Q8pJyJdx2H3mThgbuiEaWC6benqWHQdEvA1/njYMGJ4p1jahwleJxxJ2IcBgYiOY 9 | 5rTf0ILbVIDaQk3OX4sr+XtjzOr7rzRMUfbAq0q9AVYJn3qVw3hX2TQnG6qQpq/R 10 | NvjsrHzkhnaC8NrpnnP91KeKJq5TD2Yso4T5GUc/Bijfve+UwRfQiLCU7uI4af0O 11 | Gv1YdnFi6SYG3d0LbQjFZZ8wYv8i0qKw073S5JtsKAV48IE6PUXhOcdgK2DcJvap 12 | BiXCUwfdXaARJt8I/OF/MuydApZ1p5mKfG3yts8VZr7XhMvlqwkmRORe5YBguQrs 13 | 3AAXrU4s0IT3fvfU9HkzJOoT8OD6I5wFsmEtWdUlzwCTRAqR3AKme0lok0sKocIZ 14 | rDpOP8vXf4Vi+qCWQfi8NG8WYWWTVxJHebgmTgC3sEbVTmdpiPuyBQ5J9HkgPrZj 15 | f8zMLNLBh6Q2EsKSLEa7vW9LJ9VkF/b5Oqfuxq6SmA0N86r7z9fd42ssY0n1JRGn 16 | TMsRnWbpvLJkOrIlTb1/b7pHenddbayvHVNDkcQQeJevJAc0UeXzi2l7K9GBAgMB 17 | AAEwDQYJKoZIhvcNAQELBQADggIBAKDecAnALJHwHVjrhAi8cPmPFZL0+lNHQYdE 18 | pjsgTHUS9h5TAQEeGFocTyeGCfruP7MhVDsErfh1lM/Bs7Rjml1hHl8Q8UZgElSP 19 | TtjPi/S/tk11c3pIW7KViKYTkxwGcMD6Z83jvxPf4wvlOQUGtbYGyzth2jpwOJBk 20 | zXr/wa9jhrDcfOyXpwnk+Dk4ZEgSXlxdtsN05mBjDviA9rLXf3Ucr3PEAhJEGD/o 21 | 8emyAedP+EDMQXl9kEiPHNKqfWJtU3ODpifcu2kVTi8umG6BtzFsO7zaqy3gy5Rz 22 | EsrvQoRdPR69HObpvk2Auiy8dnXHQFg2to0NjwWnCvmzPVSvIl/EjqfO7pBZ31QI 23 | qJF0PFpKBkKC4NvVtOhvZxMMTfuAfayYr7l40Dk3Rcx6Z7R+4OFALaJebtOisXu0 24 | JfCIMW47CzhZqK+vyJ4N1GS2ZPTnM9kThsFTLQEZVnPmbgYKecWrp0Zm6ZkM7/7R 25 | /RHEBPRrz7eBIJ5sJTDil4Ic9VgDGlBunC8ngk2gQnrIqWmHO8smvelkVauo09e4 26 | lu1mVCeF52l7+cDYtWGZ0mNOrxpCgtxqgyMHABEZ+2XWqT1uvc1y8I4Ngi66QNZK 27 | eKy2puG6kbbFATTcX5DpS6dkDnIbzLK7v4JbB/Yw9sdWJ8iTErp6JTYKM77+OH9/ 28 | cN7G20e0 29 | -----END CERTIFICATE----- 30 | -------------------------------------------------------------------------------- /share/zabbix/mongodb/mongodb.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################## 3 | # Description: zabbix mongodb monitor 4 | # Note: Zabbix 3.2 5 | # Date: Fri Apr 21 2017 6 | # Verion: 1.0 7 | # Requirments: mongo, jq, sudo access to mongo_conf.sh 8 | # 9 | # Based on Noe script 10 | # 11 | # Change log: 12 | # Mon Apr 24, 2017 13 | # - Added checks for mongo and jq 14 | # - User --eval to fectch data 15 | # - fixed json output to comform 16 | # - Use jq to parse json https://stedolan.github.io/jq/ 17 | # - upated index to handle space or comma betwee values 18 | # 19 | ################################################## 20 | DB_HOST= 21 | DB_PORT= 22 | DB_USERNAME= 23 | DB_PASSWORD= 24 | MONGO=`which mongo` 25 | JQ=`which jq` 26 | EXIT_ERROR=1 27 | EXIT_OK=0 28 | 29 | if [ ! -x "$MONGO" ] ; then 30 | echo "mongo not found" 31 | exit $EXIT_ERROR 32 | elif [ ! -x "$JQ" ] ; then 33 | echo "jq not found" 34 | exit $EXIT_ERROR 35 | elif [ $# -eq 0 ] ; then 36 | echo "No values pass" 37 | exit $EXIT_ERROR 38 | fi 39 | index=.$(echo $@ | sed 's/[ ,]/./g') 40 | MONGO_CMD="$MONGO --host ${DB_HOST:-localhost} --port ${DB_PORT:-27017} --authenticationDatabase admin --quiet" 41 | [[ "$DB_USERNAME" ]] && MONGO_CMD="${MONGO_CMD} --username ${DB_USERNAME}" 42 | [[ "$DB_PASSWORD" ]] && MONGO_CMD="${MONGO_CMD} --password ${DB_PASSWORD}" 43 | 44 | output=$( 45 | $MONGO_CMD <<< "db.runCommand( { serverStatus: 1} )" |\ 46 | sed -e 's/NumberLong(\(.*\))/\1/ 47 | s/ISODate(\(.*\))/\1/ 48 | s/ObjectId(\(.*\))/\1/ 49 | s/Timestamp(.*)/"&"/ 50 | s/\(BinData(.*\)"\(.*\)")/"\1\2)"/ 51 | s/"\([0-9]*\)"/\1/' 52 | 53 | ) 54 | 55 | mongo_status=${PIPESTATUS[0]} 56 | if [ $mongo_status -ne $EXIT_OK ] ; then 57 | echo "mongo exec error" 58 | exit $EXIT_ERROR 59 | fi 60 | value=$(echo $output | jq $index) 61 | jq_status=$? 62 | echo $value 63 | 64 | -------------------------------------------------------------------------------- /share/zabbix/nginx/nginx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################## 3 | # AUTHOR: Neo 4 | # WEBSITE: http://www.netkiller.cn 5 | # Description:zabbix 通过 status 模块监控 nginx 6 | # Note:Zabbix 3.2 7 | # DateTime: 2016-11-22 8 | ################################################## 9 | 10 | HOST="localhost" 11 | PORT="80" 12 | stub_status=stub_status 13 | 14 | function check() { 15 | if [ -f /sbin/pidof ]; then 16 | /sbin/pidof nginx | wc -w 17 | else 18 | ps ax | grep -v "grep" | grep -c "nginx:" 19 | fi 20 | } 21 | 22 | function active() { 23 | /usr/bin/curl -s "http://$HOST:$PORT/${stub_status}/" 2>/dev/null| grep 'Active' | awk '{print $NF}' 24 | } 25 | function accepts() { 26 | /usr/bin/curl -s "http://$HOST:$PORT/${stub_status}/" 2>/dev/null| awk NR==3 | awk '{print $1}' 27 | } 28 | function handled() { 29 | /usr/bin/curl -s "http://$HOST:$PORT/${stub_status}/" 2>/dev/null| awk NR==3 | awk '{print $2}' 30 | } 31 | function requests() { 32 | /usr/bin/curl -s "http://$HOST:$PORT/${stub_status}/" 2>/dev/null| awk NR==3 | awk '{print $3}' 33 | } 34 | function reading() { 35 | /usr/bin/curl -s "http://$HOST:$PORT/${stub_status}/" 2>/dev/null| grep 'Reading' | awk '{print $2}' 36 | } 37 | function writing() { 38 | /usr/bin/curl -s "http://$HOST:$PORT/${stub_status}/" 2>/dev/null| grep 'Writing' | awk '{print $4}' 39 | } 40 | function waiting() { 41 | /usr/bin/curl -s "http://$HOST:$PORT/${stub_status}/" 2>/dev/null| grep 'Waiting' | awk '{print $6}' 42 | } 43 | 44 | case "$1" in 45 | check) 46 | check 47 | ;; 48 | active) 49 | active 50 | ;; 51 | accepts) 52 | accepts 53 | ;; 54 | handled) 55 | handled 56 | ;; 57 | requests) 58 | requests 59 | ;; 60 | reading) 61 | reading 62 | ;; 63 | writing) 64 | writing 65 | ;; 66 | waiting) 67 | waiting 68 | ;; 69 | 70 | *) 71 | echo $"Usage $0 {check|active|accepts|handled|requests|reading|writing|waiting}" 72 | exit 73 | esac 74 | -------------------------------------------------------------------------------- /doc/docker/docker.md: -------------------------------------------------------------------------------- 1 | # Python Docker 编排工具 2 | 3 | pip3 install -i https://pypi.org/project netkiller-devops 4 | 5 | pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple netkiller-devops 6 | 7 | ## Example 8 | 9 | ```python 10 | 11 | #!/usr/bin/python3 12 | #-*- coding: utf-8 -*- 13 | ############################################## 14 | # Home : http://netkiller.github.io 15 | # Author: Neo 16 | # Upgrade: 2022-08-19 17 | ############################################## 18 | # try: 19 | import os, sys 20 | from netkiller.docker import * 21 | # except ImportError as err: 22 | # print("%s" %(err)) 23 | 24 | dockerfile = Dockerfile() 25 | dockerfile.image('openresty/openresty:alpine').run( 26 | 'apk add -U tzdata' 27 | ) 28 | openresty = Services('openresty') 29 | openresty.build(dockerfile) 30 | openresty.image('openresty:alpine') 31 | openresty.container_name('openresty') 32 | openresty.restart('always') 33 | openresty.environment(['TZ=Asia/Shanghai']) 34 | openresty.ports(['80:80','443:443']) 35 | openresty.working_dir('/usr/local/openresty') 36 | openresty.volumes([ 37 | '/var/log/openresty:/usr/local/openresty/nginx/logs', 38 | '/opt/grey.conf:/etc/nginx/conf.d/default.conf', 39 | '/opt/nginx-conf/location/weixin_business_host.location:/etc/nginx/weixin_business_host.location', 40 | '/opt/nginx-conf/certs/ejiayou.com:/etc/nginx/cert', 41 | '/opt/nginx-conf/lua:/usr/local/openresty/nginx/lua' 42 | ]) 43 | 44 | development = Composes('development') 45 | development.workdir('/var/tmp/development') 46 | development.version('3.9') 47 | development.services(openresty) 48 | 49 | if __name__ == '__main__': 50 | try: 51 | docker = Docker( 52 | # {'DOCKER_HOST': 'ssh://root@192.168.30.11'} 53 | ) 54 | #docker.sysctl({'neo': '1'}) 55 | docker.environment(development) 56 | docker.main() 57 | except KeyboardInterrupt: 58 | print("Crtl+C Pressed. Shutting down.") 59 | 60 | ``` -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | DevOps Tools 2 | ==== 3 | 4 | OS Software Configure Managment 5 | 6 | Install 7 | ------- 8 | 9 | pip install netkiller-devops -i https://pypi.tuna.tsinghua.edu.cn/simple 10 | 11 | ### Docker 12 | 13 | root@netkiller ~# docker run --rm -it --name=netkiller --entrypoint=sh netkiller-devops:latest 14 | 15 | ### PATH Variable 16 | 17 | $ cp share/profile.d/devops.sh /etc/profile.d/ 18 | 19 | or 20 | 21 | $ cat >> /etc/profile.d/devops.sh <<'EOF' 22 | export PATH=/srv/devops/bin:$PATH 23 | EOF 24 | 25 | 26 | Deployment 27 | ---------- 28 | [Software deployment tools](https://github.com/netkiller/devops/blob/master/doc/deployment.md). 29 | 30 | ### Ubuntu 编译安装 31 | 32 | $ cd /usr/local/src/ 33 | $ git clone https://github.com/netkiller/devops.git 34 | $ cd devops 35 | $ python3 setup.py sdist 36 | $ python3 setup.py install 37 | 38 | ### CentOS 编译安装 39 | 40 | $ cd /usr/local/src/ 41 | $ git clone https://github.com/netkiller/devops.git 42 | $ cd devops 43 | $ python3 setup.py sdist 44 | $ python3 setup.py install --prefix=/srv/devops 45 | 46 | or 47 | 48 | python36 setup.py sdist 49 | python36 setup.py install --prefix=/srv/devops 50 | 51 | ### Deploy Pypi 52 | 53 | $ pip install setuptools wheel twine 54 | $ python setup.py sdist bdist_wheel 55 | $ twine upload dist/netkiller-devops-x.x.x.tar.gz 56 | 57 | 指定镜像 58 | 59 | $ pip3 install netkiller-devops --upgrade -i https://pypi.org/project 60 | 61 | Backup 62 | ------ 63 | [Data backup tools](https://github.com/netkiller/devops/blob/master/doc/backup.md). 64 | [Database backup](https://github.com/netkiller/devops/blob/master/doc/database.md). 65 | 66 | OS Configuration file versioning 67 | ----- 68 | [osconf](https://github.com/netkiller/devops/blob/master/doc/osconf.md). 69 | 70 | 71 | # Donations 72 | 73 | We accept PayPal through: 74 | 75 | https://www.paypal.me/netkiller 76 | 77 | Wechat (微信) / Alipay (支付宝) 打赏: 78 | 79 | https://www.netkiller.cn/home/donations.html 80 | 81 | -------------------------------------------------------------------------------- /libexec/Web/Ant/gulpfile.js: -------------------------------------------------------------------------------- 1 | var gulp = require('gulp'); 2 | var argv = require('yargs').argv; 3 | //var minifyHtml = require("gulp-minify-html"); 4 | var minifycss = require('gulp-clean-css'); 5 | //var minifycss = require("gulp-minify-css"); 6 | var spriter = require("gulp-spriter"); 7 | var concat = require('gulp-concat'); 8 | var uglify = require('gulp-uglify'); 9 | var rename = require('gulp-rename'); 10 | var path = require("path"); 11 | var glob = require("glob"); 12 | var watch = require('gulp-watch'); 13 | 14 | var src = __dirname + "/" + argv.src; 15 | var dist = __dirname + "/" + argv.src; 16 | 17 | gulp.task('minify-html', function () { 18 | gulp.src( src +'/*.html') // path to your files 19 | .pipe(minifyHtml()) 20 | .pipe(gulp.dest( dist + '/')); 21 | }); 22 | 23 | gulp.task('minify-css', function () { 24 | 25 | gulp.src([src + '/css/**/*.css', "!"+src + '/css/**/*.min.css']) 26 | // .pipe(concat("finally.css")) 27 | .pipe(rename({ suffix: '.min' })) 28 | .pipe(minifycss()) 29 | .pipe(gulp.dest( dist + '/css')); 30 | 31 | }); 32 | 33 | gulp.task('minify-js', function(){ 34 | 35 | gulp.src([src + "/js/**/*.js", "!"+src + "/js/**/*.min.js"]) 36 | // .pipe(concat("finally.js")) 37 | .pipe(rename({ suffix: '.min' })) 38 | .pipe(uglify()) 39 | .pipe(gulp.dest( dist + '/js')) 40 | 41 | }); 42 | 43 | gulp.task("spriter",["clean"],function(){ 44 | return gulp.src( dist + "/css/finally.min.css") 45 | .pipe(spriter({ 46 | sprite:"finally.png", 47 | slice: src + "/images", 48 | outpath: dist + "/images" 49 | })) 50 | .pipe(gulp.dest( dist + '/images')) 51 | }) 52 | 53 | 54 | gulp.task('default',function() { 55 | gulp.start('minify-css','minify-js'); 56 | }); 57 | 58 | gulp.task('watch', function() { 59 | watch(src + "/css/**/*.css", function() { 60 | gulp.run('minify-css'); 61 | }); 62 | watch(src + "/js/**/*.js", function() { 63 | gulp.run('minify-js'); 64 | }); 65 | }); 66 | -------------------------------------------------------------------------------- /netkiller/rsync.py: -------------------------------------------------------------------------------- 1 | #-*- coding: utf-8 -*- 2 | import os, sys 3 | class Rsync(): 4 | def __init__(self, mode=None): 5 | self.mode = mode 6 | self.cmd = {} 7 | self.opt = [] 8 | def option(self, opt): 9 | self.opt.append(opt) 10 | return(self) 11 | def verbose(self): 12 | self.opt.append('--verbose') 13 | return(self) 14 | def quiet(self): 15 | self.opt.append('--quiet') 16 | return(self) 17 | def delete(self): 18 | self.opt.append('--delete') 19 | return(self) 20 | def update(self): 21 | self.opt.append('--update') 22 | return(self) 23 | def backup(self, dir): 24 | self.opt.append('--backup --backup-dir='+dir) 25 | return(self) 26 | def compress(self, num = None): 27 | self.opt.append("--compress") 28 | if num : 29 | self.opt.append("--compress-level={num}".format(num=num)) 30 | return(self) 31 | def logfile(self, log): 32 | self.opt.append('--log-file='+log) 33 | return(self) 34 | def exclude(self,exc): 35 | if type(exc) == 'str': 36 | #exc.find('/') or exc.find('.') 37 | self.opt.append('--exclude-from='+exc) 38 | else: 39 | for item in exc : 40 | self.opt.append('--exclude='+item) 41 | return(self) 42 | def include(self,inc): 43 | if type(inc) == 'str': 44 | self.opt.append('--include-from='+inc) 45 | else: 46 | for item in inc : 47 | self.opt.append('--include='+item) 48 | return(self) 49 | def password(self, file): 50 | self.opt.append('--password-file='+file) 51 | return(self) 52 | def source(self,src): 53 | self.cmd['src'] = src 54 | return(self) 55 | def destination(self,dest): 56 | self.cmd['dest'] = dest 57 | return(self) 58 | def execute(self): 59 | rev = os.system(self.__to_string()) 60 | return(rev) 61 | def __to_string(self): 62 | return('rsync '+' '.join(self.opt)+' '+self.cmd['src']+' '+ self.cmd['dest']) 63 | def debug(self): 64 | return(self.__to_string()) 65 | 66 | """ 67 | rsync = Rsync() 68 | rsync.option('auzvP') 69 | rsync.source('/etc/') 70 | rsync.destination('/tmp') 71 | rsync.execute() 72 | """ -------------------------------------------------------------------------------- /doc/merge.md: -------------------------------------------------------------------------------- 1 | # Git Merge Tools 2 | 3 | neo@MacBook-Pro-M2 ~/w/G/devops (master)> merge 4 | Netkiller git merge tools 5 | Usage: merge [options] 6 | 7 | Options: 8 | -h, --help show this help message and exit 9 | -w ~/workspace, --workspace=~/workspace 10 | workspace ~/workspace 11 | -p PROJECT, --project=PROJECT 12 | project directory 13 | -l /tmp/merge.log, --logfile=/tmp/merge.log 14 | log file 15 | -d, --debug debug 16 | 17 | Repository: 18 | -c https://git.netkiller.cn | git@git.netkiller.cn:exmaple.git, --clone=https://git.netkiller.cn | git@git.netkiller.cn:exmaple.git 19 | clone branch 20 | -r 8547cb94, --reset=8547cb94 21 | Reset current HEAD to the specified state 22 | -b master, --checkout=master 23 | checkout branch 24 | 25 | Custom merge branch: 26 | -s development, --source=development 27 | source 28 | -t testing, --to=testing 29 | target 30 | 31 | Workflow merge development -> testing -> staging -> production(master): 32 | --testing from development to testing 33 | --staging from testing to staging 34 | --production from staging to production(master) 35 | 36 | Create branch: 37 | -B mybranch, --branch=mybranch 38 | create custom branch 39 | -f feature/0001, --feature=feature/0001 40 | feature branch from development 41 | -H hotfix/0001, --hotfix=hotfix/0001 42 | hotfix branch from master 43 | 44 | Homepage: http://www.netkiller.cn Author: Neo 45 | Help https://github.com/netkiller/devops/blob/master/doc/merge.md 46 | 47 | ## 合并 dev 到 test 分支 48 | 49 | neo@MacBook-Pro-M2 devops % merge -s dev -t test -------------------------------------------------------------------------------- /setup.old.py: -------------------------------------------------------------------------------- 1 | import os,sys 2 | from distutils.core import setup 3 | #from setuptools import setup 4 | sys.path.insert(0, os.path.abspath('lib')) 5 | from library import __version__, __author__ 6 | #print (__version__) 7 | readme = open('README.md').read() 8 | changes = open('CHANGES.txt').read() 9 | #version_file = 'oscm.py' 10 | #version = re.findall("__version__ = '(.*)'", open(version_file).read())[0] 11 | #try: 12 | # version = __import__('utile').git_version(version) 13 | #except ImportError: 14 | # pass 15 | 16 | setup( 17 | name='netkiller-devops', 18 | version=__version__, 19 | description="DevOps of useful deployment and automation", 20 | long_description=readme + '\n\n' + changes, 21 | keywords='devops', 22 | author=__author__, 23 | author_email='netkiller@msn.com', 24 | url='http://netkiller.github.io', 25 | license='MIT', 26 | #py_modules=[ 27 | # 'library.rsync', 28 | # 'library.whiptail' 29 | #], 30 | classifiers=[ 31 | 'Development Status :: 5 - Production/Stable', 32 | 'Environment :: Console', 33 | 'Intended Audience :: Developers', 34 | 'License :: OSI Approved :: MIT License', 35 | 'Operating System :: OS Independent', 36 | 'Programming Language :: Python', 37 | 'Programming Language :: Python :: 3.4', 38 | ], 39 | package_dir={ '': 'library' }, 40 | packages=[ 41 | '' 42 | ], 43 | scripts=[ 44 | 'bin/deployment', 45 | 'bin/backup', 46 | 'bin/osconf', 47 | 'bin/mysqlshell', 48 | 'bin/chpasswd.sh', 49 | 'bin/gitsync' 50 | ], 51 | data_files = [ 52 | ('etc', ['etc/deployment.cfg']), 53 | ('etc', ['etc/task.cfg']), 54 | ('etc', ['etc/schedule.cfg']), 55 | ('etc', ['etc/os.ini']), 56 | #('log', ['log/deployment.log']), 57 | ('share', ['share/example/testing/example.com.ini']), 58 | ('share', ['share/profile.d/devops.sh']) 59 | #('example/testing', ['example/testing/example.com.ini']), 60 | #('example/config/testing', ['example/config/testing/www.example.com.ini']), 61 | #('example/exclude/testing', ['example/exclude/testing/www.example.com.lst']) 62 | 63 | ] 64 | ) 65 | 66 | -------------------------------------------------------------------------------- /share/zabbix/Dependency/dependency: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################## 3 | # AUTHOR: Neo 4 | # WEBSITE: http://www.netkiller.cn 5 | # Description: software dependency check 6 | # Note:Zabbix 3.2 7 | # DateTime: 2016-12-08 8 | ################################################## 9 | TIMEOUT=10 10 | CONFIG=/srv/zabbix/conf/dependency.conf 11 | ################################################## 12 | 13 | function discovery(){ 14 | echo '{"data":[' 15 | tmp="" 16 | while IFS=" " read -r name ipaddr port || [[ -n "$ipaddr" ]]; do 17 | tmp="$tmp{\"{#NAME}\":\"${name}\",\"{#IP}\":\"${ipaddr}\",\"{#PORT}\":\"${port}\"}," 18 | done < "$1" 19 | echo $tmp | sed "s/,$//" 20 | echo "]}" 21 | exit 22 | } 23 | function icmp(){ 24 | ping -c 1 -n -w ${TIMEOUT} $1 | egrep -o "time=(.*)" | sed "s/time\=\(.*\) ms/\1/" 25 | exit 26 | } 27 | function port(){ 28 | CONNECTED=$(echo -e "\r\n"|nc -v -w ${TIMEOUT} $1 $2 2>&1 | grep Connected) 29 | if [ -z "${CONNECTED}" ]; then 30 | echo 0 31 | else 32 | echo 1 33 | fi 34 | exit 35 | } 36 | function usage(){ 37 | echo "$0 - Software dependency check" 38 | echo " author neo " 39 | echo " -d/--discovery " 40 | echo " -p/--ping 192.168.0.1/www.netkiller.cn" 41 | echo " -c/--check 192.186.0.1 80" 42 | echo " -h/--help" 43 | exit 44 | } 45 | 46 | TEMP=`getopt -o dp:c:h --long discovery,ping:,check:,help -n "$0" -- "$@"` 47 | 48 | if [ $# == 0 ] ; then usage >&2 ; exit 1 ; fi 49 | 50 | # Note the quotes around `$TEMP': they are essential! 51 | eval set -- "$TEMP" 52 | 53 | while true ; do 54 | case "$1" in 55 | -d|--discovery) 56 | discovery ${CONFIG} 57 | ;; 58 | -p|--ping) 59 | icmp $2 ; shift 2 ;; 60 | -c|--check) 61 | port $2 $4 ;shift 4 ;; 62 | -h|--help) 63 | usage 64 | ;; 65 | --) shift ; break ;; 66 | *) exit 1 ;; 67 | esac 68 | done 69 | #for arg do echo '--> '"\`$arg'" ; done 70 | -------------------------------------------------------------------------------- /libexec/Application/Springboot/service/springbootd: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ############################################## 3 | # Author: netkiller 4 | # Homepage: http://www.netkiller.cn 5 | # Date: 2017-02-08 6 | # $Author$ 7 | # $Id$ 8 | ############################################## 9 | # chkconfig: 345 100 02 10 | # description: Spring boot application 11 | # processname: springbootd 12 | # File : springbootd 13 | ############################################## 14 | BASEDIR="/www/netkiller.cn/api.netkiller.cn" 15 | JAVA_HOME=/srv/java 16 | JAVA_OPTS="-server -Xms2048m -Xmx8192m -Djava.security.egd=file:/dev/./urandom" 17 | PACKAGE="api.netkiller.cn-0.0.2-release.jar" 18 | CONFIG="--spring.config.location=$BASEDIR/application.properties" 19 | USER=www 20 | ############################################## 21 | NAME=springbootd 22 | PROG="$JAVA_HOME/bin/java $JAVA_OPTS -jar $BASEDIR/$PACKAGE $CONFIG" 23 | LOGFILE=/var/tmp/$NAME.log 24 | PIDFILE=/var/tmp/$NAME.pid 25 | ACCESS_LOG=/var/tmp/$NAME.access.log 26 | ############################################## 27 | 28 | function log(){ 29 | echo "$(date -d "today" +"%Y-%m-%d %H:%M:%S") $1 $2" >> $LOGFILE 30 | } 31 | 32 | function start(){ 33 | if [ -f "$PIDFILE" ]; then 34 | echo "The program is already running $PIDFILE" 35 | exit 2 36 | fi 37 | 38 | su - $USER -c "$PROG & echo \$! > $PIDFILE" 39 | log info start 40 | } 41 | function stop(){ 42 | [ -f $PIDFILE ] && kill `cat $PIDFILE` && rm -rf $PIDFILE 43 | pkill -f $BASEDIR/$PACKAGE 44 | log info stop 45 | } 46 | function status(){ 47 | ps aux | grep $PACKAGE | grep -v grep | grep -v status 48 | log info status 49 | } 50 | function reset(){ 51 | pkill -f $PACKAGE 52 | [ -f $PIDFILE ] && rm -rf $PIDFILE 53 | log info reset 54 | } 55 | 56 | case "$1" in 57 | start) 58 | start 59 | ;; 60 | stop) 61 | stop 62 | ;; 63 | status) 64 | status 65 | ;; 66 | restart) 67 | stop 68 | start 69 | ;; 70 | reset) 71 | reset 72 | ;; 73 | log) 74 | tail -f $LOGFILE 75 | ;; 76 | reset) 77 | reset 78 | ;; 79 | *) 80 | echo $"Usage: $0 {start|stop|status|restart|log|reset}" 81 | esac 82 | exit $? 83 | -------------------------------------------------------------------------------- /libexec/Web/Ant/INSTALL.md: -------------------------------------------------------------------------------- 1 | # INSTALL 2 | 3 | ## Download Script 4 | 5 | wget https://raw.githubusercontent.com/oscm/build/master/Web/Ant/build.xml 6 | wget https://raw.githubusercontent.com/oscm/build/master/Web/Ant/build.properties 7 | wget https://raw.githubusercontent.com/oscm/build/master/Web/Ant/deployment 8 | chmod +x deployment 9 | 10 | ## Common config (Global config) 11 | 12 | $ cat build.properties 13 | git.repository=git@git.netkiller.cn:netkiller.cn/www.netkiller.cn.git 14 | remote.host=www@www.netkiller.cn 15 | remote.destination=/srv/www/netkiller.cn/www.netkiller.cn 16 | catalina.home=/srv/apache-tomcat/www.netkiller.cn 17 | 18 | or 19 | 20 | 21 | 22 | 23 | 24 | ## branch config 25 | 26 | $ touch development.properties 27 | $ vim development.properties 28 | 29 | ``` 30 | git.branch=development 31 | git.merge= 32 | remote.host=www@www.netkiller.cn 33 | ``` 34 | 35 | ## Deploy 36 | 37 | ### trial 38 | $ deployment development pull trial 39 | 40 | ### Deploy 41 | 42 | $ deployment development pull deploy 43 | 44 | ### merge and push 45 | 46 | $ deployment development merge 47 | $ deployment development push 48 | 49 | or 50 | 51 | $ deployment development push 52 | 53 | ### revert to reversion 54 | 55 | $ vim build.xml 56 | 57 | 58 | $ deployment development revert 59 | $ deployment development deploy 60 | 61 | ### Only compile, not deploy 62 | 63 | $ deployment development compile 64 | 65 | ### package 66 | $ deployment development package 67 | 68 | 69 | 70 | ## Other 71 | 72 | ### Clone 73 | 74 | $ deployment development clone 75 | 76 | ### Pull 77 | $ deployment development pull 78 | 79 | ### backup 80 | $ deployment development backup 81 | 82 | ### reset / clean 83 | 84 | $ deployment development clean 85 | $ deployment development reset 86 | 87 | 88 | 89 | 90 | -------------------------------------------------------------------------------- /nodekeeper/etc/protocol.cfg: -------------------------------------------------------------------------------- 1 | [system] 2 | ls = ls 3 | os.hosts = cat /etc/hosts 4 | os.issue = cat /etc/issue 5 | os.memory = free 6 | os.who = who 7 | os.harddisk = df -h 8 | os.uptime = uptime 9 | os.cpuinfo = cat /proc/cpuinfo 10 | os.meminfo = cat /proc/meminfo 11 | os.dmesg = dmesg 12 | os.process = ps aux 13 | os.summary = echo 14 | network.status = netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' 15 | network.netstat = netstat -nlp 16 | network.ifconfig = ifconfig 17 | network.route = ip route 18 | 19 | [apache] 20 | apache.start = /usr/local/apache/bin/apachectl start 21 | apache.stop = /usr/local/apache/bin/apachectl stop 22 | apache.restart = /usr/local/apache/bin/apachectl restart 23 | apache.status = ps ax |grep httpd 24 | apache.conf = cat /usr/local/apache/conf/httpd.conf 25 | apache.conf.vhost = cat /usr/local/apache/conf/extra/httpd-vhosts.conf 26 | apache.logs.now = 27 | apache.logs.tail = 28 | 29 | [resin] 30 | resin.start = /usr/local/resin/bin/httpd.sh start 31 | resin.stop = /usr/local/resin/bin/httpd.sh stop 32 | resin.restart = /usr/local/resin/bin/httpd.sh restart 33 | resin.status = /usr/local/resin/bin/httpd.sh status 34 | resin.conf = cat /usr/local/resin/conf/resin.conf 35 | 36 | [www] 37 | www.list = ls -1 /www 38 | www.permission = find /www -type d -exec chmod 755 {} \; find /www -type f -exec chmod 644 {} \; 39 | www.permission.777 = chmod 777 -R /www/* 40 | lamp.status = ps ax |grep -E "mysqld|httpd|resin" 41 | 42 | [samba] 43 | samba.start = /etc/init.d/smb start 44 | samba.stop = /etc/init.d/smb stop 45 | samba.restart = /etc/init.d/smb restart 46 | samba.status = /etc/init.d/smb status 47 | 48 | [mysql] 49 | mysql.start = /etc/init.d/mysql start 50 | mysql.stop = /etc/init.d/mysql stop 51 | mysql.restart = /etc/init.d/mysql restart 52 | 53 | [memcache] 54 | memcache.start = /etc/init.d/memcache start 55 | memcache.stop = /etc/init.d/memcache stop 56 | memcache.restart = /etc/init.d/memcache restart 57 | 58 | [vsftpd] 59 | vsftpd.start = /etc/init.d/vsftpd start 60 | vsftpd.stop = /etc/init.d/vsftpd stop 61 | vsftpd.restart = /etc/init.d/vsftpd restart 62 | vsftpd.status = /etc/init.d/vsftpd status 63 | -------------------------------------------------------------------------------- /share/zabbix/Oracle/oracle: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ################################################## 3 | # AUTHOR: Neo 4 | # WEBSITE: http://www.netkiller.cn 5 | # Description: oracle monitor 6 | # Note:Zabbix 3.2 7 | # DateTime: 2016-12-16 8 | ################################################## 9 | TIMEOUT=10 10 | LIBEXEC=/srv/zabbix/libexec 11 | CONFIG=/srv/zabbix/conf/jdbc.properties 12 | JAVA=/srv/java/bin/java 13 | PACKAGE=/srv/zabbix/libexec/zabbix-0.0.1-SNAPSHOT.jar 14 | JDBC=/srv/zabbix/libexec/ 15 | 16 | export JRE_HOME=/srv/java 17 | export JAVA_HOME=/srv/java 18 | export JAVA_OPTS="-server -Xms128m -Xmx512m -Djava.security.egd=file:/dev/./urandom" 19 | #"-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9012 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true" 20 | 21 | export CLASSPATH=$JAVA_HOME/lib:$LIBEXEC 22 | export PATH=$PATH:$JAVA_HOME/bin 23 | 24 | PROG="${JAVA} -jar -Dconfig=${CONFIG} -classpath /srv/zabbix/libexec/ ${PACKAGE}" 25 | ################################################## 26 | 27 | function discovery(){ 28 | exit 29 | } 30 | function tnsping(){ 31 | exit 32 | } 33 | function query(){ 34 | ${PROG} --query 35 | exit 36 | } 37 | function usage(){ 38 | echo "$0 - Software dependency check" 39 | echo " author neo " 40 | echo " -d/--discovery " 41 | echo " -p/--ping TNS ping" 42 | echo " -q/--query" 43 | echo " -h/--help" 44 | exit 45 | } 46 | 47 | TEMP=`getopt -o dp:qh --long discovery,ping:,query,help -n "$0" -- "$@"` 48 | 49 | if [ $# == 0 ] ; then usage >&2 ; exit 1 ; fi 50 | 51 | # Note the quotes around `$TEMP': they are essential! 52 | eval set -- "$TEMP" 53 | 54 | #for arg do echo '--> '"\`$arg'" ; done 55 | 56 | while true ; do 57 | case "$1" in 58 | -d|--discovery) 59 | discovery ${CONFIG} 60 | ;; 61 | -p|--ping) 62 | icmp $2 ; shift 2 ;; 63 | -q|--query) 64 | query 65 | ;; 66 | -h|--help) 67 | usage 68 | ;; 69 | --) shift ; break ;; 70 | *) exit 1 ;; 71 | esac 72 | done 73 | --------------------------------------------------------------------------------