Clean repository: organized structure and GitOps setup

- Organized root directory structure - Moved orphan files to proper locations - Updated .gitignore to ignore temporary files - Set up Gitea Runner for GitOps automation - Fixed Tailscale access issues - Added workflow for automated Nomad deployment
2025-10-09 06:13:45 +00:00
commit 89ee6f7967
306 changed files with 30781 additions and 0 deletions
--- a/backups/nomad-jobs-20251004-074411/components/consul/README.md
+++ b/backups/nomad-jobs-20251004-074411/components/consul/README.md
@@ -0,0 +1,19 @@
+# Consul 配置
+
+## 部署
+
+```bash
+nomad job run components/consul/jobs/consul-cluster.nomad
+```
+
+## Job 信息
+
+- **Job 名称**: `consul-cluster-nomad`
+- **类型**: service
+- **节点**: master, ash3c, warden
+
+## 访问方式
+
+- Master: `http://master.tailnet-68f9.ts.net:8500`
+- Ash3c: `http://ash3c.tailnet-68f9.ts.net:8500`
+- Warden: `http://warden.tailnet-68f9.ts.net:8500`
--- a/backups/nomad-jobs-20251004-074411/components/consul/configs/consul.hcl
+++ b/backups/nomad-jobs-20251004-074411/components/consul/configs/consul.hcl
@@ -0,0 +1,88 @@
+# Consul配置文件
+# 此文件包含Consul的完整配置，包括变量和存储相关设置
+
+# 基础配置
+data_dir = "/opt/consul/data"
+raft_dir = "/opt/consul/raft"
+
+# 启用UI
+ui_config {
+  enabled = true
+}
+
+# 数据中心配置
+datacenter = "dc1"
+
+# 服务器配置
+server = true
+bootstrap_expect = 3
+
+# 网络配置
+client_addr = "0.0.0.0"
+bind_addr = "{{ GetInterfaceIP `eth0` }}"
+advertise_addr = "{{ GetInterfaceIP `eth0` }}"
+
+# 端口配置
+ports {
+  dns = 8600
+  http = 8500
+  https = -1
+  grpc = 8502
+  grpc_tls = 8503
+  serf_lan = 8301
+  serf_wan = 8302
+  server = 8300
+}
+
+# 集群连接
+retry_join = ["100.117.106.136", "100.116.80.94", "100.122.197.112"]
+
+# 服务发现
+enable_service_script = true
+enable_script_checks = true
+enable_local_script_checks = true
+
+# 性能调优
+performance {
+  raft_multiplier = 1
+}
+
+# 日志配置
+log_level = "INFO"
+enable_syslog = false
+log_file = "/var/log/consul/consul.log"
+
+# 安全配置
+encrypt = "YourEncryptionKeyHere"
+
+# 连接配置
+reconnect_timeout = "30s"
+reconnect_timeout_wan = "30s"
+session_ttl_min = "10s"
+
+# Autopilot配置
+autopilot {
+  cleanup_dead_servers = true
+  last_contact_threshold = "200ms"
+  max_trailing_logs = 250
+  server_stabilization_time = "10s"
+  redundancy_zone_tag = ""
+  disable_upgrade_migration = false
+  upgrade_version_tag = ""
+}
+
+# 快照配置
+snapshot {
+  enabled = true
+  interval = "24h"
+  retain = 30
+  name = "consul-snapshot-{{.Timestamp}}"
+}
+
+# 备份配置
+backup {
+  enabled = true
+  interval = "6h"
+  retain = 7
+  name = "consul-backup-{{.Timestamp}}"
+}
--- a/backups/nomad-jobs-20251004-074411/components/consul/configs/consul.hcl.tmpl
+++ b/backups/nomad-jobs-20251004-074411/components/consul/configs/consul.hcl.tmpl
@@ -0,0 +1,93 @@
+# Consul配置模板文件
+# 此文件使用Consul模板语法从KV存储中动态获取配置
+# 遵循 config/{environment}/{provider}/{region_or_service}/{key} 格式
+
+# 基础配置
+data_dir = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/cluster/data_dir` `/opt/consul/data` }}"
+raft_dir = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/cluster/raft_dir` `/opt/consul/raft` }}"
+
+# 启用UI
+ui_config {
+  enabled = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ui/enabled` `true` }}
+}
+
+# 数据中心配置
+datacenter = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/cluster/datacenter` `dc1` }}"
+
+# 服务器配置
+server = true
+bootstrap_expect = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/cluster/bootstrap_expect` `3` }}
+
+# 网络配置
+client_addr = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/network/client_addr` `0.0.0.0` }}"
+bind_addr = "{{ GetInterfaceIP (keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/network/bind_interface` `ens160`) }}"
+advertise_addr = "{{ GetInterfaceIP (keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/network/advertise_interface` `ens160`) }}"
+
+# 端口配置
+ports {
+  dns = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/dns` `8600` }}
+  http = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/http` `8500` }}
+  https = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/https` `-1` }}
+  grpc = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/grpc` `8502` }}
+  grpc_tls = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/grpc_tls` `8503` }}
+  serf_lan = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/serf_lan` `8301` }}
+  serf_wan = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/serf_wan` `8302` }}
+  server = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/ports/server` `8300` }}
+}
+
+# 集群连接 - 动态获取节点IP
+retry_join = [
+  "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/nodes/master/ip` `100.117.106.136` }}",
+  "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/nodes/ash3c/ip` `100.116.80.94` }}",
+  "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/nodes/warden/ip` `100.122.197.112` }}"
+]
+
+# 服务发现
+enable_service_script = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/service/enable_service_script` `true` }}
+enable_script_checks = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/service/enable_script_checks` `true` }}
+enable_local_script_checks = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/service/enable_local_script_checks` `true` }}
+
+# 性能调优
+performance {
+  raft_multiplier = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/performance/raft_multiplier` `1` }}
+}
+
+# 日志配置
+log_level = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/cluster/log_level` `INFO` }}"
+enable_syslog = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/log/enable_syslog` `false` }}
+log_file = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/log/log_file` `/var/log/consul/consul.log` }}"
+
+# 安全配置
+encrypt = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/cluster/encrypt_key` `YourEncryptionKeyHere` }}"
+
+# 连接配置
+reconnect_timeout = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/connection/reconnect_timeout` `30s` }}"
+reconnect_timeout_wan = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/connection/reconnect_timeout_wan` `30s` }}"
+session_ttl_min = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/connection/session_ttl_min` `10s` }}"
+
+# Autopilot配置
+autopilot {
+  cleanup_dead_servers = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/autopilot/cleanup_dead_servers` `true` }}
+  last_contact_threshold = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/autopilot/last_contact_threshold` `200ms` }}"
+  max_trailing_logs = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/autopilot/max_trailing_logs` `250` }}
+  server_stabilization_time = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/autopilot/server_stabilization_time` `10s` }}"
+  redundancy_zone_tag = ""
+  disable_upgrade_migration = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/autopilot/disable_upgrade_migration` `false` }}
+  upgrade_version_tag = ""
+}
+
+# 快照配置
+snapshot {
+  enabled = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/snapshot/enabled` `true` }}
+  interval = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/snapshot/interval` `24h` }}"
+  retain = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/snapshot/retain` `30` }}
+  name = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/snapshot/name` `consul-snapshot-{{.Timestamp}}` }}"
+}
+
+# 备份配置
+backup {
+  enabled = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/backup/enabled` `true` }}
+  interval = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/backup/interval` `6h` }}"
+  retain = {{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/backup/retain` `7` }}
+  name = "{{ keyOrDefault `config/` + env "ENVIRONMENT" + `/consul/backup/name` `consul-backup-{{.Timestamp}}` }}"
+}
--- a/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients-additional.nomad
+++ b/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients-additional.nomad
@@ -0,0 +1,50 @@
+job "consul-clients-additional" {
+  datacenters = ["dc1"]
+  type = "service"
+
+  constraint {
+    attribute = "${node.unique.name}"
+    operator  = "regexp"
+    value     = "ch2|ch3|de"
+  }
+
+  group "consul-client" {
+    count = 3
+
+    task "consul-client" {
+      driver = "exec"
+
+      config {
+        command = "/usr/bin/consul"
+        args = [
+          "agent",
+          "-config-dir=/etc/consul.d",
+          "-data-dir=/opt/consul",
+          "-node=${node.unique.name}",
+          "-bind=${attr.unique.network.ip-address}",
+          "-retry-join=warden.tailnet-68f9.ts.net:8301",
+          "-retry-join=ch4.tailnet-68f9.ts.net:8301", 
+          "-retry-join=ash3c.tailnet-68f9.ts.net:8301",
+          "-client=0.0.0.0"
+        ]
+      }
+
+      resources {
+        cpu    = 100
+        memory = 128
+      }
+
+      service {
+        name = "consul-client"
+        port = "http"
+        
+        check {
+          type     = "http"
+          path     = "/v1/status/leader"
+          interval = "30s"
+          timeout  = "5s"
+        }
+      }
+    }
+  }
+}
--- a/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients-dedicated-v2.nomad
+++ b/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients-dedicated-v2.nomad
@@ -0,0 +1,154 @@
+job "consul-clients-dedicated" {
+  datacenters = ["dc1"]
+  type = "service"
+
+  group "consul-client-hcp1" {
+    constraint {
+      attribute = "${node.unique.name}"
+      value     = "hcp1"
+    }
+
+    network {
+      port "http" {
+        static = 8500
+      }
+    }
+
+    task "consul-client" {
+      driver = "exec"
+
+      config {
+        command = "/usr/bin/consul"
+        args = [
+          "agent",
+          "-data-dir=/opt/consul",
+          "-node=hcp1",
+          "-bind=100.97.62.111",
+          "-advertise=100.97.62.111",
+          "-retry-join=hcp1.tailnet-68f9.ts.net:80",
+          "-client=0.0.0.0",
+          "-http-port=8500",
+          "-datacenter=dc1"
+        ]
+      }
+
+      resources {
+        cpu    = 100
+        memory = 128
+      }
+
+      service {
+        name = "consul-client"
+        port = "http"
+        
+        check {
+          type     = "script"
+          command  = "consul"
+          args     = ["members"]
+          interval = "10s"
+          timeout  = "3s"
+        }
+      }
+    }
+  }
+
+  group "consul-client-influxdb1" {
+    constraint {
+      attribute = "${node.unique.name}"
+      value     = "influxdb1"
+    }
+
+    network {
+      port "http" {
+        static = 8500
+      }
+    }
+
+    task "consul-client" {
+      driver = "exec"
+
+      config {
+        command = "/usr/bin/consul"
+        args = [
+          "agent",
+          "-data-dir=/opt/consul",
+          "-node=influxdb1",
+          "-bind=100.100.7.4",
+          "-advertise=100.100.7.4",
+          "-retry-join=hcp1.tailnet-68f9.ts.net:80",
+          "-client=0.0.0.0",
+          "-http-port=8500",
+          "-datacenter=dc1"
+        ]
+      }
+
+      resources {
+        cpu    = 100
+        memory = 128
+      }
+
+      service {
+        name = "consul-client"
+        port = "http"
+        
+        check {
+          type     = "script"
+          command  = "consul"
+          args     = ["members"]
+          interval = "10s"
+          timeout  = "3s"
+        }
+      }
+    }
+  }
+
+  group "consul-client-browser" {
+    constraint {
+      attribute = "${node.unique.name}"
+      value     = "browser"
+    }
+
+    network {
+      port "http" {
+        static = 8500
+      }
+    }
+
+    task "consul-client" {
+      driver = "exec"
+
+      config {
+        command = "/usr/bin/consul"
+        args = [
+          "agent",
+          "-data-dir=/opt/consul",
+          "-node=browser",
+          "-bind=100.116.112.45",
+          "-advertise=100.116.112.45",
+          "-retry-join=hcp1.tailnet-68f9.ts.net:80",
+          "-client=0.0.0.0",
+          "-http-port=8500",
+          "-datacenter=dc1"
+        ]
+      }
+
+      resources {
+        cpu    = 100
+        memory = 128
+      }
+
+      service {
+        name = "consul-client"
+        port = "http"
+        
+        check {
+          type     = "script"
+          command  = "consul"
+          args     = ["members"]
+          interval = "10s"
+          timeout  = "3s"
+        }
+      }
+    }
+  }
+}
--- a/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients-dedicated.nomad
+++ b/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients-dedicated.nomad
@@ -0,0 +1,66 @@
+job "consul-clients-dedicated" {
+  datacenters = ["dc1"]
+  type = "service"
+
+  constraint {
+    attribute = "${node.unique.name}"
+    operator  = "regexp"
+    value     = "hcp1|influxdb1|browser"
+  }
+
+  group "consul-client" {
+    count = 3
+
+    update {
+      max_parallel = 3
+      min_healthy_time = "5s"
+      healthy_deadline = "2m"
+      progress_deadline = "5m"
+      auto_revert = false
+    }
+
+    network {
+      port "http" {
+        static = 8500
+      }
+    }
+
+    task "consul-client" {
+      driver = "exec"
+
+      config {
+        command = "/usr/bin/consul"
+        args = [
+          "agent",
+          "-data-dir=/opt/consul",
+          "-node=${node.unique.name}",
+          "-bind=${attr.unique.network.ip-address}",
+          "-advertise=${attr.unique.network.ip-address}",
+          "-retry-join=warden.tailnet-68f9.ts.net:8301",
+          "-retry-join=ch4.tailnet-68f9.ts.net:8301", 
+          "-retry-join=ash3c.tailnet-68f9.ts.net:8301",
+          "-client=0.0.0.0",
+          "-http-port=${NOMAD_PORT_http}",
+          "-datacenter=dc1"
+        ]
+      }
+
+      resources {
+        cpu    = 100
+        memory = 128
+      }
+
+      service {
+        name = "consul-client"
+        port = "http"
+        
+        check {
+          type     = "http"
+          path     = "/v1/status/leader"
+          interval = "10s"
+          timeout  = "3s"
+        }
+      }
+    }
+  }
+}
--- a/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients.nomad
+++ b/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-clients.nomad
@@ -0,0 +1,43 @@
+job "consul-clients" {
+  datacenters = ["dc1"]
+  type = "system"
+
+  group "consul-client" {
+    count = 0  # system job, runs on all nodes
+
+    task "consul-client" {
+      driver = "exec"
+
+      config {
+        command = "/usr/bin/consul"
+        args = [
+          "agent",
+          "-config-dir=/etc/consul.d",
+          "-data-dir=/opt/consul",
+          "-node=${node.unique.name}",
+          "-bind=${attr.unique.network.ip-address}",
+          "-retry-join=warden.tailnet-68f9.ts.net:8301",
+          "-retry-join=ch4.tailnet-68f9.ts.net:8301", 
+          "-retry-join=ash3c.tailnet-68f9.ts.net:8301"
+        ]
+      }
+
+      resources {
+        cpu    = 100
+        memory = 128
+      }
+
+      service {
+        name = "consul-client"
+        port = "http"
+        
+        check {
+          type     = "http"
+          path     = "/v1/status/leader"
+          interval = "30s"
+          timeout  = "5s"
+        }
+      }
+    }
+  }
+}
--- a/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-cluster.nomad
+++ b/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-cluster.nomad
@@ -0,0 +1,115 @@
+job "consul-cluster-nomad" {
+  datacenters = ["dc1"]
+  type = "service"
+
+  group "consul-ch4" {
+    constraint {
+      attribute = "${node.unique.name}"
+      value     = "ch4"
+    }
+
+    task "consul" {
+      driver = "exec"
+      
+      config {
+        command = "consul"
+        args = [
+          "agent",
+          "-server",
+          "-bootstrap-expect=3",
+          "-data-dir=/opt/nomad/data/consul",
+          "-client=0.0.0.0",
+          "-bind=100.117.106.136",
+          "-advertise=100.117.106.136",
+          "-retry-join=100.116.80.94",
+          "-retry-join=100.122.197.112",
+          "-ui",
+          "-http-port=8500",
+          "-server-port=8300",
+          "-serf-lan-port=8301",
+          "-serf-wan-port=8302"
+        ]
+      }
+
+      resources {
+        cpu = 300
+        memory = 512
+      }
+
+    }
+  }
+
+  group "consul-ash3c" {
+    constraint {
+      attribute = "${node.unique.name}"
+      value     = "ash3c"
+    }
+
+    task "consul" {
+      driver = "exec"
+      
+      config {
+        command = "consul"
+        args = [
+          "agent",
+          "-server",
+          "-bootstrap-expect=3",
+          "-data-dir=/opt/nomad/data/consul",
+          "-client=0.0.0.0",
+          "-bind=100.116.80.94",
+          "-advertise=100.116.80.94",
+          "-retry-join=100.117.106.136",
+          "-retry-join=100.122.197.112",
+          "-ui",
+          "-http-port=8500",
+          "-server-port=8300",
+          "-serf-lan-port=8301",
+          "-serf-wan-port=8302"
+        ]
+      }
+
+      resources {
+        cpu = 300
+        memory = 512
+      }
+
+    }
+  }
+
+  group "consul-warden" {
+    constraint {
+      attribute = "${node.unique.name}"
+      value     = "warden"
+    }
+
+    task "consul" {
+      driver = "exec"
+      
+      config {
+        command = "consul"
+        args = [
+          "agent",
+          "-server",
+          "-bootstrap-expect=3",
+          "-data-dir=/opt/nomad/data/consul",
+          "-client=0.0.0.0",
+          "-bind=100.122.197.112",
+          "-advertise=100.122.197.112",
+          "-retry-join=100.117.106.136",
+          "-retry-join=100.116.80.94",
+          "-ui",
+          "-http-port=8500",
+          "-server-port=8300",
+          "-serf-lan-port=8301",
+          "-serf-wan-port=8302"
+        ]
+      }
+
+      resources {
+        cpu = 300
+        memory = 512
+      }
+
+    }
+  }
+}
--- a/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-ui-service.nomad
+++ b/backups/nomad-jobs-20251004-074411/components/consul/jobs/consul-ui-service.nomad
@@ -0,0 +1,66 @@
+job "consul-ui-service" {
+  datacenters = ["dc1"]
+  type = "service"
+
+  group "consul-ui" {
+    count = 1
+
+    constraint {
+      attribute = "${node.unique.name}"
+      value     = "warden"
+    }
+
+    network {
+      mode = "host"
+      port "http" {
+        static = 8500
+        host_network = "tailscale0"
+      }
+    }
+
+    service {
+      name = "consul-ui"
+      port = "http"
+      
+      tags = [
+        "traefik.enable=true",
+        "traefik.http.routers.consul-ui.rule=PathPrefix(`/consul`)",
+        "traefik.http.routers.consul-ui.priority=100"
+      ]
+
+      check {
+        type     = "http"
+        path     = "/v1/status/leader"
+        interval = "10s"
+        timeout  = "2s"
+      }
+    }
+
+    task "consul-ui" {
+      driver = "exec"
+      
+      config {
+        command = "/usr/bin/consul"
+        args = [
+          "agent",
+          "-server",
+          "-bootstrap-expect=3",
+          "-data-dir=/opt/nomad/data/consul",
+          "-client=0.0.0.0",
+          "-bind=100.122.197.112",
+          "-advertise=100.122.197.112",
+          "-retry-join=100.117.106.136",
+          "-retry-join=100.116.80.94",
+          "-ui",
+          "-http-port=8500"
+        ]
+      }
+
+      resources {
+        cpu = 300
+        memory = 512
+      }
+    }
+  }
+}
+