Clean repository: organized structure and GitOps setup

- Organized root directory structure - Moved orphan files to proper locations - Updated .gitignore to ignore temporary files - Set up Gitea Runner for GitOps automation - Fixed Tailscale access issues - Added workflow for automated Nomad deployment
2025-10-09 06:13:45 +00:00
commit 89ee6f7967
306 changed files with 30781 additions and 0 deletions
--- a/scripts/compile-nomad-armv7.sh
+++ b/scripts/compile-nomad-armv7.sh
@@ -0,0 +1,95 @@
+#!/bin/bash
+
+# Nomad ARMv7 自动编译脚本
+# 适用于 onecloud1 节点
+
+set -e
+
+echo "🚀 开始编译 Nomad ARMv7 版本..."
+
+# 检查系统架构
+ARCH=$(uname -m)
+echo "📋 当前系统架构: $ARCH"
+
+# 设置Go环境变量
+export GOOS=linux
+export GOARCH=arm
+export GOARM=7
+export CGO_ENABLED=0
+
+echo "🔧 设置编译环境:"
+echo "   GOOS=$GOOS"
+echo "   GOARCH=$GOARCH" 
+echo "   GOARM=$GOARM"
+echo "   CGO_ENABLED=$CGO_ENABLED"
+
+# 检查Go版本
+if ! command -v go &> /dev/null; then
+    echo "❌ Go未安装，正在安装..."
+    # 安装Go (假设是Ubuntu/Debian系统)
+    sudo apt update
+    sudo apt install -y golang-go
+fi
+
+GO_VERSION=$(go version)
+echo "✅ Go版本: $GO_VERSION"
+
+# 创建编译目录
+BUILD_DIR="/tmp/nomad-build"
+mkdir -p $BUILD_DIR
+cd $BUILD_DIR
+
+echo "📥 克隆 Nomad 源码..."
+if [ -d "nomad" ]; then
+    echo "🔄 更新现有仓库..."
+    cd nomad
+    git pull
+else
+    git clone https://github.com/hashicorp/nomad.git
+    cd nomad
+fi
+
+# 切换到最新稳定版本
+echo "🏷️  切换到最新稳定版本..."
+git checkout $(git describe --tags --abbrev=0)
+
+# 编译
+echo "🔨 开始编译..."
+make dev
+
+# 检查编译结果
+if [ -f "bin/nomad" ]; then
+    echo "✅ 编译成功！"
+    
+    # 显示文件信息
+    file bin/nomad
+    ls -lh bin/nomad
+    
+    # 备份现有Nomad
+    if [ -f "/usr/bin/nomad" ]; then
+        echo "💾 备份现有Nomad..."
+        sudo cp /usr/bin/nomad /usr/bin/nomad.backup.$(date +%Y%m%d-%H%M%S)
+    fi
+    
+    # 安装新版本
+    echo "📦 安装新版本..."
+    sudo cp bin/nomad /usr/bin/nomad
+    sudo chmod +x /usr/bin/nomad
+    
+    # 验证安装
+    echo "🔍 验证安装..."
+    /usr/bin/nomad version
+    
+    echo "🎉 Nomad ARMv7 版本安装完成！"
+    
+else
+    echo "❌ 编译失败！"
+    exit 1
+fi
+
+# 清理
+echo "🧹 清理编译文件..."
+cd /
+rm -rf $BUILD_DIR
+
+echo "✨ 完成！"
--- a/scripts/deploy-consul-to-nomad-servers.sh
+++ b/scripts/deploy-consul-to-nomad-servers.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+
+# 为所有 Nomad Server 部署 Consul Client
+
+echo "🚀 部署 Consul Client 到所有 Nomad Server 节点"
+echo "================================================"
+
+# 部署 Consul Client
+echo "1. 部署 Consul Client..."
+ansible-playbook -i ansible/inventory/hosts.yml \
+  ansible/consul-client-deployment.yml \
+  --limit nomad_servers
+
+if [ $? -eq 0 ]; then
+  echo "✅ Consul Client 部署成功"
+else
+  echo "❌ Consul Client 部署失败"
+  exit 1
+fi
+
+# 更新 Nomad 配置
+echo ""
+echo "2. 更新 Nomad Server 配置..."
+echo "需要手动更新每个 Nomad Server 的配置："
+echo ""
+echo "修改 /etc/nomad.d/nomad.hcl 中的 consul 块："
+echo "consul {"
+echo "  address = \"127.0.0.1:8500\"  # 改为本地"
+echo "  server_service_name = \"nomad\""
+echo "  client_service_name = \"nomad-client\""
+echo "  auto_advertise = true"
+echo "  server_auto_join = true"
+echo "  client_auto_join = false"
+echo "}"
+echo ""
+echo "然后重启 Nomad 服务："
+echo "systemctl restart nomad"
+
+echo ""
+echo "3. 验证部署..."
+sleep 5
+
+# 验证 Consul Client
+for server in semaphore ch3 ash1d ash2e ch2 de onecloud1; do
+  echo "检查 $server..."
+  if curl -s http://$server.tailnet-68f9.ts.net:8500/v1/status/leader > /dev/null 2>&1; then
+    echo "✅ $server - Consul Client 运行正常"
+  else
+    echo "❌ $server - Consul Client 无响应"
+  fi
+done
+
+echo ""
+echo "🎉 部署完成！"
+echo "下一步："
+echo "1. 手动更新每个 Nomad Server 的配置文件"
+echo "2. 重启 Nomad 服务"
+echo "3. 验证 Nomad 与 Consul 的集成"
--- a/scripts/deploy-nfs-csi-plugin.sh
+++ b/scripts/deploy-nfs-csi-plugin.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# NFS CSI Plugin 部署脚本
+# 这个脚本会安装NFS CSI插件，让您的NFS存储能在Nomad UI中显示
+
+set -e
+
+echo "🚀 开始部署NFS CSI Plugin..."
+
+# 检查是否为root用户
+if [ "$EUID" -ne 0 ]; then
+    echo "❌ 请以root用户运行此脚本"
+    exit 1
+fi
+
+# 1. 安装CSI插件
+echo "📦 安装NFS CSI插件..."
+ansible-playbook -i deployment/ansible/inventories/production/hosts \
+    deployment/ansible/playbooks/install/install-nfs-csi-plugin.yml
+
+# 2. 等待Nomad服务重启
+echo "⏳ 等待Nomad服务重启..."
+sleep 30
+
+# 3. 注册CSI Volume
+echo "📝 注册CSI Volume..."
+nomad volume register components/nomad/volumes/nfs-csi-volume.hcl
+
+# 4. 验证CSI插件状态
+echo "✅ 验证CSI插件状态..."
+nomad plugin status
+
+# 5. 显示CSI volumes
+echo "📊 显示CSI volumes..."
+nomad volume status
+
+echo "🎉 NFS CSI Plugin部署完成！"
+echo "现在您可以在Nomad UI中看到CSI插件和volumes了！"
+
+
+
+
+
+
--- a/scripts/register-traefik-to-all-consul.sh
+++ b/scripts/register-traefik-to-all-consul.sh
@@ -0,0 +1,68 @@
+#!/bin/bash
+
+# 向所有三个 Consul 节点注册 Traefik 服务
+# 解决 Consul leader 轮换问题
+
+CONSUL_NODES=(
+  "ch4.tailnet-68f9.ts.net:8500"
+  "warden.tailnet-68f9.ts.net:8500"
+  "ash3c.tailnet-68f9.ts.net:8500"
+)
+
+TRAEFIK_IP="100.97.62.111"
+ALLOC_ID=$(nomad job allocs traefik-consul-lb | head -2 | tail -1 | awk '{print $1}')
+
+SERVICE_DATA_LB="{
+  \"ID\": \"traefik-consul-lb-${ALLOC_ID}\",
+  \"Name\": \"consul-lb\",
+  \"Tags\": [\"consul\", \"loadbalancer\", \"traefik\", \"multi-node\"],
+  \"Address\": \"${TRAEFIK_IP}\",
+  \"Port\": 80,
+  \"Check\": {
+    \"HTTP\": \"http://${TRAEFIK_IP}:80/\",
+    \"Interval\": \"30s\",
+    \"Timeout\": \"15s\"
+  }
+}"
+
+SERVICE_DATA_DASHBOARD="{
+  \"ID\": \"traefik-dashboard-${ALLOC_ID}\",
+  \"Name\": \"traefik-dashboard\",
+  \"Tags\": [\"traefik\", \"dashboard\", \"multi-node\"],
+  \"Address\": \"${TRAEFIK_IP}\",
+  \"Port\": 8080,
+  \"Check\": {
+    \"HTTP\": \"http://${TRAEFIK_IP}:8080/api/overview\",
+    \"Interval\": \"30s\",
+    \"Timeout\": \"15s\"
+  }
+}"
+
+echo "Registering Traefik services to all Consul nodes..."
+echo "Allocation ID: ${ALLOC_ID}"
+echo "Traefik IP: ${TRAEFIK_IP}"
+
+for node in "${CONSUL_NODES[@]}"; do
+  echo "Registering to ${node}..."
+  
+  # 注册 consul-lb 服务
+  curl -s -X PUT "http://${node}/v1/agent/service/register" \
+    -H "Content-Type: application/json" \
+    -d "${SERVICE_DATA_LB}"
+  
+  # 注册 traefik-dashboard 服务
+  curl -s -X PUT "http://${node}/v1/agent/service/register" \
+    -H "Content-Type: application/json" \
+    -d "${SERVICE_DATA_DASHBOARD}"
+  
+  echo "✓ Registered to ${node}"
+done
+
+echo ""
+echo "🎉 Services registered to all Consul nodes!"
+echo ""
+echo "Verification:"
+for node in "${CONSUL_NODES[@]}"; do
+  echo "Services on ${node}:"
+  curl -s "http://${node}/v1/catalog/services" | jq -r 'keys[]' | grep -E "(consul-lb|traefik-dashboard)" | sed 's/^/  - /'
+done
--- a/scripts/test-zsh-fix.sh
+++ b/scripts/test-zsh-fix.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+echo "=== 测试 warden 节点 zsh 修复结果 ==="
+
+# 测试SSH连接
+echo "1. 测试SSH连接..."
+sshpass -p "3131" ssh -o ConnectTimeout=5 ben@100.122.197.112 "echo 'SSH连接正常'" || {
+    echo "❌ SSH连接失败"
+    exit 1
+}
+echo "✅ SSH连接正常"
+
+# 测试zsh启动
+echo "2. 测试zsh启动..."
+sshpass -p "3131" ssh ben@100.122.197.112 "zsh -c 'echo \"zsh启动成功\"'" || {
+    echo "❌ zsh启动失败"
+    exit 1
+}
+echo "✅ zsh启动成功"
+
+# 测试completion权限修复
+echo "3. 测试completion权限修复..."
+sshpass -p "3131" ssh ben@100.122.197.112 "echo 'y' | zsh -c 'echo \"completion测试通过\"'" || {
+    echo "❌ completion测试失败"
+    exit 1
+}
+echo "✅ completion测试通过"
+
+# 测试默认shell设置
+echo "4. 测试默认shell设置..."
+DEFAULT_SHELL=$(sshpass -p "3131" ssh ben@100.122.197.112 "echo \$SHELL")
+if [[ "$DEFAULT_SHELL" == *"zsh"* ]]; then
+    echo "✅ 默认shell已设置为: $DEFAULT_SHELL"
+else
+    echo "⚠️  默认shell仍为: $DEFAULT_SHELL"
+fi
+
+# 测试oh-my-zsh配置
+echo "5. 测试oh-my-zsh配置..."
+sshpass -p "3131" ssh ben@100.122.197.112 "zsh -c 'source ~/.zshrc && echo \"oh-my-zsh配置加载成功\"'" || {
+    echo "❌ oh-my-zsh配置加载失败"
+    exit 1
+}
+echo "✅ oh-my-zsh配置加载成功"
+
+echo ""
+echo "🎉 所有测试通过！warden节点的zsh环境修复完成！"
+echo ""
+echo "现在可以安全地使用: zsh"
+echo "不再会出现 'insecure directories' 错误"