改用新版方式注册,云端使用通配符证书
This commit is contained in:
@@ -1,109 +1,87 @@
|
||||
version: "3.9"
|
||||
|
||||
services:
|
||||
# -------- RustFS 主服务 --------
|
||||
rustfs:
|
||||
image: rustfs/rustfs:1.0.0-alpha.60
|
||||
container_name: rustfs_container
|
||||
restart: always
|
||||
ports:
|
||||
- "${SERVICE_IP}:${PORT_RUSTFS}:${PORT_RUSTFS}"
|
||||
container_name: rustfs
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /vol2/1000/rustfs_vol2:/data
|
||||
- ./data:/app/data:rw
|
||||
environment:
|
||||
RUSTFS_VOLUMES: /data/rustfs0
|
||||
RUSTFS_ADDRESS: ":${PORT_RUSTFS}"
|
||||
RUSTFS_SERVER_DOMAINS: ${DOMAIN_RUSTFS}
|
||||
RUSTFS_ACCESS_KEY: lingyuzeng
|
||||
RUSTFS_SECRET_KEY: rust@Hotwa2020
|
||||
RUSTFS_ADDRESS: ":9000"
|
||||
RUSTFS_SERVER_DOMAINS: rfs.jmsu.top
|
||||
RUSTFS_ACCESS_KEY: ${RUSTFS_ACCESS_KEY}
|
||||
RUSTFS_SECRET_KEY: ${RUSTFS_SECRET_KEY}
|
||||
RUSTFS_CONSOLE_ENABLE: "true"
|
||||
# **仅绑定到本机 Tailscale IP**,供云端 Traefik 反代
|
||||
ports:
|
||||
- "${LOCAL_TS_IP}:9000:9000"
|
||||
|
||||
# -------- RustFS MCP 接口(假设走 HTTP on :9009)--------
|
||||
rustfs-s3-toolkit:
|
||||
image: hotwa/rustfs-s3-toolkit:latest
|
||||
build:
|
||||
context: ..
|
||||
dockerfile: docker/Dockerfile
|
||||
container_name: rustfs-s3-toolkit
|
||||
restart: always
|
||||
container_name: rustfs-mcp
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
MCP_PORT: "9009"
|
||||
volumes:
|
||||
- ./data:/app/data:rw
|
||||
ports:
|
||||
- "${SERVICE_IP}:${PORT_MCP}:${PORT_MCP}"
|
||||
- "${LOCAL_TS_IP}:9009:9009"
|
||||
|
||||
consul-agent:
|
||||
# -------- Registrar:把 :9000 注册到 rfs.jmsu.top --------
|
||||
registrar-rustfs:
|
||||
image: hashicorp/consul:1.21
|
||||
stop_signal: SIGTERM
|
||||
stop_grace_period: 60s
|
||||
command:
|
||||
- agent
|
||||
- -server=false
|
||||
- -node=${NODE_NAME}
|
||||
- -client=0.0.0.0
|
||||
- -bind=0.0.0.0
|
||||
- -advertise=${SERVICE_IP}
|
||||
- -retry-join=${CONSUL_SERVER_IP}
|
||||
- -datacenter=${CONSUL_DC}
|
||||
- -data-dir=/consul/data
|
||||
environment:
|
||||
CONSUL_LOCAL_CONFIG: '{"leave_on_terminate": true}'
|
||||
ports:
|
||||
- "${SERVICE_IP}:8500:8500/tcp"
|
||||
- "${SERVICE_IP}:8600:8600/tcp"
|
||||
- "${SERVICE_IP}:8600:8600/udp"
|
||||
- "${SERVICE_IP}:8301:8301/tcp"
|
||||
- "${SERVICE_IP}:8301:8301/udp"
|
||||
healthcheck:
|
||||
test: ["CMD", "consul", "info"]
|
||||
interval: 5s
|
||||
timeout: 3s
|
||||
retries: 30
|
||||
start_period: 10s
|
||||
container_name: registrar-rustfs
|
||||
restart: unless-stopped
|
||||
|
||||
# 注册 rustfs(9000)
|
||||
registrar_rustfs:
|
||||
image: hashicorp/consul:1.21
|
||||
depends_on:
|
||||
consul-agent:
|
||||
condition: service_healthy
|
||||
rustfs:
|
||||
condition: service_started
|
||||
- rustfs
|
||||
volumes:
|
||||
- ./registrar.sh:/registrar.sh:ro
|
||||
environment:
|
||||
CONSUL_HTTP_ADDR: "http://consul-agent:8500"
|
||||
SERVICE_NAME: "${SVC_RUSTFS}"
|
||||
SERVICE_ADDR: "${SERVICE_IP}"
|
||||
SERVICE_PORT: "${PORT_RUSTFS}"
|
||||
SERVICE_TAGS: "console"
|
||||
CHECK_TYPE: "tcp"
|
||||
# 指向“云端” Consul Server(通过 Tailscale)
|
||||
CONSUL_HTTP_ADDR: "http://${CONSUL_SERVER_IP}:8500"
|
||||
# 下面这 4 个由 registrar.sh 必填
|
||||
SERVICE_NAME: "rustfs"
|
||||
SERVICE_ADDR: "${LOCAL_TS_IP}"
|
||||
SERVICE_PORT: "9000"
|
||||
ROUTE_HOST: "rfs.jmsu.top"
|
||||
# 可选项(HTTP/TCP、健康检查、入口等)
|
||||
SERVICE_PROTOCOL: "http"
|
||||
CHECK_TYPE: "http"
|
||||
CHECK_PATH: "/"
|
||||
CHECK_INTERVAL: "10s"
|
||||
CHECK_TIMEOUT: "2s"
|
||||
DEREG_AFTER: "1m"
|
||||
TRAEFIK_HTTP_ENTRYPOINT: "websecure"
|
||||
TRAEFIK_TCP_ENTRYPOINT: "tcp"
|
||||
# TRAEFIK_CERT_RESOLVER 可在云端用 file/dynamic 统一配置,这里不强制
|
||||
command: ["/bin/sh","/registrar.sh"]
|
||||
|
||||
# -------- Registrar:把 :9009 注册到 mcprfs.jmsu.top --------
|
||||
registrar-mcprfs:
|
||||
image: hashicorp/consul:1.21
|
||||
container_name: registrar-mcprfs
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- rustfs-s3-toolkit
|
||||
volumes:
|
||||
- ./registrar.sh:/registrar.sh:ro
|
||||
entrypoint: ["/bin/sh","-lc","/registrar.sh"]
|
||||
restart: unless-stopped
|
||||
|
||||
# 注册 MCP(9009)
|
||||
registrar_mcp:
|
||||
image: hashicorp/consul:1.21
|
||||
depends_on:
|
||||
consul-agent:
|
||||
condition: service_healthy
|
||||
rustfs-s3-toolkit:
|
||||
condition: service_started
|
||||
environment:
|
||||
CONSUL_HTTP_ADDR: "http://consul-agent:8500"
|
||||
SERVICE_NAME: "${SVC_MCP}"
|
||||
SERVICE_ADDR: "${SERVICE_IP}"
|
||||
SERVICE_PORT: "${PORT_MCP}"
|
||||
SERVICE_TAGS: "toolkit"
|
||||
CHECK_TYPE: "tcp"
|
||||
CONSUL_HTTP_ADDR: "http://${CONSUL_SERVER_IP}:8500"
|
||||
SERVICE_NAME: "mcprfs"
|
||||
SERVICE_ADDR: "${LOCAL_TS_IP}"
|
||||
SERVICE_PORT: "9009"
|
||||
ROUTE_HOST: "mcprfs.jmsu.top"
|
||||
SERVICE_PROTOCOL: "http" # 如果 MCP 走 TCP,请改成 "tcp" 并把 CHECK_TYPE 改为 tcp
|
||||
CHECK_TYPE: "http"
|
||||
CHECK_PATH: "/"
|
||||
CHECK_INTERVAL: "10s"
|
||||
CHECK_TIMEOUT: "2s"
|
||||
DEREG_AFTER: "1m"
|
||||
volumes:
|
||||
- ./registrar.sh:/registrar.sh:ro
|
||||
entrypoint: ["/bin/sh","-lc","/registrar.sh"]
|
||||
restart: unless-stopped
|
||||
|
||||
networks: {}
|
||||
TRAEFIK_HTTP_ENTRYPOINT: "websecure"
|
||||
TRAEFIK_TCP_ENTRYPOINT: "tcp"
|
||||
command: ["/bin/sh","/registrar.sh"]
|
||||
|
||||
Reference in New Issue
Block a user