Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in / Register
Toggle navigation
R
release_engineering
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
zhanhua kuang
release_engineering
Commits
cd8dd22f
Commit
cd8dd22f
authored
Mar 03, 2020
by
zkuang
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
config for reverse proxy deployment environment
parent
4e7aafb3
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
299 additions
and
109 deletions
+299
-109
sso.gzncloud.com.key
certifications/sso.gzncloud.com.key
+27
-0
sso.gzncloud.com.pem
certifications/sso.gzncloud.com.pem
+59
-0
ziti.gzncloud.com.key
certifications/ziti.gzncloud.com.key
+27
-0
ziti.gzncloud.com.pem
certifications/ziti.gzncloud.com.pem
+59
-0
docker-compose.seeding.yml
docker-compose.seeding.yml
+4
-4
docker-compose.yml
docker-compose.yml
+14
-13
nginx.conf
nginx.conf
+94
-92
pipeline.sh
pipeline.sh
+15
-0
No files found.
certifications/sso.gzncloud.com.key
0 → 100644
View file @
cd8dd22f
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAnhfCjvqZMp3xaE2bPDnVtjAopPx+IwmJvBK5bkEoX726bPVe
5HXwGnweMNbpVlEMQiswCEXAeM40xcovX08+qk+P+504QO3/F7yP3Do2jG1G2bzo
QvlYaNNkxwg/e/pBZJz24RGFVbr0ggr5zeG9b0BmG7DhpznAp+RmwkgNRNaOvhN1
Hvs3OUgy57wqNo8WSDPkz+0qnn4JQaU5RjwCNoLWbk/blgLG5WaHkVvDYmx/gNS8
X95ejvqgzE1yirVq9gFKLxhGDTUTCcFB2+yI+VT+t0L1zPCqiAsckk2bQ7trZu7g
uzgrn5pOIYTpobcmh8uR9H6AHzFU9T7+vHSKkwIDAQABAoIBABhO9PaBJ981k/IC
xNTM28SIwSclP8vpYolNo7+FO00FYk3wqKeeTs3zubyuvvArxCPEej07ZG3u3wRu
ozwXdj4/v5bjxMuPDMM8li45sTuEbfl654esyWBM6NkFtqU8hKOQ0xEmXYciGQiJ
4YE7raIWl9y4JOpOogXuw7Ip3AhyazS0dEZdmPPgqrUiTiiuENvDEg4fvPRr4Dbi
YAvU2q2/kxYxDo37Jzb35GS/sKKOMk+/2h7LedcYlabs3idqJ1IPKIHVlh3zxvGt
atNhIsTEY5AAq85YDyOzaPB8REbYw6W15MvcGL8iEhzMbu5zBA6VNTeSt9Ne+t4c
VXKoPpECgYEA2LQ5eGdH1ocv7xClu1nssDmvYJaihx2ipaZy6mBCYUP6GsU8/OIT
RVPe3j73ZBwFuMzeeWW/mc73Se0x1zrrP3/ILTwMc5/HkQpJHASIWqD9R2Zbnf2c
706DRWHnZT2HgJX8wUgbXs4Nh13lgnlxA581VebRR5jpoMCieFOKfbsCgYEAusKz
1I7NiUEhktPV5gJAp4C2UFFUUNVbNTLSAH7Cdns6iuPUlbcRVvzV2M/PuKqzx771
OS4OmGEkbBi8uCNzharZTHsvl7RIhYsBpiOA/GCLVFSh12psnYh5N3/vZpgzZYhg
ivef3w2VyerozZc93fiivRZ+XW9RyI1YBUeQ7QkCgYEAoCGtRhersg77kMDQdv0g
Naiqu8kUGJwBkD7LM/4ljxJYQmf1hTjZ3KT5T2lgDg3W/JQG4dYaG2IgwfQQnGbh
Z27ZUPPKj7ZGFhtvotCGodHM13H/yWObEAsIXcDW6Kzq8E3lFD5gW1IQFTOBYUS0
CmUfWHbTtwB7w1oVtKym7fkCgYAUArSd+8cOA8qDHut2P5uJ1wKxzGUKXDHvm0hh
ATP42e9F3m9yszDKb0DCgFGzaablqhJAVC0AKrhqVKQz3qiME+hAh5pr2MdEd8Zv
dLJnWDjVilPk7uRAZNUIG08dYQVwxZICkdGxZpU8E01qaeAZHoDhXb2gaUMMCAj8
V9SxcQKBgQC9UnmzPx61mYL9Ppw1kSasQ15fdo4U2ggX0pl2+NYitY3DX9c3R4aH
2iruN+bO8K3vmduRPtYleXh5J644d+ygwaJV/nDQJf0K3hX3QQBc+1XlFebPpa+m
xMO1hz37JJEogKnGgoLeqRhzY5Tw31tQtfdpPl++s6juG0iCvvp19Q==
-----END RSA PRIVATE KEY-----
certifications/sso.gzncloud.com.pem
0 → 100644
View file @
cd8dd22f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIQB6dYU3Q678lJf5Y7PeAkQTANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzEwHhcNMjAwMzAyMDAwMDAwWhcNMjEwMzAyMTIwMDAwWjAb
MRkwFwYDVQQDExBzc28uZ3puY2xvdWQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnhfCjvqZMp3xaE2bPDnVtjAopPx+IwmJvBK5bkEoX726bPVe
5HXwGnweMNbpVlEMQiswCEXAeM40xcovX08+qk+P+504QO3/F7yP3Do2jG1G2bzo
QvlYaNNkxwg/e/pBZJz24RGFVbr0ggr5zeG9b0BmG7DhpznAp+RmwkgNRNaOvhN1
Hvs3OUgy57wqNo8WSDPkz+0qnn4JQaU5RjwCNoLWbk/blgLG5WaHkVvDYmx/gNS8
X95ejvqgzE1yirVq9gFKLxhGDTUTCcFB2+yI+VT+t0L1zPCqiAsckk2bQ7trZu7g
uzgrn5pOIYTpobcmh8uR9H6AHzFU9T7+vHSKkwIDAQABo4ICczCCAm8wHwYDVR0j
BBgwFoAUVXRPsnJP9WC6UNHX5lFcmgGHGtcwHQYDVR0OBBYEFLKBn2zWirPPo0uW
C69hdD2XEKBoMBsGA1UdEQQUMBKCEHNzby5nem5jbG91ZC5jb20wDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBMBgNVHSAERTBD
MDcGCWCGSAGG/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2Vy
dC5jb20vQ1BTMAgGBmeBDAECATCBgAYIKwYBBQUHAQEEdDByMCQGCCsGAQUFBzAB
hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSgYIKwYBBQUHMAKGPmh0dHA6Ly9j
YWNlcnRzLmRpZ2ljZXJ0LmNvbS9FbmNyeXB0aW9uRXZlcnl3aGVyZURWVExTQ0Et
RzEuY3J0MAkGA1UdEwQCMAAwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQD2XJQv
0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXCZgizyAAAEAwBGMEQCIFQN
wEdGtezrMAx2OCpM0OR+vx65Dvmlbor8UoE9U6d3AiAytjLhemUIgioXUSRPSLE9
zGWm2SjH4FSI4cOZ8AfcGgB2AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2
xw7KAAABcJmCLUMAAAQDAEcwRQIhANMkLSl+sYsI+CIFvcYlcDePk9T2uih7XDqm
3ARpqnctAiBI30AgjbOsA5s6YF8UQs7EPDAIqXljlitGaCadbdpYWTANBgkqhkiG
9w0BAQsFAAOCAQEAoncwP3mYkflk1Fb7U99KUaYdgBU+gEiuEbklGvBff8oSEX4o
AAlXEbUFaJ6sMFUV9X6+EFfjqHnzUhPjcxGP0DIiSwkHLEGNAJOwQbwmJ4wnHdnl
SYqXoOrjKMISr7ueZaNc4ZN4+iYMl/u87o+RGd05PCAEV6Otn1yVD6yl9mBWGb27
BjJvcgP00X5HCGaPVdT/OQEQ3mF6fnJ0Gqt58DbVOCZIhyjshmg8gaMLwnthTzFG
LY7YWUuUpslzuR2jMp9KX8X7WyGYJEUK15QYUnGO+IOC1mkeaq1dOoELZHp3mJUH
+FNtPmMHQsud5Qhk1m+G3IrKrHNQkchsGD+ckg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH
MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc
oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo
lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj
pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h
yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n
wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M
pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf
BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG
/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B
SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW
M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV
4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ
sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy
rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg==
-----END CERTIFICATE-----
certifications/ziti.gzncloud.com.key
0 → 100644
View file @
cd8dd22f
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAu12I59QzBBBLsgV4JGM78qIgbQ2DIb0y/XhNlxoB46D9pDxo
NU5bIEdc5D4RcGbQUbZNWFgOT/NfQzzZplVOioY6YW4QhKwVT8P0i7HJhtrZ1RMj
CmQ0WYWgqTCgeIvsBpXfKWltoLBykIHNEN2DTX3BJixxxzp2swsyN/qU0VlYyvVr
R/D14p4Ut8O1Fax3y5r8AGefEs/uu7FzeN5pSToRRIrHWIVhoWwvqe/neH6oawvI
JR/joD1tVfvFPZr6S7DH6qXY6k36eI1BDNaTcAyeB9rNqePl+wCGfZPpkvmShdD9
Q9k9pnlAgzqLwRRFFfp+6EGOvwXxh7OyNmixuQIDAQABAoIBAQCN+5hmjYBHYQ3r
jod3k5d3C3LlEOtBIv3D5Glvyq6Jz5LF5VzWoFUfxdRXxc0zT0Yn1a0Q+FGINpYG
/tK0YErPYF5XPK/ZygmwU386aPSdc7TE6eaQ1lRxTnjsHURNdULbzrC40gLYVT3L
0gES+bmpfFVk1yM1ZVFT5nUcxJAHf42dFNQI3OqVFEGd43rmZIxLZbBS3kRr3z+h
k/JNuAGToVYT7pP70gcZLoUjbjZuMEGowPWcRagd5Izm6ZykkSnSD+DIC7c+/gSt
xX6teILIGIugw9wq/b7PugKYGT/65vHUhnywR3KB7YV2YoBnGVeBKDLk2MyIp1Gf
M65DuYEBAoGBAPnq8usVsgMoZHYnpSgenqMW50OIQpt62YgE7a/9my3LN+pIITea
NdzoorrbKbMIQODEPTFCnENEtKI2b/x2JIAKC2CrDSCrCc6SwVQ1laAvvZS5nUub
89qVX7AWp1iEGF5jYEEnrBxut6SpVT4aQVS2lz6N7zsFyDEwZgp0DVgZAoGBAL/s
3lrokHKPV/Y2peETXeFoTb2XGygb7PXWFPoo2ibEUc4MwTFL0DuYdqi989cqnNgt
egN+etc4yGTLRg2f/nKHPzthx76zzvrnJB2HDiTM9ZkLRcGGiywgjj4hYImib0Jq
eJrg7p/biv4GEnHLKo5g3Q1zEjM4efurYCng19qhAoGBAMYd475Kr5hjP+iOmxWH
2HgvItvdO/gnViTGy2nVYFvYGpZl4bdDT2m1HbOFI7RiWZQU3PGc/WUyJQPmpbX8
Lgk2bTiPwNNh419X5VyNMfUPg3lP/4q9sX1ZJsbf3n+EEBFbNCXSflT3zCsDdajK
hXnTWWhkef5PIhkkZe/ped6ZAoGAN6K8mnHMXck74H3a/DIXBt6rmogRMUFXIbSb
hCEPjClg5XBBGL83b+80hpn586fAq9ITCqxBg95MCRv8BLsakayvIdGoi5moKIeU
qpKaAQUBNQpVgFI2SeZuFYiraXqS8hfXOl52DhUgZ57u/dm9TmS578opvntisRfu
2nT5XcECgYEAg067FlPJUNxd1brKk82fuQ782B5wyTe8EQNrYnhLEvs2JiavunK/
48+XCEmUrz2K/2m839y1G0c4MnoyJYjqNskNlTk9EvDrS1CqmiLU5hxf8v4DM+JW
5mfS0c/fVSm7h53wRW8Q6TJoVIxYr0Tbe3kH/YGbuE5RvnAsKY7sOv8=
-----END RSA PRIVATE KEY-----
certifications/ziti.gzncloud.com.pem
0 → 100644
View file @
cd8dd22f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIQAh1+RDt5WwAdeXBrkrarcDANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzEwHhcNMjAwMjI1MDAwMDAwWhcNMjEwMjI0MTIwMDAwWjAc
MRowGAYDVQQDExF6aXRpLmd6bmNsb3VkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtdiOfUMwQQS7IFeCRjO/KiIG0NgyG9Mv14TZcaAeOg/aQ8
aDVOWyBHXOQ+EXBm0FG2TVhYDk/zX0M82aZVToqGOmFuEISsFU/D9IuxyYba2dUT
IwpkNFmFoKkwoHiL7AaV3ylpbaCwcpCBzRDdg019wSYsccc6drMLMjf6lNFZWMr1
a0fw9eKeFLfDtRWsd8ua/ABnnxLP7ruxc3jeaUk6EUSKx1iFYaFsL6nv53h+qGsL
yCUf46A9bVX7xT2a+kuwx+ql2OpN+niNQQzWk3AMngfazanj5fsAhn2T6ZL5koXQ
/UPZPaZ5QIM6i8EURRX6fuhBjr8F8YezsjZosbkCAwEAAaOCAnYwggJyMB8GA1Ud
IwQYMBaAFFV0T7JyT/VgulDR1+ZRXJoBhxrXMB0GA1UdDgQWBBSoBhBGl2XLp2d/
lsCE64UXSotPuTAcBgNVHREEFTATghF6aXRpLmd6bmNsb3VkLmNvbTAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEwGA1UdIARF
MEMwNwYJYIZIAYb9bAECMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwCAYGZ4EMAQIBMIGABggrBgEFBQcBAQR0MHIwJAYIKwYBBQUH
MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEFBQcwAoY+aHR0cDov
L2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRpb25FdmVyeXdoZXJlRFZUTFND
QS1HMS5jcnQwCQYDVR0TBAIwADCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ALvZ
37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABcHuUNEwAAAQDAEcwRQIg
XG4V2zS8x81/RQJ2bP2a7A3g8VZspb6iXkiekjgyKZECIQC7K1Rjen5UFQ/8SD+e
6rZTJjLVGUGOViKdHNrtQtuHqwB3AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5Sy
Xub2xw7KAAABcHuUNHgAAAQDAEgwRgIhANNbTiVSlxQSaw+7+OmtgIiSTf+sGNHi
THuAnJsNm5KqAiEAmyPUGPNWCS+6nx9VrLMEU6VcdmiOGyGdku/UKtFVPvwwDQYJ
KoZIhvcNAQELBQADggEBAIKwCGs4pg6ChqzRkUWvcXzndGNJI77mrxmdPUnZ9tUb
s2x27iPacoLGzJO7qU/2ET4SQbegZj4zRgAkX6JBxLOttWgqW3eudaeT/RYLWlwd
PuqCju8gkwCIesPoBUqHd3lON4Wm4k4ECPWU+AUA71K5jWP4suTrFmeeTCUMzHlK
MPl5BxBsE6kCEUP4PMqAKFI3d4B6CUO7uOOG/CQE/CyI46NgvECHDEPr0WeaHv7I
iBUD/jwpuPRQ9YN8TtewtsvH8zAAHsxuQYRo8QgzKvugJLf2zpvlp1t8FnE6uCt4
LsndeNrut1ChxviAdR1gwW2S8I/xkdoiYmWxUqWyMmg=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH
MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc
oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo
lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj
pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h
yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n
wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M
pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf
BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG
/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B
SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW
M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV
4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ
sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy
rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg==
-----END CERTIFICATE-----
docker-compose.seeding.yml
View file @
cd8dd22f
...
@@ -80,14 +80,14 @@ services:
...
@@ -80,14 +80,14 @@ services:
depends_on
:
depends_on
:
-
"
mysql"
-
"
mysql"
environment
:
environment
:
-
ALLOWED_HOSTS=["sso.gzncloud.com"]
-
SECRET_KEY=1gboig1%1%ljuz_h0&8m%s84ybxz42z3w0pu50qi%mobo%poae
-
SECRET_KEY=1gboig1%1%ljuz_h0&8m%s84ybxz42z3w0pu50qi%mobo%poae
-
ALLOWED_HOSTS=["sso.gzego.com"]
-
DB_NAME=sso
-
DB_NAME=sso
-
DB_USERNAME=sso
-
DB_USERNAME=sso
-
DB_PASSWORD=123456
-
DB_PASSWORD=123456
-
DB_HOST=mysql
-
DB_HOST=mysql
-
DB_PORT=3306
-
DB_PORT=3306
-
CAS_SERVICES=["http
://carbinet.gzego.com:8080/api/cas", "http://carbinet.gzego.com:8080
/api/cas/logout"]
-
CAS_SERVICES=["http
s://ziti.gzncloud.com/api/cas", "https://ziti.gzncloud.com
/api/cas/logout"]
networks
:
networks
:
-
ego
-
ego
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
python"
,
"
./manage.py"
,
"
migrate"
]
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
python"
,
"
./manage.py"
,
"
migrate"
]
...
@@ -103,13 +103,13 @@ services:
...
@@ -103,13 +103,13 @@ services:
-
"
mysql"
-
"
mysql"
environment
:
environment
:
-
SECRET_KEY=1gboig1%1%ljuz_h0&8m%s84ybxz42z3w0pu50qi%mobo%poae
-
SECRET_KEY=1gboig1%1%ljuz_h0&8m%s84ybxz42z3w0pu50qi%mobo%poae
-
ALLOWED_HOSTS=["sso.gz
ego
.com"]
-
ALLOWED_HOSTS=["sso.gz
ncloud
.com"]
-
DB_NAME=sso
-
DB_NAME=sso
-
DB_USERNAME=sso
-
DB_USERNAME=sso
-
DB_PASSWORD=123456
-
DB_PASSWORD=123456
-
DB_HOST=mysql
-
DB_HOST=mysql
-
DB_PORT=3306
-
DB_PORT=3306
-
CAS_SERVICES=["http
://carbinet.gzego.com:8080/api/cas", "http://carbinet.gzego.com:8080
/api/cas/logout"]
-
CAS_SERVICES=["http
s://ziti.gzncloud.com/api/cas", "https://ziti.gzncloud.com
/api/cas/logout"]
networks
:
networks
:
-
ego
-
ego
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
python"
,
"
./manage.py"
,
"
createsuperuser"
]
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
python"
,
"
./manage.py"
,
"
createsuperuser"
]
...
...
docker-compose.yml
View file @
cd8dd22f
...
@@ -22,15 +22,13 @@ services:
...
@@ -22,15 +22,13 @@ services:
-
DATABASE_URL=mysql+pymysql://carbinet:123456@mysql/carbinet
-
DATABASE_URL=mysql+pymysql://carbinet:123456@mysql/carbinet
-
REDIS_HOST=redis
-
REDIS_HOST=redis
-
ALI_IOT_AMQP_CLIENT_ID=carbinet
-
ALI_IOT_AMQP_CLIENT_ID=carbinet
-
CAS_SERVER=http://sso.gzego.com:8080
-
CAS_SERVER=https://sso.gzncloud.com
-
CAS_REDIRECT_FRONTEND=http://carbinet.gzego.com:8080/#/cas_user
-
CAS_REDIRECT_FRONTEND=https://ziti.gzncloud.com/#/cas_user
extra_hosts
:
# links:
-
"
sso.gzego.com:192.168.43.52"
# - nginx:sso.gzncloud.com
links
:
-
sso_production:sso
networks
:
networks
:
-
ego
-
ego
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
gunicorn"
,
"
--log-file=-"
,
"
--worker-tmp-dir"
,
"
/dev/shm"
,
"
-w"
,
"
4"
,
"
-b"
,
"
0.0.0.0:80"
,
"
carbinet:create_app()"
]
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
gunicorn"
,
"
--log-
level=debug"
,
"
--log-
file=-"
,
"
--worker-tmp-dir"
,
"
/dev/shm"
,
"
-w"
,
"
4"
,
"
-b"
,
"
0.0.0.0:80"
,
"
carbinet:create_app()"
]
sso_production
:
sso_production
:
build
:
./sso
build
:
./sso
ports
:
ports
:
...
@@ -39,22 +37,21 @@ services:
...
@@ -39,22 +37,21 @@ services:
image
:
gzego/sso:latest
image
:
gzego/sso:latest
links
:
links
:
-
mysql:mysql
-
mysql:mysql
extra_hosts
:
# - carbinet_production:ziti.gzncloud.com
-
"
carbinet.gzego.com:192.168.43.52"
depends_on
:
depends_on
:
-
"
mysql"
-
"
mysql"
environment
:
environment
:
-
SECRET_KEY=1gboig1%1%ljuz_h0&8m%s84ybxz42z3w0pu50qi%mobo%poae
-
SECRET_KEY=1gboig1%1%ljuz_h0&8m%s84ybxz42z3w0pu50qi%mobo%poae
-
ALLOWED_HOSTS=["sso.gz
ego
.com"]
-
ALLOWED_HOSTS=["sso.gz
ncloud
.com"]
-
DB_NAME=sso
-
DB_NAME=sso
-
DB_USERNAME=sso
-
DB_USERNAME=sso
-
DB_PASSWORD=123456
-
DB_PASSWORD=123456
-
DB_HOST=mysql
-
DB_HOST=mysql
-
DB_PORT=3306
-
DB_PORT=3306
-
CAS_SERVICES=["http
://carbinet.gzego.com:8080/api/cas", "http://carbinet.gzego.com:8080
/api/cas/logout"]
-
CAS_SERVICES=["http
s://ziti.gzncloud.com/api/cas", "https://ziti.gzncloud.com
/api/cas/logout"]
networks
:
networks
:
-
ego
-
ego
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
gunicorn"
,
"
-w"
,
"
4"
,
"
-b"
,
"
0.0.0.0:80"
,
"
account.wsgi"
]
command
:
[
"
./wait-for-it.sh"
,
"
mysql:3306"
,
"
--"
,
"
gunicorn"
,
"
-
-log-level=debug"
,
"
--log-file=-"
,
"
--worker-tmp-dir"
,
"
/dev/shm"
,
"
-
w"
,
"
4"
,
"
-b"
,
"
0.0.0.0:80"
,
"
account.wsgi"
]
mysql
:
mysql
:
image
:
mysql:5.7
image
:
mysql:5.7
container_name
:
ego-mysql
container_name
:
ego-mysql
...
@@ -82,9 +79,13 @@ services:
...
@@ -82,9 +79,13 @@ services:
-
carbinet_production:carbinet
-
carbinet_production:carbinet
-
sso_production:sso
-
sso_production:sso
networks
:
networks
:
-
ego
ego
:
aliases
:
-
ziti.gzncloud.com
-
sso.gzncloud.com
ports
:
ports
:
-
"
443:443"
-
"
443:443"
-
"
80:80"
networks
:
networks
:
ego
:
ego
:
...
...
nginx.conf
View file @
cd8dd22f
...
@@ -39,104 +39,106 @@ http {
...
@@ -39,104 +39,106 @@ http {
# for a TCP configuration
# for a TCP configuration
# server 192.168.0.7:8000 fail_timeout=0;
# server 192.168.0.7:8000 fail_timeout=0;
}
}
server
{
listen
80
;
listen
[::]:80
;
server_name
_
;
return
301
https://
$host$request_uri$is_args$args
;
}
server
{
server
{
# use 'listen 80 deferred;' for Linux
# use 'listen 80 deferred;' for Linux
# use 'listen 80 accept_filter=httpready;' for FreeBSD
# use 'listen 80 accept_filter=httpready;' for FreeBSD
listen
443
;
listen
443
ssl
;
client_max_body_size
4G
;
client_max_body_size
4G
;
# ssl_certificate /etc/nginx/cert/sso.gzncloud.com_chain.crt;
charset
utf-8
;
# ssl_certificate_key /etc/nginx/cert/sso.gzncloud.com.key;
server_name
sso.gzncloud.com
;
ssl_certificate
/etc/nginx/cert/sso.gzncloud.com.pem
;
# set the correct host(s) for your site
ssl_certificate_key
/etc/nginx/cert/sso.gzncloud.com.key
;
server_name
sso.gzncloud.com
;
keepalive_timeout
5
;
ssl_session_timeout
5m
;
#缓存有效期
ssl_ciphers
ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4
;
#加密算法
# path for static files
ssl_protocols
TLSv1
TLSv1.1
TLSv1.2
;
#安全链接可选的加密协议
root
/usr/share/nginx/html/sso
;
ssl_prefer_server_ciphers
on
;
location
~
/static/*
{
root
/usr/share/nginx/html/sso
;
# set the correct host(s) for your site
}
keepalive_timeout
5
;
location
/
{
# path for static files
# checks for static file, if not found proxy to app
root
/usr/share/nginx/html/sso
;
try_files
$uri
@proxy_to_app
;
location
~
/static/*
{
}
root
/usr/share/nginx/html/sso
;
location
@proxy_to_app
{
}
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_for
;
proxy_set_header
X-Forwarded-Proto
$scheme
;
location
/
{
proxy_set_header
Host
$http_host
;
# checks for static file, if not found proxy to app
# we don't want nginx trying to do something clever with
try_files
$uri
@proxy_to_app
;
# redirects, we set the Host: header above already.
}
proxy_redirect
off
;
location
@proxy_to_app
{
proxy_pass
http://sso
;
proxy_set_header
Host
$host
;
}
proxy_set_header
X-Real-IP
$remote_addr
;
error_page
500
502
503
504
/500.html
;
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_for
;
location
=
/500.html
{
proxy_set_header
X-Forwarded-Proto
$scheme
;
root
/usr/share/nginx/html/cas
;
}
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect
off
;
proxy_pass
http://sso
;
}
error_page
500
502
503
504
/500.html
;
location
=
/500.html
{
root
/usr/share/nginx/html/cas
;
}
}
}
server
{
server
{
listen
443
;
listen
443
ssl
;
server_name
ziti.gzncloud.com
;
server_name
ziti.gzncloud.com
;
# ssl_certificate /etc/nginx/cert/ziti.gzncloud.com.pem;
charset
utf-8
;
# ssl_certificate_key /etc/nginx/cert/ziti.gzncloud.com.key;
#charset koi8-r;
ssl_certificate
/etc/nginx/cert/ziti.gzncloud.com.pem
;
#access_log /var/log/nginx/host.access.log main;
ssl_certificate_key
/etc/nginx/cert/ziti.gzncloud.com.key
;
root
/usr/share/nginx/html/carbinet
;
ssl_session_timeout
5m
;
#缓存有效期
ssl_ciphers
ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4
;
#加密算法
location
/
{
ssl_protocols
TLSv1
TLSv1.1
TLSv1.2
;
#安全链接可选的加密协议
index
index.html
index.htm
;
ssl_prefer_server_ciphers
on
;
}
root
/usr/share/nginx/html/carbinet
;
location
~
/static/*
{
location
/
{
}
index
index.html
index.htm
;
}
location
=
/cas_user
{
try_files
$uri
/index.html
;
location
~
/static/*
{
}
}
#error_page 404 /404.html;
location
=
/cas_user
{
try_files
$uri
/index.html
;
# redirect server error pages to the static page /50x.html
}
#
error_page
500
502
503
504
/50x.html
;
#error_page 404 /404.html;
location
=
/50x.html
{
}
error_page
500
502
503
504
/50x.html
;
location
=
/50x.html
{
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
}
#
location
~
/api/*
{
location
~
/api/*
{
try_files
$uri
@proxy_to_api
;
try_files
$uri
@proxy_to_api
;
}
}
location
@proxy_to_api
{
location
@proxy_to_api
{
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_for
;
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_for
;
proxy_set_header
X-Forwarded-Proto
$scheme
;
proxy_set_header
X-Forwarded-Proto
$scheme
;
proxy_set_header
Host
$http_host
;
proxy_set_header
Host
$http_host
;
# we don't want nginx trying to do something clever with
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
# redirects, we set the Host: header above already.
proxy_redirect
off
;
proxy_redirect
off
;
proxy_pass
http://carbinet
;
proxy_pass
http://carbinet
;
}
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
}
}
}
pipeline.sh
View file @
cd8dd22f
...
@@ -47,6 +47,17 @@ seed() {
...
@@ -47,6 +47,17 @@ seed() {
docker-compose
-f
./docker-compose.yml
-f
./docker-compose.seeding.yml run sso_seed
docker-compose
-f
./docker-compose.yml
-f
./docker-compose.seeding.yml run sso_seed
}
}
down
()
{
docker-compose
-f
./docker-compose.yml
-f
./docker-compose.seeding.yml down
}
reset
()
{
down
migrate
seed
docker-compose up
-d
}
if
[
"
$1
"
==
"build"
]
;
then
if
[
"
$1
"
==
"build"
]
;
then
build
build
elif
[
"
$1
"
==
"migrate"
]
;
then
elif
[
"
$1
"
==
"migrate"
]
;
then
...
@@ -55,6 +66,10 @@ elif [ "$1" == "seed" ]; then
...
@@ -55,6 +66,10 @@ elif [ "$1" == "seed" ]; then
seed
seed
elif
[
"
$1
"
==
"deploy"
]
;
then
elif
[
"
$1
"
==
"deploy"
]
;
then
docker-compose up
-d
docker-compose up
-d
elif
[
"
$1
"
==
"reset"
]
;
then
reset
elif
[
"
$1
"
==
"down"
]
;
then
down
elif
[
"
$1
"
==
"all"
]
;
then
elif
[
"
$1
"
==
"all"
]
;
then
build
build
migrate
migrate
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment