dxin/Work-configuration-file
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

+

Browse Source
This commit is contained in:
dxin
2025-11-29 19:11:29 +08:00
parent ff383ea31e
commit dab9078477
6 changed files with 84 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
1.yml
View File

@@ -240,36 +240,6 @@ docker run -d -p 8080:8080 --network 1panel-network --name praeco \
-e ELASTALERT_HOST=http://192.168.60.21:3030 \
johnsusek/praeco
echo "slack_webhook_url: 'https://open.feishu.cn/open-apis/bot/v2/hook/8bd6a15d-90f0-4f4f-a1b1-bd105f31ea06'" | sudo tee -a rules/BaseRule.config >/dev/null
export PRAECO_ELASTICSEARCH=192.168.1.7
{
"msg_type": "interactive",
"card": {
"header": {
"title": {
"content": "[ INFINI Platform Alerting ]",
"tag": "plain_text"
},
"template":"{{if eq .priority "critical"}}red{{else if eq .priority "high"}}orange{{else if eq .priority "medium"}}yellow{{else if eq .priority "low"}}grey{{else}}blue{{end}}"
},
"elements": [
{
"tag": "markdown",
"content": "🔥 告警事件 [#{{.event_id}}]({{$.env.INFINI_CONSOLE_ENDPOINT}}/#/alerting/message/{{.event_id}}) 正在进行中\n **{{.title}}**\n 优先级: {{.priority}}\n 事件ID: {{.event_id}}\n 目标: {{.resource_name}}-{{.objects}}\n 触发时间: {{.trigger_at | datetime}}"
},
{
"tag": "hr"
},
{
"tag": "markdown",
"content": "**具体错误行内容**: {{ if. hits.hits.0._source.message }}{{.hits.hits.0._source.message }}{{ else }}{{.message | str_replace \"\\n\" \"\\\\n\" }}{{ end }}\n **触发 error 的时间**: {{.trigger_at | datetime }}"
}
]
}
}

4
filebast/sit/filebeat.yml
View File

@@ -37,6 +37,7 @@ processors:
ignore_missing: true
overwrite_keys: true
- dissect:
when:
equals:
@@ -47,6 +48,7 @@ processors:
ignore_missing: true
overwrite_keys: true
- dissect:
when:
equals:
@@ -60,7 +62,7 @@ processors:
#输出
output.elasticsearch:
hosts: ["http://192.168.60.21:9200"]
hosts: ["http://192.168.70.16:9200"]
username: "admin"
password: "123456"
index: "%{[environment]}-%{[application]}-%{+yyyy.MM.dd}" # 按天分割索引

7
filebast/sit/fly-moon-payment.yml
View File

@@ -1,13 +1,13 @@
- type: log
id: sit_flymoon-payment
id: sit_lymoon-payment
enabled: true
paths:
- /root/logs/flymoon-payment/sys-info.log
- /root/logs/flymoon-payment/app.log
fields:
application: flymoon-payment
log_type: payment.log
environment: sit
instance: sit-server
instance: sit
fields_under_root: true
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}'
multiline.negate: true
@@ -18,4 +18,3 @@
close_inactive: 5m # 文件超过5分钟无更新则关闭
close_renamed: true # 处理被重命名的文件
start_position: beginning # 从文件的开头读取

4
filebast/sit/flymoon-admin.yml
View File

@@ -2,12 +2,12 @@
id: sit_flymoon-admin
enabled: true
paths:
- /root/logs/flymoon-admin/sys-info.log
- /root/logs/flymoon-admin/app.log
fields:
application: flymoon-admin # 自定义字段,标识应用名称
log_type: admin.log # 自定义字段,标识日志类型
environment: sit # 自定义字段,标识机器环境名称
instance: sit-server # 自定义字段,标识机器名称
instance: sit # 自定义字段,标识机器名称
fields_under_root: true
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}' # 针对info的日志格式
multiline.negate: true

7
filebast/sit/flymoon-agent.yml
View File

@@ -2,12 +2,12 @@
id: sit_flymoon-agent
enabled: true
paths:
- /root/logs/flymoon-agent/sys-info.log
- /root/logs/flymoon-agent/app.log
fields:
application: flymoon-agent # 自定义字段,标识应用名称
log_type: agent.log # 自定义字段,标识日志类型
environment: sit # 自定义字段,标识机器环境名称
instance: sit-server # 自定义字段,标识机器名称
instance: sit # 自定义字段,标识机器名称
fields_under_root: true
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}' # 针对email的sys-info.log的日志格式多行
multiline.negate: true
@@ -18,6 +18,3 @@
close_inactive: 5m # 文件超过5分钟无更新则关闭
close_renamed: true # 处理被重命名的文件
start_position: beginning # 从文件的开头读取

71
nginx/jenkins.deeplink.media.conf Normal file
View File

@@ -0,0 +1,71 @@
# 定义 Jenkins 后端服务器组(可选,便于负载均衡或健康检查)
upstream jenkins_backend {
server 127.0.0.1:8080; # Jenkins 主服务地址
keepalive 32; # 连接池,提高性能
}
# HTTP → HTTPS 重定向服务器
server {
listen 80;
server_name jenkins.deeplink.media;
# 可选:添加安全头,防止 CRLF 注入
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
return 301 https://$server_name$request_uri;
}
# HTTPS 服务器(核心配置)
server {
listen 443 ssl;
server_name jenkins.deeplink.media;
# SSL 证书配置
ssl_certificate /data/tengine/conf/certificate/jenkins.deeplink.media_bundle.crt;
ssl_certificate_key /data/tengine/conf/certificate/jenkins.deeplink.media.key;
# SSL 安全协议和加密套件(推荐)
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers off;
# SSL 会话缓存(可选,提升性能)
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# 访问和错误日志
access_log /data/tengine/logs/jenkins_access.log;
error_log /data/tengine/logs/jenkins_error.log;
# 核心代理配置块
location / {
proxy_pass http://jenkins_backend; # 指向 upstream
# --- 关键:传递请求头给 Jenkins让 Jenkins 知道原始请求信息 ---
proxy_set_header Host $host:$server_port; # 传递原始 Host避免 Jenkins 重定向到 8080
proxy_set_header X-Real-IP $remote_addr; # 传递真实客户端 IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 传递代理链 IP
proxy_set_header X-Forwarded-Proto $scheme; # 传递原始协议 (https)
proxy_set_header X-Forwarded-Port $server_port; # 传递原始端口 (443)
# --- 关键WebSocket 支持Jenkins 控制台输出、实时日志等需要) ---
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; # 升级协议头
proxy_set_header Connection "upgrade"; # 连接类型头
# --- 性能与安全 ---
proxy_request_buffering off; # 关闭请求体缓冲,对大文件上传友好
client_max_body_size 2G; # 保持你设置的大文件上传限制
# --- 超时设置 ---
proxy_connect_timeout 60s; # 连接超时
proxy_send_timeout 60s; # 发送超时
proxy_read_timeout 60s; # 读取超时
# --- 可选:安全头 ---
# add_header X-Frame-Options "SAMEORIGIN" always; # 防止点击劫持
# add_header X-Content-Type-Options "nosniff" always; # 防止 MIME 类型嗅探
# add_header Referrer-Policy "strict-origin-when-cross-origin" always; # Referrer 策略
}
# 可选:如果 Jenkins 使用了 AJP 连接器,可能需要取消注释下行(通常不需要)
# proxy_pass_header Server;
}