+
This commit is contained in:
dxin
30
1.yml
30
1.yml
@@ -240,36 +240,6 @@ docker run -d -p 8080:8080 --network 1panel-network --name praeco \
|
||||
-e ELASTALERT_HOST=http://192.168.60.21:3030 \
|
||||
johnsusek/praeco
|
||||
|
||||
echo "slack_webhook_url: 'https://open.feishu.cn/open-apis/bot/v2/hook/8bd6a15d-90f0-4f4f-a1b1-bd105f31ea06'" | sudo tee -a rules/BaseRule.config >/dev/null
|
||||
export PRAECO_ELASTICSEARCH=192.168.1.7
|
||||
|
||||
|
||||
|
||||
{
|
||||
"msg_type": "interactive",
|
||||
"card": {
|
||||
"header": {
|
||||
"title": {
|
||||
"content": "[ INFINI Platform Alerting ]",
|
||||
"tag": "plain_text"
|
||||
},
|
||||
"template":"{{if eq .priority "critical"}}red{{else if eq .priority "high"}}orange{{else if eq .priority "medium"}}yellow{{else if eq .priority "low"}}grey{{else}}blue{{end}}"
|
||||
},
|
||||
"elements": [
|
||||
{
|
||||
"tag": "markdown",
|
||||
"content": "🔥 告警事件 [#{{.event_id}}]({{$.env.INFINI_CONSOLE_ENDPOINT}}/#/alerting/message/{{.event_id}}) 正在进行中\n **{{.title}}**\n 优先级: {{.priority}}\n 事件ID: {{.event_id}}\n 目标: {{.resource_name}}-{{.objects}}\n 触发时间: {{.trigger_at | datetime}}"
|
||||
},
|
||||
{
|
||||
"tag": "hr"
|
||||
},
|
||||
{
|
||||
"tag": "markdown",
|
||||
"content": "**具体错误行内容**: {{ if. hits.hits.0._source.message }}{{.hits.hits.0._source.message }}{{ else }}{{.message | str_replace \"\\n\" \"\\\\n\" }}{{ end }}\n **触发 error 的时间**: {{.trigger_at | datetime }}"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -37,6 +37,7 @@ processors:
|
||||
ignore_missing: true
|
||||
overwrite_keys: true
|
||||
|
||||
|
||||
- dissect:
|
||||
when:
|
||||
equals:
|
||||
@@ -47,6 +48,7 @@ processors:
|
||||
ignore_missing: true
|
||||
overwrite_keys: true
|
||||
|
||||
|
||||
- dissect:
|
||||
when:
|
||||
equals:
|
||||
@@ -60,12 +62,12 @@ processors:
|
||||
|
||||
#输出
|
||||
output.elasticsearch:
|
||||
hosts: ["http://192.168.60.21:9200"]
|
||||
hosts: ["http://192.168.70.16:9200"]
|
||||
username: "admin"
|
||||
password: "123456"
|
||||
index: "%{[environment]}-%{[application]}-%{+yyyy.MM.dd}" # 按天分割索引
|
||||
bulk_max_size: 50 # 单批次传输最大文档数
|
||||
worker: 1 # 并行工作线程数
|
||||
worker: 1 # 并行工作线程数
|
||||
timeout: 15s
|
||||
|
||||
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
- type: log
|
||||
id: sit_flymoon-payment
|
||||
id: sit_lymoon-payment
|
||||
enabled: true
|
||||
paths:
|
||||
- /root/logs/flymoon-payment/sys-info.log
|
||||
- /root/logs/flymoon-payment/app.log
|
||||
fields:
|
||||
application: flymoon-payment
|
||||
log_type: payment.log
|
||||
environment: sit
|
||||
instance: sit-server
|
||||
instance: sit
|
||||
fields_under_root: true
|
||||
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}'
|
||||
multiline.negate: true
|
||||
@@ -18,4 +18,3 @@
|
||||
close_inactive: 5m # 文件超过5分钟无更新则关闭
|
||||
close_renamed: true # 处理被重命名的文件
|
||||
start_position: beginning # 从文件的开头读取
|
||||
|
||||
|
||||
@@ -2,12 +2,12 @@
|
||||
id: sit_flymoon-admin
|
||||
enabled: true
|
||||
paths:
|
||||
- /root/logs/flymoon-admin/sys-info.log
|
||||
- /root/logs/flymoon-admin/app.log
|
||||
fields:
|
||||
application: flymoon-admin # 自定义字段,标识应用名称
|
||||
log_type: admin.log # 自定义字段,标识日志类型
|
||||
environment: sit # 自定义字段,标识机器环境名称
|
||||
instance: sit-server # 自定义字段,标识机器名称
|
||||
environment: sit # 自定义字段,标识机器环境名称
|
||||
instance: sit # 自定义字段,标识机器名称
|
||||
fields_under_root: true
|
||||
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}' # 针对info的日志格式
|
||||
multiline.negate: true
|
||||
|
||||
@@ -2,12 +2,12 @@
|
||||
id: sit_flymoon-agent
|
||||
enabled: true
|
||||
paths:
|
||||
- /root/logs/flymoon-agent/sys-info.log
|
||||
- /root/logs/flymoon-agent/app.log
|
||||
fields:
|
||||
application: flymoon-agent # 自定义字段,标识应用名称
|
||||
log_type: agent.log # 自定义字段,标识日志类型
|
||||
environment: sit # 自定义字段,标识机器环境名称
|
||||
instance: sit-server # 自定义字段,标识机器名称
|
||||
instance: sit # 自定义字段,标识机器名称
|
||||
fields_under_root: true
|
||||
multiline.pattern: '^\d{2}:\d{2}:\d{2}\.\d{3}' # 针对email的sys-info.log的日志格式多行
|
||||
multiline.negate: true
|
||||
@@ -17,7 +17,4 @@
|
||||
clean_inactive: 25h # 清除超过一天未更新的文件
|
||||
close_inactive: 5m # 文件超过5分钟无更新则关闭
|
||||
close_renamed: true # 处理被重命名的文件
|
||||
start_position: beginning # 从文件的开头读取
|
||||
|
||||
|
||||
|
||||
start_position: beginning # 从文件的开头读取
|
||||
71
nginx/jenkins.deeplink.media.conf
Normal file
71
nginx/jenkins.deeplink.media.conf
Normal file
@@ -0,0 +1,71 @@
|
||||
# 定义 Jenkins 后端服务器组(可选,便于负载均衡或健康检查)
|
||||
upstream jenkins_backend {
|
||||
server 127.0.0.1:8080; # Jenkins 主服务地址
|
||||
keepalive 32; # 连接池,提高性能
|
||||
}
|
||||
|
||||
# HTTP → HTTPS 重定向服务器
|
||||
server {
|
||||
listen 80;
|
||||
server_name jenkins.deeplink.media;
|
||||
# 可选:添加安全头,防止 CRLF 注入
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
# HTTPS 服务器(核心配置)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name jenkins.deeplink.media;
|
||||
|
||||
# SSL 证书配置
|
||||
ssl_certificate /data/tengine/conf/certificate/jenkins.deeplink.media_bundle.crt;
|
||||
ssl_certificate_key /data/tengine/conf/certificate/jenkins.deeplink.media.key;
|
||||
|
||||
# SSL 安全协议和加密套件(推荐)
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
# SSL 会话缓存(可选,提升性能)
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
|
||||
# 访问和错误日志
|
||||
access_log /data/tengine/logs/jenkins_access.log;
|
||||
error_log /data/tengine/logs/jenkins_error.log;
|
||||
|
||||
# 核心代理配置块
|
||||
location / {
|
||||
proxy_pass http://jenkins_backend; # 指向 upstream
|
||||
|
||||
# --- 关键:传递请求头给 Jenkins,让 Jenkins 知道原始请求信息 ---
|
||||
proxy_set_header Host $host:$server_port; # 传递原始 Host,避免 Jenkins 重定向到 8080
|
||||
proxy_set_header X-Real-IP $remote_addr; # 传递真实客户端 IP
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 传递代理链 IP
|
||||
proxy_set_header X-Forwarded-Proto $scheme; # 传递原始协议 (https)
|
||||
proxy_set_header X-Forwarded-Port $server_port; # 传递原始端口 (443)
|
||||
|
||||
# --- 关键:WebSocket 支持(Jenkins 控制台输出、实时日志等需要) ---
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade; # 升级协议头
|
||||
proxy_set_header Connection "upgrade"; # 连接类型头
|
||||
|
||||
# --- 性能与安全 ---
|
||||
proxy_request_buffering off; # 关闭请求体缓冲,对大文件上传友好
|
||||
client_max_body_size 2G; # 保持你设置的大文件上传限制
|
||||
|
||||
# --- 超时设置 ---
|
||||
proxy_connect_timeout 60s; # 连接超时
|
||||
proxy_send_timeout 60s; # 发送超时
|
||||
proxy_read_timeout 60s; # 读取超时
|
||||
|
||||
# --- 可选:安全头 ---
|
||||
# add_header X-Frame-Options "SAMEORIGIN" always; # 防止点击劫持
|
||||
# add_header X-Content-Type-Options "nosniff" always; # 防止 MIME 类型嗅探
|
||||
# add_header Referrer-Policy "strict-origin-when-cross-origin" always; # Referrer 策略
|
||||
}
|
||||
|
||||
# 可选:如果 Jenkins 使用了 AJP 连接器,可能需要取消注释下行(通常不需要)
|
||||
# proxy_pass_header Server;
|
||||
}
|
||||
Reference in New Issue
Block a user