3344/dock
1
0
Fork 0
Code Issues Packages Projects Releases 1 Wiki Activity

Update Docker 24.0.5

Browse Source
This commit is contained in:
xzx3344521
2025-10-31 21:40:52 +08:00
committed by GitHub
parent 061386eb6b
commit fef7402b51
1 changed files with 293 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

570
Docker 24.0.5
View File

@@ -1,334 +1,330 @@
#!/bin/bash #!/bin/bash
set -e
echo "==========================================" set -e
echo " 修复Docker服务未找到问题"
echo "=========================================="
# 颜色定义 # 颜色定义
RED='\033[0;31m' RED='\033[0;31m'
GREEN='\033[0;32m' GREEN='\033[0;32m'
YELLOW='\033[1;33m' YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' NC='\033[0m'
log_info() { echo -e "${GREEN}[INFO]${NC} $1"; } # 输出颜色信息
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; } log() {
log_error() { echo -e "${RED}[ERROR]${NC} $1"; } echo -e "${GREEN}[INFO]${NC} $1"
}
# 检查Docker安装状态 warn() {
check_docker_installation() { echo -e "${YELLOW}[WARN]${NC} $1"
log_info "检查Docker安装状态..." }
if command -v docker &> /dev/null; then error() {
docker --version echo -e "${RED}[ERROR]${NC} $1"
log_info "✅ Docker CLI 已安装" }
return 0
info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
# 检测系统IP
detect_ip() {
log "正在检测服务器IP地址..."
# 尝试多种方法获取公网IP
PUBLIC_IP=$(curl -s --connect-timeout 5 http://ipinfo.io/ip || \
curl -s --connect-timeout 5 http://ifconfig.me || \
curl -s --connect-timeout 5 http://api.ipify.org || \
echo "unknown")
# 获取内网IP
LOCAL_IP=$(ip route get 1 | awk '{print $7; exit}' 2>/dev/null || \
hostname -I | awk '{print $1}' 2>/dev/null || \
echo "unknown")
# 显示检测结果
if [ "$PUBLIC_IP" != "unknown" ]; then
info "检测到公网IP: $PUBLIC_IP"
SERVER_IP="$PUBLIC_IP"
else else
log_error "❌ Docker CLI 未安装" warn "无法获取公网IP使用内网IP: $LOCAL_IP"
return 1 SERVER_IP="$LOCAL_IP"
fi fi
} }
# 检查服务文件 # 生成密钥
check_service_files() { generate_keys() {
log_info "检查Docker服务文件..." log "正在生成RustDesk密钥对..."
local services=( # 创建目录
"/lib/systemd/system/docker.service" mkdir -p {hbbs,hbbr,data}
"/usr/lib/systemd/system/docker.service"
"/etc/systemd/system/docker.service"
)
for service in "${services[@]}"; do # 检查是否已有密钥
if [ -f "$service" ]; then if [ -f "data/key_pair" ]; then
log_info "找到服务文件: $service" warn "检测到已存在的密钥对,使用现有密钥"
return 0 # 从保存的密钥对中恢复
fi cat data/key_pair | grep "私钥" | cut -d' ' -f2 | base64 -d > data/id_ed25519
done cat data/key_pair | grep "公钥" | cut -d' ' -f2 | base64 -d > data/id_ed25519.pub
log_warn "未找到Docker服务文件"
return 1
}
# 重新安装Docker服务
reinstall_docker_service() {
log_info "重新安装Docker服务..."
# 彻底清理
log_info "彻底清理Docker..."
systemctl stop docker 2>/dev/null || true
systemctl stop containerd 2>/dev/null || true
# 卸载现有docker
apt-get remove -y --purge docker docker-engine docker.io containerd runc docker-ce docker-ce-cli 2>/dev/null || true
# 清理文件和目录
rm -rf /var/lib/docker
rm -rf /var/lib/containerd
rm -rf /etc/docker
rm -f /etc/apt/sources.list.d/docker*
# 重新安装Docker使用更稳定的方法
log_info "重新安装Docker..."
# 方法1使用官方脚本但跳过服务设置
curl -fsSL https://get.docker.com -o get-docker.sh
chmod +x get-docker.sh
# 修改脚本以跳过systemd检查
sed -i 's/systemctl is-active docker/#systemctl is-active docker/g' get-docker.sh
sed -i 's/systemctl start docker/#systemctl start docker/g' get-docker.sh
sed -i 's/systemctl enable docker/#systemctl enable docker/g' get-docker.sh
# 运行修改后的脚本
./get-docker.sh --version 24.0.5
if [ $? -eq 0 ]; then
log_info "✅ Docker组件安装成功"
else else
log_warn "官方脚本安装有问题,尝试手动安装..." # 生成新密钥
manual_install_docker openssl genrsa -out data/id_ed25519 2048 2>/dev/null
openssl rsa -in data/id_ed25519 -pubout -out data/id_ed25519.pub 2>/dev/null
# 保存密钥对信息
echo "私钥: $(cat data/id_ed25519 | base64 -w 0)" > data/key_pair
echo "公钥: $(cat data/id_ed25519.pub | base64 -w 0)" >> data/key_pair
log "新的密钥对生成完成"
fi fi
# 复制密钥到服务目录
cp data/id_ed25519* hbbs/
cp data/id_ed25519* hbbr/
# 获取公钥用于显示
PUBLIC_KEY=$(cat data/id_ed25519.pub | base64 -w 0)
} }
# 手动安装Docker # 生成Docker Compose配置
manual_install_docker() { generate_docker_compose() {
log_info "手动安装Docker..." log "生成Docker Compose配置文件..."
# 安装依赖 cat > docker-compose.yml << EOF
apt-get update version: '3.8'
apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common
# 添加Docker官方GPG密钥 services:
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg hbbs:
image: lejianwen/rustdesk-server-s6
container_name: rustdesk-hbbs
restart: unless-stopped
ports:
- "21115:21115"
- "21116:21116"
- "21116:21116/udp"
- "21117:21117"
- "21118:21118"
- "21119:21119"
volumes:
- ./hbbs:/root
- ./data:/data
command: hbbs -r ${SERVER_IP}:21117
networks:
- rustdesk-net
# 添加Docker仓库 hbbr:
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null image: lejianwen/rustdesk-server-s6
container_name: rustdesk-hbbr
restart: unless-stopped
ports:
- "21117:21117"
- "21118:21118"
- "21119:21119"
volumes:
- ./hbbr:/root
- ./data:/data
command: hbbr
networks:
- rustdesk-net
# 安装Docker networks:
apt-get update rustdesk-net:
apt-get install -y \ driver: bridge
docker-ce=5:24.0.5-1~debian.12~bookworm \ EOF
docker-ce-cli=5:24.0.5-1~debian.12~bookworm \
containerd.io \
docker-buildx-plugin \
docker-compose-plugin
} }
# 创建Docker服务文件 # 生成管理脚本
create_docker_service() { generate_management_script() {
log_info "创建Docker服务文件..." log "生成管理脚本..."
# 创建服务目录 cat > manage.sh << 'EOF'
mkdir -p /etc/systemd/system #!/bin/bash
# 创建docker.service文件 # 颜色定义
cat > /etc/systemd/system/docker.service << 'EOF' RED='\033[0;31m'
[Unit] GREEN='\033[0;32m'
Description=Docker Application Container Engine YELLOW='\033[1;33m'
Documentation=https://docs.docker.com BLUE='\033[0;34m'
After=network-online.target firewalld.service containerd.service NC='\033[0m'
Wants=network-online.target
Requires=containerd.service
[Service] # 管理功能
Type=notify case "$1" in
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock "start")
ExecReload=/bin/kill -s HUP $MAINPID docker-compose up -d
TimeoutSec=0 echo -e "${GREEN}服务已启动${NC}"
RestartSec=2 ;;
Restart=always "stop")
StartLimitBurst=3 docker-compose down
StartLimitInterval=60s echo -e "${YELLOW}服务已停止${NC}"
LimitNOFILE=infinity ;;
LimitNPROC=infinity "restart")
LimitCORE=infinity docker-compose restart
TasksMax=infinity echo -e "${GREEN}服务已重启${NC}"
Delegate=yes ;;
KillMode=process "status")
docker-compose ps
;;
"logs")
docker-compose logs -f
;;
"update")
docker-compose pull
docker-compose down
docker-compose up -d
echo -e "${GREEN}服务已更新${NC}"
;;
"backup")
BACKUP_DIR="backup/$(date +%Y%m%d_%H%M%S)"
mkdir -p $BACKUP_DIR
cp -r data $BACKUP_DIR/
echo -e "${GREEN}密钥已备份到: $BACKUP_DIR${NC}"
;;
"key-info")
if [ -f "data/key_pair" ]; then
echo -e "${BLUE}=== 密钥信息 ===${NC}"
echo "公钥 (Base64): $(cat data/key_pair | grep '公钥' | cut -d' ' -f2)"
echo -e "${BLUE}===============${NC}"
else
echo -e "${RED}没有找到密钥对${NC}"
fi
;;
"export-key")
if [ -f "data/key_pair" ]; then
echo -e "${YELLOW}=== 导出密钥 ===${NC}"
cat data/key_pair
echo -e "${YELLOW}===============${NC}"
else
echo -e "${RED}没有找到密钥对${NC}"
fi
;;
"import-key")
if [ -z "$2" ]; then
echo -e "${RED}用法: ./manage.sh import-key <base64_private_key>${NC}"
exit 1
fi
[Install] echo "$2" | base64 -d > data/id_ed25519
WantedBy=multi-user.target openssl rsa -in data/id_ed25519 -pubout -out data/id_ed25519.pub 2>/dev/null
echo "私钥: $(cat data/id_ed25519 | base64 -w 0)" > data/key_pair
echo "公钥: $(cat data/id_ed25519.pub | base64 -w 0)" >> data/key_pair
cp data/id_ed25519* hbbs/
cp data/id_ed25519* hbbr/
docker-compose restart
echo -e "${GREEN}密钥已导入并应用${NC}"
;;
*)
echo -e "${BLUE}RustDesk 服务管理脚本${NC}"
echo "用法: $0 [命令]"
echo ""
echo "命令:"
echo " start 启动服务"
echo " stop 停止服务"
echo " restart 重启服务"
echo " status 查看状态"
echo " logs 查看日志"
echo " update 更新服务"
echo " backup 备份密钥"
echo " key-info 查看密钥信息"
echo " export-key 导出密钥"
echo " import-key 导入密钥 (需要Base64格式私钥)"
;;
esac
EOF EOF
# 创建containerd服务文件 chmod +x manage.sh
cat > /etc/systemd/system/containerd.service << 'EOF'
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd
Restart=always
RestartSec=5
Delegate=yes
KillMode=process
OOMScoreAdjust=-999
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
[Install]
WantedBy=multi-user.target
EOF
log_info "服务文件创建完成"
} }
# 配置和启动服务
setup_and_start_services() {
log_info "配置和启动Docker服务..."
# 重新加载systemd
systemctl daemon-reload
# 启用并启动containerd
systemctl enable containerd
systemctl start containerd
# 启用并启动docker
systemctl enable docker
systemctl start docker
# 等待服务启动
sleep 5
# 检查服务状态
if systemctl is-active docker &> /dev/null; then
log_info "✅ Docker服务启动成功"
else
log_error "❌ Docker服务启动失败"
journalctl -u docker --no-pager -n 20
return 1
fi
}
# 验证安装
verify_installation() {
log_info "验证Docker安装..."
# 检查docker命令
if command -v docker &> /dev/null; then
log_info "✅ Docker CLI: $(docker --version)"
else
log_error "❌ Docker CLI 不可用"
return 1
fi
# 检查服务状态
if systemctl is-active docker &> /dev/null; then
log_info "✅ Docker服务运行正常"
else
log_error "❌ Docker服务未运行"
return 1
fi
# 测试docker info
if docker info &> /dev/null; then
log_info "✅ Docker守护进程响应正常"
else
log_warn "⚠️ Docker守护进程无响应"
return 1
fi
log_info "🎉 Docker安装验证完成"
}
# 安装RustDesk服务器
install_rustdesk() {
log_info "开始安装RustDesk服务器..."
# 创建数据目录
mkdir -p /var/lib/rustdesk-server/{hbbs,hbbr}
# 拉取镜像
log_info "拉取RustDesk服务器镜像..."
docker pull rustdesk/rustdesk-server:latest
# 启动hbbs
log_info "启动RustDesk hbbs服务..."
docker run -d \
--name hbbs \
--restart unless-stopped \
--network host \
-v /var/lib/rustdesk-server/hbbs:/root \
rustdesk/rustdesk-server:latest hbbs
# 启动hbbr
log_info "启动RustDesk hbbr服务..."
docker run -d \
--name hbbr \
--restart unless-stopped \
--network host \
-v /var/lib/rustdesk-server/hbbr:/root \
rustdesk/rustdesk-server:latest hbbr
log_info "✅ RustDesk服务器部署完成"
# 显示部署信息 # 显示部署信息
show_rustdesk_info show_deployment_info() {
echo ""
echo -e "${GREEN}===============================================${NC}"
echo -e "${GREEN} RustDesk Server 部署完成! ${NC}"
echo -e "${GREEN}===============================================${NC}"
echo ""
echo -e "${BLUE}服务器信息:${NC}"
echo " ID 服务器: $SERVER_IP"
echo " 中继服务器: $SERVER_IP:21117"
echo ""
echo -e "${BLUE}密钥信息:${NC}"
echo " 公钥 (Base64): $(cat data/key_pair | grep '公钥' | cut -d' ' -f2)"
echo ""
echo -e "${BLUE}端口信息:${NC}"
echo " HBBS 端口: 21115-21119"
echo " HBBR 端口: 21117-21119"
echo ""
echo -e "${BLUE}管理命令:${NC}"
echo " 启动服务: ./manage.sh start"
echo " 停止服务: ./manage.sh stop"
echo " 查看状态: ./manage.sh status"
echo " 查看日志: ./manage.sh logs"
echo " 备份密钥: ./manage.sh backup"
echo " 导出密钥: ./manage.sh export-key"
echo ""
echo -e "${YELLOW}重要提示:${NC}"
echo " 1. 请确保防火墙开放端口 21115-21119"
echo " 2. 备份 data/ 目录下的密钥文件"
echo " 3. 在其他服务器部署时使用相同密钥保证客户端兼容"
echo -e "${GREEN}===============================================${NC}"
} }
# 显示RustDesk信息 # 检查防火墙
show_rustdesk_info() { check_firewall() {
echo "" log "检查防火墙状态..."
log_info "🎉 RustDesk服务器部署完成"
echo "==========================================" # 检查 ufw
echo "服务状态:" if command -v ufw >/dev/null 2>&1 && ufw status | grep -q "active"; then
echo " docker ps -a # 查看容器状态" warn "检测到 ufw 防火墙,请确保已开放端口 21115-21119"
echo " systemctl status docker # 查看Docker服务" echo "运行以下命令开放端口:"
echo "" echo " sudo ufw allow 21115:21119/tcp"
echo "重要信息:" echo " sudo ufw allow 21116/udp"
echo " 查看密钥: cat /var/lib/rustdesk-server/hbbs/id_ed25519.pub" fi
echo " 服务器IP: $(curl -s ifconfig.me || hostname -I | awk '{print $1}')"
echo "" # 检查 firewalld
echo "客户端连接时需要:" if command -v firewall-cmd >/dev/null 2>&1 && firewall-cmd --state >/dev/null 2>&1; then
echo " 1. 上面显示的IP地址" warn "检测到 firewalld 防火墙,请确保已开放端口 21115-21119"
echo " 2. 上面显示的密钥" echo "运行以下命令开放端口:"
echo "==========================================" echo " sudo firewall-cmd --permanent --add-port=21115-21119/tcp"
echo " sudo firewall-cmd --permanent --add-port=21116/udp"
echo " sudo firewall-cmd --reload"
fi
# 检查 iptables
if command -v iptables >/dev/null 2>&1; then
warn "请检查 iptables 规则,确保端口 21115-21119 已开放"
fi
} }
# 主函数 # 主部署流程
main() { main() {
log_info "开始修复Docker服务未找到问题..." echo -e "${BLUE}===============================================${NC}"
echo -e "${BLUE} RustDesk Server 一键部署脚本 ${NC}"
echo -e "${BLUE}===============================================${NC}"
check_docker_installation || { # 检测IP
log_error "Docker未正确安装退出" detect_ip
exit 1
}
if check_service_files; then # 生成密钥
log_info "服务文件存在,尝试启动服务..." generate_keys
setup_and_start_services
else # 生成Docker配置
log_info "服务文件不存在,重新安装..." generate_docker_compose
reinstall_docker_service
create_docker_service # 生成管理脚本
setup_and_start_services generate_management_script
fi
# 启动服务
log "启动RustDesk服务..."
docker-compose up -d
# 显示部署信息
show_deployment_info
# 检查防火墙
check_firewall
verify_installation && {
log_info "✅ Docker修复成功"
echo "" echo ""
read -p "是否现在安装RustDesk服务器(y/n): " -n 1 -r log "部署完成!可以使用 ./manage.sh 管理服务"
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
install_rustdesk
else
log_info "您可以稍后运行此脚本安装RustDesk"
fi
} || {
log_error "❌ Docker修复失败"
}
} }
# 行主函数 # 行主函数
main "$@" main