feat(deploy): add center host docker compose stack for git, registry and s3 hosting

2026-05-05 08:45:58 +08:00
parent d1ff2661d1
commit 2a41969771
9 changed files with 443 additions and 0 deletions
@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+CENTER_DIR="$(cd "$(dirname "$0")" && pwd)"
+cd "$CENTER_DIR"
+
+mkdir -p secrets
+chmod 700 secrets
+
+write_secret() {
+  local name="$1" value="$2"
+  printf '%s\n' "$value" > "secrets/$name"
+  chmod 600 "secrets/$name"
+}
+
+RPC_SECRET="$(openssl rand -hex 32)"
+ADMIN_TOKEN="$(openssl rand -base64 32 | tr -d '\n')"
+METRICS_TOKEN="$(openssl rand -base64 32 | tr -d '\n')"
+ZOT_PASSWORD="$(openssl rand -hex 16)"
+GITEA_PASSWORD="$(openssl rand -hex 16)"
+
+write_secret garage-rpc-secret "$RPC_SECRET"
+write_secret garage-admin-token "$ADMIN_TOKEN"
+write_secret garage-metrics-token "$METRICS_TOKEN"
+write_secret zot-admin-password "$ZOT_PASSWORD"
+write_secret gitea-admin-password "$GITEA_PASSWORD"
+
+if [ ! -f .env ]; then
+  cp .env.example .env
+fi
+
+python3 - "$RPC_SECRET" "$ADMIN_TOKEN" "$METRICS_TOKEN" <<'PY'
+import sys, pathlib
+rpc, admin, metrics = sys.argv[1:4]
+src = pathlib.Path("garage/garage.toml.template").read_text()
+out = (src
+  .replace("@RPC_SECRET@", rpc)
+  .replace("@ADMIN_TOKEN@", admin)
+  .replace("@METRICS_TOKEN@", metrics))
+pathlib.Path("garage/garage.toml").write_text(out)
+PY
+
+htpasswd -bBn admin "$ZOT_PASSWORD" > zot/htpasswd
+chmod 600 zot/htpasswd
+
+echo
+echo "secrets/ 写入完成，garage/garage.toml、zot/htpasswd 已渲染"
+echo
+echo "Zot:    admin / $ZOT_PASSWORD"
+echo "Gitea:  admin / $GITEA_PASSWORD"