#!/usr/bin/env bash #=============================================================================== # # FILE: DockerProxy_Install.sh # # USAGE: ./DockerProxy_Install.sh # # DESCRIPTION: 自建Docker镜像加速服务,基于官方 registry 一键部署Docker、K8s、Quay、Ghcr镜像加速\管理服务.支持部署到Render. # # ORGANIZATION: DingQz dqzboy.com 浅时光博客 #=============================================================================== echo cat << EOF ██████╗ ██████╗ ██████╗██╗ ██╗███████╗██████╗ ██████╗ ██████╗ ██████╗ ██╗ ██╗██╗ ██╗ ██╔══██╗██╔═══██╗██╔════╝██║ ██╔╝██╔════╝██╔══██╗ ██╔══██╗██╔══██╗██╔═══██╗╚██╗██╔╝╚██╗ ██╔╝ ██║ ██║██║ ██║██║ █████╔╝ █████╗ ██████╔╝ ██████╔╝██████╔╝██║ ██║ ╚███╔╝ ╚████╔╝ ██║ ██║██║ ██║██║ ██╔═██╗ ██╔══╝ ██╔══██╗ ██╔═══╝ ██╔══██╗██║ ██║ ██╔██╗ ╚██╔╝ ██████╔╝╚██████╔╝╚██████╗██║ ██╗███████╗██║ ██║ ██║ ██║ ██║╚██████╔╝██╔╝ ██╗ ██║ ╚═════╝ ╚═════╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ 博客: dqzboy.com 浅时光博客 项目地址: https://github.com/dqzboy/Docker-Proxy EOF echo "----------------------------------------------------------------------------------------------------------" echo -e "\033[32m机场推荐\033[0m(\033[34m按量不限时,解锁ChatGPT\033[0m):\033[34;4mhttps://mojie.mx/#/register?code=CG6h8Irm\033[0m" echo "----------------------------------------------------------------------------------------------------------" echo echo GREEN="\033[0;32m" RED="\033[31m" YELLOW="\033[33m" RESET="\033[0m" INFO="[${GREEN}INFO${RESET}]" ERROR="[${RED}ERROR${RESET}]" WARN="[${YELLOW}WARN${RESET}]" function INFO() { echo -e "${INFO} ${1}" } function ERROR() { echo -e "${ERROR} ${1}" } function WARN() { echo -e "${WARN} ${1}" } PROXY_DIR="/data/registry-proxy" mkdir -p ${PROXY_DIR} cd "${PROXY_DIR}" GITRAW="https://raw.githubusercontent.com/dqzboy/Docker-Proxy/main" IMAGE_NAME="registry" UI_IMAGE_NAME="dqzboy/docker-registry-ui" DOCKER_COMPOSE_FILE="docker-compose.yaml" attempts=0 maxAttempts=3 function CHECK_OS() { INFO "======================= 检查环境 =======================" # OS version OSVER=$(cat /etc/os-release | grep -o '[0-9]' | head -n 1) if [ -f /etc/os-release ]; then . /etc/os-release else echo "无法确定发行版" exit 1 fi case "$ID" in "centos") repo_type="centos" ;; "debian") repo_type="debian" ;; "rhel") repo_type="rhel" ;; "ubuntu") repo_type="ubuntu" ;; "opencloudos") repo_type="centos" ;; "rocky") repo_type="centos" ;; *) WARN "此脚本目前不支持您的系统: $ID" exit 1 ;; esac INFO "System release:: $NAME" INFO "System version: $VERSION" INFO "System ID: $ID" INFO "System ID Like: $ID_LIKE" } function CHECK_PACKAGE_MANAGER() { if command -v dnf &> /dev/null; then package_manager="dnf" elif command -v yum &> /dev/null; then package_manager="yum" elif command -v apt-get &> /dev/null; then package_manager="apt-get" elif command -v apt &> /dev/null; then package_manager="apt" else ERROR "不受支持的软件包管理器." exit 1 fi } function CHECK_PKG_MANAGER() { if command -v rpm &> /dev/null; then pkg_manager="rpm" elif command -v dpkg &> /dev/null; then pkg_manager="dpkg" elif command -v apt &> /dev/null; then pkg_manager="apt" else ERROR "无法确定包管理系统." exit 1 fi } function CHECKMEM() { memory_usage=$(free | awk '/^Mem:/ {printf "%.2f", $3/$2 * 100}') memory_usage=${memory_usage%.*} if [[ $memory_usage -gt 90 ]]; then # 判断是否超过 90% read -e -p "$(WARN '内存占用率高于 70%($memory_usage%). 是否继续安装?: ')" continu if [ "$continu" == "n" ] || [ "$continu" == "N" ]; then exit 1 fi else INFO "内存资源充足。请继续.($memory_usage%)" fi } function CHECKFIRE() { systemctl stop firewalld &> /dev/null systemctl disable firewalld &> /dev/null systemctl stop iptables &> /dev/null systemctl disable iptables &> /dev/null ufw disable &> /dev/null INFO "防火墙已被禁用." if [[ "$repo_type" == "centos" || "$repo_type" == "rhel" ]]; then if sestatus | grep "SELinux status" | grep -q "enabled"; then WARN "SELinux 已启用。禁用 SELinux..." setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config INFO "SELinux 已被禁用." else INFO "SELinux 已被禁用." fi fi } function CHECKBBR() { kernel_version=$(uname -r | awk -F "-" '{print $1}') read -e -p "$(WARN '是否开启BBR,优化网络带宽提高网络性能? [y/n]: ')" choice_bbr case $choice_bbr in y | Y) version_compare=$(echo "${kernel_version} 4.9" | awk '{if ($1 >= $2) print "yes"; else print "no"}') if [ "$version_compare" != "yes" ]; then WARN "你的内核版本小于4.9,无法启动BBR,需要你手动升级内核" exit 0 fi sysctl net.ipv4.tcp_available_congestion_control | grep -q "bbr" if [ $? -eq 0 ]; then INFO "你的服务器已经启动BBR" else INFO "开启BBR中..." modprobe tcp_bbr if [ $? -eq 0 ]; then INFO "BBR模块添加成功." else ERROR "BBR模块添加失败,请执行 sysctl -p 检查." exit 1 fi if [ ! -d /etc/modules-load.d/ ]; then mkdir -p /etc/modules-load.d/ fi if [ ! -f /etc/modules-load.d/tcp_bbr.conf ]; then touch /etc/modules-load.d/tcp_bbr.conf fi if ! grep -q "tcp_bbr" /etc/modules-load.d/tcp_bbr.conf ; then echo 'tcp_bbr' >> /etc/modules-load.d/tcp_bbr.conf fi for setting in "net.core.default_qdisc=fq" "net.ipv4.tcp_congestion_control=bbr"; do if ! grep -q "$setting" /etc/sysctl.conf; then echo "$setting" >> /etc/sysctl.conf fi done sysctl -p &> /dev/null if [ $? -ne 0 ]; then ERROR "应用sysctl设置过程中发生了一个错误,请执行 sysctl -p 检查." exit 2 fi lsmod | grep tcp_bbr if [ $? -eq 0 ]; then INFO "BBR已经成功开启。" else ERROR "BBR开启失败,请执行 sysctl -p 检查." exit 3 fi WARN "如果BBR开启后未生效,请执行 reboot 重启服务器使其BBR模块生效" fi ;; n | N) INFO "不开启BBR" ;; *) ERROR "输入错误!请输入 y 或 n" ;; esac } function INSTALL_PACKAGE(){ INFO "======================= 安装依赖 =======================" INFO "检查依赖安装情况,请稍等 ..." TIMEOUT=300 PACKAGES_APT=( lsof jq wget apache2-utils tar ) PACKAGES_YUM=( epel-release lsof jq wget yum-utils httpd-tools tar ) if [ "$package_manager" = "dnf" ] || [ "$package_manager" = "yum" ]; then for package in "${PACKAGES_YUM[@]}"; do if $pkg_manager -q "$package" &>/dev/null; then INFO "已经安装 $package ..." else INFO "正在安装 $package ..." start_time=$(date +%s) $package_manager -y install "$package" --skip-broken > /dev/null 2>&1 & install_pid=$! while [[ $(($(date +%s) - $start_time)) -lt $TIMEOUT ]] && kill -0 $install_pid &>/dev/null; do sleep 1 done if kill -0 $install_pid &>/dev/null; then WARN "$package 的安装时间超过 $TIMEOUT 秒。是否继续? (y/n)" read -r continue_install if [ "$continue_install" != "y" ]; then ERROR "$package 的安装超时。退出脚本。" exit 1 else continue fi fi wait $install_pid if [ $? -ne 0 ]; then ERROR "$package 安装失败。请检查系统安装源,然后再次运行此脚本!请尝试手动执行安装:$package_manager -y install $package" exit 1 fi fi done elif [ "$package_manager" = "apt-get" ] || [ "$package_manager" = "apt" ];then dpkg --configure -a &>/dev/null $package_manager update &>/dev/null for package in "${PACKAGES_APT[@]}"; do if $pkg_manager -s "$package" &>/dev/null; then INFO "已经安装 $package ..." else INFO "正在安装 $package ..." $package_manager install -y $package > /dev/null 2>&1 if [ $? -ne 0 ]; then ERROR "安装 $package 失败,请检查系统安装源之后再次运行此脚本!请尝试手动执行安装:$package_manager -y install $package" exit 1 fi fi done else WARN "无法确定包管理系统." exit 1 fi } function INSTALL_CADDY() { INFO "====================== 安装Caddy ======================" start_caddy() { systemctl enable caddy.service &>/dev/null systemctl restart caddy.service status=$(systemctl is-active caddy) if [ "$status" = "active" ]; then INFO "Caddy 服务运行正常,请继续..." else ERROR "Caddy 服务未运行,会导致服务无法正常安装运行,请检查后再次执行脚本!" ERROR "-----------服务启动失败,请查看错误日志 ↓↓↓-----------" journalctl -u caddy.service --no-pager ERROR "-----------服务启动失败,请查看错误日志 ↑↑↑-----------" exit 1 fi } check_caddy() { if pgrep "caddy" > /dev/null; then INFO "Caddy 已在运行." else WARN "Caddy 未运行。尝试启动 Caddy..." start_attempts=3 for ((i=1; i<=$start_attempts; i++)); do start_caddy if pgrep "caddy" > /dev/null; then INFO "Caddy 已成功启动." break else if [ $i -eq $start_attempts ]; then ERROR "Caddy 在尝试 $start_attempts 后无法启动。请检查配置" exit 1 else WARN "在 $i 时间内启动 Caddy 失败。重试..." fi fi done fi } if [ "$package_manager" = "dnf" ]; then if which caddy &>/dev/null; then INFO "Caddy 已经安装." else INFO "正在安装Caddy程序,请稍候..." $package_manager -y install 'dnf-command(copr)' &>/dev/null $package_manager -y copr enable @caddy/caddy &>/dev/null while [ $attempts -lt $maxAttempts ]; do $package_manager -y install caddy &>/dev/null if [ $? -ne 0 ]; then ((attempts++)) WARN "正在尝试安装Caddy >>> (Attempt: $attempts)" if [ $attempts -eq $maxAttempts ]; then ERROR "Caddy installation failed. Please try installing manually." echo "命令: $package_manager -y install 'dnf-command(copr)' && $package_manager -y copr enable @caddy/caddy && $package_manager -y install caddy" exit 1 fi else INFO "已安装 Caddy." break fi done fi check_caddy elif [ "$package_manager" = "yum" ]; then if which caddy &>/dev/null; then INFO "Caddy 已经安装." else INFO "正在安装Caddy程序,请稍候..." $package_manager -y install yum-plugin-copr &>/dev/null $package_manager -y copr enable @caddy/caddy &>/dev/null while [ $attempts -lt $maxAttempts ]; do $package_manager -y install caddy &>/dev/null if [ $? -ne 0 ]; then ((attempts++)) WARN "正在尝试安装Caddy >>> (Attempt: $attempts)" if [ $attempts -eq $maxAttempts ]; then ERROR "Caddy installation failed. Please try installing manually." echo "命令: $package_manager -y install 'dnf-command(copr)' && $package_manager -y copr enable @caddy/caddy && $package_manager -y install caddy" exit 1 fi else INFO "已安装 Caddy." break fi done fi check_caddy elif [ "$package_manager" = "apt" ] || [ "$package_manager" = "apt-get" ];then dpkg --configure -a &>/dev/null $package_manager update &>/dev/null if $pkg_manager -s "caddy" &>/dev/null; then INFO "Caddy 已安装,跳过..." else INFO "安装 Caddy 请稍等 ..." $package_manager install -y debian-keyring debian-archive-keyring apt-transport-https &>/dev/null curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg &>/dev/null curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list &>/dev/null $package_manager update &>/dev/null $package_manager install -y caddy &>/dev/null if [ $? -ne 0 ]; then ERROR "安装 Caddy 失败,请检查系统安装源之后再次运行此脚本!请尝试手动执行安装:$package_manager -y install caddy" exit 1 fi fi check_caddy else WARN "无法确定包管理系统." exit 1 fi INFO "====================== 配置Caddy ======================" while true; do INFO ">>> 域名解析主机记录(即域名前缀):ui、hub、gcr、ghcr、k8sgcr、k8s、quay、mcr、elastic <<<" WARN ">>> 只需选择你部署的服务进行解析即可,无需将上面提示中所有的主机记录进行解析 <<<" read -e -p "$(WARN '是否配置Caddy,实现自动HTTPS? 执行前需提前在DNS服务商选择部署的服务进行解析主机记录[y/n]: ')" caddy_conf case "$caddy_conf" in y|Y ) read -e -p "$(INFO '请输入你的域名[例: baidu.com],不可为空: ')" caddy_domain read -e -p "$(INFO '请输入要配置的主机记录,用逗号分隔[例: hub,mcr]: ')" selected_records IFS=',' read -r -a records_array <<< "$selected_records" declare -A record_templates record_templates[ui]="ui.$caddy_domain { reverse_proxy localhost:50000 { header_up Host {host} header_up Origin {scheme}://{host} header_up X-Forwarded-For {remote_addr} header_up X-Forwarded-Proto {scheme} header_up X-Forwarded-Ssl on header_up X-Forwarded-Port {server_port} header_up X-Forwarded-Host {host} } }" record_templates[hub]="hub.$caddy_domain { reverse_proxy localhost:51000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" record_templates[ghcr]="ghcr.$caddy_domain { reverse_proxy localhost:52000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" record_templates[gcr]="gcr.$caddy_domain { reverse_proxy localhost:53000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" record_templates[k8sgcr]="k8sgcr.$caddy_domain { reverse_proxy localhost:54000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" record_templates[k8s]="k8s.$caddy_domain { reverse_proxy localhost:55000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" record_templates[quay]="quay.$caddy_domain { reverse_proxy localhost:56000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" record_templates[mcr]="mcr.$caddy_domain { reverse_proxy localhost:57000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" record_templates[elastic]="elastic.$caddy_domain { reverse_proxy localhost:58000 { header_up Host {host} header_up X-Real-IP {remote_addr} header_up X-Forwarded-For {remote_addr} header_up X-Nginx-Proxy true } }" > /etc/caddy/Caddyfile for record in "${records_array[@]}"; do if [[ -n "${record_templates[$record]}" ]]; then echo "${record_templates[$record]}" >> /etc/caddy/Caddyfile fi done start_attempts=3 for ((i=1; i<=$start_attempts; i++)); do start_caddy if pgrep "caddy" > /dev/null; then INFO "重新载入配置成功. Caddy服务启动完成" break else if [ $i -eq $start_attempts ]; then ERROR "Caddy 在尝试 $start_attempts 后无法启动。请检查配置" exit 1 else WARN "第 $i 次启动 Caddy 失败。重试..." fi fi done break;; n|N ) WARN "退出配置 Caddy 操作。" break;; * ) INFO "请输入 'y' 表示是,或者 'n' 表示否。";; esac done } function INSTALL_NGINX() { INFO "====================== 安装Nginx ======================" start_nginx() { systemctl enable nginx &>/dev/null systemctl restart nginx status=$(systemctl is-active nginx) if [ "$status" = "active" ]; then INFO "Nginx 服务运行正常,请继续..." else ERROR "Nginx 服务未运行,会导致服务无法正常安装运行,请检查后再次执行脚本!" ERROR "-----------服务启动失败,请查看错误日志 ↓↓↓-----------" journalctl -u nginx.service --no-pager ERROR "-----------服务启动失败,请查看错误日志 ↑↑↑-----------" exit 1 fi } check_nginx() { if pgrep "nginx" > /dev/null; then INFO "Nginx 已在运行." else WARN "Nginx 未运行。尝试启动 Nginx..." start_attempts=3 for ((i=1; i<=$start_attempts; i++)); do start_nginx if pgrep "nginx" > /dev/null; then INFO "Nginx 已成功启动." break else if [ $i -eq $start_attempts ]; then ERROR "Nginx 在尝试 $start_attempts 次后无法启动。请检查配置" exit 1 else WARN "第 $i 次启动 Nginx 失败。重试..." fi fi done fi } if [ "$package_manager" = "dnf" ] || [ "$package_manager" = "yum" ]; then if which nginx &>/dev/null; then INFO "Nginx 已经安装." else INFO "正在安装Nginx程序,请稍候..." NGINX="nginx-1.24.0-1.el${OSVER}.ngx.x86_64.rpm" rm -f ${NGINX} wget http://nginx.org/packages/centos/${OSVER}/x86_64/RPMS/${NGINX} &>/dev/null while [ $attempts -lt $maxAttempts ]; do $package_manager -y install ${NGINX} &>/dev/null if [ $? -ne 0 ]; then ((attempts++)) WARN "正在尝试安装Nginx >>> (Attempt: $attempts)" if [ $attempts -eq $maxAttempts ]; then ERROR "Nginx installation failed. Please try installing manually." rm -f ${NGINX} echo "命令: wget http://nginx.org/packages/centos/${OSVER}/x86_64/RPMS/${NGINX} && $package_manager -y install ${NGINX}" exit 1 fi else INFO "已安装 Nginx." rm -f ${NGINX} break fi done fi check_nginx elif [ "$package_manager" = "apt-get" ] || [ "$package_manager" = "apt" ];then dpkg --configure -a &>/dev/null $package_manager update &>/dev/null if $pkg_manager -s "nginx" &>/dev/null; then INFO "nginx 已安装,跳过..." else INFO "安装 nginx 请稍等 ..." $package_manager install -y nginx > /dev/null 2>&1 if [ $? -ne 0 ]; then ERROR "安装 nginx 失败,请检查系统安装源之后再次运行此脚本!请尝试手动执行安装:$package_manager -y install nginx" exit 1 fi fi check_nginx else WARN "无法确定包管理系统." exit 1 fi INFO "====================== 配置Nginx ======================" while true; do WARN "自行安装的 Nginx 请勿执行此操作,以防覆盖原有配置" INFO ">>> 域名解析主机记录(即域名前缀):ui、hub、gcr、ghcr、k8sgcr、k8s、quay、mcr、elastic <<<" WARN ">>> 只需选择你部署的服务进行解析即可,无需将上面提示中所有的主机记录进行解析 <<<" read -e -p "$(WARN '是否配置 Nginx ?配置完成后需在DNS服务商对部署的服务进行解析主机记录[y/n]: ')" nginx_conf case "$nginx_conf" in y|Y ) read -e -p "$(INFO '请输入你的域名[例: baidu.com],不可为空: ')" nginx_domain read -e -p "$(INFO '请输入要配置的主机记录,用逗号分隔[例: hub,mcr]: ')" selected_records IFS=',' read -r -a records_array <<< "$selected_records" declare -A record_templates record_templates[ui]="server { listen 80; #listen 443 ssl; server_name ui.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:50000; proxy_set_header Host \$host; proxy_set_header Origin \$scheme://\$host; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto \$scheme; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Port \$server_port; proxy_set_header X-Forwarded-Host \$host; } }" record_templates[hub]="server { listen 80; #listen 443 ssl; server_name hub.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:51000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" record_templates[ghcr]="server { listen 80; #listen 443 ssl; server_name ghcr.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:52000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" record_templates[gcr]="server { listen 80; #listen 443 ssl; server_name gcr.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:53000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" record_templates[k8sgcr]="server { listen 80; #listen 443 ssl; server_name k8sgcr.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:54000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" record_templates[k8s]="server { listen 80; #listen 443 ssl; server_name k8s.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:55000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" record_templates[quay]="server { listen 80; #listen 443 ssl; server_name quay.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:56000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" record_templates[mcr]="server { listen 80; #listen 443 ssl; server_name mcr.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:57000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" record_templates[elastic]="server { listen 80; #listen 443 ssl; server_name elastic.$nginx_domain; #ssl_certificate /path/to/your_domain_name.crt; #ssl_certificate_key /path/to/your_domain_name.key; #ssl_session_timeout 1d; #ssl_session_cache shared:SSL:50m; #ssl_session_tickets off; #ssl_protocols TLSv1.2 TLSv1.3; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; location / { proxy_pass http://localhost:58000; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }" > /etc/nginx/conf.d/docker-proxy.conf for record in "${records_array[@]}"; do if [[ -n "${record_templates[$record]}" ]]; then echo "${record_templates[$record]}" >> /etc/nginx/conf.d/docker-proxy.conf fi done start_attempts=3 for ((i=1; i<=$start_attempts; i++)); do start_nginx if pgrep "nginx" > /dev/null; then INFO "重新载入配置成功. Nginx服务启动完成" break else if [ $i -eq $start_attempts ]; then ERROR "Nginx 在尝试 $start_attempts 后无法启动。请检查配置" exit 1 else WARN "第 $i 次启动 Nginx 失败。重试..." fi fi done break;; n|N ) WARN "退出配置 Nginx 操作。" break;; * ) INFO "请输入 'y' 表示是,或者 'n' 表示否。";; esac done } function CHECK_DOCKER() { status=$(systemctl is-active docker) if [ "$status" = "active" ]; then INFO "Docker 服务运行正常,请继续..." else ERROR "Docker 服务未运行,会导致服务无法正常安装运行,请检查后再次执行脚本!" ERROR "-----------服务启动失败,请查看错误日志 ↓↓↓-----------" journalctl -u docker.service --no-pager ERROR "-----------服务启动失败,请查看错误日志 ↑↑↑-----------" exit 1 fi } function INSTALL_DOCKER() { repo_file="docker-ce.repo" url="https://download.docker.com/linux/$repo_type" MAX_ATTEMPTS=3 attempt=0 success=false if [ "$repo_type" = "centos" ] || [ "$repo_type" = "rhel" ]; then if ! command -v docker &> /dev/null;then while [[ $attempt -lt $MAX_ATTEMPTS ]]; do attempt=$((attempt + 1)) WARN "Docker 未安装,正在进行安装..." yum-config-manager --add-repo $url/$repo_file &>/dev/null $package_manager -y install docker-ce &>/dev/null if [ $? -eq 0 ]; then success=true break fi ERROR "Docker 安装失败,正在尝试重新下载 (尝试次数: $attempt)" done if $success; then INFO "Docker 安装成功,版本为:$(docker --version)" systemctl restart docker &>/dev/null CHECK_DOCKER systemctl enable docker &>/dev/null else ERROR "Docker 安装失败,请尝试手动安装" exit 1 fi else INFO "Docker 已安装,安装版本为:$(docker --version)" systemctl restart docker | grep -E "ERROR|ELIFECYCLE|WARN" fi elif [ "$repo_type" == "ubuntu" ]; then if ! command -v docker &> /dev/null;then while [[ $attempt -lt $MAX_ATTEMPTS ]]; do attempt=$((attempt + 1)) WARN "Docker 未安装,正在进行安装..." curl -fsSL $url/gpg | sudo apt-key add - &>/dev/null add-apt-repository "deb [arch=amd64] $url $(lsb_release -cs) stable" <<< $'\n' &>/dev/null $package_manager -y install docker-ce docker-ce-cli containerd.io &>/dev/null if [ $? -eq 0 ]; then success=true break fi ERROR "Docker 安装失败,正在尝试重新下载 (尝试次数: $attempt)" done if $success; then INFO "Docker 安装成功,版本为:$(docker --version)" systemctl restart docker &>/dev/null CHECK_DOCKER systemctl enable docker &>/dev/null else ERROR "Docker 安装失败,请尝试手动安装" exit 1 fi else INFO "Docker 已安装,安装版本为:$(docker --version)" systemctl restart docker | grep -E "ERROR|ELIFECYCLE|WARN" fi elif [ "$repo_type" == "debian" ]; then if ! command -v docker &> /dev/null;then while [[ $attempt -lt $MAX_ATTEMPTS ]]; do attempt=$((attempt + 1)) WARN "Docker 未安装,正在进行安装..." curl -fsSL $url/gpg | sudo apt-key add - &>/dev/null add-apt-repository "deb [arch=amd64] $url $(lsb_release -cs) stable" <<< $'\n' &>/dev/null $package_manager -y install docker-ce docker-ce-cli containerd.io &>/dev/null if [ $? -eq 0 ]; then success=true break fi ERROR "Docker 安装失败,正在尝试重新下载 (尝试次数: $attempt)" done if $success; then INFO "Docker 安装成功,版本为:$(docker --version)" systemctl restart docker &>/dev/null CHECK_DOCKER systemctl enable docker &>/dev/null else ERROR "Docker 安装失败,请尝试手动安装" exit 1 fi else INFO "Docker 已安装,安装版本为:$(docker --version)" systemctl restart docker &>/dev/null CHECK_DOCKER fi else ERROR "不支持的操作系统." exit 1 fi } function INSTALL_COMPOSE() { INFO "================== 安装Docker Compose ==================" TAG=`curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r '.tag_name'` url="https://github.com/docker/compose/releases/download/$TAG/docker-compose-$(uname -s)-$(uname -m)" MAX_ATTEMPTS=3 attempt=0 success=false save_path="/usr/local/bin" chmod +x $save_path/docker-compose &>/dev/null if ! command -v docker-compose &> /dev/null || [ -z "$(docker-compose --version)" ]; then WARN "Docker Compose 未安装或安装不完整,正在进行安装..." while [ $attempt -lt $MAX_ATTEMPTS ]; do attempt=$((attempt + 1)) wget --continue -q $url -O $save_path/docker-compose if [ $? -eq 0 ]; then chmod +x $save_path/docker-compose version_check=$(docker-compose --version) if [ -n "$version_check" ]; then success=true chmod +x $save_path/docker-compose break else WARN "Docker Compose 下载的文件不完整,正在尝试重新下载 (尝试次数: $attempt)" rm -f $save_path/docker-compose fi fi ERROR "Docker Compose 下载失败,正在尝试重新下载 (尝试次数: $attempt)" done if $success; then INFO "Docker Compose 安装成功,版本为:$(docker-compose --version)" else ERROR "Docker Compose 下载失败,请尝试手动安装docker-compose" exit 1 fi else chmod +x $save_path/docker-compose INFO "Docker Compose 安装成功,版本为:$(docker-compose --version)" fi } function INSTALL_DOCKER_CN() { MAX_ATTEMPTS=3 attempt=0 success=false cpu_arch=$(uname -m) save_path="/opt/docker_tgz" mkdir -p $save_path docker_ver="docker-26.1.4.tgz" case $cpu_arch in "arm64") url="https://gitlab.com/dqzboy/docker/-/raw/main/stable/aarch64/$docker_ver" ;; "aarch64") url="https://gitlab.com/dqzboy/docker/-/raw/main/stable/aarch64/$docker_ver" ;; "x86_64") url="https://gitlab.com/dqzboy/docker/-/raw/main/stable/x86_64/$docker_ver" ;; *) ERROR "不支持的CPU架构: $cpu_arch" exit 1 ;; esac if ! command -v docker &> /dev/null; then while [ $attempt -lt $MAX_ATTEMPTS ]; do attempt=$((attempt + 1)) WARN "Docker 未安装,正在进行安装..." wget -P "$save_path" "$url" &>/dev/null if [ $? -eq 0 ]; then success=true break fi ERROR "Docker 安装失败,正在尝试重新下载 (尝试次数: $attempt)" done if $success; then tar -xzf $save_path/$docker_ver -C $save_path \cp $save_path/docker/* /usr/bin/ &>/dev/null rm -rf $save_path INFO "Docker 安装成功,版本为:$(docker --version)" cat > /usr/lib/systemd/system/docker.service </dev/null CHECK_DOCKER systemctl enable docker &>/dev/null else ERROR "Docker 安装失败,请尝试手动安装" exit 1 fi else INFO "Docker 已安装,安装版本为:$(docker --version)" systemctl restart docker &>/dev/null CHECK_DOCKER fi } function INSTALL_COMPOSE_CN() { INFO "================== 安装Docker Compose ==================" MAX_ATTEMPTS=3 attempt=0 cpu_arch=$(uname -m) success=false save_path="/usr/local/bin" case $cpu_arch in "arm64") url="https://gitlab.com/dqzboy/docker/-/raw/main/stable/aarch64/docker-compose-linux-aarch64" ;; "aarch64") url="https://gitlab.com/dqzboy/docker/-/raw/main/stable/aarch64/docker-compose-linux-aarch64" ;; "x86_64") url="https://gitlab.com/dqzboy/docker/-/raw/main/stable/x86_64/docker-compose-linux-x86_64" ;; *) ERROR "不支持的CPU架构: $cpu_arch" exit 1 ;; esac chmod +x $save_path/docker-compose &>/dev/null if ! command -v docker-compose &> /dev/null || [ -z "$(docker-compose --version)" ]; then WARN "Docker Compose 未安装或安装不完整,正在进行安装..." while [ $attempt -lt $MAX_ATTEMPTS ]; do attempt=$((attempt + 1)) wget --continue -q $url -O $save_path/docker-compose if [ $? -eq 0 ]; then chmod +x $save_path/docker-compose version_check=$(docker-compose --version) if [ -n "$version_check" ]; then success=true chmod +x $save_path/docker-compose break else WARN "Docker Compose 下载的文件不完整,正在尝试重新下载 (尝试次数: $attempt)" rm -f $save_path/docker-compose fi fi ERROR "Docker Compose 下载失败,正在尝试重新下载 (尝试次数: $attempt)" done if $success; then INFO "Docker Compose 安装成功,版本为:$(docker-compose --version)" else ERROR "Docker Compose 下载失败,请尝试手动安装docker-compose" exit 1 fi else chmod +x $save_path/docker-compose INFO "Docker Compose 安装成功,版本为:$(docker-compose --version)" fi } function append_auth_config() { local file=$1 local auth_config=" auth: htpasswd: realm: basic-realm path: /auth/htpasswd" echo -e "$auth_config" | sudo tee -a "$file" > /dev/null sed -ri "s@#- ./htpasswd:/auth/htpasswd@- ./htpasswd:/auth/htpasswd@g" ${PROXY_DIR}/docker-compose.yaml &>/dev/null } function update_docker_registry_url() { local container_name=$1 sed -ri "s@- DOCKER_REGISTRY_URL=http://reg-docker-hub:5000@- DOCKER_REGISTRY_URL=http://${container_name}:5000@g" ${PROXY_DIR}/docker-compose.yaml } function DOWN_CONFIG() { files=( "dockerhub reg-docker-hub ${GITRAW}/config/registry-hub.yml" "gcr reg-gcr ${GITRAW}/config/registry-gcr.yml" "ghcr reg-ghcr ${GITRAW}/config/registry-ghcr.yml" "quay reg-quay ${GITRAW}/config/registry-quay.yml" "k8sgcr reg-k8s-gcr ${GITRAW}/config/registry-k8sgcr.yml" "k8s reg-k8s ${GITRAW}/config/registry-k8s.yml" "mcr reg-mcr ${GITRAW}/config/registry-mcr.yml" "elastic reg-elastic ${GITRAW}/config/registry-elastic.yml" ) selected_names=() selected_files=() selected_containers=() echo -e "${YELLOW}-------------------------------------------------${RESET}" echo -e "${GREEN}1) ${RESET}docker hub" echo -e "${GREEN}2) ${RESET}gcr" echo -e "${GREEN}3) ${RESET}ghcr" echo -e "${GREEN}4) ${RESET}quay" echo -e "${GREEN}5) ${RESET}k8s-gcr" echo -e "${GREEN}6) ${RESET}k8s" echo -e "${GREEN}7) ${RESET}mcr" echo -e "${GREEN}8) ${RESET}elastic" echo -e "${GREEN}9) ${RESET}all" echo -e "${GREEN}0) ${RESET}exit" echo -e "${YELLOW}-------------------------------------------------${RESET}" read -e -p "$(INFO '输入序号下载对应配置文件,空格分隔多个选项. all下载所有: ')" choices_reg if [[ "$choices_reg" == "9" ]]; then for file in "${files[@]}"; do file_name=$(echo "$file" | cut -d' ' -f1) container_name=$(echo "$file" | cut -d' ' -f2) file_url=$(echo "$file" | cut -d' ' -f3-) selected_names+=("$file_name") selected_containers+=("$container_name") selected_files+=("$file_url") wget -NP ${PROXY_DIR}/ $file_url &>/dev/null done selected_all=true elif [[ "$choices_reg" == "0" ]]; then WARN "退出下载配置! 首次安装如果没有配置无法启动服务,只能启动UI服务" return else for choice in ${choices_reg}; do if [[ $choice =~ ^[0-9]+$ ]] && ((choice > 0 && choice <= ${#files[@]})); then file_name=$(echo "${files[$((choice - 1))]}" | cut -d' ' -f1) container_name=$(echo "${files[$((choice - 1))]}" | cut -d' ' -f2) file_url=$(echo "${files[$((choice - 1))]}" | cut -d' ' -f3-) selected_names+=("$file_name") selected_containers+=("$container_name") selected_files+=("$file_url") wget -NP ${PROXY_DIR}/ $file_url &>/dev/null else ERROR "无效的选择: $choice" exit 1 fi done selected_all=false if [[ "$user_choice" != "4" ]]; then first_selected_container=${selected_containers[0]} update_docker_registry_url "$first_selected_container" fi fi read -e -p "$(echo -e ${INFO} ${GREEN}"是否需要配置镜像仓库访问账号和密码? (y/n): "${RESET})" config_auth if [[ "$config_auth" == "y" ]]; then while true; do read -e -p "$(echo -e ${INFO} ${GREEN}"请输入账号名称: "${RESET})" username if [[ -z "$username" ]]; then ERROR "用户名不能为空。请重新输入" else break fi done while true; do read -e -p "$(echo -e ${INFO} ${GREEN}"请输入账号密码: "${RESET})" password if [[ -z "$password" ]]; then ERROR "密码不能为空。请重新输入" else break fi done htpasswd -Bbn "$username" "$password" > ${PROXY_DIR}/htpasswd for file_url in "${selected_files[@]}"; do yml_name=$(basename "$file_url") append_auth_config "${PROXY_DIR}/${yml_name}" done fi } function PROXY_HTTP() { read -e -p "$(echo -e ${INFO} ${GREEN}"是否添加代理? (y/n): "${RESET})" modify_config case $modify_config in [Yy]* ) read -e -p "$(INFO "输入代理地址 (e.g. host:port): ")" url while [[ -z "$url" ]]; do WARN "代理地址不能为空,请重新输入。" read -e -p "$(INFO "输入代理地址 (e.g. host:port): ")" url done sed -i "s@#environment:@environment:@g" ${PROXY_DIR}/docker-compose.yaml sed -i "s@#- http=http://host:port@- http_proxy=http://${url}@g" ${PROXY_DIR}/docker-compose.yaml sed -i "s@#- https=http://host:port@- https_proxy=http://${url}@g" ${PROXY_DIR}/docker-compose.yaml INFO "你配置代理地址为: http://${url}." ;; [Nn]* ) WARN "跳过代理配置" ;; * ) ERROR "无效的输入。跳过配置修改" ;; esac } function ADD_PROXY() { mkdir -p /etc/systemd/system/docker.service.d if [ ! -f /etc/systemd/system/docker.service.d/http-proxy.conf ]; then cat > /etc/systemd/system/docker.service.d/http-proxy.conf </dev/null CHECK_DOCKER else if ! grep -q "HTTP_PROXY=http://$url" /etc/systemd/system/docker.service.d/http-proxy.conf || ! grep -q "HTTPS_PROXY=http://$url" /etc/systemd/system/docker.service.d/http-proxy.conf; then cat >> /etc/systemd/system/docker.service.d/http-proxy.conf </dev/null CHECK_DOCKER else INFO "======================================================= " fi fi } function START_CONTAINER() { if [ "$modify_config" = "y" ] || [ "$modify_config" = "Y" ]; then ADD_PROXY else INFO "拉取服务镜像并启动服务中,请稍等..." fi if [ "$selected_all" = true ]; then docker-compose up -d --force-recreate else docker-compose up -d "${selected_names[@]}" registry-ui fi } function RESTART_CONTAINER() { if [ "$selected_all" = true ]; then docker-compose restart else docker-compose restart "${selected_names[@]}" fi } function INSTALL_DOCKER_PROXY() { INFO "======================= 开始安装 =======================" wget -P ${PROXY_DIR}/ ${GITRAW}/docker-compose.yaml &>/dev/null DOWN_CONFIG PROXY_HTTP START_CONTAINER } function STOP_REMOVE_CONTAINER() { if [[ -f "${PROXY_DIR}/${DOCKER_COMPOSE_FILE}" ]]; then INFO "停止和移除所有容器" docker-compose -f "${PROXY_DIR}/${DOCKER_COMPOSE_FILE}" down --remove-orphans else WARN "容器未运行,无需删除" exit 1 fi } function UPDATE_CONFIG() { while true; do read -e -p "$(WARN '是否更新配置,更新前请确保您已备份现有配置,此操作不可逆? [y/n]: ')" update_conf case "$update_conf" in y|Y ) DOWN_CONFIG RESTART_CONTAINER break;; n|N ) WARN "退出配置更新操作。" break;; * ) INFO "请输入 'y' 表示是,或者 'n' 表示否。";; esac done } function REMOVE_NONE_TAG() { docker images | grep "^${IMAGE_NAME}.*" | awk '{print $3}' | xargs -r docker rmi images=$(docker images ${IMAGE_NAME} --format '{{.Repository}}:{{.Tag}}') latest=$(echo "$images" | sort -V | tail -n1) for image in $images do if [ "$image" != "$latest" ];then docker rmi $image fi done } function PACKAGE() { while true; do read -e -p "$(INFO '是否执行软件包安装? [y/n]: ')" choice_package case "$choice_package" in y|Y ) INSTALL_PACKAGE break;; n|N ) WARN "跳过软件包安装步骤。" break;; * ) INFO "请输入 'y' 表示是,或者 'n' 表示否。";; esac done } function INSTALL_WEB() { while true; do read -e -p "$(INFO "是否安装WEB服务?(用来通过域名方式访问加速服务) [y/n]: ")" choice_service if [[ "$choice_service" =~ ^[YyNn]$ ]]; then if [[ "$choice_service" == "Y" || "$choice_service" == "y" ]]; then while true; do read -e -p "$(INFO "选择安装的WEB服务。安装Caddy可自动开启HTTPS [Nginx/Caddy]: ")" web_service if [[ "$web_service" =~ ^(nginx|Nginx|caddy|Caddy)$ ]]; then if [[ "$web_service" == "nginx" || "$web_service" == "Nginx" ]]; then INSTALL_NGINX break elif [[ "$web_service" == "caddy" || "$web_service" == "Caddy" ]]; then INSTALL_CADDY break fi else WARN "请输入'nginx' 或者 'caddy'" fi done break else WARN "跳过WEB服务的安装。" break fi else INFO "请输入 'y' 表示是,或者 'n' 表示否。" fi done } function UPDATE_SERVICE() { services=( "dockerhub" "gcr" "ghcr" "quay" "k8sgcr" "k8s" ) selected_services=() WARN "更新服务请在docker compose文件存储目录下执行脚本.默认存储路径: ${PROXY_DIR}" echo -e "${YELLOW}-------------------------------------------------${RESET}" echo -e "${GREEN}1) ${RESET}docker hub" echo -e "${GREEN}2) ${RESET}gcr" echo -e "${GREEN}3) ${RESET}ghcr" echo -e "${GREEN}4) ${RESET}quay" echo -e "${GREEN}5) ${RESET}k8s-gcr" echo -e "${GREEN}6) ${RESET}k8s" echo -e "${GREEN}7) ${RESET}mcr" echo -e "${GREEN}8) ${RESET}elastic" echo -e "${GREEN}9) ${RESET}all" echo -e "${GREEN}0) ${RESET}exit" echo -e "${YELLOW}-------------------------------------------------${RESET}" read -e -p "$(INFO '输入序号选择对应服务,空格分隔多个选项. all选择所有: ')" choices_service if [[ "$choices_service" == "9" ]]; then for service_name in "${services[@]}"; do if docker-compose ps --services | grep -q "^${service_name}$"; then selected_services+=("$service_name") else WARN "服务 ${service_name}未运行,跳过更新。" fi done INFO "更新的服务: ${selected_services[*]}" elif [[ "$choices_service" == "0" ]]; then WARN "退出更新服务!" exit 1 else for choice in ${choices_service}; do if [[ $choice =~ ^[0-9]+$ ]] && ((choice >0 && choice <= ${#services[@]})); then service_name="${services[$((choice -1))]}" if docker-compose ps --services | grep -q "^${service_name}$"; then selected_services+=("$service_name") INFO "更新的服务: ${selected_services[*]}" else WARN "服务 ${service_name} 未运行,跳过更新。" fi else ERROR "无效的选择: $choice" exit 3 fi done fi } function PROMPT(){ PUBLIC_IP=$(curl -s https://ifconfig.me) ALL_IPS=$(hostname -I) INTERNAL_IP=$(echo "$ALL_IPS" | awk '$1!="127.0.0.1" && $1!="::1" && $1!="docker0" {print $1}') echo INFO "=================感谢您的耐心等待,安装已经完成==================" INFO INFO "请用浏览器访问 UI 面板: " INFO "公网访问地址: http://$PUBLIC_IP:50000" INFO "内网访问地址: http://$INTERNAL_IP:50000" INFO INFO "服务安装路径: ${PROXY_DIR}" INFO INFO "作者博客: https://dqzboy.com" INFO "技术交流: https://t.me/dqzboyblog" INFO "代码仓库: https://github.com/dqzboy/Docker-Proxy" INFO INFO "如果使用的是云服务器,且配置了域名与证书,请至安全组开放80、443端口;否则开放对应服务的监听端口" INFO INFO "================================================================" } function main() { INFO "====================== 请选择操作 ======================" echo "1) 新装服务" echo "2) 重启服务" echo "3) 更新服务" echo "4) 更新配置" echo "5) 卸载服务" read -e -p "$(INFO '输入对应数字并按 Enter 键: ')" user_choice case $user_choice in 1) CHECK_OS CHECK_PACKAGE_MANAGER CHECK_PKG_MANAGER CHECKMEM CHECKFIRE CHECKBBR PACKAGE INSTALL_WEB while true; do INFO "====================== 安装Docker ======================" read -e -p "$(INFO '安装环境确认.[国外输1;大陆输2]: ')" deploy_docker case "$deploy_docker" in 1 ) INSTALL_DOCKER INSTALL_COMPOSE break;; 2 ) INSTALL_DOCKER_CN INSTALL_COMPOSE_CN break;; * ) INFO "请输入 '1' 表示国外,或者 '2' 表示大陆。";; esac done INSTALL_DOCKER_PROXY PROMPT ;; 2) INFO "======================= 重启服务 =======================" docker-compose restart INFO "======================= 重启完成 =======================" ;; 3) INFO "======================= 更新服务 =======================" UPDATE_SERVICE if [ ${#selected_services[@]} -eq 0 ]; then WARN "没有需要更新的服务。" else docker-compose pull ${selected_services[*]} docker-compose up -d --force-recreate ${selected_services[*]} fi INFO "======================= 更新完成 =======================" ;; 4) INFO "======================= 更新配置 =======================" UPDATE_CONFIG INFO "======================= 更新完成 =======================" ;; 5) INFO "======================= 卸载服务 =======================" WARN "注意: 卸载服务会一同将项目本地的镜像缓存删除,请执行卸载之前确定是否需要备份本地的镜像缓存文件" while true; do read -e -p "$(INFO '本人已知晓后果,确认卸载服务? [y/n]: ')" uninstall case "$uninstall" in y|Y ) STOP_REMOVE_CONTAINER REMOVE_NONE_TAG docker rmi --force $(docker images -q ${IMAGE_NAME}) &>/dev/null docker rmi --force $(docker images -q ${UI_IMAGE_NAME}) &>/dev/null rm -rf ${PROXY_DIR} &>/dev/null INFO "服务已经卸载,感谢你的使用!" INFO "========================================================" break;; n|N ) WARN "退出卸载服务." break;; * ) INFO "请输入 'y' 表示是,或者 'n' 表示否。";; esac done ;; *) WARN "输入了无效的选择。请重新运行脚本并选择1-4的选项。" ;; esac } main