remove project

LICENSE

+MIT License
+
+Copyright (c) 2018 ChongmingDu
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

+本环境只支持阿里云&腾讯云环境，其他环境如需使用请联系 decodedcm@gmail.com。违规使用，后果自负。
+使用本环境之前请先联系相关人员后，在进行使用。
+
+背景：
+    为了解决机器骤加的问题，推出本系统，旨在解决基本环境的安装及各个机器配置不统一情况。基于Devops理念，可运行简单的几条命令即可完成复杂的配置工作。
+
+面向群体：全体
+
+使用：
+    1. 个人环境安装ansible，使用pip工具安装（需要Python3）。pip3 install ansible即可完成。
+    2. git clone http://code.mayi888.com/duchongming/Ant_Devops.git
+    3. cd Ant_Devops
+    4. 设置免密认证。文档：https://blog.csdn.net/furzoom/article/details/79139570
+    5. 修改host.yml.examples中内容为远程主机公网地址，并重命名此文件为host.yml
+    6. 修改roles/nginx/templates/examples.conf或roles/nginx/templates/examplesadmin.conf内容，把文中“examples”替换成需要的URL。其中，roles/nginx/templates/examples.conf适合前后分离的web环境。roles/nginx/templates/examplesadmin.conf适合用到“统一管理平台”的web环境。
+    7. 运行 ansible-playbook -i host.yml  -u root playbook.yml
+
+本环境内容：
+    1. nginx(tenginx 2.2.2)
+    2. openjdk(1.8)
+    3. docker(17.12.1-ce)
+    4. git(2.9.5)
\ No newline at end of file

host.yml.examples

+[local]
+118.25.142.187
+
+[zabbix_server]
+host1
+
+[zabbix_agent]
+agent1
\ No newline at end of file

playbook.yml

+---
+- name: Aliyun ansible-playbook  
+  hosts: all
+  remote_user: root
+  
+  vars_files:
+    - var/main.yml
+  
+  roles:
+    - tool
+    - nginx
\ No newline at end of file

roles/nginx/handlers/main.yml

+---
+- name: "restart nginx"
+  service: name=nginx state=restarted enabled=yes
\ No newline at end of file

roles/nginx/tasks/main.yml

+---
+- name: "Downloads nginx server"
+  get_url: 
+   url: http://tengine.taobao.org/download/tengine-2.2.2.tar.gz 
+   dest: "{{ software }}/"
+
+#local file 
+# - name: "unzip nginx bar"
+#   synchronize:
+#    src: “{{ software }}/tengine-2.2.2.tar.gz”
+#    dest: "{{ software }}/"
+
+#remove file
+- name: "unzip nginx bar"
+  shell:
+    "tar -xzf /usr/local/tengine-2.2.2.tar.gz -C /usr/local/"
+
+- name: "install nginx"
+  shell: cd /usr/local/tengine-2.2.2;./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/data/logs/nginx/access.log --error-log-path=/data/logs/nginx/error.log &>/dev/null;make -j 4&&make install
+
+- name: "link nginx bin"
+  file:
+    src: /usr/local/nginx/sbin/nginx
+    dest: /bin/nginx
+    state: link
+
+- name: "Add to nginx user"
+  user:
+    name: nginx
+    remove: no
+    shell: /bin/false
+
+- name: "mkdir nginxdir"
+  file:
+    dest: /usr/local/nginx/conf/conf.d
+    owner: nginx
+    group: nginx
+    mode: 0755
+    state: directory
+
+- name: "static dir"
+  file:
+    dest: /data/www
+    mode: 0755
+    state: directory
+
+- name: "templates nginx.conf"
+  template:
+    src: nginx.conf
+    dest: /usr/local/nginx/conf/nginx.conf
+
+- name: "start nginx"
+  shell: /usr/local/nginx/sbin/nginx -s start
+
+- name: "templates nginx examples.conf"
+  template:
+    src: examples.conf
+    dest: "{{ ngwork }}/examples.conf"
\ No newline at end of file

roles/nginx/templates/examples.conf

+server {
+        listen       80;
+        listen       443;
+        server_name  static.examples.com;
+        # ssl on;
+        # ssl_certificate    /usr/local/nginx/examples.pem;
+        # ssl_certificate_key  /usr/local/nginx/examples.key;
+        access_log  /home/app-data/nginx/logs/examples_access.log  main;
+        error_log   /home/app-data/nginx/logs/examples_error.log ;
+
+
+    location /api/ {
+             set $vhost "api.examples.com";
+             proxy_connect_timeout   3;
+             proxy_send_timeout      30;
+             proxy_read_timeout      30;
+             proxy_pass http://$vhost;
+
+             proxy_set_header Proxy-Client-IP $remote_addr;
+             proxy_set_header Host $host;
+             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+             proxy_http_version 1.1;
+             proxy_set_header Upgrade $http_upgrade;
+             proxy_set_header Connection "upgrade";
+        }
+
+        location / {
+             set $vhost "static.examples.com";
+             proxy_connect_timeout   3;
+             proxy_send_timeout      30;
+             proxy_read_timeout      30;
+             proxy_pass http://$vhost;
+
+             proxy_set_header Proxy-Client-IP $remote_addr;
+             proxy_set_header Host $host;
+             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+             proxy_http_version 1.1;
+             proxy_set_header Upgrade $http_upgrade;
+             proxy_set_header Connection "upgrade";
+        }
+
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+                root   html;
+        }
+}
\ No newline at end of file

roles/nginx/templates/examplesadmin.conf

+server {
+        listen       80;
+        listen       443;
+        server_name  static.examples.com;
+        # ssl on;
+        # ssl_certificate    /usr/local/nginx/examples.pem;
+        # ssl_certificate_key  /usr/local/nginx/examples.key;
+        access_log  /home/app-data/nginx/logs/examples_access.log  main;
+        error_log   /home/app-data/nginx/logs/examples_error.log ;
+
+
+    location /api/ {
+             set $vhost "api.examples.com";
+             proxy_connect_timeout   3;
+             proxy_send_timeout      30;
+             proxy_read_timeout      30;
+             proxy_pass http://$vhost;
+
+             proxy_set_header Proxy-Client-IP $remote_addr;
+             proxy_set_header Host $host;
+             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+             proxy_http_version 1.1;
+             proxy_set_header Upgrade $http_upgrade;
+             proxy_set_header Connection "upgrade";
+        }
+
+        location / {
+            root /data/www/examples/;
+        }
+
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+                root   html;
+        }
+}
\ No newline at end of file

roles/nginx/templates/nginx.conf

+user  root;
+worker_processes  4;
+
+error_log  logs/error.log;
+error_log  logs/error.log  info;
+error_log  "pipe:rollback logs/error_log interval=1d baknum=7 maxsize=2G";
+
+pid        logs/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  logs/access.log  main;
+    access_log  "pipe:rollback logs/access_log interval=1d baknum=7 maxsize=2G"  main;
+
+    client_header_timeout       10m;
+    client_body_timeout         10m;
+    send_timeout                10m;
+    connection_pool_size        256;
+    client_header_buffer_size   32k;
+    large_client_header_buffers 4 32k;
+
+    sendfile        on;
+    tcp_nopush     on;
+
+
+    keepalive_timeout  65;
+
+
+charset utf-8;
+        gzip on;
+        gzip_min_length 1k;
+        gzip_buffers 4 16k;
+        gzip_comp_level 2;
+        gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif im
+age/png;
+        gzip_disable "MSIE [1-6]\.";
+    server_tokens off;
+    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+
+    client_max_body_size 1000m;
+    client_body_temp_path /dev/shm;
+
+    map $http_upgrade $connection_upgrade {
+            default upgrade;
+            ''      close;
+    }
+
+    server {
+        listen       80;
+        server_name  localhost;
+
+        #charset koi8-r;
+
+        #access_log  logs/host.access.log  main;
+        #access_log  "pipe:rollback logs/host.access_log interval=1d baknum=7 maxsize=2G"  main;
+
+        location / {
+            root   html;
+            index  index.html index.htm;
+        }
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   html;
+        }
+    }
+
+
+
+   include conf.d/*.conf;
+}
\ No newline at end of file

roles/tool/files/init.sh

+#!/bin/bash
+
+#Install packages
+yum install -y bash-completion.noarch bash-completion-extras.noarch wget vim asciidoc xmlto docbook2x curl-devel expat-devel gettext-devel openssl-devel zlib-devel perl-ExtUtils-MakeMaker gd-devel java-1.8.0-openjdk  java-1.8.0-openjdk-devel
+yum groups install -y "System Administration Tools" "Development Tools" "System Management"
+
+#set sysctl
+cat << EOF > /etc/sysctl.conf
+net.ipv4.ip_forward = 0
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.default.accept_source_route = 0
+kernel.sysrq = 0
+kernel.core_uses_pid = 1
+net.ipv4.tcp_syncookies = 1
+kernel.msgmnb = 65536
+kernel.msgmax = 65536
+kernel.shmmax = 68719476736
+kernel.shmall = 4294967296
+net.ipv4.tcp_max_tw_buckets = 8192
+net.ipv4.tcp_sack = 1
+net.ipv4.tcp_window_scaling = 1
+net.ipv4.tcp_rmem = 4096 87380 4194304
+net.ipv4.tcp_wmem = 4096 16384 4194304
+net.core.wmem_default = 8388608
+net.core.rmem_default = 8388608
+net.core.rmem_max = 16777216
+net.core.wmem_max = 16777216
+net.core.netdev_max_backlog = 262144
+net.core.somaxconn = 262144
+net.ipv4.tcp_max_orphans = 3276800
+net.ipv4.tcp_max_syn_backlog = 262144
+net.ipv4.tcp_timestamps = 0
+net.ipv4.tcp_synack_retries = 1
+net.ipv4.tcp_syn_retries = 1
+net.ipv4.tcp_tw_recycle = 1
+net.ipv4.tcp_tw_reuse = 1
+net.ipv4.tcp_mem = 94500000 915000000 927000000
+net.ipv4.tcp_fin_timeout = 20
+net.ipv4.tcp_keepalive_time = 1200
+net.ipv4.tcp_keepalive_probes = 3
+net.ipv4.tcp_keepalive_intvl = 10
+net.ipv4.ip_local_port_range = 1024 65000
+fs.file-max = 65535
+net.ipv4.tcp_retries2 = 3
+net.ipv4.route.gc_timeout = 100
+EOF
+sysctl -p &>/dev/null
+
+#Install docker-ce
+sudo yum install -y yum-utils device-mapper-persistent-data lvm2
+sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
+sudo yum makecache fast
+sudo yum install  docker-ce-17.12.1.ce-1.el7.centos -y
+systemctl start docker&&systemctl enable docker
+
+# Install mongod4
+# cat << EOF > /etc/yum.repos.d/mongo4.repo
+# [mongodb-org-4.0]
+# name=MongoDB Repository
+# baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
+# gpgcheck=1
+# enabled=1
+# gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
+# EOF
+# sudo yum install -y mongodb-org &>/dev/null
+# systemctl start mongod.service&&systemctl enable mongod.service
\ No newline at end of file

roles/tool/tasks/main.yml

+---
+- name: "Initialization OS shell"
+  copy:
+   src: init.sh
+   dest: /tmp/init.sh
+
+- name: "Initialization OS"
+  shell: /bin/bash /tmp/init.sh
+
+- name: "Add to tomcat user"
+  user:
+    name: tomcat
+    shell: /bin/bash
+    password: 1q2w3e4r
+    remove: yes
+
+- name: "Install git 2.9.5"
+  get_url:
+      url: https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.9.5.tar.xz
+      dest: "{{ software }}/"
+
+- name: "unzip git tar"
+  shell: "cd /usr/local/;tar -xvf git-2.9.5.tar.xz"
+
+- name: "Install git"
+  shell: "cd /usr/local/git-2.9.5/;./configure --prefix=/usr &>/dev/null;make -j 4&& make install &>/dev/null"
\ No newline at end of file

roles/zabbix/files/zabbix_db.sh

+#!/bin/bash
+mysql -u root -p 1q2w3e4r zabbix -e "grant all privileges on zabbix.* to zabbix@localhost identified by '1q2w3e4r';"
+cd /usr/share/doc/zabbix-server-mysql-3.4.0
+zcat create.sql.gz | mysql -uroot -p1q2w3e4r zabbix
\ No newline at end of file

roles/zabbix/tasks/main.yml

+---
+- name: "Install zabbix repo"
+  shell: "rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-1.el7.noarch.rpm"
+
+- name: "Install zabbix packages"
+  yum:
+    name: "{{ zabbix_server_packages }}"
+    state: latest
+  when: host=="zabbix_server"
+
+- name: "Install zabbix agent"
+  yum:
+    name: "{{ zabbix_agent_packages }}"
+    state: latest
+  when: host=="zabbix_agent"
+
+- name: "mysql operation"
+  mysql_db:
+    name: zabbix
+    login_host: 127.0.0.1
+    login_port: "{{ mysql_port }}"
+    login_user: root
+    login_password: "{{ login_password }}"
+    encoding: utf8
+    state: present
+  when: host=="zabbix_server"
+
+- name: "copy mysql shell script"
+  copy:
+    src: zabbix_db.sh
+    dest: /tmp/zabbix.sh
+  when: host=="zabbix_server"
+
+- name: "run mysql shell script"
+  shell: "/bin/bash /tmp/zabbix.sh"
+  when: host=="zabbix_server"
+

var/main.yml

+---
+#software dir
+software: /usr/local
+
+#nginx work dir
+ngwork: /usr/local/nginx/conf/conf.d
+
+#zabbix packages
+zabbix_server_packages:
+  - zabbix-server-mysql
+  - zabbix-web-mysql
+zabbix_agent_packages:
+  - zabbix-agent
+
+#mysql args
+login_password: 1q2w3e4r
+mysql_port: 3306
\ No newline at end of file

zabbix.yml

+---
+- name: "Install zabbix "
+  hosts: all
+  remote_user: root
+
+  vars_files: 
+   - var/main.yml
+  
+  roles:
+   - zabbix
\ No newline at end of file