当前位置：首页 > news >正文

江苏盐城网站建设住建局查询房产信息

news 2026/4/16 16:32:53

江苏盐城网站建设,住建局查询房产信息,wordpress被挂木马,郑州销售网站目录 1 说明 2 CI/CD 2.1 部署方式一#xff1a;增量部署 2.1.1 目标服务器准备 2.2.2 Gitlab及Envoy脚本 2.2 部署方式二#xff1a;镜像构建与部署 2.2.1 推送到私有化容器仓库准备工作脚本要点 2.2.2 推送到hub.docker.com 准备工作脚本 3 参考#x…目录 1 说明 2 CI/CD 2.1 部署方式一增量部署 2.1.1 目标服务器准备 2.2.2 Gitlab及Envoy脚本 2.2 部署方式二镜像构建与部署 2.2.1 推送到私有化容器仓库准备工作脚本要点 2.2.2 推送到hub.docker.com 准备工作脚本 3 参考 1 说明以一个laravel blog项目为例做dev分支的CI/CD实践结合laravel envoy工具做多个远程服务器部署分两种方式A. 增量部署 B.镜像构建与部署服务器 SiteServerIP站点目录team1-prj2.dev.iahost001.dev.ia192.168.0.130/www/wwwroot/team1-prj2.dev.iateam1-prj2.dev.iahost002.dev.ia192.168.0.131/www/wwwroot/team1-prj2.dev.ia 2 CI/CD 2.1 部署方式一增量部署通过Lavavel/Envoy和git拉取新版本文件进行部署 2.1.1 目标服务器准备 php8.2, 安装所需扩展务必在cli下测试是否正常, 有些被disable的functions要打开composer self-update 兼容php8.2使用Laravel/Envoy分发部署确保Envoy.blade.php是utf8格式文件站点目录结构 roothost001:/www/wwwroot/team1-prj2.dev.ia# tree -d -L 3 ./ ./ ├── current - /www/wwwroot/team1-prj2.dev.ia/releases/default ├── releases │ └── default │ ├── app │ ├── bootstrap │ ├── config │ ├── database │ ├── public │ ├── resources │ ├── routes │ ├── storage - /www/wwwroot/team1-prj2.dev.ia/storage │ ├── tests │ └── vendor └── storage├── app│ └── public├── framework│ ├── cache│ ├── sessions│ ├── testing│ └── views└── logs说明 team1-prj2.dev.ia应用目录team1-prj2.dev.ia/releases版本发布目录这里只设置了一个default目录也可根据需要做日期变量发布team1-prj2.dev.ia/current 链接到最新版本被nginx访问的站点目录路径 current - /www/wwwroot/team1-prj2.dev.ia/releases/default/ team1-prj2.dev.ia/storage 链接到最新版本的应用数据保存目录如日志缓存等 storage - /www/wwwroot/team1-prj2.dev.ia/storage team1-prj2.dev.ia/.dev .dev文件是运维人员建立的服务器定制环境文件不进入仓库链接到项目同名文件 .env - /www/wwwroot/team1-prj2.dev.ia/.env* team1-prj2.dev.ia/releases/default/.gitlab-ci.ymlgitlab 部署脚本team1-prj2.dev.ia/releases/default/Envoy.blade.phpenvoy 部署脚本 nginx配置 server {listen 80;server_name team1-prj2.dev.ia;index index.php index.html index.htm default.php default.htm default.html;root /www/wwwroot/team1-prj2.dev.ia/current/public;#CERT-APPLY-CHECK--START# 用于SSL证书申请时的文件验证相关配置 -- 请勿删除include /www/server/panel/vhost/nginx/well-known/team1-prj2.dev.ia.conf;#CERT-APPLY-CHECK--END#SSL-START SSL相关配置请勿删除或修改下一行带注释的404规则#error_page 404/404.html;#SSL-END#ERROR-PAGE-START 错误页配置可以注释、删除或修改#error_page 404 /404.html;#error_page 502 /502.html;#ERROR-PAGE-END#PHP-INFO-START PHP引用配置可以注释或修改include enable-php-82.conf;#PHP-INFO-END#REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效include /www/server/panel/vhost/rewrite/team1-prj2.dev.ia.conf;#REWRITE-END#禁止访问的文件或目录location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md){return 404;}#一键申请SSL证书验证目录相关设置location ~ \.well-known{allow all;}#禁止在证书验证目录放入敏感文件if ( $uri ~ ^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$ ) {return 403;}location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)${expires 30d;error_log /dev/null;access_log /dev/null;}location ~ .*\.(js|css)?${expires 12h;error_log /dev/null;access_log /dev/null;}location / {try_files $uri $uri/ /index.php?$query_string;}access_log /www/wwwlogs/team1-prj2.dev.ia.log;error_log /www/wwwlogs/team1-prj2.dev.ia.error.log; } 2.2.2 Gitlab及Envoy脚本 .gitlab-ci.yml # default: # image: edbizarro/gitlab-ci-pipeline-php:7.4 #default: # image: bennybi/php8.2 # image: bennybi/php7.4stages:- test- deploy.init_ssh: init_ssh |which ssh-agent || ( apt-get update -y apt-get install openssh-client -y )eval $(ssh-agent -s)echo $SSH_PRIVATE_KEY | tr -d \r | ssh-add - /dev/nullmkdir -p ~/.sshchmod 700 ~/.ssh[[ -f /.dockerenv ]] echo -e Host *\n\tStrictHostKeyChecking no\n\n ~/.ssh/configcache:key: ${CI_COMMIT_REF_SLUG}paths:- vendor/unit_test:stage: testtags:- phpscript:- cp .env.test .env- composer install- composer global require laravel/envoy- php artisan key:generate- php artisan migrate- vendor/bin/phpunitdeploy_dev:stage: deploytags:- phpenvironment:name: devurl: http://team1-prj2.dev.iascript:- *init_ssh- vendor/bin/envoy run deploy --branch$CI_COMMIT_BRANCH --commit$CI_COMMIT_SHArules:- if: $CI_COMMIT_BRANCH devdeploy_live:stage: deploytags:- phpscript:- *init_ssh- vendor/bin/envoy run deploy --commit$CI_COMMIT_SHAenvironment:name: liveurl: http://team1-prj2.dev.iawhen: manualrules:- if: $CI_COMMIT_BRANCH liveEnvoy.blade.php servers([local deployerhost001.dev.ia,staging deployerhost002.dev.ia])setup$repository githost001.dev.ia:dev1/team1-prj2.git;$releases_dir /www/wwwroot/team1-prj2.dev.ia/releases;$app_dir /www/wwwroot/team1-prj2.dev.ia;$release default;$new_release_dir $releases_dir ./. $release;$user get_current_user(); endsetupstory(deploy, [on [local,staging]])sync_repositoryrun_composerupdate_symlinks endstorytask(sync_repository)echo Current User: {{$user}}, branch:{{$branch}}, commit:{{$commit}}if [ -d {{$new_release_dir}} ]; thenecho Pulling repositorycd {{ $new_release_dir }}git checkout {{ $branch }}git fetchgit reset --hard HEADgit merge origin/{{ $branch }}elseecho Cloning repository[ -d {{ $releases_dir }} ] || mkdir {{ $releases_dir }}git clone --branch {{ $branch }} --single-branch --depth 1 {{ $repository }} {{ $new_release_dir }}cd {{ $new_release_dir }}git reset --hard {{ $commit }}git config --global --add safe.directory *fi endtasktask(run_composer)echo Starting deployment ({{ $release }})cd {{ $new_release_dir }}composer install --prefer-dist --no-scripts -q -o endtasktask(update_symlinks)if [ ! -d {{ $app_dir }}/current ]; thenecho Linking storage directory{{-- rm -rf {{ $new_release_dir }}/storage --}}mv {{ $new_release_dir }}/storage {{ $app_dir }}ln -nfs {{ $app_dir }}/storage {{ $new_release_dir }}/storageecho Linking .env fileln -nfs {{ $app_dir }}/.env {{ $new_release_dir }}/.envecho Linking current releaseln -nfs {{ $new_release_dir }} {{ $app_dir }}/currentchmod 775 -Rf {{ $releases_dir }}fichmod 775 -Rf {{ $new_release_dir }}/storage{{-- chown deployer:www -Rf {{ $new_release_dir }}/.git --}} endtask2.2 部署方式二镜像构建与部署 2.2.1 推送到私有化容器仓库准备工作 - 新建项目team1-prj1初始化git 仓库为http://host001.dev.ia:18181/dev1/team1-prj1.git - 建好容器仓库见前文相关部分 - 需要在Admin Area-CI/CD-Variables添加docker访问用户变量 $LOCAL_REGISTRY_LOGIN your docker username $LOCAL_REGISTRY_PASSWORD 脚本项目中添加Dockerfile 文件这里用到的原型镜像是我之前定制的php8.2 # Set the base image for subsequent instructions FROM bennybi/php8.2:latest# Update packages RUN apt-get update# Install PHP and composer dependencies # RUN apt-get install -qq git curl libmcrypt-dev libjpeg-dev libpng-dev libfreetype6-dev libbz2-dev# Clear out the local repository of retrieved package files RUN apt-get clean# Install needed extensions # Here you can install any other extension that you need during the test and deployment process # RUN docker-php-ext-install mcrypt pdo_mysql zip# Install Composer RUN curl --silent --show-error https://getcomposer.org/installer | php -- --install-dir/usr/local/bin --filenamecomposer# Install Laravel Envoy RUN composer global require laravel/envoy~1.0# Laravel? Add your user RUN groupadd -g 1000 www RUN useradd -u 1000 -ms /bin/bash -g www www# Copy existing application directory contents COPY . /var/www# Copy existing application directory permissions COPY --chownwww:www . /var/www# Change current user to www USER www# Expose port 9000 and start php-fpm server EXPOSE 9000 CMD [php-fpm].gitlab-ci.yml default:image: docker:19.03.8services:- mysql:5.7before_script:- docker infovariables:MYSQL_DATABASE: testMYSQL_ROOT_PASSWORD: fa843c707ce26702DB_HOST: host001.dev.iaDB_USERNAME: developerstages:- test- build# - deployunit_test:stage: testtags:- phpscript:- cp .env.test .env- composer install- php artisan key:generate- php artisan migrate- vendor/bin/phpunitbuild_image:stage: buildvariables:REGISTRY_URL: http://host001.dev.ia:5050DOCKER_IMAGE_TAG: host001.dev.ia:5050/dev1/team1-prj1tags:- phpscript:- docker login ${REGISTRY_URL} -u $LOCAL_REGISTRY_LOGIN -p $LOCAL_REGISTRY_PASSWORD- docker build --output typeregistry,oci-mediatypesfalse --cache-from ${DOCKER_IMAGE_TAG} -t ${DOCKER_IMAGE_TAG} --push --provenancefalse .# - docker push ${DOCKER_IMAGE_TAG}:latest- docker push ${DOCKER_IMAGE_TAG}rules:- if: $CI_COMMIT_BRANCH dev# deploy_dev: # stage: deploy # tags: # - php # script: # - which ssh-agent || ( apt-get update -y apt-get install openssh-client -y ) # - eval $(ssh-agent -s) # - ssh-add (echo $SSH_PRIVATE_KEY) # - mkdir -p ~/.ssh # - [[ -f /.dockerenv ]] echo -e Host *\n\tStrictHostKeyChecking no\n\n ~/.ssh/config # # - ~/.composer/vendor/bin/envoy run deploy --commit$CI_COMMIT_SHA # environment: # name: dev # url: http://team1-prj1.dev.ia # when: manual # rules: # - if: $CI_COMMIT_BRANCH dev要点 - 注意build时所需的参数缺少会诱发错误 “Invalid tag: missing manifest digest” We used the buildx flag “–output typeregistry,oci-mediatypesfalse” to generate a Docker v2.2 manifest list. We could set the value to “true” and generate an OCI manifest index, but the GitLab UI will incorrectly display “Invalid tag: missing manifest digest”. 推送结果图示 2.2.2 推送到hub.docker.com 准备工作 - 新建项目team1-prj1初始化git 仓库为http://host001.dev.ia:18181/dev1/team1-prj1.git - 构建的镜像将push到hub.docker.com因此需要在Admin Area-CI/CD-Variables添加docker访问用户变量 $DOCKER_LOGIN your docker username $DOCKER_PASSWORD 脚本 Dockerfile 同上 ... .gitlab-ci.yml default:image: docker:19.03.8services:- mysql:5.7before_script:- docker infovariables:MYSQL_DATABASE: testMYSQL_ROOT_PASSWORD: fa843c707ce26702DB_HOST: host001.dev.iaDB_USERNAME: developerstages:- test- build# - deployunit_test:stage: testtags:- phpscript:- cp .env.test .env- composer install- php artisan key:generate- php artisan migrate- vendor/bin/phpunitbuild_image:stage: buildvariables:DOCKER_IMAGE_TAG: bennybi/team1-prj1tags:- phpscript:- docker build --cache-from ${DOCKER_IMAGE_TAG} -t ${DOCKER_IMAGE_TAG} .- docker login --username $DOCKER_LOGIN --password $DOCKER_PASSWORD# - docker run my-docker-image /script/to/run/tests- docker push ${DOCKER_IMAGE_TAG}:latestrules:- if: $CI_COMMIT_BRANCH dev# deploy_dev: # stage: deploy # tags: # - php # script: # - which ssh-agent || ( apt-get update -y apt-get install openssh-client -y ) # - eval $(ssh-agent -s) # - ssh-add (echo $SSH_PRIVATE_KEY) # - mkdir -p ~/.ssh # - [[ -f /.dockerenv ]] echo -e Host *\n\tStrictHostKeyChecking no\n\n ~/.ssh/config # # - ~/.composer/vendor/bin/envoy run deploy --commit$CI_COMMIT_SHA # environment: # name: dev # url: http://team1-prj1.dev.ia # when: manual # rules: # - if: $CI_COMMIT_BRANCH dev3 参考 - GitLab: automated build and publish of multi-platform container image with GitLab pipeline | Fabian Lee : Software Engineer - https://jaumemule.medium.com/build-a-php8-0-fpm-gitlab-ci-cd-application-docker-google-cloud-5f2868e8370 - https://docs.gitlab.com/ee/ci/docker/using_docker_build.html - https://github.com/papertank/envoy-deploy/blob/master/readme.md - https://warrickbayman.medium.com/zero-downtime-laravel-deployments-with-envoy-version-2-227c8259e31c - Test and deploy Laravel applications with GitLab CI/CD and Envoy | GitLab - GitLab CI/CD examples | GitLab - 使用GitLab Runner为基于Laravel的PHP项目进行部署 - GitLab CI/CD for Beginners [FREE Course] - DEV Community

查看全文

http://www.hkea.cn/news/14290083/