2024-10-14
Docker
00

目录

安装MySQL:8.0
部署Confluence
初始化配置
nginx配置反向代理
备份数据
部署jira

安装MySQL:8.0

my.cnf 配置

[mysqld] ... # confluence配置 character-set-server=utf8mb4 collation-server=utf8mb4_bin default-storage-engine=INNODB max_allowed_packet=256M innodb_log_file_size=2GB transaction-isolation=READ-COMMITTED binlog_format=row log-bin-trust-function-creators = 1 # 设置隔离级别 transaction-isolation=READ-COMMITTED #如果存在这个配置,请注释或删除掉 #sql_mode = NO_AUTO_VALUE_ON_ZERO ...

创建confluence网络

bash
docker network create server_web-network

docker-compose 的 mysq.yml 文件

yaml
cat > mysql.yml << 'EOF' version: '3.6' networks: server_web-network: external: true services: db: image: mysql:8.0 container_name: mysql-confluence command: --default-authentication-plugin=mysql_native_password restart: always environment: MYSQL_ROOT_PASSWORD: root TZ: Asia/Shanghai ports: - 3306:3306 volumes: - ./data:/var/lib/mysql #数据文件挂载 - ./conf.d/my.cnf:/etc/my.cnf #配置文件挂载 networks: - server_web-network EOF

启动mysql8.0

bash
docker-compose -f mysql.yml up -d

创建数据库和用户

  • 创建数据库
bash
CREATE DATABASE <database-name> CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;
  • 创建用户
bash
CREATE user '<confluenceuser>'@'%' IDENTIFIED BY '<password>';
  • 授权
bash
GRANT ALL PRIVILEGES ON <database-name>.* TO '<confluenceuser>'@'%' WITH GRANT OPTION;
  • 刷新权限
bash
flush privileges;

部署Confluence

mysql驱动包,下载地址:https://downloads.mysql.com/archives/c-j/ ,版本选择 8.0.22 ,操作系统选择 Platform Independent

bash
wget https://downloads.mysql.com/archives/get/p/3/file/mysql-connector-java-8.0.22.tar.gz

破解包下载:

bash
wget https://github.com/qinyuxin99/atlassian-agent/releases/download/v1.2.3/atlassian-agent-v1.2.3.tar.gz # 2个链接都可以下载(二选一) wget https://oskr.cn/upload/2024/02/Crack.jar --no-check-certificate

创建 confluence.yml 配置文件

yaml
cat > confluence.yml << 'EOF' version: '3' networks: server_web-network: external: true services: confluence: image: "atlassian/confluence-server" container_name: confluence volumes: - ./atlassian-agent.jar:/var/atlassian/atlassian-agent.jar - ./mysql-connector-java-8.0.22.jar:/opt/atlassian/confluence/confluence/WEB-INF/lib/mysql-connector-java-8.0.22.jar - ./confluence-home:/var/atlassian/application-data/confluence # 下面是挂载linxu缺少的字体 - ./simkai.ttf:/usr/share/fonts/winfonts/simkai.ttf environment: - JAVA_OPTS="-javaagent:/var/atlassian/atlassian-agent.jar" # 加载配置的字体目录变量 - CATALINA_OPTS="-Dconfluence.document.conversion.fontpath=/usr/share/fonts/winfonts/" - JVM_MINIMUM_MEMORY=2048m - JVM_MAXIMUM_MEMORY=2048m - JVM_RESERVED_CODE_CACHE_SIZE=512m - ATL_PROXY_NAME=domain.com - ATL_PROXY_PORT=443 - ATL_TOMCAT_SCHEME=https - ATL_TOMCAT_SECURE=true ports: - "8090:8090" restart: always networks: - server_web-network EOF

默认内存分配为1024m,如果需要覆盖 Confluence Server 的默认内存分配,可以通过环境变量JVM_MINIMUM_MEMORYJVM_MAXIMUM_MEMORYJVM_RESERVED_CODE_CACHE_SIZE 控制最小堆(Xms)和最大堆(Xmx)。

运行confluence

bash
docker-compose -f confluence.yml up -d

初始化配置

访问 http://IP:8090 ,复制 Server ID BXYF-9XGF-1NZ9-CBIN ,进入容器运行下方命令生成key

bash
java -jar atlassian-agent.jar -d -m test@test.com -n BAT -p 'conf' -o http://localhost:8090 -s BXYF-9XGF-1NZ9-CBIN

输入生成的key,输入数据库的相关信息,一路点击下一步即可

插件破解

第三方插件将其应用密钥/插件关键字作为-p参数。如: -p 'org.swift.confluence.excel'

bash
# 通过破解包生成激活码 # -p 产品名称 jira # -m 邮箱([email protected] # -n 用户名,这个随意 # -o 部署的入口地址 # -s 服务器ID(BXYF-9XGF-1NZ9-CBIN) java -jar atlassian-agent.jar -d -m test@test.com -n BAT -p 'conf' -o http://localhost:8090 -s BXYF-9XGF-1NZ9-CBIN

confluence乱码问题

一、下载字体

bash
wget https://raw.githubusercontent.com/jiaxiaochu/font/refs/heads/master/simkai.ttf

进入到容器 /usr/share/fonts 目录,新建一个 winfonts 文件夹,把下载的字体拷贝到这个目录下

二、在confluence的安装目录, 如 /opt/atlassian/confluence/bin下找到setenv.sh, 找到CATALINA_OPTS,加入一行,或者在 confluence.yml 文件添加变量也可以

bash
# 添加一行配置 CATALINA_OPTS="-Dconfluence.document.conversion.fontpath=/usr/share/fonts/winfonts/ ${CATALINA_OPTS}" # 添加变量(二选一) - CATALINA_OPTS="-Dconfluence.document.conversion.fontpath=/usr/share/fonts/winfonts/"

三、清空confluence的home下viewfile目录和shared-home/dcl-document目录里的所有缓存文档文件, 不清空的话, confluence预览旧文件时还是会显示方框,只有新文件才会正常.

四、重启confluence就可以了

nginx配置反向代理

docker-compose部署nginx

bash
cat > nginx.yml << 'EOF' version: '3' services: nginx: image: nginx:stable container_name: nginx restart: always volumes: - ./config/nginx.conf:/etc/nginx/nginx.conf - ./config/mime.types:/etc/nginx/mime.types - ./config/conf.d:/etc/nginx/conf.d - ./certbot/letsencrypt:/etc/nginx/certs - ./www:/usr/share/nginx - ./logs/nginx:/var/log/nginx - /etc/localtime:/etc/localtime:ro ports: - "80:80" - "443:443" networks: - server_web-network networks: server_web-network: external: true EOF

申请证书,安装certbot工具

bash
yum install -y epel-release yum install -y certbot

申请证书

bash
certbot certonly --webroot -w [Web站点目录] -d [站点域名] -m [联系人email地址] --agree-tos

证书续签,设置一个定时任务

bash
0 0 */5 * * /usr/bin/certbot renew --renew-hook "/usr/sbin/nginx -s reload" --quiet --no-self-upgrade

也可以使用docker启动 certbot 来申请证书(二选一)

创建 certbot.yml 文件

yaml
cat > certbot.yml <<'EOF' version: '2.4' services: certbot: image: certbot/certbot:latest container_name: certbot volumes: - ./certbot/letsencrypt:/etc/letsencrypt - ./www:/usr/share/nginx - ./certbot/log:/var/log # 容器默认命令续期证书 # command: renew networks: - server_web-network networks: server_web-network: external: true EOF

申请证书:

yaml
# --dry-run是只测试不实际生成; --webroot-path对应着certbot内的http验证目录;-d后面是域名;--rm是运行后接着删除,certbot容器不需要一直开启,只是启动下生成证书即可 docker-compose -f certbot.yml run --rm certbot certonly --webroot --webroot-path /usr/share/nginx/ -d <你要申请证书的域名> --email <你的邮箱> --agree-tos --dry-run # out: 如果提示The dry run was successful则说明成功,可以去掉--dry-run参数来进行实际的获取证书

设置定时任务,自动续签

bash
# 自动续签,并重新加载nginx配置,如果nginx配置没生效,需要重启nginx 0 0 */5 * * /usr/local/bin/docker-compose -f /data/nginx/certbot.yml run --rm certbot renew --quiet && /usr/bin/docker exec nginx nginx -s reload

进入nginx配置文件目录

bash
cat > confluence.conf << 'EOF' server { listen 80; listen 443 ssl; server_name confluence.domain.com; ssl_certificate /etc/nginx/certs/live/domain.com/fullchain.pem; ssl_certificate_key /etc/nginx/certs/live/domain.com/privkey.pem; location /.well-known/acme-challenge/ { root /usr/share/nginx; } # 定义一个location块来处理请求并转发到后端服务器 location / { client_max_body_size 100m; # 客户端请求时允许的最大请求体大小 proxy_pass http://confluence:8090; # 替换为你的后端服务器地址 proxy_set_header Host $host; # 保持原始主机头部信息 proxy_set_header X-Real-IP $remote_addr; # 设置真实 IP proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 转发 IP proxy_set_header X-Forwarded-Proto $scheme; # 设置协议 proxy_redirect off; # 禁用 Nginx 的默认重定向处理 } location /synchrony { client_max_body_size 100m; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://confluence:8091/synchrony; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; } } EOF

配置完成后重启nginx就可以了

备份数据

备份数据库脚本

shell
cat > backup_mysql.sh << 'EOF' #!/bin/bash # MySQL配置 MYSQL_CONTAINER_NAME="mysql" # 替换为你的 MySQL 容器名称 DB_NAMES=("jira" "confluence") DB_PASSWORD='password' BACKUP_DIR="/data/mysql/backup_mysql" # 替换为你的备份目录 DATE=$(date +"%Y%m%d_%H%M%S") # 创建备份目录(如果不存在) mkdir -p "${BACKUP_DIR}" # 备份数据库 for DB_NAME in "${DB_NAMES[@]}"; do docker exec ${MYSQL_CONTAINER_NAME} /usr/bin/mysqldump -u root -p"${DB_PASSWORD}" ${DB_NAME} > "${BACKUP_DIR}/${DB_NAME}_${DATE}.sql" echo "Backup of ${DB_NAME} completed at ${BACKUP_DIR}/${DB_NAME}_${DATE}.sql" # 可选:删除超过7天的备份 find "${BACKUP_DIR}" -type f -name "${DB_NAME}_*.sql" -mtime +7 -exec rm {} \; done EOF

备份 confluence-home 配置

bash
cat > backup_script.sh << "EOF" #!/bin/bash # 定义源目录和目标备份目录 CONFLUENCE_DIR="/data/confluence/confluence-home" JIRA_DIR="/data/jira/jira" BACKUP_DIR="/data/backup" # 获取当前日期 CURRENT_DATE=$(date +"%Y%m%d") # 创建备份目录(如果不存在) mkdir -p "$BACKUP_DIR" # 备份并压缩 Confluence 数据 if [ -d "$CONFLUENCE_DIR" ]; then tar -czf "$BACKUP_DIR/confluence-home-$CURRENT_DATE.tar.gz" -C "$CONFLUENCE_DIR" . echo "Confluence backup completed." else echo "Confluence directory does not exist." fi # 备份并压缩 JIRA 数据 if [ -d "$JIRA_DIR" ]; then tar -czf "$BACKUP_DIR/jira-$CURRENT_DATE.tar.gz" -C "$JIRA_DIR" . echo "JIRA backup completed." else echo "JIRA directory does not exist." fi # 删除超过7天的备份文件 find "$BACKUP_DIR" -type f -name "*.tar.gz" -mtime +7 -exec rm {} \; EOF

也可以使用confluence自带的备份功能备份

部署jira

创建 jira.yml 配置文件

yaml
cat > jira.yml << 'EOF' version: '3.6' networks: server_web-network: external: true services: jira01: image: atlassian/jira-software:9.8.2 container_name: jira ports: - "8080:8080" volumes: - ./atlassian-agent.jar:/var/atlassian/atlassian-agent.jar - ./mysql-connector-java-8.0.22.jar:/opt/atlassian/jira/lib/mysql-connector-java-8.0.22.jar - ./jira:/var/jira restart: always environment: - JVM_MINIMUM_HEAP=512m - JVM_MAXIMUM_HEAP=2048m - JAVA_OPTS="-javaagent:/var/atlassian/atlassian-agent.jar" # - ATL_PROXY_NAME=jira.domain.com # - ATL_PROXY_PORT=443 # - ATL_TOMCAT_SCHEME=https # - ATL_TOMCAT_SECURE=true restart: always networks: - server_web-network EOF

启动jira

bash
docker-compose -f jira.yml up -d

配置的时候使用 ip+端口访问,配置完成后再使用nginx配置反向代理

进入jiar容器的 /var/atlassian/ 目录,生成许可证,和confluence的流程差不多

bash
java -jar atlassian-agent.jar -d -m test@test.com -n BAT -p 'jira' -o http://localhost:8090 -s B1EF-SSXV-ANFQ-QZGP

本文作者:柯南

本文链接:

版权声明:©2024 柯南 All rights reserved.