Skip to content

fix: [BOUNTY $250] Robustness — 国内网络适配 + 环境鲁棒性 #399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kissesu wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix: [BOUNTY $250] Robustness — 国内网络适配 + 环境鲁棒性 #399

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions config/cn-mirrors.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# Docker 镜像国内加速映射表
# 用于在中国大陆网络环境下替换无法访问的镜像源

mirrors:
# Google Container Registry (gcr.io)
gcr.io/cadvisor/cadvisor: m.daocloud.io/gcr.io/cadvisor/cadvisor
gcr.io/google-containers/kube-proxy: m.daocloud.io/gcr.io/google-containers/kube-proxy
gcr.io/google-containers/kube-apiserver: m.daocloud.io/gcr.io/google-containers/kube-apiserver
gcr.io/google-containers/kube-controller-manager: m.daocloud.io/gcr.io/google-containers/kube-controller-manager
gcr.io/google-containers/kube-scheduler: m.daocloud.io/gcr.io/google-containers/kube-scheduler

# GitHub Container Registry (ghcr.io)
ghcr.io/goauthentik/server: m.daocloud.io/ghcr.io/goauthentik/server
ghcr.io/goauthentik/outposts: m.daocloud.io/ghcr.io/goauthentik/outposts
ghcr.io/home-assistant/home-assistant: m.daocloud.io/ghcr.io/home-assistant/home-assistant
ghcr.io/homebridge/homebridge: m.daocloud.io/ghcr.io/homebridge/homebridge
ghcr.io/photoprism/photoprism: m.daocloud.io/ghcr.io/photoprism/photoprism
ghcr.io/watchtower: m.daocloud.io/ghcr.io/watchtower

# 其他常用镜像
linuxserver/nginx: dockerhub.azk8s.cn/linuxserver/nginx
linuxserver/transmission: dockerhub.azk8s.cn/linuxserver/transmission
linuxserver/qbittorrent: dockerhub.azk8s.cn/linuxserver/qbittorrent
prometheus/prometheus: dockerhub.azk8s.cn/prometheus/prometheus
grafana/grafana: dockerhub.azk8s.cn/grafana/grafana
110 changes: 110 additions & 0 deletions scripts/check-connectivity.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
#!/bin/bash

# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'

# 测试地址
declare -A TESTS=(
["Docker Hub"]="hub.docker.com:443"
["GitHub"]="github.com:443"
["gcr.io"]="gcr.io:443"
["ghcr.io"]="ghcr.io:443"
["Docker Registry"]="registry-1.docker.io:443"
)

# DNS 测试地址
DNS_TESTS=(
"8.8.8.8"
"1.1.1.1"
"223.5.5.5"
)

# 端口测试
PORTS=(53 80 443 3000 8080)

echo "================================================"
echo "网络连通性检测"
echo "================================================"
echo ""

# 检测 DNS
echo "检测 DNS 解析..."
echo ""
local_dns=$(cat /etc/resolv.conf 2>/dev/null | grep nameserver | head -1 | awk '{print $2}')

if ping -c 1 -W 2 "$local_dns" > /dev/null 2>&1; then
echo -e "${GREEN}[OK]${NC} 本地 DNS ($local_dns) 正常"
else
echo -e "${RED}[FAIL]${NC} 本地 DNS ($local_dns) 无法访问"
fi

echo ""
echo "检测公网 DNS..."
for dns in "${DNS_TESTS[@]}"; do
if ping -c 1 -W 2 "$dns" > /dev/null 2>&1; then
echo -e "${GREEN}[OK]${NC} DNS $dns 可达"
break
fi
done

echo ""
echo "检测镜像源连通性..."
echo ""

failed_count=0
slow_count=0

for service in "${!TESTS[@]}"; do
host_port="${TESTS[$service]}"
host="${host_port%:*}"
port="${host_port##*:}"

start_time=$(date +%s%N)

if timeout 5 bash -c "echo > /dev/tcp/$host/$port" 2>/dev/null; then
end_time=$(date +%s%N)
latency=$(( (end_time - start_time) / 1000000 ))

if [[ $latency -gt 1000 ]]; then
echo -e "${YELLOW}[SLOW]${NC} $service ($host:$port) — 延迟 ${latency}ms ⚠️ 建议开启镜像加速"
((slow_count++))
else
echo -e "${GREEN}[OK]${NC} $service ($host:$port) — 延迟 ${latency}ms"
fi
else
echo -e "${RED}[FAIL]${NC} $service — 连接超时 ✗ 需要使用国内镜像"
((failed_count++))
fi
done

echo ""
echo "检测出站端口..."
echo ""

for port in "${PORTS[@]}"; do
if timeout 2 bash -c "echo > /dev/tcp/8.8.8.8/$port" 2>/dev/null; then
echo -e "${GREEN}[OK]${NC} 端口 $port 开放"
else
echo -e "${YELLOW}[WARN]${NC} 端口 $port 可能被限制"
fi
done

echo ""
echo "================================================"
echo "检测结果汇总"
echo "================================================"

if [[ $failed_count -eq 0 && $slow_count -eq 0 ]]; then
echo -e "${GREEN}✓ 网络环境正常,无需额外配置${NC}"
exit 0
elif [[ $failed_count -gt 0 ]]; then
echo -e "${YELLOW}检测到 $failed_count 个不可达源,建议运行:${NC}"
echo " sudo ./scripts/setup-cn-mirrors.sh"
exit 1
else
echo -e "${YELLOW}检测到 $slow_count 个高延迟源,可考虑启用镜像加速${NC}"
exit 0
fi
242 changes: 242 additions & 0 deletions scripts/install.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,242 @@
#!/bin/bash
set -e

# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'

# 脚本开始
echo -e "${BLUE}================================================${NC}"
echo -e "${BLUE}HomeLab Stack 安装脚本${NC}"
echo -e "${BLUE}================================================${NC}"
echo ""

# 检查系统兼容性
check_system() {
local os_type=""

if [[ -f /etc/os-release ]]; then
. /etc/os-release
os_type=$ID
fi

case "$os_type" in
ubuntu|debian)
echo -e "${GREEN}✓ 检测到 Debian/Ubuntu 系统${NC}"
return 0
;;
centos|rhel)
echo -e "${GREEN}✓ 检测到 CentOS/RHEL 系统${NC}"
return 0
;;
arch)
echo -e "${GREEN}✓ 检测到 Arch Linux 系统${NC}"
return 0
;;
*)
echo -e "${YELLOW}⚠️ 不确定的系统类型: $os_type${NC}"
return 0
;;
esac
}

# 检查内存
check_memory() {
local available_memory=$(free -g | awk 'NR==2 {print $7}')

echo "检查系统内存... (${available_memory}GB 可用)"

if [[ $available_memory -lt 2 ]]; then
echo -e "${YELLOW}⚠️ 警告: 系统内存少于 2GB,可能影响运行效能${NC}"
else
echo -e "${GREEN}✓ 系统内存充足${NC}"
fi
}

# 检查磁盘空间
check_disk_space() {
local available_space=$(df / | awk 'NR==2 {print $4}')
local available_gb=$((available_space / 1048576))

echo "检查磁盘空间... (${available_gb}GB 可用)"

if [[ $available_gb -lt 5 ]]; then
echo -e "${RED}✗ 错误: 磁盘空间少于 5GB,无法继续安装${NC}"
return 1
elif [[ $available_gb -lt 20 ]]; then
echo -e "${YELLOW}⚠️ 警告: 磁盘空间少于 20GB,建议清理空间${NC}"
else
echo -e "${GREEN}✓ 磁盘空间充足${NC}"
fi
}

# 检查并安装 Docker
check_docker() {
echo ""
echo "检查 Docker 安装状态..."

if ! command -v docker &> /dev/null; then
echo -e "${YELLOW}未检测到 Docker,开始安装...${NC}"

# 获取系统类型
if [[ -f /etc/os-release ]]; then
. /etc/os-release
os_type=$ID
fi

case "$os_type" in
ubuntu|debian)
apt-get update
apt-get install -y curl
curl -fsSL https://get.docker.com -o get-docker.sh
bash get-docker.sh
rm get-docker.sh
;;
centos|rhel)
yum install -y curl
curl -fsSL https://get.docker.com -o get-docker.sh
bash get-docker.sh
rm get-docker.sh
;;
arch)
pacman -Sy docker --noconfirm
systemctl enable docker
systemctl start docker
;;
*)
echo -e "${RED}不支持的系统类型${NC}"
return 1
;;
esac

echo -e "${GREEN}✓ Docker 安装完成${NC}"
else
echo -e "${GREEN}✓ Docker 已安装${NC}"
fi
}

# 检查 Docker Compose 版本
check_docker_compose() {
echo "检查 Docker Compose..."

if ! command -v docker-compose &> /dev/null; then
echo -e "${YELLOW}未检测到 docker-compose,尝试使用 docker compose...${NC}"

if ! docker compose version &> /dev/null; then
echo -e "${YELLOW}安装 Docker Compose v2...${NC}"

DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}
mkdir -p $DOCKER_CONFIG/cli-plugins
curl -SL https://github.com/docker/compose/releases/latest/download/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose
chmod +x $DOCKER_CONFIG/cli-plugins/docker-compose

echo -e "${GREEN}✓ Docker Compose v2 安装完成${NC}"
fi
else
local compose_version=$(docker-compose --version | grep -oP '\d+\.\d+\.\d+' | head -1)
local major_version=${compose_version%%.*}

if [[ $major_version -lt 2 ]]; then
echo -e "${YELLOW}⚠️ 检测到 Docker Compose v1,建议升级到 v2${NC}"
echo "升级命令: sudo apt-get install -y docker-compose"
else
echo -e "${GREEN}✓ Docker Compose v2 已安装${NC}"
fi
fi
}

# 检查非 root 用户
check_and_add_docker_group() {
if [[ $EUID -ne 0 ]]; then
echo ""
echo "检查 Docker 权限..."

if ! groups | grep -q docker; then
echo -e "${YELLOW}当前用户不在 docker 组,尝试添加...${NC}"
sudo usermod -aG docker $(whoami)
echo -e "${GREEN}✓ 已添加用户到 docker 组,需要重新登录生效${NC}"
else
echo -e "${GREEN}✓ 用户已在 docker 组${NC}"
fi
fi
}

# 检查端口冲突
check_port_conflicts() {
echo ""
echo "检查端口占用..."

local ports=(53 80 443 3000 8080 8443 8081)
local conflicts=0

for port in "${ports[@]}"; do
if netstat -tuln 2>/dev/null | grep -q ":$port "; then
echo -e "${YELLOW}⚠️ 端口 $port 已被占用${NC}"
((conflicts++))
fi
done

if [[ $conflicts -gt 0 ]]; then
echo -e "${YELLOW}⚠️ 检测到 $conflicts 个端口冲突,可能影响服务部署${NC}"
else
echo -e "${GREEN}✓ 主要端口未被占用${NC}"
fi
}

# 网络检测
check_network() {
echo ""
echo "检查网络连通性..."

if [[ -x ./scripts/check-connectivity.sh ]]; then
./scripts/check-connectivity.sh
else
echo -e "${YELLOW}⚠️ 网络检查脚本不存在,跳过${NC}"
fi
}

# 创建必要目录
create_directories() {
echo ""
echo "创建必要目录..."

mkdir -p config data logs
echo -e "${GREEN}✓ 目录创建完成${NC}"
}

# 主流程
main() {
check_system
check_memory

if ! check_disk_space; then
exit 1
fi

echo ""

# 检查是否为 root
if [[ $EUID -ne 0 ]]; then
echo -e "${YELLOW}某些检查需要 root 权限${NC}"
check_and_add_docker_group
else
check_docker
check_docker_compose
fi

check_port_conflicts
check_network
create_directories

echo ""
echo -e "${GREEN}================================================${NC}"
echo -e "${GREEN}✓ 环境检查完成,准备就绪${NC}"
echo -e "${GREEN}================================================${NC}"
echo ""
echo "下一步: docker-compose up -d"
}

main "$@"
Loading