[#30] ftp容器增加动态检测并更新dns.conf到share目录

2025-10-29 17:15:48 +08:00 · 2025-10-29 17:15:48 +08:00 · 3e38770473
commit 3e38770473
parent d130924b1a
5 changed files with 67 additions and 3 deletions
--- a/src/metric/client-plugins/all-in-one-full/config/VERSION
+++ b/src/metric/client-plugins/all-in-one-full/config/VERSION
@ -1 +1 @@
-1.37.0
+1.38.0
--- a/src/metric/ftp/build/Dockerfile
+++ b/src/metric/ftp/build/Dockerfile
@ -67,7 +67,8 @@ RUN chmod +x /usr/local/bin/start-ftp-supervised.sh
 COPY vsftpd.conf /etc/vsftpd/vsftpd.conf

 COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh
-RUN chmod +x /usr/local/bin/dns-monitor.sh
+COPY dns-publish.sh /usr/local/bin/dns-publish.sh
+RUN chmod +x /usr/local/bin/dns-monitor.sh /usr/local/bin/dns-publish.sh

 USER root

--- a/src/metric/ftp/build/README.md
+++ b/src/metric/ftp/build/README.md
@ -66,6 +66,17 @@ ${FTP_BASE_PATH}/

 /private/argus/etc/
 └── ${DOMAIN}                 # 容器IP记录文件
+
+## DNS 同步到 FTP share（运行期）
+
+- 运行期最新的 DNS 列表由 bind/master 写入挂载点 `/private/argus/etc/dns.conf`。
+- FTP 容器内置 `dns-publish`（Supervised）：每 10s 比较并将该文件原子同步为 `${FTP_BASE_PATH}/share/dns.conf`，供客户端下载安装脚本直接读取。
+- 同步特性：
+  - 原子更新：写入 `${DST}.tmp` 后 `mv -f` 覆盖，避免读到半写文件。
+  - 权限：0644；属主 `${ARGUS_BUILD_UID}:${ARGUS_BUILD_GID}`。
+  - 可观测：日志 `/var/log/supervisor/dns-publish.log`。
+
+> 注：构建/发布阶段可能也会将静态 `config/dns.conf` 拷贝到 share；当 FTP 容器运行后，dns-publish 会用运行期最新文件覆盖该静态文件。
 ```

 ## vsftpd 配置说明
@ -156,4 +167,4 @@ curl -fsS 'ftp://ftpuser:ZGClab1234!@177.177.70.200/setup.sh' -o setup.sh
 # root用户直接执行，非root用户需要使用sudo
 chmod +x setup.sh
 bash setup.sh --server {$域名} --user ftpuser --password 'ZGClab1234!'
-```
+```
--- a/src/metric/ftp/build/dns-publish.sh
+++ b/src/metric/ftp/build/dns-publish.sh
@ -0,0 +1,40 @@
+#!/bin/bash
+set -uo pipefail
+
+# Publish latest /private/argus/etc/dns.conf to ${FTP_BASE_PATH}/share/dns.conf
+
+SRC="/private/argus/etc/dns.conf"
+FTP_BASE_PATH="${FTP_BASE_PATH:-/private/argus/ftp}"
+DST_DIR="${FTP_BASE_PATH}/share"
+DST="${DST_DIR}/dns.conf"
+UID_VAL="${ARGUS_BUILD_UID:-2133}"
+GID_VAL="${ARGUS_BUILD_GID:-2015}"
+INTERVAL="${DNS_PUBLISH_INTERVAL:-10}"
+
+log() { echo "$(date '+%Y-%m-%d %H:%M:%S') [DNS-Publish] $*"; }
+
+mkdir -p "$DST_DIR" 2>/dev/null || true
+
+log "service start: SRC=$SRC DST=$DST interval=${INTERVAL}s"
+
+while true; do
+  if [[ -f "$SRC" ]]; then
+    # Only sync when content differs
+    if ! cmp -s "$SRC" "$DST" 2>/dev/null; then
+      tmp="${DST}.tmp"
+      if cp "$SRC" "$tmp" 2>/dev/null; then
+        mv -f "$tmp" "$DST"
+        chown "$UID_VAL":"$GID_VAL" "$DST" 2>/dev/null || true
+        chmod 0644 "$DST" 2>/dev/null || true
+        ts_src=$(date -r "$SRC" '+%Y-%m-%dT%H:%M:%S%z' 2>/dev/null || echo "?")
+        log "synced dns.conf (src mtime=$ts_src) -> $DST"
+      else
+        log "ERROR: copy failed $SRC -> $tmp"
+      fi
+    fi
+  else
+    log "waiting for source $SRC"
+  fi
+  sleep "$INTERVAL"
+done
+
--- a/src/metric/ftp/build/supervisord.conf
+++ b/src/metric/ftp/build/supervisord.conf
@ -28,6 +28,18 @@ stopwaitsecs=10
 killasgroup=true
 stopasgroup=true

+[program:dns-publish]
+command=/usr/local/bin/dns-publish.sh
+user=root
+stdout_logfile=/var/log/supervisor/dns-publish.log
+stderr_logfile=/var/log/supervisor/dns-publish_error.log
+autorestart=true
+startretries=3
+startsecs=5
+stopwaitsecs=10
+killasgroup=true
+stopasgroup=true
+
 [unix_http_server]
 file=/var/run/supervisor.sock
 chmod=0700
 @ -1 +1 @@
 .37.0
 .38.0