From ccc141f5578864d3472eab3c4d44c1b3004468ac Mon Sep 17 00:00:00 2001
From: yuyr <yuyr@zgclab.edu.cn>
Date: Wed, 29 Oct 2025 17:15:48 +0800
Subject: [PATCH] =?UTF-8?q?[#30]=20ftp=E5=AE=B9=E5=99=A8=E5=A2=9E=E5=8A=A0?=
 =?UTF-8?q?=E5=8A=A8=E6=80=81=E6=A3=80=E6=B5=8B=E5=B9=B6=E6=9B=B4=E6=96=B0?=
 =?UTF-8?q?dns.conf=E5=88=B0share=E7=9B=AE=E5=BD=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../all-in-one-full/config/VERSION            |  2 +-
 src/metric/ftp/build/Dockerfile               |  3 +-
 src/metric/ftp/build/README.md                | 13 +++++-
 src/metric/ftp/build/dns-publish.sh           | 40 +++++++++++++++++++
 src/metric/ftp/build/supervisord.conf         | 12 ++++++
 5 files changed, 67 insertions(+), 3 deletions(-)
 create mode 100644 src/metric/ftp/build/dns-publish.sh

diff --git a/src/metric/client-plugins/all-in-one-full/config/VERSION b/src/metric/client-plugins/all-in-one-full/config/VERSION
index bf50e91..ebeef2f 100644
--- a/src/metric/client-plugins/all-in-one-full/config/VERSION
+++ b/src/metric/client-plugins/all-in-one-full/config/VERSION
@@ -1 +1 @@
-1.37.0
+1.38.0
diff --git a/src/metric/ftp/build/Dockerfile b/src/metric/ftp/build/Dockerfile
index 5d11e10..c8f1e74 100644
--- a/src/metric/ftp/build/Dockerfile
+++ b/src/metric/ftp/build/Dockerfile
@@ -67,7 +67,8 @@ RUN chmod +x /usr/local/bin/start-ftp-supervised.sh
 COPY vsftpd.conf /etc/vsftpd/vsftpd.conf
 
 COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh
-RUN chmod +x /usr/local/bin/dns-monitor.sh
+COPY dns-publish.sh /usr/local/bin/dns-publish.sh
+RUN chmod +x /usr/local/bin/dns-monitor.sh /usr/local/bin/dns-publish.sh
 
 USER root
 
diff --git a/src/metric/ftp/build/README.md b/src/metric/ftp/build/README.md
index f3881e1..92de780 100644
--- a/src/metric/ftp/build/README.md
+++ b/src/metric/ftp/build/README.md
@@ -66,6 +66,17 @@ ${FTP_BASE_PATH}/
 
 /private/argus/etc/
 └── ${DOMAIN}                 # 容器IP记录文件
+
+## DNS 同步到 FTP share（运行期）
+
+- 运行期最新的 DNS 列表由 bind/master 写入挂载点 `/private/argus/etc/dns.conf`。
+- FTP 容器内置 `dns-publish`（Supervised）：每 10s 比较并将该文件原子同步为 `${FTP_BASE_PATH}/share/dns.conf`，供客户端下载安装脚本直接读取。
+- 同步特性：
+  - 原子更新：写入 `${DST}.tmp` 后 `mv -f` 覆盖，避免读到半写文件。
+  - 权限：0644；属主 `${ARGUS_BUILD_UID}:${ARGUS_BUILD_GID}`。
+  - 可观测：日志 `/var/log/supervisor/dns-publish.log`。
+
+> 注：构建/发布阶段可能也会将静态 `config/dns.conf` 拷贝到 share；当 FTP 容器运行后，dns-publish 会用运行期最新文件覆盖该静态文件。
 ```
 
 ## vsftpd 配置说明
@@ -156,4 +167,4 @@ curl -fsS 'ftp://ftpuser:ZGClab1234!@177.177.70.200/setup.sh' -o setup.sh
 # root用户直接执行，非root用户需要使用sudo
 chmod +x setup.sh
 bash setup.sh --server {$域名} --user ftpuser --password 'ZGClab1234!'
-```
\ No newline at end of file
+```
diff --git a/src/metric/ftp/build/dns-publish.sh b/src/metric/ftp/build/dns-publish.sh
new file mode 100644
index 0000000..b7cf189
--- /dev/null
+++ b/src/metric/ftp/build/dns-publish.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+set -uo pipefail
+
+# Publish latest /private/argus/etc/dns.conf to ${FTP_BASE_PATH}/share/dns.conf
+
+SRC="/private/argus/etc/dns.conf"
+FTP_BASE_PATH="${FTP_BASE_PATH:-/private/argus/ftp}"
+DST_DIR="${FTP_BASE_PATH}/share"
+DST="${DST_DIR}/dns.conf"
+UID_VAL="${ARGUS_BUILD_UID:-2133}"
+GID_VAL="${ARGUS_BUILD_GID:-2015}"
+INTERVAL="${DNS_PUBLISH_INTERVAL:-10}"
+
+log() { echo "$(date '+%Y-%m-%d %H:%M:%S') [DNS-Publish] $*"; }
+
+mkdir -p "$DST_DIR" 2>/dev/null || true
+
+log "service start: SRC=$SRC DST=$DST interval=${INTERVAL}s"
+
+while true; do
+  if [[ -f "$SRC" ]]; then
+    # Only sync when content differs
+    if ! cmp -s "$SRC" "$DST" 2>/dev/null; then
+      tmp="${DST}.tmp"
+      if cp "$SRC" "$tmp" 2>/dev/null; then
+        mv -f "$tmp" "$DST"
+        chown "$UID_VAL":"$GID_VAL" "$DST" 2>/dev/null || true
+        chmod 0644 "$DST" 2>/dev/null || true
+        ts_src=$(date -r "$SRC" '+%Y-%m-%dT%H:%M:%S%z' 2>/dev/null || echo "?")
+        log "synced dns.conf (src mtime=$ts_src) -> $DST"
+      else
+        log "ERROR: copy failed $SRC -> $tmp"
+      fi
+    fi
+  else
+    log "waiting for source $SRC"
+  fi
+  sleep "$INTERVAL"
+done
+
diff --git a/src/metric/ftp/build/supervisord.conf b/src/metric/ftp/build/supervisord.conf
index 4d76417..c64606e 100644
--- a/src/metric/ftp/build/supervisord.conf
+++ b/src/metric/ftp/build/supervisord.conf
@@ -28,6 +28,18 @@ stopwaitsecs=10
 killasgroup=true
 stopasgroup=true
 
+[program:dns-publish]
+command=/usr/local/bin/dns-publish.sh
+user=root
+stdout_logfile=/var/log/supervisor/dns-publish.log
+stderr_logfile=/var/log/supervisor/dns-publish_error.log
+autorestart=true
+startretries=3
+startsecs=5
+stopwaitsecs=10
+killasgroup=true
+stopasgroup=true
+
 [unix_http_server]
 file=/var/run/supervisor.sock
 chmod=0700