Docker搭建pigallery2目录优先的图片库网站
搭建pigallery2目录优先的图片库网站
有什么用
搭建pigallery2目录优先的图片库网站
然后使用rsync同步工具来 喂给pigallery2图片库网站, 这样实现全自动(定时任务)的图片文件备份 及 展示
怎么用
章节中讲解了一步步的搭建过程 和 遇到的错误(已经解决步骤)
相关内容
实现方法
DS918部署pigallery2
部署在DS918中, 执行如下命令, 预备动作:
mkdir image && mkdir tmp && mkdir config
vi docker-compose.yml
docker-compose.yml
version: '3'
services:
nginx:
image: nginx:latest
container_name: nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./nginx/error.log:/etc/nginx/error_log.log
- ./nginx/cache/:/etc/nginx/cache
# - /etc/letsencrypt/:/etc/letsencrypt/
ports:
- 8083:80
# - 8084:443
restart: always
pigallery2:
image: bpatrik/pigallery2:latest
container_name: pigallery2
environment:
- NODE_ENV=production # set to 'debug' for full debug logging
# - NODE_OPTIONS=--enable-source-maps # enable source map support on the backend for development
volumes:
- "./config:/app/data/config" # CHANGE ME
- "db-data:/app/data/db"
- "./images:/app/data/images:ro" # CHANGE ME, ':ro' means read-only
- "./tmp:/app/data/tmp" # CHANGE ME
expose:
- "80"
restart: always
volumes:
db-data:
vi nginx.conf
events {
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types
text/css
text/plain
text/javascript
text/markdown
application/javascript
application/json
application/gpx+xml
application/x-javascript
application/xml
application/xml+rss
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon
application/rss+xml
application/atom_xml;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
##
# Virtual Host Configs
##
server {
listen 8083 default_server;
listen [::]:8083 default_server;
server_name case.carlzeng.com; # CHANGE ME
return 301 https://$server_name$request_uri;
}
server {
server_name carlzeng.com; # CHANGE ME
# Only allow all methods (GET,POST,PUT,etc..) for root (/pgapi).
# see https://github.com/bpatrik/pigallery2/issues/214
location /pgapi { # NOTE: no ending '/' as it would forward /pgapi to /
proxy_pass http://pigallery2:80; # forwarding to the other container, named 'pigallery2'
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location / {
limit_except GET {
deny all;
}
proxy_pass http://pigallery2:80; # forwarding to the other container, named 'pigallery2'
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
# listen 8084 ssl default_server;
# listen [::]:8084 ssl default_server;
# ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # CHANGE ME
# ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # CHANGE ME
# include /etc/letsencrypt/options-ssl-nginx.conf;
}
}
修改过配置文件, 去掉ssl相关的配置后, 可以访问测试网站
http://192.168.6.117:8083/gallery/
没有图片.
实现: 如何映射Debian12中的图片目录到DS920中?
源目录, DS918中的
/volume2/homes/13261977480/Photos/
目标目录, Debian12中的:
/root/pigallery2/images
Debian如何配置rsync手工同步
安装rsync
root@debian12:~/pigallery2# apt install -y rsync
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
python3-braceexpand
The following NEW packages will be installed:
rsync
0 upgraded, 1 newly installed, 0 to remove and 37 not upgraded.
Need to get 417 kB of archives.
After this operation, 795 kB of additional disk space will be used.
Err:1 http://deb.debian.org/debian bookworm/main amd64 rsync amd64 3.2.7-1
404 Not Found [IP: 151.101.90.132 80]
E: Failed to fetch http://deb.debian.org/debian/pool/main/r/rsync/rsync_3.2.7-1_amd64.deb 404 No
t Found [IP: 151.101.90.132 80]
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
错误解决办法:
apt update
apt install rsync
-v: 打印命令执行过程中的详细信息
-r: 递归拷贝数据(在传递文件的过程中不会保留权限信息以及时间戳)
-a: 归档模式,可以允许递归拷贝数据,并且保留链接符号,文件权限,用户和用户组的归属,时间戳
-z: 压缩数据
-h: 可读模式,输出可读的数字格式
rsync -avzh --progress root@192.168.6.203:/volume2/homes/13261977480/Photos /root/pigallery2/images
切换各种用户测试
rsync -avzh --progress DS918@192.168.6.203:/volume2/homes/132619
77480/Photos /root/pigallery2/images
DS918@192.168.6.203's password:
Permission denied, please try again.
rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
rsync error: error in rsync protocol data stream (code 12) at io.c(232) [Receiver=3.2.7]
没办法 DS918的目录权限太绕了, 无法访问到想要的文件夹和文件; 只能让DS918来运行rsync了
rsync -avzh --progress /volume2/homes/13261977480/Photos carlzeng@192.168.6.117:/root/pigallery2/images
root@DS918:~# rsync -avzh --progress /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/root/pigallery2/images
The authenticity of host '192.168.6.117 (192.168.6.117)' can't be established.
ECDSA key fingerprint is SHA256:2DtPJyL4F/scW7WqVrX7G4KimA8kokRW8DjCUV3MZp8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.6.117' (ECDSA) to the list of known hosts.
carlzeng@192.168.6.117's password:
sending incremental file list
rsync: [Receiver] ERROR: cannot stat destination "/root/pigallery2/images": Permission denied (13)
rsync error: errors selecting input/output files, dirs (code 3) at main.c(772) [Receiver=3.2.7]
切换思路, 既然root用户无法登录ssh, 其他用户又无法访问到/root目录下面的所有文件;
那就把照片的目录换到最顶级, 让大家(所有ssh登录的用户)都可以访问的位置, 比如 /
rsync -avzh --progress /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/
carlzeng***@192.168.6.117's password:
sending incremental file list
rsync: [generator] recv_generator: mkdir "/Photos" failed: Permission denied (13)
*** Skipping any contents from this failed directory ***
Photos/
sent 2.38M bytes received 13.90K bytes 368.38K bytes/sec
total size is 8.45G speedup is 3,528.67
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1462)
[sender=3.1.2]
正确的目录: /home/carlzeng
rsync -avzh --progress /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/home/carlzeng
......
sent 8.44G bytes received 1.50M bytes 14.38M bytes/sec
total size is 8.45G speedup is 1.00
对临时用户的访问, 在时间上做限制, 比如有效期1小时,
1小时内可访问(有效); 或者 10分钟有效期
TODO-done: 配置rsync 自动同步
配置成服务, 这样系统定时自动同步(时间是一个纬度, 有没有其他的触发机制?)
定时同步
编辑crontab
crontab -e
加入如下代码:
10 0 * * * rsync -avzP --delete --password-file=/tmp/rsync.password zj@192.168.7.101::zjhome /cygdrive/d/Pic/
-
先在~目录下(执行rsync的目录, /root )建个一个rsync_auth.txt的文件 用来存储密钥
***car**>rsync_auth.txt -
编辑命令, 准备输入给crontab -e
rsync -avzh --password-file=/root/rsync_auth.txt /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/home/carlzeng
The --password-file option may only be used when accessing an rsync daemon. rsync error: syntax or usage error (code 1) at main.c(1666) [sender=3.1.2]
解决办法:
sshpass
DS918无法安装sshpass
切换方案到
- cd to a private directory of the user which will be running the script (typically "$HOME/.ssh", to be created if needed). That directory must be protected to write acces from other users, fix the modes if needed.
- generate the keypair using command "ssh-keygen" ("/usr/syno/bin/ssh-keygen" if not in your PATH)
- at the prompt "Enter file in which to save the key", choose a file name (let's say "mykey")
- at the prompt "Enter passphrase (empty for no passphrase):" press return (this will create a passwordless private key)
- Two files will be created: "mykey" and "mykey.pub"
- copy the contents of mykey.pub inside "$HOME/.ssh/authorized_keys" file of user account on the remote machine your script is going to connect to.
- in your script, add "-i<full_path of mykey.pub>" as argument to the ssh command
"ssh -i'/root/.ssh/mykey'"
rsync -avzhe "ssh -i'/tmp/mykey'" '/volume2/homes/13261977480/Photos' 'carlzeng****@
192.168.6.117:/home/carlzeng***'
carlzeng****@192.168.6.117's password:
还是失败了, 需要输入密码
最后还是这个方法配置成功了!
authorized_keys
下一步(ignore): 切换到 rsync服务
不用切换了, 找到原因了, 原来是文档中的 $HOME/.ssh/authorized_keys, 必需是使用这个文件名“authorized_keys”
测试调试的办法是:
直接在DS918的shell中使用ssh -i 命令 来测试.
ssh -i /tmp/mykey carlzeng***@192.168.6.117
如果这条命令成功了, 就可以应用到rsync中去.
rsync -avzh -e 'ssh -i /tmp/mykey' /volume2/homes/13261977480/Photos carlzeng***@192.16
8.6.117:/home/carlzeng
-
如果是群晖, 那直接使用系统的定时任务功能
到此就设置成功了, NAS中定时的自动同步(到另外一台服务器)的功能.
配置统计和分析
设置一下后台的HTML页头位置, 由于整个设置内容已经会自动被
浙公网安备 33010602011771号