add logent

.github/workflows/build-docker.yml

@@ -35,7 +35,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: |
-          source ./tool.sh && build_image app-clash latest docker_app_clash/clash.Dockerfile && push_image
+          source ./tool.sh && build_image app-clash latest docker_clash/clash.Dockerfile && push_image clash
 
   ## Casdoor
   docker_casdoor:
@@ -44,7 +44,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: |
-          source ./tool.sh && build_image casdoor latest docker_casdoor/Dockerfile && push_image
+          source ./tool.sh && build_image casdoor latest docker_casdoor/casdoor.Dockerfile && push_image casdoor
 
   ## Keycloak
   docker_keycloak:
@@ -53,7 +53,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: |
-          source ./tool.sh && build_image keycloak latest docker_keycloak/Dockerfile && push_image
+          source ./tool.sh && build_image keycloak latest docker_keycloak/keycloak.Dockerfile && push_image keycloak
 
   ## DevHub
   job-dev-hub:
@@ -66,7 +66,7 @@ jobs:
           build_image dev-hub latest docker_devbox/hub.Dockerfile \
             --build-arg "BASE_IMG=node" \
             --build-arg "ARG_PROFILE_JUPYTER=hub"
-          push_image
+          push_image dev-hub
 
   ## OpenResty as gateway
   job-openresty:
@@ -75,7 +75,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: |
-          source ./tool.sh && build_image openresty latest docker_openresty/Dockerfile && push_image
+          source ./tool.sh && build_image openresty latest docker_openresty/openresty.Dockerfile && push_image openresty
 
   ## SearchNGX for searching
   job-searxng:
@@ -84,7 +84,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - run: |
-          source ./tool.sh && build_image searxng latest docker_searxng/searxng.Dockerfile && push_image
+          source ./tool.sh && build_image searxng latest docker_searxng/searxng.Dockerfile && push_image searxng
 
   ## StoreBox
   job-storebox:
@@ -94,9 +94,17 @@ jobs:
       - uses: actions/checkout@v4
       - run: |
           source ./tool.sh
-          build_image storebox latest docker_storebox/storebox.Dockerfile \
-            --build-arg "BASE_IMG=node"
-          push_image
+          build_image storebox latest docker_storebox/storebox.Dockerfile && push_image storebox
+
+  ## lognet for log management
+  job-logent:
+    name: 'logent'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: |
+          source ./tool.sh
+          build_image logent latest docker_logent/logent.Dockerfile && push_image logent
 
 
   ## DevBox - base
@@ -126,7 +134,7 @@ jobs:
             --build-arg "ARG_PROFILE_JUPYTER=base,kernels,extensions" \
             --build-arg "ARG_PROFILE_VSCODE=base" \
             --build-arg "ARG_PROFILE_R=rstudio,rshiny"
-          push_image
+          push_image dev
 
   ## DevBox - full stack
   job-full-stack-dev:
@@ -141,7 +149,7 @@ jobs:
             --build-arg "ARG_PROFILE_JUPYTER=base,kernels,extensions" \
             --build-arg "ARG_PROFILE_VSCODE=base" \
             --build-arg "ARG_PROFILE_R=rstudio,rshiny"
-          push_image
+          push_image dev
 
   ## DevBox - cuda
   job-cuda-dev:
@@ -155,7 +163,7 @@ jobs:
             --build-arg "BASE_IMG=core-cuda" \
             --build-arg "ARG_PROFILE_JUPYTER=base,kernels,extensions" \
             --build-arg "ARG_PROFILE_VSCODE=base"
-          alias_image cuda-dev latest full-cuda latest && push_image
+          alias_image cuda-dev latest full-cuda latest && push_image dev
 
 
   ## Sync all images in this build (listed by "names") to mirror registry.

docker_casdoor/README.md

@@ -2,23 +2,4 @@
 
 Identity and Access Management (IAM) / Single-Sign-On (SSO) platform: https://github.com/casdoor/casdoor
 
-## debug
-
-```shell
-docker build -t labnow/casdoor \
-    -f docker_casdoor/Dockerfile \
-    --build-arg="BASE_NAMESPACE=labnow" \
-    docker_casdoor
-
-docker run -it \
-    -p 8000:8000 \
-    labnow/casdoor \
-    bash
-
-
-docker run --rm -it \
-    -p 8000:8000 \
-    -v $(pwd):/root/docker_casdoor \
-    labnow/go-stack \
-    bash
-```
+For configuration file (`/opt/casdoor/conf/app.conf`), refer to: https://casdoor.org/de/docs/basic/configuration/

docker_casdoor/Dockerfile → docker_casdoor/casdoor.Dockerfile

@@ -20,11 +20,19 @@ COPY work/app.conf /opt/casdoor/conf/app.conf
 RUN set -eux \
  && apt-get -qq update -yq --fix-missing && apt-get -qq install -yq --no-install-recommends lsof \
  && mkdir -pv /root/web && ln -sf /opt/casdoor/web/build /root/web/ && ls -alh /opt/casdoor/web \
- && chmod +x /opt/casdoor/docker-entrypoint.sh && ls -alh /opt/casdoor
+ && chmod +x /opt/casdoor/docker-entrypoint.sh \
+ && ln -sf /opt/casdoor/server /server \
+ && ln -sf /opt/casdoor/conf   /conf \
+ && ls -alh /opt/casdoor \
+ && echo "@ Version of Casdoor $(cat /opt/casdoor/version_info.txt)"
 
 LABEL maintainer="postmaster@labnow.ai"
 ENV RUNNING_IN_DOCKER=true
 WORKDIR /opt/casdoor
-EXPOSE 8000
-# ENTRYPOINT ["/bin/bash"]
-# CMD ["/opt/casdoor/docker-entrypoint.sh"]
+# 8000=web, 389=ldap, 1812=radius
+EXPOSE 8000 389 1812
+ENTRYPOINT ["/bin/bash"]
+CMD ["/opt/casdoor/docker-entrypoint.sh"]
+
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+  CMD ["curl", "--head", "-fsSk", "http://localhost:8000/health/ready"]

docker_casdoor/demo/docker-compose.yml

@@ -11,7 +11,6 @@ services:
   svc-casdoor:
       image: docker.io/labnow/casdoor
       container_name: svc-casdoor
-      # command: ["/bin/bash", "--login", "/opt/casdoor/server", "--createDatabase=true"]
       command: |
         /bin/bash -l -c '
         ls -alh /opt/casdoor
@@ -25,8 +24,8 @@ services:
       depends_on:
         - db-postgres-casdoor
       healthcheck:
-        test:  ["CMD-SHELL", "curl", "--head", "-fsSk", "https://localhost:8000/health/ready" ]
+        test:  ["CMD-SHELL", "curl --head -fsSk http://localhost:8000/health/ready" ]
         interval: 30s
-        timeout: 30s
+        timeout: 10s
         start_period: 5s
         retries: 3

docker_casdoor/work/app.conf

@@ -2,7 +2,6 @@ appname = casdoor
 authState = "casdoor"
 batchSize = 100
 copyrequestbody = true
-dbName = casdoor
 defaultStorageProvider =
 enableGzip = true
 frontendBaseDir = "../casdoor"
@@ -11,8 +10,9 @@ initDataFile = "./init_data.json"
 initScore = 0
 isCloudIntranet = false
 isDemoMode = false
-isUsernameLowered = false
+isUsernameLowered = true
 ldapServerPort = 389
+ldapsServerPort = 636
 logConfig = {"filename": "logs/casdoor.log", "maxdays":99999, "perm":"0770"}
 logPostOnly = true
 origin =
@@ -21,11 +21,12 @@ quota = {"organization": -1, "user": -1, "application": -1, "provider": -1}
 radiusSecret = "secret"
 radiusServerPort = 1812
 redisEndpoint =
-runmode = dev
-showSql = false
+runmode = prod
+showSql = true
 socks5Proxy = "127.0.0.1:10808"
 staticBaseUrl = "https://cdn.casbin.org"
 tableNamePrefix =
 verificationCodeTimeout = 10
+dbName=casdoor
 # driverName = postgres
 # dataSourceName = "user=postgres password=postgres host=localhost port=5432 sslmode=disable dbname=casdoor"

docker_casdoor/work/script-setup-casdoor.sh

@@ -4,32 +4,30 @@ setup_casdoor() {
      export ARCH=$(dpkg --print-architecture)
 
   # ref: https://github.com/casdoor/casdoor/blob/master/Dockerfile
-  # Install the latest release of casdoor
+  # Download the latest release of casdoor
      VER_CASDOOR=$(curl -sL https://github.com/casdoor/casdoor/releases.atom | grep 'releases/tag' | head -1 | grep -Po '\d[\d.]+' ) \
   && URL_CASDOOR="https://github.com/casdoor/casdoor/archive/refs/tags/v${VER_CASDOOR}.tar.gz" \
   && echo "Downloading casdoor version ${VER_CASDOOR} from: ${URL_CASDOOR}" \
   && install_tar_gz $URL_CASDOOR \
   && mv /opt/casdoor-* /tmp/casdoor \
-  && sed -i '/userId := user.GetId()/a\    c.SetSessionUsername(userId)' /tmp/casdoor/controllers/account.go \
-  && sed -i 's|paidUserName != c.GetSessionUsername()|userId != c.GetSessionUsername()|' /tmp/casdoor/controllers/product.go \
   && mkdir -pv /opt/casdoor/web/build /opt/casdoor/conf
 
      echo "--> Building Backend..." \
-  && cd /tmp/casdoor && ./build.sh \
-  && echo "${VER_CASDOOR}" > version_info.txt \
-  && mv "./server_linux_${ARCH}" ./swagger ./version_info.txt /opt/casdoor/ \
-  && ln -sf "/opt/casdoor/server_linux_${ARCH}" /opt/casdoor/server \
+  && cd /tmp/casdoor && echo "${VER_CASDOOR}" > /tmp/casdoor/version_info.txt \
+  && ./build.sh \
+  && mv "./server_linux_${ARCH}" ./swagger ./docker-entrypoint.sh ./version_info.txt /opt/casdoor/ \
   && cat ./conf/app.conf | sort > /opt/casdoor/conf/app.conf \
-  && mv ./docker-entrypoint.sh /opt/casdoor/
-  # && go test -v -run TestGetVersionInfo ./util/system_test.go ./util/system.go > version_info.txt \
+  && ln -sf "/opt/casdoor/server_linux_${ARCH}" /opt/casdoor/server
+  # && go test -v -run TestGetVersionInfo ./util/system_test.go ./util/system.go ./util/variable.go \
 
      echo "--> Building Frontend..." \
   && cd /tmp && npm install -g yarn && yarn -v \
   && cd /tmp/casdoor/web \
-  && yarn set version berry && yarn install && yarn run build \
+  && yarn set version berry \
+  && yarn install --frozen-lockfile --network-timeout 1000000 \
+  && NODE_OPTIONS="--max-old-space-size=4096" yarn run build \
   && mv ./build*/* /opt/casdoor/web/build/
-  # && yarn install --frozen-lockfile && yarn run build \
-
+
      echo "--> Finished building casdoor to /opt/casdoor!" \
   && rm -rf /tmp/casdoor \
   && echo "@ Version of Casdoor $(cat /opt/casdoor/version_info.txt)"

docker_app_clash/demo/docker-compose.yml → docker_clash/demo/docker-compose.yml

@@ -8,10 +8,8 @@ services:
     ipc: host
     # When your system is Linux, you can use `network_mode: "host"` directly.
     # network_mode: "host"
-    ports:
-      - "7890:7890"
-      - "9090:9090"
+    ports: ["7890:7890", "9090:9090"]
     # volumes:
     #   - ../work/clash/config.yaml:/opt/clash/config/config.yaml
     environment:
-      - PROXY_PROVIDER="https://subs.zeabur.app/clash"
+      - PROXY_PROVIDER=https://raw.githubusercontent.com/snakem982/proxypool/main/source/clash-meta.yaml

docker_logent/README.md

@@ -0,0 +1,85 @@
+# logent (log-agent)
+
+`logent` is a containerized logging control component designed to provide a unified log management layer across heterogeneous environments (bare-metal, Docker, Kubernetes).
+
+It bundles:
+
+- supervisord — process supervision
+- logrotate — local log lifecycle management
+- vector — log collection, transformation, and forwarding
+
+## Purpose
+
+logent serves as a log control plane inside containerized infrastructure.  
+It separates application logging from log processing and routing logic.
+
+The design goals are:
+
+- Provide local log retention and compression
+- Enable structured log collection and routing
+- Maintain environment portability (VM / Docker / K8s)
+- Avoid tight coupling with specific log backends
+
+## Responsibilities
+
+1. Local Log Lifecycle
+   - Rotate logs on schedule
+   - Compress and retain history
+   - Prevent disk overflow
+
+2. Log Pipeline
+   - Collect from file or stdout
+   - Apply transforms if required
+   - Forward to one or multiple backends
+
+3. Process Management
+   - Ensure vector and auxiliary services are supervised
+   - Maintain consistent runtime behavior
+
+## Architecture Model
+
+Application → Log file / stdout  
+→ logent  
+→ Backend (ClickHouse / Elasticsearch / PostgreSQL / S3 / etc.)
+
+logent does not impose a specific storage backend.
+
+## Deployment Modes
+
+### Docker (Single Host)
+
+- Mount application log directory
+- Run logent container
+- Configure vector sources and sinks
+
+### Kubernetes
+
+Two typical patterns:
+
+- Sidecar mode (per Pod)
+- DaemonSet mode (per Node)
+
+logent can be adapted depending on cluster design.
+
+## Why Not Rely Only on stdout?
+
+While stdout-based logging is cloud-native friendly, certain environments require:
+
+- Local compressed archives
+- Regulatory retention
+- Offline debugging capability
+
+logent supports both file-based and stream-based workflows.
+
+## Design Principles
+
+- Decoupled from specific log storage
+- Portable across environments
+- Minimal assumptions about infrastructure
+- Future-proof against backend replacement
+
+## Notes
+
+- Avoid embedding backend-specific logic in image name.
+- Vector configuration should be externalized.
+- logrotate configuration should be environment-aware.