发布应用:

泡泡广场 All-in-One
TOPIAM 身份管理平台

Signed-off-by: Meng Sen <qyg2297248353@gmail.com>
This commit is contained in:
新疆萌森软件开发工作室 2024-12-02 15:51:55 +08:00
parent 15e18e8c00
commit f13f5531a9
19 changed files with 572 additions and 1 deletions

View File

@ -13,7 +13,8 @@
"ignorePaths": [ "ignorePaths": [
"appstore/**", "appstore/**",
"dockge/**", "dockge/**",
"apps/tangsengdaodao/1.5/docker-compose.yml" "apps/tangsengdaodao/1.5/docker-compose.yml",
"apps/topiam-ce/2.0.0/docker-compose.yml"
], ],
"rebaseWhen": "never", "rebaseWhen": "never",
"packageRules": [ "packageRules": [

View File

@ -1,5 +1,21 @@
additionalProperties: additionalProperties:
formFields: formFields:
- default: "host"
edit: true
envKey: NETWORK_MODE
labelEn: Drive path
labelZh: 网络模式
required: true
type: select
values:
- label: 主机网络模式
value: "host"
- label: 桥接网络模式
value: "bridge"
- label: 无网络模式
value: "none"
- label: 1panel-network
value: "1panel-network"
- default: "/home/aria2" - default: "/home/aria2"
edit: true edit: true
envKey: ARIA2_ROOT_PATH envKey: ARIA2_ROOT_PATH

View File

@ -0,0 +1,204 @@
App: # APP基础设置项
RunMode: debug
AttachmentIncomeRate: 0.8
MaxCommentCount: 10
DefaultContextTimeout: 60
DefaultPageSize: 10
MaxPageSize: 100
Server: # 服务设置
RunMode: debug
HttpIp: 0.0.0.0
HttpPort: 8010
ReadTimeout: 60
WriteTimeout: 60
Features:
Default: [ "Web", "Frontend:EmbedWeb", "Meili", "LocalOSS", "MySQL", "BigCacheIndex", "LoggerFile" ]
Develop: [ "Base", "MySQL", "BigCacheIndex", "Meili", "Sms", "AliOSS", "LoggerMeili", "OSS:Retention" ]
Demo: [ "Base", "MySQL", "Option", "Zinc", "Sms", "MinIO", "LoggerZinc", "Migration" ]
Slim: [ "Base", "Sqlite3", "LocalOSS", "LoggerFile", "OSS:TempDir" ]
Base: [ "Redis", "PhoneBind" ]
Docs: [ "Docs:OpenAPI" ]
Deprecated: [ "Deprecated:OldWeb" ]
Service: [ "Web", "Admin", "SpaceX", "Bot", "LocalOSS", "Mobile", "Frontend:Web", "Frontend:EmbedWeb", "Docs" ]
Option: [ "SimpleCacheIndex" ]
Sms: "SmsJuhe"
WebServer: # Web服务
HttpIp: 0.0.0.0
HttpPort: 8008
ReadTimeout: 60
WriteTimeout: 60
AdminServer: # Admin后台运维服务
HttpIp: 0.0.0.0
HttpPort: 8014
ReadTimeout: 60
WriteTimeout: 60
SpaceXServer: # SpaceX服务
HttpIp: 0.0.0.0
HttpPort: 8012
ReadTimeout: 60
WriteTimeout: 60
BotServer: # Bot服务
HttpIp: 0.0.0.0
HttpPort: 8016
ReadTimeout: 60
WriteTimeout: 60
LocalossServer: # Localoss服务
HttpIp: 0.0.0.0
HttpPort: 8018
ReadTimeout: 60
WriteTimeout: 60
FrontendWebServer: # Web前端服务
HttpIp: 0.0.0.0
HttpPort: 8006
ReadTimeout: 60
WriteTimeout: 60
DocsServer: # 开发文档服务
HttpIp: 0.0.0.0
HttpPort: 8011
ReadTimeout: 60
WriteTimeout: 60
MobileServer: # 移动端grpc api服务
Host: 0.0.0.0
Port: 8020
SmsJuhe:
Gateway: https://v.juhe.cn/sms/send
Key:
TplID:
TplVal: "#code#=%s&#m#=%d"
Alipay:
AppID:
InProduction: True
RootCertFile: "custom/alipay/RootCert.crt"
PublicCertFile: "custom/alipay/CertPublicKey_RSA2.crt"
AppPublicCertFile: "custom/alipay/AppCertPublicKey.crt"
CacheIndex:
MaxUpdateQPS: 100 # 最大添加/删除/更新Post的QPS, 设置范围[10, 10000], 默认100
SimpleCacheIndex: # 缓存泡泡广场消息流
MaxIndexSize: 200 # 最大缓存条数
CheckTickDuration: 60 # 循环自检查每多少秒一次
ExpireTickDuration: 300 # 每多少秒后强制过期缓存, 设置为0禁止强制使缓存过期
BigCacheIndex: # 使用BigCache缓存泡泡广场消息流
MaxIndexPage: 1024 # 最大缓存页数必须是2^n, 代表最大同时缓存多少页数据
Verbose: False # 是否打印cache操作的log
ExpireInSecond: 300 # 多少秒(>0)后强制过期缓存
Logger: # 日志通用配置
Level: debug # 日志级别 panic|fatal|error|warn|info|debug|trace
LoggerFile: # 使用File写日志
SavePath: custom/data/paopao-ce/logs
FileName: app
FileExt: .log
LoggerZinc: # 使用Zinc写日志
Host: zinc:4080
Index: paopao-log
User: admin
Password: admin
Secure: False
LoggerMeili: # 使用Meili写日志
Host: meili:7700
Index: paopao-log
ApiKey: paopao-meilisearch
Secure: False
MinWorker: 5 # 最小后台工作者, 设置范围[5, 100], 默认5
MaxLogBuffer: 100 # 最大log缓存条数, 设置范围[10, 10000], 默认100
JWT: # 鉴权加密
Secret: 18a6413dc4fe394c66345ebe501b2f26
Issuer: paopao-api
Expire: 86400
TweetSearch: # 推文关键字搜索相关配置
MaxUpdateQPS: 100 # 最大添加/删除/更新Post的QPS设置范围[10, 10000], 默认100
MinWorker: 10 # 最小后台更新工作者, 设置范围[5, 1000], 默认10
Zinc: # Zinc搜索配置
Host: zinc:4080
Index: paopao-data
User: admin
Password: admin
Secure: False
Meili: # Meili搜索配置
Host: meili:7700
Index: paopao-data
ApiKey: paopao-meilisearch
Secure: False
ObjectStorage: # 对象存储通用配置
RetainInDays: 2 # 临时对象过期时间多少天
TempDir: tmp # 临时对象存放目录名
AliOSS: # 阿里云OSS存储配置
Endpoint:
AccessKeyID:
AccessKeySecret:
Bucket:
Domain:
COS: # 腾讯云COS存储配置
SecretID:
SecretKey:
Region: ap-shanghai
Bucket: demo-1888888888
Domain:
HuaweiOBS: # 华为云OBS存储配置
AccessKey:
SecretKey:
Endpoint:
Bucket: paopao
Domain:
MinIO: # MinIO 存储配置
AccessKey: Q3AM3UQ867SPQQA43P2F
SecretKey: zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG
Secure: False
Endpoint: minio:9000
Bucket: paopao
Domain: 127.0.0.1:9000
S3: # Amazon S3 存储配置
AccessKey: "YOUR-ACCESSKEYID"
SecretKey: "YOUR-SECRETACCESSKEY"
Secure: True
Endpoint: s3.amazonaws.com
Bucket: paopao
Domain:
LocalOSS: # 本地文件OSS存储配置
SavePath: custom/data/paopao-ce/oss
Secure: False
Bucket: paopao
Domain: 127.0.0.1:8008
Database: # Database通用配置
LogLevel: error # 日志级别 silent|error|warn|info
TablePrefix: p_ # 表名前缀
MySQL: # MySQL数据库
Username: paopao
Password: paopao
Host: db:3306
DBName: paopao
Charset: utf8mb4
ParseTime: True
MaxIdleConns: 10
MaxOpenConns: 30
Postgres: # PostgreSQL数据库
User: paopao
Password: paopao
DBName: paopao
Host: localhost
Port: 5432
SSLMode: disable
TimeZone: Asia/Shanghai
Sqlite3: # Sqlite3数据库
Path: custom/data/sqlite3/paopao-ce.db
Redis:
InitAddress:
- redis:6379
WebProfile:
UseFriendship: true # 前端是否使用好友体系
EnableTrendsBar: true # 广场页面是否开启动态条栏功能
EnableWallet: false # 是否开启钱包功能
AllowTweetAttachment: true # 是否允许推文附件
AllowTweetAttachmentPrice: true # 是否允许推文付费附件
AllowTweetVideo: true # 是否允许视频推文
AllowUserRegister: true # 是否允许用户注册
AllowPhoneBind: true # 是否允许手机绑定
DefaultTweetMaxLength: 2000 # 推文允许输入的最大长度, 默认2000字值的范围需要查询后端支持的最大字数
TweetWebEllipsisSize: 400 # Web端推文作为feed显示的最长字数默认400字
TweetMobileEllipsisSize: 300 # 移动端推文作为feed显示的最长字数默认300字
DefaultTweetVisibility: friend # 推文可见性,默认好友可见 值: public/following/friend/private
DefaultMsgLoopInterval: 5000 # 拉取未读消息的间隔,单位:毫秒, 默认5000ms
CopyrightTop: "2023 paopao.info"
CopyrightLeft: "Roc's Me"
CopyrightLeftLink: ""
CopyrightRight: "泡泡(PaoPao)开源社区"
CopyrightRightLink: "https://www.paopao.info"

View File

@ -0,0 +1,25 @@
additionalProperties:
formFields:
- default: "/home/paopao-ce"
edit: true
envKey: PAOPAO_CE_ROOT_PATH
labelZh: 数据持久化路径
labelEn: Data persistence path
required: true
type: text
- default: 8008
edit: true
envKey: PANEL_APP_PORT_HTTP
labelZh: WebUI 端口
labelEn: WebUI port
required: true
rule: paramPort
type: number
- default: 7700
edit: true
envKey: PANEL_APP_PORT_MEILI
labelZh: MeiliSearch 端口
labelEn: MeiliSearch port
required: true
rule: paramPort
type: number

View File

@ -0,0 +1,22 @@
networks:
1panel-network:
external: true
services:
paopao-ce:
image: bitbus/paopao-ce:all-in-one-v0.6.0-alpha.2
container_name: ${CONTAINER_NAME}
labels:
createdBy: "Apps"
networks:
- 1panel-network
restart: always
ports:
- ${PANEL_APP_PORT_HTTP}:8008
- ${PANEL_APP_PORT_MEILI}:7700
env_file:
- ${GLOBAL_ENV_FILE:-/etc/1panel/envs/global.env}
- ${ENV_FILE:-/etc/1panel/envs/default.env}
volumes:
- ${PAOPAO_CE_ROOT_PATH}/config/config.yaml:/app/config.yaml
- ${PAOPAO_CE_ROOT_PATH}/custom:/app/custom
- ${PAOPAO_CE_ROOT_PATH}/meili_data:/app/meili_data

View File

@ -0,0 +1,2 @@
# copyright© 2024 XinJiang Ms Studio
ENV_FILE=.env

View File

@ -0,0 +1,2 @@
# copyright© 2024 XinJiang Ms Studio
TZ=Asia/Shanghai

View File

@ -0,0 +1,22 @@
#!/bin/bash
if [ -f .env ]; then
source .env
# setup-1 add default values
CURRENT_DIR=$(pwd)
sed -i '/^ENV_FILE=/d' .env
sed -i '/^GLOBAL_ENV_FILE=/d' .env
echo "ENV_FILE=${CURRENT_DIR}/.env" >> .env
echo "GLOBAL_ENV_FILE=${CURRENT_DIR}/envs/global.env" >> .env
# setup-2 copy config file
mkdir -p "$PAOPAO_CE_ROOT_PATH"
mkdir -p "$PAOPAO_CE_ROOT_PATH/config"
cp ./conf/config.yaml "$PAOPAO_CE_ROOT_PATH/config/config.yaml"
echo "Check Finish."
else
echo "Error: .env file not found."
fi

View File

@ -0,0 +1,10 @@
#!/bin/bash
if [ -f .env ]; then
source .env
echo "Check Finish."
else
echo "Error: .env file not found."
fi

View File

@ -0,0 +1,17 @@
#!/bin/bash
if [ -f .env ]; then
source .env
# setup-1 add default values
CURRENT_DIR=$(pwd)
sed -i '/^ENV_FILE=/d' .env
sed -i '/^GLOBAL_ENV_FILE=/d' .env
echo "ENV_FILE=${CURRENT_DIR}/.env" >> .env
echo "GLOBAL_ENV_FILE=${CURRENT_DIR}/envs/global.env" >> .env
echo "Check Finish."
else
echo "Error: .env file not found."
fi

View File

@ -0,0 +1,29 @@
# 泡泡广场 All-in-One
清新文艺微社区
![泡泡广场](https://file.lifebus.top/imgs/paopao_ce_cover.png)
![](https://img.shields.io/badge/%E6%96%B0%E7%96%86%E8%90%8C%E6%A3%AE%E8%BD%AF%E4%BB%B6%E5%BC%80%E5%8F%91%E5%B7%A5%E4%BD%9C%E5%AE%A4-%E6%8F%90%E4%BE%9B%E6%8A%80%E6%9C%AF%E6%94%AF%E6%8C%81-blue)
## 项目简介
paopao-ce 是一个利用 业余时间 本着 "Just for fun just do it." 的心态 持续有序
开发/优化/维护的开源项目没有KPI考核、没有Roadmap进度压力、没有技术支持日程安排或许有些许不足之处但是重在精神可嘉。
借用网络中的话 "F*k talk, f*k of tech innovation, Shut up and show me your code."
一切都因更好的体验,一切都是为了爱好,一切都在代码里;期待老铁们加入,一起开发、一起折腾、一起快乐。
## 修改配置文件
请在持久化目录中修改配置文件 `config.yaml`
,配置文件中的配置项请参考 [配置文件说明](https://github.com/rocboss/paopao-ce/blob/main/docs/deploy/core/001-%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6%E8%AF%B4%E6%98%8E.md)
## 应用说明
由于该应用尚不支持环境变量配置,因此需要修改配置文件 `config.yaml`,达到配置应用的目的。
由于配置文件中的配置项较多,因此需要根据实际情况进行修改。修改完成后,重建应用即可完成新配置的读取。
---
![Ms Studio](https://file.lifebus.top/imgs/ms_blank_001.png)

View File

@ -0,0 +1,14 @@
additionalProperties:
key: paopao-ce-all
name: 泡泡广场 All-in-One
tags:
- WebSite
- Local
shortDescZh: 清新文艺微社区
shortDescEn: An artistic "twitter like" community
type: website
crossVersionUpdate: true
limit: 0
website: https://www.paopao.info/
github: https://github.com/rocboss/paopao-ce/
document: https://github.com/rocboss/paopao-ce/

BIN
apps/paopao-ce-all/logo.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 36 KiB

View File

@ -0,0 +1,124 @@
additionalProperties:
formFields:
- child:
default: ""
envKey: PANEL_DB_HOST
required: true
type: service
default: mysql
edit: true
envKey: PANEL_DB_TYPE
labelZh: MySQL 服务 (前置检查)
labelEn: Database Service (Pre-check)
required: true
type: apps
values:
- label: MySQL
value: mysql
- label: MariaDB
value: mariadb
- label: Percona
value: percona
- child:
default: ""
envKey: PANEL_REDIS_SERVICE
required: true
type: service
default: redis
envKey: PANEL_REDIS_TYPE
labelZh: Redis 服务 (前置检查)
labelEn: Redis Service (Pre-check)
required: true
type: apps
values:
- label: Redis
value: redis
- default: 1898
envKey: PANEL_APP_PORT_HTTP
labelZh: WebUI 端口
labelEn: WebUI port
required: true
rule: paramPort
type: number
- default: "admin"
edit: true
key: admin
envKey: ADMIN_USERNAME
labelZh: 管理员 用户名
labelEn: Admin Username
required: true
rule: paramCommon
type: text
- default: "topiam.cn"
edit: true
key: ADMIN_PASSWORD
envKey: topiam.cn
labelZh: 管理员 密码
labelEn: Admin Password
required: true
type: password
- default: "127.0.0.1"
edit: true
envKey: DB_HOST
labelZh: 数据库 主机
labelEn: Database Host
required: true
type: text
- default: 3306
edit: true
envKey: DB_PORT
labelZh: 数据库 端口
labelEn: Database Port
required: true
rule: paramPort
type: number
- default: "topiam"
edit: true
envKey: DB_USER
labelZh: 数据库 用户名
labelEn: Database Username
required: true
type: text
- default: ""
edit: true
envKey: DB_USER_PASSWORD
labelZh: 数据库 密码
labelEn: Database Password
required: true
type: password
- default: "topiam"
edit: true
envKey: DB_NAME
labelZh: 数据库 名称
labelEn: Database Name
required: true
type: text
- default: "127.0.0.1"
edit: true
envKey: REDIS_HOSTNAME
labelZh: Redis 主机
labelEn: Redis Host
required: true
type: text
- default: 6379
edit: true
envKey: REDIS_PORT
labelZh: Redis 端口
labelEn: Redis Port
required: true
rule: paramPort
type: number
- default: 0
edit: true
envKey: REDIS_DBINDEX
labelZh: Redis 索引
labelEn: Redis Index
required: true
type: number
- default: ""
edit: true
envKey: REDIS_PASSWORD
labelZh: Redis 密码
labelEn: Redis Password
required: false
type: password

View File

@ -0,0 +1,30 @@
networks:
1panel-network:
external: true
services:
topiam-ce:
image: registry.cn-hangzhou.aliyuncs.com/topiam/topiam-ce:2.0.0
container_name: ${CONTAINER_NAME}
labels:
createdBy: "Apps"
restart: always
networks:
- 1panel-network
ports:
- ${PANEL_APP_PORT_HTTP}:1898
env_file:
- ${GLOBAL_ENV_FILE:-/etc/1panel/envs/global.env}
- ${ENV_FILE:-/etc/1panel/envs/default.env}
volumes:
- ${TOPIAM_CE_ROOT_PATH}/conf:/opt/topiam/conf
- ${TOPIAM_CE_ROOT_PATH}/logs:/opt/topiam/logs
environment:
- INITIAL_PASSWORD_VALUE=ADMIN_PASSWORD
- spring.datasource.url=jdbc:mysql://${DB_HOST}:${DB_PORT}/${DB_NAME}?serverTimezone=GMT%2B8&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false&allowPublicKeyRetrieval=true&rewriteBatchedStatements=true
- spring.datasource.username=${DB_USER}
- spring.datasource.password=${DB_USER_PASSWORD}
- spring.data.redis.host=${REDIS_HOSTNAME}
- spring.data.redis.port=${REDIS_PORT}
- spring.data.redis.password=${REDIS_PASSWORD}
- spring.data.redis.database=${REDIS_DBINDEX}

View File

@ -0,0 +1,4 @@
#!/bin/bash
chown -R 1001:1001 data/logs

34
apps/topiam-ce/README.md Normal file
View File

@ -0,0 +1,34 @@
# TOPIAM
IAM/IDaaS 身份管理平台
![TOPIAM](https://file.lifebus.top/imgs/topiam_ce_cover.png)
TOPIAMTop Identity and Access Management是一款开源的身份管理与访问控制系统广泛应用于政府、企业内部、教育机构等身份认证场景。作为一款专注于身份管理与访问控制场景的软件产品TOPIAM
支持 OIDC、OAuth2、SAML2、JWT、CAS 等主流认证协议并能够集成钉钉、企业微信、飞书、LDAP、AD 等多种身份源,轻松实现用户全生命周期管理与数据同步。
![](https://img.shields.io/badge/%E6%96%B0%E7%96%86%E8%90%8C%E6%A3%AE%E8%BD%AF%E4%BB%B6%E5%BC%80%E5%8F%91%E5%B7%A5%E4%BD%9C%E5%AE%A4-%E6%8F%90%E4%BE%9B%E6%8A%80%E6%9C%AF%E6%94%AF%E6%8C%81-blue)
## 应用简介
+ 提供统一组织信息管理,多维度建立对应关系,实现在一个平台对企业人员、组织架构、应用信息的高效统一管理。
+ 支持钉钉、飞书、企业微信等身份源集成能力,实现系统和企业 OA
平台数据联动,以用户为管理基点,结合入职、离职、调岗、兼职等人事事件,关联其相关应用权限变化而变化,保证应用访问权限的安全控制。
+ 支持多因素认证,行为验证码、社交认证,融合认证等机制,保证用户认证安全可靠。
+ 支持微信、微博、QQ 等社交认证集成,使企业具有快速纳入互联网化认证能力。
+ 支持 SAML2OAuth2OIDCCAS表单代填等认证协议及机制实现单点登录功能预配置大量 SaaS 应用及传统应用模板,开箱即用。
+ 完善的安全审计,详尽记录每一次用户行为,使每一步操作有据可循,实时记录企业信息安全状况,精准识别企业异常访问和潜在威胁的源头。
+ 提供标准 REST 和 SCIM2.0 接口轻松完成机构用户同步,实现企业对于账号生命周期的精细化管理。
+ 开源、安全、自主可控。
TOPIAM 数字身份管控平台为企业提供一套集中式的账号、权限、认证、审计工具,帮助企业打通身份数据孤岛,实现“一个账号、一次认证、多点通行”的效果,强化企业安全体系的同时,提升组织管理效率,助力企业数字化升级转型。
## 安装说明
> 默认用户名:`admin`
>
> 默认密码:`topiam.cn`
---
![Ms Studio](https://file.lifebus.top/imgs/ms_blank_001.png)

15
apps/topiam-ce/data.yml Normal file
View File

@ -0,0 +1,15 @@
additionalProperties:
key: topiam-ce
name: TOPIAM
tags:
- WebSite
- Middleware
- Local
shortDescZh: IAM/IDaaS 身份管理平台
shortDescEn: IAM/IDaaS Identity Management Platform
type: website
crossVersionUpdate: true
limit: 0
website: https://topiam.cn/
github: https://github.com/topiam/eiam/
document: https://topiam.cn/docs/overview/introduction/

BIN
apps/topiam-ce/logo.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 28 KiB