#!/bin/bash set -e # ========================================================= # 全局账号与密码配置(统一维护) # ========================================================= # ACL 管理员账号(Dashboard 连 Broker 及 Broker 内部管理共用) # key 长度不能少于 6 个字符!!! ACL_ADMIN_KEY="administrator" ACL_ADMIN_SECRET="fn2ad3wIWA" # Broker 生产者账号(业务用) BROKER_PRODUCER_KEY="app-producer" ACL_PRODUCER_SECRET="fn2ad3wIWA" # Dashboard 控制台登录账号(Web 页面登录密码) DASHBOARD_USER="admin" DASHBOARD_PASS="fn2ad3wIWA" # ========================================================= # 前置检查与清理 # ========================================================= # 检查 docker-compose.yml 文件是否存在 if [ -f docker-compose.yml ]; then # 如果文件存在,先移除旧的容器 echo "检测到存在的 docker-compose.yml,正在移除旧容器..." docker compose --profile proxy down fi # 清理旧的目录 sudo rm -rf broker/ cluster/ dashboard/ docker-compose.yml namesrv/ proxy/ # 是否启动代理 WITH_PROXY=false # ----------------------------- # 参数解析 # ----------------------------- while [[ $# -gt 0 ]]; do case "$1" in --with-proxy) WITH_PROXY=true shift ;; *) echo "Unknown option: $1" exit 1 ;; esac done BASE_DIR=$(pwd) CLUSTER_DIR="$BASE_DIR/cluster" DASHBOARD_DIR="$BASE_DIR/dashboard" PROXY_DIR="$BASE_DIR/proxy" echo "==> Creating directories..." mkdir -p "$CLUSTER_DIR" "$DASHBOARD_DIR" "$PROXY_DIR" # ----------------------------- # docker-compose.yml # ----------------------------- echo "==> Generating docker-compose.yml..." cat > docker-compose.yml << EOF # version: '3.8' x-common: &common restart: unless-stopped user: root image: apache/rocketmq:5.3.0 networks: - rocketmq environment: - TZ=Asia/Shanghai services: namesrv: <<: *common container_name: rmqnamesrv ports: - 9876:9876 command: sh mqnamesrv volumes: - ./namesrv/logs:/home/rocketmq/logs/rocketmqlogs - ./namesrv/store:/home/rocketmq/store broker: <<: *common container_name: rmqbroker ports: - 9909:9909 - 9911:9911 - 9912:9912 environment: - NAMESRV_ADDR=rmqnamesrv:9876 depends_on: - namesrv command: > sh mqbroker -c /home/rocketmq/rocketmq-5.3.0/conf/broker.conf volumes: - ./broker/logs:/home/rocketmq/logs/rocketmqlogs - ./broker/store:/home/rocketmq/store - ./cluster/broker.conf:/home/rocketmq/rocketmq-5.3.0/conf/broker.conf - ./cluster/plain_acl.yml:/home/rocketmq/rocketmq-5.3.0/conf/plain_acl.yml proxy: <<: *common container_name: rmqproxy profiles: ["proxy"] ports: - 9980:8080 - 9981:8081 environment: - NAMESRV_ADDR=rmqnamesrv:9876 depends_on: - broker - namesrv command: sh mqproxy volumes: - ./proxy/logs:/home/rocketmq/logs/rocketmqlogs dashboard: image: apacherocketmq/rocketmq-dashboard:2.1.0 container_name: rmqdashboard environment: - TZ=Asia/Shanghai - JAVA_OPTS= \ -Drocketmq.config.namesrvAddr=rmqnamesrv:9876 \ -Drocketmq.config.loginRequired=true \ -Dcom.rocketmq.sendMessageWithVIPChannel=false \ -Drocketmq.config.accessKey=${ACL_ADMIN_KEY} \ -Drocketmq.config.secretKey=${ACL_ADMIN_SECRET} volumes: - ./dashboard/users.properties:/tmp/rocketmq-console/data/users.properties ports: - 9900:8082 depends_on: - namesrv networks: - rocketmq restart: unless-stopped networks: rocketmq: driver: bridge EOF # ----------------------------- # broker.conf # ----------------------------- echo "==> Generating cluster/broker.conf..." HOST_IP=$(ip route get 1 | awk '{for(i=1;i<=NF;i++) if ($i=="src") print $(i+1)}') cat > "$CLUSTER_DIR/broker.conf" << EOF # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. brokerClusterName = DefaultCluster brokerName = broker-a brokerId = 0 # 每天几点执行删除过期文件的定时任务,格式:HH(24 小时制) deleteWhen = 04 # 消息文件保留时长(小时),默认 72 小时 fileReservedTime = 48 brokerRole = ASYNC_MASTER flushDiskType = ASYNC_FLUSH brokerIP1=${HOST_IP} # 如果映射的端口不是默认的 10911,则需要添加 listenPort 配置 # 同时 10909 和 10912 会根据新配置的端口偏移 # 10909 偏移为 listenPort - 2 # 10912 偏移为 listenPort + 1 # 对应 docker 映射如果需要配置映射,需按以上规则调整 listenPort=9911 # ACL aclEnable=true EOF # ----------------------------- # plain_acl.yml # ----------------------------- echo "==> Generating cluster/plain_acl.yml..." cat > "$CLUSTER_DIR/plain_acl.yml" << EOF accounts: - accessKey: ${ACL_ADMIN_KEY} secretKey: ${ACL_ADMIN_SECRET} whiteRemoteAddress: admin: true - accessKey: ${BROKER_PRODUCER_KEY} secretKey: ${ACL_PRODUCER_SECRET} whiteRemoteAddress: admin: false defaultTopicPerm: PUB defaultGroupPerm: PUB EOF # ----------------------------- # users.properties # ----------------------------- echo "==> Generating dashboard/users.properties..." cat > "$DASHBOARD_DIR/users.properties" << EOF ${DASHBOARD_USER}=${DASHBOARD_PASS},1 EOF # ----------------------------- # Start services # ----------------------------- if [ "$WITH_PROXY" = true ]; then echo "==> Starting RocketMQ stack (with proxy)..." docker compose --profile proxy up -d else echo "==> Starting RocketMQ stack (without proxy)..." docker compose up -d fi echo "" echo "✅ RocketMQ installed successfully!" echo "" if [ "$WITH_PROXY" = true ]; then echo "Proxy enabled:" echo " gRPC: http://localhost:9980" echo " HTTP: http://localhost:9981" echo "" fi echo "Dashboard: http://localhost:9900" echo " username: ${DASHBOARD_USER}" echo " password: ${DASHBOARD_PASS}" echo "" echo "Broker ACL:" echo " ${ACL_ADMIN_KEY} / ${ACL_ADMIN_SECRET} (Dashboard & Admin)" echo " ${BROKER_PRODUCER_KEY} / ${ACL_PRODUCER_SECRET} (Producer)"