alexsun/compose-anything
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add pingora-proxy-manager/

Browse Source
This commit is contained in:
Sun-ZhenXing
2025-12-11 14:11:37 +08:00
parent 8f30f94184
commit a9679a484f
12 changed files with 305 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -77,6 +77,7 @@ Compose Anything helps users quickly deploy various services by providing a set
| [Ollama](./src/ollama) | 0.12.0 |
| [Open WebUI](./src/open-webui) | main |
| [Phoenix (Arize)](./src/phoenix) | 12.19.0 |
| [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 |
| [Open WebUI Rust](./src/open-webui-rust) | latest |
| [OpenCoze](./src/opencoze) | See Docs |
| [OpenCut](./src/opencut) | latest |

1
README.zh.md
View File

@@ -77,6 +77,7 @@ Compose Anything 通过提供一组高质量的 Docker Compose 配置文件,
| [Ollama](./src/ollama) | 0.12.0 |
| [Open WebUI](./src/open-webui) | main |
| [Phoenix (Arize)](./src/phoenix) | 12.19.0 |
| [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 |
| [Open WebUI Rust](./src/open-webui-rust) | latest |
| [OpenCoze](./src/opencoze) | See Docs |
| [OpenCut](./src/opencut) | latest |

26
src/ollama/README.md
View File

@@ -9,13 +9,13 @@ This service deploys Ollama for running local LLM models.
- Pull DeepSeek R1 7B model:
```bash
docker exec -it ollama ollama pull deepseek-r1:7b
docker exec -it ollama-ollama-1 ollama pull deepseek-r1:7b
```
- List all local models:
```bash
docker exec -it ollama ollama list
docker exec -it ollama-ollama-1 ollama list
```
- Get all local models via API:
@@ -36,3 +36,25 @@ This service deploys Ollama for running local LLM models.
## Volumes
- `ollama_models`: A volume for storing Ollama models.
## Troubleshooting
### GPU Becomes Unavailable After Long Run (Linux Docker)
If Ollama initially works on the GPU in a Docker container, but then switches to running on CPU after some period of time with errors in the server log reporting GPU discovery failures, this can be resolved by disabling systemd cgroup management in Docker.
Edit `/etc/docker/daemon.json` on the host and add `"exec-opts": ["native.cgroupdriver=cgroupfs"]` to the Docker configuration:
```json
{
"exec-opts": ["native.cgroupdriver=cgroupfs"]
}
```
Then restart Docker:
```bash
sudo systemctl restart docker
```
For more details, see [Ollama Troubleshooting - Linux Docker](https://docs.ollama.com/troubleshooting#linux-docker).

26
src/ollama/README.zh.md
View File

@@ -9,13 +9,13 @@
- 拉取 DeepSeek R1 7B 模型:
```bash
docker exec -it ollama ollama pull deepseek-r1:7b
docker exec -it ollama-ollama-1 ollama pull deepseek-r1:7b
```
- 列出本地所有模型:
```bash
docker exec -it ollama ollama list
docker exec -it ollama-ollama-1 ollama list
```
- 通过 API 获取本地所有模型:
@@ -36,3 +36,25 @@
## 卷
- `ollama_models`: 用于存储 Ollama 模型的卷。
## 故障排除
### 长时间运行后 GPU 离线Linux Docker
如果 Ollama 在 Docker 容器中最初可以正常使用 GPU但运行一段时间后切换到 CPU 运行,且服务器日志中报告 GPU 发现失败的错误,可以通过禁用 Docker 的 systemd cgroup 管理来解决此问题。
编辑主机上的 `/etc/docker/daemon.json` 文件,添加 `"exec-opts": ["native.cgroupdriver=cgroupfs"]` 到 Docker 配置中:
```json
{
"exec-opts": ["native.cgroupdriver=cgroupfs"]
}
```
然后重启 Docker
```bash
sudo systemctl restart docker
```
更多详情请参阅 [Ollama 故障排除 - Linux Docker](https://docs.ollama.com/troubleshooting#linux-docker)。

33
src/pingora-proxy-manager/.env.example Normal file
View File

@@ -0,0 +1,33 @@
# Pingora Proxy Manager Configuration
# https://github.com/DDULDDUCK/pingora-proxy-manager
# Image version (default: v1.0.3)
# Available tags: latest, slim, amd64-slim, v1.0.3
PINGORA_VERSION=v1.0.3
# Timezone setting (default: UTC)
TZ=UTC
# JWT secret for authentication (CHANGE THIS IN PRODUCTION!)
# Used for API authentication and session management
PINGORA_JWT_SECRET=changeme_in_production_please
# Log level (trace, debug, info, warn, error)
PINGORA_LOG_LEVEL=info
# Port overrides
# HTTP proxy port (container listens on 8080)
PINGORA_HTTP_PORT_OVERRIDE=80
# Dashboard/API port (container listens on 81)
PINGORA_DASHBOARD_PORT_OVERRIDE=81
# HTTPS proxy port (container listens on 443)
PINGORA_HTTPS_PORT_OVERRIDE=443
# Resource limits
PINGORA_CPU_LIMIT=2.00
PINGORA_MEMORY_LIMIT=512M
PINGORA_CPU_RESERVATION=0.50
PINGORA_MEMORY_RESERVATION=256M
# Optional: Global registry prefix (e.g., registry.example.com/)
# GLOBAL_REGISTRY=

82
src/pingora-proxy-manager/README.md Normal file
View File

@@ -0,0 +1,82 @@
# Pingora Proxy Manager
A high-performance, zero-downtime reverse proxy manager built on Cloudflare's [Pingora](https://github.com/cloudflare/pingora). Simple, Modern, and Fast.
## Features
- **⚡️ High Performance**: Built on Rust & Pingora, capable of handling high traffic with low latency
- **🔄 Zero-Downtime Configuration**: Dynamic reconfiguration without restarting the process
- **🔒 SSL/TLS Automation**:
- HTTP-01 challenge for single domains
- DNS-01 challenge for wildcard certificates (`*.example.com`) via Cloudflare, AWS Route53, etc.
- **🌐 Proxy Hosts**: Easy management of virtual hosts, locations, and path rewriting
- **📡 Streams (L4)**: TCP and UDP forwarding for databases, game servers, etc.
- **🛡️ Access Control**: IP whitelisting/blacklisting and Basic Authentication support
- **🎨 Modern Dashboard**: Clean and responsive UI built with React, Tailwind CSS, and shadcn/ui
- **🐳 Docker Ready**: Single container deployment for easy setup and maintenance
## Quick Start
```bash
docker compose up -d
```
Access the dashboard at `http://localhost:81`.
**Default Credentials:**
- Username: `admin`
- Password: `changeme` (Please change this immediately!)
## Ports
| Port | Description |
| ---------------------------- | ------------- |
| 80 (host) → 8080 (container) | HTTP Proxy |
| 81 (host) → 81 (container) | Dashboard/API |
| 443 (host) → 443 (container) | HTTPS Proxy |
## Environment Variables
| Variable | Default | Description |
| --------------------------------- | ------------------------------- | -------------------------------------------------------- |
| `PINGORA_VERSION` | `latest` | Docker image version |
| `TZ` | `UTC` | Timezone |
| `PINGORA_JWT_SECRET` | `changeme_in_production_please` | JWT secret for authentication (**change in production**) |
| `PINGORA_LOG_LEVEL` | `info` | Log level (trace, debug, info, warn, error) |
| `PINGORA_HTTP_PORT_OVERRIDE` | `80` | Host port for HTTP proxy |
| `PINGORA_DASHBOARD_PORT_OVERRIDE` | `81` | Host port for Dashboard/API |
| `PINGORA_HTTPS_PORT_OVERRIDE` | `443` | Host port for HTTPS proxy |
## Volumes
| Volume | Path | Description |
| -------------- | ------------------ | -------------------------------- |
| `pingora_data` | `/app/data` | SQLite database and certificates |
| `pingora_logs` | `/app/logs` | Application logs |
| `letsencrypt` | `/etc/letsencrypt` | Let's Encrypt certificates |
## Architecture
- **Data Plane (8080/443)**: Pingora handles all traffic with high efficiency
- **Control Plane (81)**: Axum serves the API and Dashboard
- **SSL Management**: Integrated Certbot for robust ACME handling
- **State Management**: ArcSwap for lock-free configuration reads
- **Database**: SQLite for persistent storage of hosts and certificates
## Security Notes
- **Always change the default credentials** immediately after deployment
- **Set a strong `JWT_SECRET`** in production environments
- The container runs with minimal capabilities (`NET_BIND_SERVICE` only)
- Read-only root filesystem enabled for enhanced security
## References
- [Pingora Proxy Manager GitHub](https://github.com/DDULDDUCK/pingora-proxy-manager)
- [Cloudflare Pingora](https://github.com/cloudflare/pingora)
- [Docker Hub](https://hub.docker.com/r/dduldduck/pingora-proxy-manager)
## License
MIT License - see the [upstream project](https://github.com/DDULDDUCK/pingora-proxy-manager/blob/master/LICENSE) for details.

82
src/pingora-proxy-manager/README.zh.md Normal file
View File

@@ -0,0 +1,82 @@
# Pingora Proxy Manager
基于 Cloudflare [Pingora](https://github.com/cloudflare/pingora) 构建的高性能、零停机反向代理管理器。简单、现代、快速。
## 特性
- **⚡️ 高性能**:基于 Rust 和 Pingora 构建,能够以低延迟处理高流量
- **🔄 零停机配置**:动态重新配置,无需重启进程
- **🔒 SSL/TLS 自动化**
- HTTP-01 验证用于单个域名
- DNS-01 验证用于通配符证书(`*.example.com`),支持 Cloudflare、AWS Route53 等
- **🌐 代理主机**:轻松管理虚拟主机、位置和路径重写
- **📡 流L4**TCP 和 UDP 转发,适用于数据库、游戏服务器等
- **🛡️ 访问控制**:支持 IP 白名单/黑名单和基本认证
- **🎨 现代化仪表板**:使用 React、Tailwind CSS 和 shadcn/ui 构建的简洁响应式 UI
- **🐳 Docker 就绪**:单容器部署,易于设置和维护
## 快速开始
```bash
docker compose up -d
```
访问仪表板:`http://localhost:81`
**默认凭据:**
- 用户名:`admin`
- 密码:`changeme`(请立即更改!)
## 端口
| 端口 | 描述 |
| ------------------------ | ---------- |
| 80主机→ 8080容器 | HTTP 代理 |
| 81主机→ 81容器 | 仪表板/API |
| 443主机→ 443容器 | HTTPS 代理 |
## 环境变量
| 变量 | 默认值 | 描述 |
| --------------------------------- | ------------------------------- | ------------------------------------------- |
| `PINGORA_VERSION` | `latest` | Docker 镜像版本 |
| `TZ` | `UTC` | 时区 |
| `PINGORA_JWT_SECRET` | `changeme_in_production_please` | 认证用的 JWT 密钥(**生产环境必须更改** |
| `PINGORA_LOG_LEVEL` | `info` | 日志级别trace、debug、info、warn、error |
| `PINGORA_HTTP_PORT_OVERRIDE` | `80` | HTTP 代理的主机端口 |
| `PINGORA_DASHBOARD_PORT_OVERRIDE` | `81` | 仪表板/API 的主机端口 |
| `PINGORA_HTTPS_PORT_OVERRIDE` | `443` | HTTPS 代理的主机端口 |
## 卷
| 卷 | 路径 | 描述 |
| -------------- | ------------------ | ------------------- |
| `pingora_data` | `/app/data` | SQLite 数据库和证书 |
| `pingora_logs` | `/app/logs` | 应用程序日志 |
| `letsencrypt` | `/etc/letsencrypt` | Let's Encrypt 证书 |
## 架构
- **数据平面8080/443**Pingora 高效处理所有流量
- **控制平面81**Axum 提供 API 和仪表板服务
- **SSL 管理**:集成 Certbot 进行可靠的 ACME 处理
- **状态管理**:使用 ArcSwap 实现无锁配置读取
- **数据库**SQLite 用于持久化存储主机和证书
## 安全注意事项
- 部署后**立即更改默认凭据**
- 在生产环境中**设置强密码的 `JWT_SECRET`**
- 容器以最小权限运行(仅 `NET_BIND_SERVICE`
- 启用只读根文件系统以增强安全性
## 参考链接
- [Pingora Proxy Manager GitHub](https://github.com/DDULDDUCK/pingora-proxy-manager)
- [Cloudflare Pingora](https://github.com/cloudflare/pingora)
- [Docker Hub](https://hub.docker.com/r/dduldduck/pingora-proxy-manager)
## 许可证
MIT 许可证 - 详见[上游项目](https://github.com/DDULDDUCK/pingora-proxy-manager/blob/master/LICENSE)。

54
src/pingora-proxy-manager/docker-compose.yaml Normal file
View File

@@ -0,0 +1,54 @@
# Pingora Proxy Manager - High-performance reverse proxy built on Cloudflare's Pingora
# https://github.com/DDULDDUCK/pingora-proxy-manager
x-defaults: &defaults
restart: unless-stopped
logging:
driver: json-file
options:
max-size: 100m
max-file: "3"
services:
pingora-proxy-manager:
<<: *defaults
image: ${GLOBAL_REGISTRY:-}dduldduck/pingora-proxy-manager:${PINGORA_VERSION:-v1.0.3}
ports:
- "${PINGORA_HTTP_PORT_OVERRIDE:-80}:8080"
- "${PINGORA_DASHBOARD_PORT_OVERRIDE:-81}:81"
- "${PINGORA_HTTPS_PORT_OVERRIDE:-443}:443"
volumes:
- pingora_data:/app/data
- pingora_logs:/app/logs
- letsencrypt:/etc/letsencrypt
environment:
- TZ=${TZ:-UTC}
- JWT_SECRET=${PINGORA_JWT_SECRET:-changeme_in_production_please}
- RUST_LOG=${PINGORA_LOG_LEVEL:-info}
healthcheck:
test: ["CMD", "sh", "-c", "wget -q --spider http://127.0.0.1:81/api/login || exit 1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 30s
deploy:
resources:
limits:
cpus: "${PINGORA_CPU_LIMIT:-2.00}"
memory: "${PINGORA_MEMORY_LIMIT:-512M}"
reservations:
cpus: "${PINGORA_CPU_RESERVATION:-0.50}"
memory: "${PINGORA_MEMORY_RESERVATION:-256M}"
# Security hardening
cap_drop:
- ALL
cap_add:
- NET_BIND_SERVICE
read_only: true
tmpfs:
- /tmp:size=64M
volumes:
pingora_data:
pingora_logs:
letsencrypt:

2
src/vllm/.env.example
View File

@@ -1,5 +1,5 @@
# vLLM version
VLLM_VERSION="v0.8.0"
VLLM_VERSION="v0.12.0"
# Model configuration
VLLM_MODEL="facebook/opt-125m"

2
src/vllm/README.md
View File

@@ -12,7 +12,7 @@ This service deploys vLLM, a high-throughput and memory-efficient inference and
| Variable Name | Description | Default Value |
| -------------------- | -------------------------------------- | ------------------- |
| VLLM_VERSION | vLLM image version | `v0.8.0` |
| VLLM_VERSION | vLLM image version | `v0.12.0` |
| VLLM_MODEL | Model name or path | `facebook/opt-125m` |
| VLLM_MAX_MODEL_LEN | Maximum context length | `2048` |
| VLLM_GPU_MEMORY_UTIL | GPU memory utilization (0.0-1.0) | `0.9` |

2
src/vllm/README.zh.md
View File

@@ -12,7 +12,7 @@
| 变量名 | 说明 | 默认值 |
| ---------------------- | -------------------------------- | ------------------- |
| `VLLM_VERSION` | vLLM 镜像版本 | `v0.8.0` |
| `VLLM_VERSION` | vLLM 镜像版本 | `v0.12.0` |
| `VLLM_MODEL` | 模型名称或路径 | `facebook/opt-125m` |
| `VLLM_MAX_MODEL_LEN` | 最大上下文长度 | `2048` |
| `VLLM_GPU_MEMORY_UTIL` | GPU 内存利用率0.0-1.0 | `0.9` |

2
src/vllm/docker-compose.yaml
View File

@@ -9,7 +9,7 @@ x-defaults: &defaults
services:
vllm:
<<: *defaults
image: ${GLOBAL_REGISTRY:-}vllm/vllm-openai:${VLLM_VERSION:-v0.8.0}
image: ${GLOBAL_REGISTRY:-}vllm/vllm-openai:${VLLM_VERSION:-v0.12.0}
ports:
- "${VLLM_PORT_OVERRIDE:-8000}:8000"
volumes: