init

check-conn.sh

@@ -0,0 +1,180 @@
+#!/usr/bin/env bash
+# =============================================================================
+#  check-conn.sh — 验证远程服务连接（MongoDB 和 Amazon S3）
+#
+#  用法:
+#    ./check-conn.sh           # 同时检查 MongoDB 和 S3
+#    ./check-conn.sh mongo     # 只检查 MongoDB
+#    ./check-conn.sh s3        # 只检查 S3
+# =============================================================================
+set -euo pipefail
+source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh"
+load_env
+init_script_log       # ← 脚本执行日志
+
+TARGET="${1:-all}"
+
+header "远程服务连接检查"
+
+# ──────────────────────────────────────────────────────────────────────────────
+# MongoDB
+# ──────────────────────────────────────────────────────────────────────────────
+check_mongo() {
+  step "MongoDB: ${MONGO_HOST}:${MONGO_PORT}/${MONGO_DATABASE}"
+
+  echo -e "  Host:       ${MONGO_HOST}"
+  echo -e "  Port:       ${MONGO_PORT}"
+  echo -e "  Database:   ${MONGO_DATABASE}"
+  echo -e "  AuthSource: ${MONGO_AUTHSOURCE}"
+  echo -e "  Username:   ${MONGO_USERNAME}"
+  echo ""
+
+  MONGO_URI="mongodb://${MONGO_USERNAME}:${MONGO_PASSWORD}@${MONGO_HOST}:${MONGO_PORT}/${MONGO_DATABASE}?authSource=${MONGO_AUTHSOURCE}&directConnection=true"
+
+  # 方法1：mongosh
+  if command -v mongosh &>/dev/null; then
+    info "使用 mongosh 验证..."
+    if mongosh "$MONGO_URI" --quiet --eval \
+        'db.runCommand({ping:1}); db.getSiblingDB("'"${MONGO_DATABASE}"'").getCollectionNames().slice(0,5)' \
+        2>/dev/null; then
+      success "MongoDB 连接正常 ✓"
+    else
+      error "MongoDB 连接失败！请检查 .env.local 中的配置"
+      echo ""
+      echo "  排查步骤："
+      echo "  1. 确认 MongoDB 服务器 ${MONGO_HOST} 可从本机访问"
+      echo "  2. 确认端口 ${MONGO_PORT} 已开放防火墙"
+      echo "  3. 确认用户名/密码/authSource 正确"
+      echo "  4. 手动测试: mongosh \"$MONGO_URI\""
+    fi
+  # 方法2：nc 端口连通
+  elif command -v nc &>/dev/null; then
+    info "mongosh 未安装，使用 nc 检查端口..."
+    if nc -z -w5 "${MONGO_HOST}" "${MONGO_PORT}" 2>/dev/null; then
+      success "MongoDB 端口 ${MONGO_HOST}:${MONGO_PORT} 可达 ✓"
+      warn "（未验证认证，安装 mongosh 可做完整测试）"
+    else
+      error "MongoDB 端口不可达: ${MONGO_HOST}:${MONGO_PORT}"
+    fi
+  # 方法3：Python pymongo
+  elif command -v python3 &>/dev/null && python3 -c "import pymongo" 2>/dev/null; then
+    info "使用 Python pymongo 验证..."
+    python3 - <<PYEOF
+from pymongo import MongoClient
+import sys
+try:
+    c = MongoClient("${MONGO_URI}", serverSelectionTimeoutMS=5000)
+    c.server_info()
+    print("  MongoDB 连接正常 ✓")
+    c.close()
+except Exception as e:
+    print(f"  连接失败: {e}", file=sys.stderr)
+    sys.exit(1)
+PYEOF
+    [[ $? -eq 0 ]] && success "MongoDB 连接正常" || error "MongoDB 连接失败"
+  else
+    warn "跳过 MongoDB 连接验证（请安装 mongosh: brew install mongosh）"
+    echo -e "  手动验证: mongosh \"${MONGO_URI}\""
+  fi
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# Amazon S3
+# ──────────────────────────────────────────────────────────────────────────────
+# 通用 S3 检查函数
+# 用法: _check_s3_bucket <label> <key_id> <secret_key> <region> <bucket> [endpoint]
+_check_s3_bucket() {
+  local label="$1" key_id="$2" secret_key="$3" region="$4" bucket="$5" endpoint="${6:-}"
+
+  echo -e "  Bucket:    ${bucket}"
+  echo -e "  Region:    ${region}"
+  echo -e "  AccessKey: ${key_id}"
+  [[ -n "$endpoint" ]] && echo -e "  Endpoint:  ${endpoint}"
+  echo ""
+
+  if [[ "${key_id}" == "YOUR_"* || -z "${key_id}" ]]; then
+    error "S3 AccessKeyID 未配置，请编辑 .env.local"
+    return 1
+  fi
+
+  if command -v aws &>/dev/null; then
+    info "使用 awscli 验证..."
+    local endpoint_arg=""
+    [[ -n "$endpoint" ]] && endpoint_arg="--endpoint-url $endpoint"
+
+    local result rc=0
+    result=$(
+      AWS_ACCESS_KEY_ID="$key_id" \
+      AWS_SECRET_ACCESS_KEY="$secret_key" \
+      AWS_DEFAULT_REGION="$region" \
+      aws s3 ls "s3://${bucket}" $endpoint_arg 2>&1 | head -5
+    ) || rc=$?
+
+    if [[ $rc -eq 0 ]]; then
+      success "S3 Bucket 可访问 ✓"
+      [[ -n "$result" ]] && echo "$result" | sed 's/^/  /' || echo "  （Bucket 为空）"
+    else
+      error "S3 访问失败！错误: $result"
+      echo "  排查: 确认 AccessKey/SecretKey、Bucket 名称、IAM s3:ListBucket 权限"
+    fi
+
+    # 测试写入
+    info "测试写入权限..."
+    local test_key="local-dev-test-$(date +%s)"
+    local write_ok=false
+    AWS_ACCESS_KEY_ID="$key_id" \
+    AWS_SECRET_ACCESS_KEY="$secret_key" \
+    AWS_DEFAULT_REGION="$region" \
+    aws s3 cp /dev/stdin "s3://${bucket}/${test_key}" \
+      $endpoint_arg --content-type text/plain \
+      <<< "local-dev-test" 2>/dev/null && write_ok=true || true
+
+    if $write_ok; then
+      AWS_ACCESS_KEY_ID="$key_id" AWS_SECRET_ACCESS_KEY="$secret_key" \
+      AWS_DEFAULT_REGION="$region" \
+      aws s3 rm "s3://${bucket}/${test_key}" $endpoint_arg 2>/dev/null || true
+      success "S3 写入权限正常 ✓"
+    else
+      warn "S3 写入测试失败（Bucket 可读但可能无写权限）"
+    fi
+  else
+    warn "awscli 未安装，跳过验证（brew install awscli）"
+    echo "  手动验证: AWS_ACCESS_KEY_ID=${key_id} aws s3 ls s3://${bucket}"
+  fi
+}
+
+check_s3() {
+  step "S3 (open-im-server) — IM 文件存储"
+  _check_s3_bucket \
+    "openim" \
+    "${OPENIM_AWS_ACCESS_KEY_ID}" \
+    "${OPENIM_AWS_SECRET_ACCESS_KEY}" \
+    "${OPENIM_AWS_REGION}" \
+    "${OPENIM_AWS_BUCKET}" \
+    "${OPENIM_AWS_ENDPOINT:-}"
+
+  echo ""
+  step "S3 (build-server) — App APK/IPA 构建产物"
+  _check_s3_bucket \
+    "build" \
+    "${BUILD_AWS_ACCESS_KEY}" \
+    "${BUILD_AWS_SECRET_KEY}" \
+    "${BUILD_AWS_REGION}" \
+    "${BUILD_AWS_BUCKET}"
+}
+
+# ──────────────────────────────────────────────────────────────────────────────
+# 入口
+# ──────────────────────────────────────────────────────────────────────────────
+case "$TARGET" in
+  all)   check_mongo; echo ""; check_s3 ;;
+  mongo) check_mongo ;;
+  s3)    check_s3 ;;
+  *)
+    error "未知参数: $TARGET"
+    echo "用法: $0 [all|mongo|s3]"
+    exit 1
+    ;;
+esac
+
+echo ""