xuqmGroup/XuqmGroup-PrivateDeploy
1
0
派生 0
代码 工单 合并请求 Actions 软件包 项目 版本发布 百科 动态
36 提交 1 分支 0 Git标签 619 KiB
5e75dbeb90
提交图

8 次代码提交

作者 SHA1 备注 提交日期
徐勤民
5e75dbeb90 fix(nginx): 添加 Docker DNS resolver 防止容器重建后 IP 缓存失效 
nginx 默认在启动时静态解析上游服务名,容器重建后 IP 变更导致
502 Connection refused。添加 resolver 127.0.0.11 valid=10s 让
nginx 定期重解析,服务重建后无需手动 reload nginx。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-21 11:13:10 +08:00
徐勤民
a327a262dd feat(deploy): 移除 ops-web、修复 SDK URL 注入、新增一键升级 
核心变更:
- 完全移除 ops-web 容器(私有化部署无需运营后台)
- nginx sub_filter 替换前端 JS bundle 中的公网 SDK URL
- deploy.sh 写入正确的 SDK_IM_WS_URL / SDK_IM_API_URL / SDK_FILE_SERVICE_URL
- 新增 scripts/update.sh:热更新脚本,修复配置 + 可选拉镜像 + 重启 + 验证
- 新增 upgrade.sh:一键升级入口,curl 下载后直接执行,流程同 install.sh
- install.sh 检测已有部署(.env 存在),自动路由到 update.sh 而非重跑向导
- 关键配置文件(.env / secrets.env / xuqm.env)在 tarball 解压前备份后恢复

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-20 18:25:12 +08:00
徐勤民
a55121aa05 feat(nginx): 内置路由 nginx 作为统一入口,宿主机 nginx 只需一条 proxy_pass 
将 nginx 容器从可选 profile 改为 base 必启服务,绑定 127.0.0.1:11223。
新增 config/nginx/conf.d/xuqm.conf 按 Docker 服务名路由所有内部请求。
部署完成提示从多条 location 精简为单条 proxy_pass http://127.0.0.1:11223。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-20 16:13:04 +08:00
徐勤民
f2f9f06bf7 chore(config): 删除私有部署配置文件 
- 移除 .deploy-state/current.json 部署状态文件
- 移除 .deploy-state/last-healthcheck.json 健康检查记录文件
- 移除 .deploy-state/progress.md 部署进度文档
- 移除 config/docs/docs-runtime.json 文档运行时配置文件
- 移除 config/sdk/xuqm-private-sdk.json SDK配置文件
 2026-05-20 15:54:16 +08:00
徐勤民
d2599a0c1e fix(nginx): WebSocket trailing slash, 413 on file upload, domain+HTTPS support 
- nginx: /ws/im/ → /ws/im (trailing slash broke ?token= WebSocket connections)
- nginx: add /api/file/ location before /api/ with 500m limit (fixes 413)
- deploy.sh: default DEPLOY_HOST to localhost instead of 127.0.0.1
- deploy.sh: add interactive domain/HTTPS configuration step (0c)
  - optional custom domain with validation
  - optional HTTPS via Let's Encrypt certbot (standalone, before nginx starts)
  - generates SSL nginx config (two-server-block) and docker-compose.override.yml
  - SDK_IM_WS_URL and imWsUrl use _WS_SCHEME (ws/wss) based on protocol
- deploy.sh: add info() helper function

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-19 18:12:48 +08:00
徐勤民
43a423b85c feat: 一键安装向导 + 交互式租户初始化 
- 新增 install.sh:curl 一键下载依赖安装 + 自动解压部署包 + 启动部署向导
- deploy-szyx.sh:移除硬编码租户常量,改为交互式选择(新建/迁移)
  - 新建租户:收集邮箱/用户名/密码,bcrypt 写入 bootstrap.env
  - 迁移租户:提示输入生产 MySQL 配置,bcrypt 验证主账号后执行迁移
  - 已有数据时迁移前显示红色警告要求 yes 确认
- 移除 docs-site 独立容器(文档已内置于 tenant-web/docs/)
- nginx 和 docker-compose 同步清理 docs-site 残留配置

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-19 14:29:57 +08:00
徐勤民
20423a0347 fix: add Spring Boot DB/Redis overrides and full nginx routing 
- docker-compose.yml: add SPRING_DATASOURCE_* and SPRING_DATA_REDIS_*
  environment vars for tenant-service and file-service; these override
  hardcoded production URLs in application.yml at startup.
  docs-site depends_on marked required:false so nginx starts even when
  docs-site image is unavailable.
- config/nginx/conf.d/xuqm.conf: add routing for /api/ and /actuator/
  to tenant-service:9001, /file/ to file-service:8086, /ops to ops-web;
  add client_max_body_size 100m and proxy headers.

Discovered and verified during P5-01 WSL2 acceptance testing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-19 00:13:09 +08:00
徐勤民
4ada03183a chore: scaffold private deployment repository 2026-05-18 19:49:31 +08:00