xuqmGroup/XuqmGroup-PrivateDeploy
1
0
派生 0
代码 工单 合并请求 Actions 软件包 项目 版本发布 百科 动态
35f07bad95
XuqmGroup-PrivateDeploy/docker-compose.yml
徐勤民 a55121aa05 feat(nginx): 内置路由 nginx 作为统一入口,宿主机 nginx 只需一条 proxy_pass 
将 nginx 容器从可选 profile 改为 base 必启服务,绑定 127.0.0.1:11223。
新增 config/nginx/conf.d/xuqm.conf 按 Docker 服务名路由所有内部请求。
部署完成提示从多条 location 精简为单条 proxy_pass http://127.0.0.1:11223。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-20 16:13:04 +08:00

193 行
8.5 KiB
YAML
原始文件 Blame 文件历史

此文件含有模棱两可的 Unicode 字符

此文件含有可能会与其他字符混淆的 Unicode 字符。 如果您是想特意这样的,可以安全地忽略该警告。 使用 Escape 按钮显示他们。

# =============================================================================
# XuqmGroup 私有化部署 — 业务服务编排
#
# 说明:
# - 基础设施MySQL / Redis在 docker-compose.infra.yml 中定义
# - 使用 --profile 控制启动哪些服务(配合 .env 中的 COMPOSE_PROFILES
# - 所有服务密码通过 config/secrets.env 注入,不写在本文件
# - Spring Boot 数据库 URL 通过 environment: 覆盖,优先级高于 application.yml
# =============================================================================
services:
# ---------------------------------------------------------------------------
# 核心 API 服务(必须)
# 端口9001内部,nginx 代理 /api/* 和 /actuator/*
# ---------------------------------------------------------------------------
tenant-service:
image: ${REGISTRY}/tenant-service:${IMAGE_TAG}
profiles: ["base"]
ports:
- "127.0.0.1:11224:9001"
env_file:
- ./config/xuqm.env # 业务配置:运行模式、域名、功能开关
- ./config/secrets.env # 敏感配置密码、Token
- ./config/tenant/bootstrap.env # 初始租户配置
environment:
# 覆盖 application.yml 中硬编码的生产地址,私有化部署必须保留此块
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SPRING_DATA_REDIS_HOST: "${REDIS_HOST}"
SPRING_DATA_REDIS_PORT: "${REDIS_PORT:-6379}"
SPRING_DATA_REDIS_PASSWORD: "${REDIS_PASSWORD}"
SPRING_DATA_REDIS_DATABASE: "${REDIS_DATABASE:-0}"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 文件服务(必须)
# 端口8086内部,nginx 代理 /file/*
# 文件数据持久化到 ./data/uploads
# ---------------------------------------------------------------------------
file-service:
image: ${REGISTRY}/file-service:${IMAGE_TAG}
profiles: ["base"]
ports:
- "127.0.0.1:11225:8086"
env_file:
- ./config/xuqm.env
- ./config/secrets.env
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SPRING_DATA_REDIS_HOST: "${REDIS_HOST}"
SPRING_DATA_REDIS_PORT: "${REDIS_PORT:-6379}"
SPRING_DATA_REDIS_PASSWORD: "${REDIS_PASSWORD}"
SPRING_DATA_REDIS_DATABASE: "${REDIS_DATABASE:-0}"
volumes:
- ./data/uploads:/data/uploads # 上传文件持久化目录
restart: unless-stopped
# ---------------------------------------------------------------------------
# 控制台前端(必须)
# 租户登录、App 管理、功能配置界面
# nginx 代理 / 根路径
# ---------------------------------------------------------------------------
tenant-web:
image: ${REGISTRY}/tenant-web:${IMAGE_TAG}
profiles: ["base"]
ports:
- "127.0.0.1:11226:80"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 运营后台前端(必须)
# 管理员登录界面,nginx 代理 /ops
# ---------------------------------------------------------------------------
ops-web:
image: ${REGISTRY}/ops-web:${IMAGE_TAG}
profiles: ["base"]
ports:
- "127.0.0.1:11227:80"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 内置路由 nginx必须
# 统一处理所有内部路由,对外只暴露 127.0.0.1:11223。
# 宿主机 nginx 只需一条 proxy_pass http://127.0.0.1:11223 即可。
# ---------------------------------------------------------------------------
nginx:
image: nginx:1.27-alpine
profiles: ["base"]
ports:
- "127.0.0.1:11223:80"
volumes:
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./config/nginx/conf.d:/etc/nginx/conf.d:ro
depends_on:
tenant-service:
condition: service_started
tenant-web:
condition: service_started
ops-web:
condition: service_started
restart: unless-stopped
# ---------------------------------------------------------------------------
# IM 服务可选,profile: im
# 端口8082内部
# 提供IM HTTP API/api/im/)和 WebSocket/ws/im/
# ---------------------------------------------------------------------------
im-service:
image: ${REGISTRY}/im-service:${IMAGE_TAG}
profiles: ["im"]
ports:
- "127.0.0.1:11228:8082"
env_file:
- ./config/xuqm.env
- ./config/secrets.env
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SPRING_DATA_REDIS_HOST: "${REDIS_HOST}"
SPRING_DATA_REDIS_PORT: "${REDIS_PORT:-6379}"
SPRING_DATA_REDIS_PASSWORD: "${REDIS_PASSWORD}"
SPRING_DATA_REDIS_DATABASE: "${REDIS_DATABASE:-0}"
TENANT_SERVICE_URL: "http://tenant-service:9001"
PUSH_SERVICE_URL: "http://push-service:8083"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 推送服务可选,profile: push
# 端口8083内部
# 负责通过华为/小米/OPPO/vivo/荣耀/APNs/FCM 下发推送通知
# ---------------------------------------------------------------------------
push-service:
image: ${REGISTRY}/push-service:${IMAGE_TAG}
profiles: ["push"]
ports:
- "127.0.0.1:11229:8083"
env_file:
- ./config/xuqm.env
- ./config/secrets.env
- ./config/vendors/push.env # 各厂商推送凭据
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 版本管理服务可选,profile: update
# 端口8084内部
# 负责APP 版本发布、RN 热更新包、应用市场自动提交
# ---------------------------------------------------------------------------
update-service:
image: ${REGISTRY}/update-service:${IMAGE_TAG}
profiles: ["update"]
ports:
- "127.0.0.1:11230:8084"
env_file:
- ./config/xuqm.env
- ./config/secrets.env
- ./config/vendors/store-submit.env # 各应用市场发布凭据
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SDK_TENANT_SERVICE_URL: "http://tenant-service:9001"
volumes:
- ./data/update:/data/update # 版本包存储目录
restart: unless-stopped
# ---------------------------------------------------------------------------
# License 服务可选,profile: license
# 端口8085内部
# 负责设备激活数量校验和 License 有效期管理
# ---------------------------------------------------------------------------
license-service:
image: ${REGISTRY}/license-service:${IMAGE_TAG}
profiles: ["license"]
ports:
- "127.0.0.1:11231:8085"
env_file:
- ./config/xuqm.env
- ./config/secrets.env
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
restart: unless-stopped
在新工单中引用 查看 Git Blame 复制永久链接