xuqmGroup/XuqmGroup-PrivateDeploy
1
0
派生 0
代码 工单 合并请求 Actions 软件包 项目 版本发布 百科 动态
60aeb61433
XuqmGroup-PrivateDeploy/docker-compose.yml
徐勤民 e5ffde39a0 fix(docker-compose): add SPRING_DATASOURCE/REDIS overrides to all services 
im-service, push-service, update-service, license-service were missing the
SPRING_DATASOURCE_URL/USERNAME/PASSWORD environment overrides that tenant-service
and file-service already had. Without these, all services connected to the
hardcoded production database (39.107.53.187) instead of the local private MySQL,
causing mutations in the private deployment to affect the public platform.

im-service also gets SPRING_DATA_REDIS_* overrides to replace the hardcoded
redisdev.xuqinmin.com Redis connection.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-19 18:23:27 +08:00

178 行
8.2 KiB
YAML
原始文件 Blame 文件历史

此文件含有模棱两可的 Unicode 字符

此文件含有可能会与其他字符混淆的 Unicode 字符。 如果您是想特意这样的,可以安全地忽略该警告。 使用 Escape 按钮显示他们。

# =============================================================================
# XuqmGroup 私有化部署 — 业务服务编排
#
# 说明:
# - 基础设施MySQL / Redis在 docker-compose.infra.yml 中定义
# - 使用 --profile 控制启动哪些服务(配合 .env 中的 COMPOSE_PROFILES
# - 所有服务密码通过 config/secrets.env 注入,不写在本文件
# - Spring Boot 数据库 URL 通过 environment: 覆盖,优先级高于 application.yml
# =============================================================================
services:
# ---------------------------------------------------------------------------
# 核心 API 服务(必须)
# 端口9001内部,nginx 代理 /api/* 和 /actuator/*
# ---------------------------------------------------------------------------
tenant-service:
image: ${REGISTRY}/tenant-service:${IMAGE_TAG}
profiles: ["base"]
env_file:
- ./config/xuqm.env # 业务配置:运行模式、域名、功能开关
- ./config/secrets.env # 敏感配置密码、Token
- ./config/tenant/bootstrap.env # 初始租户配置
environment:
# 覆盖 application.yml 中硬编码的生产地址,私有化部署必须保留此块
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SPRING_DATA_REDIS_HOST: "${REDIS_HOST}"
SPRING_DATA_REDIS_PORT: "${REDIS_PORT:-6379}"
SPRING_DATA_REDIS_PASSWORD: "${REDIS_PASSWORD}"
SPRING_DATA_REDIS_DATABASE: "${REDIS_DATABASE:-0}"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 文件服务(必须)
# 端口8086内部,nginx 代理 /file/*
# 文件数据持久化到 ./data/uploads
# ---------------------------------------------------------------------------
file-service:
image: ${REGISTRY}/file-service:${IMAGE_TAG}
profiles: ["base"]
env_file:
- ./config/xuqm.env
- ./config/secrets.env
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SPRING_DATA_REDIS_HOST: "${REDIS_HOST}"
SPRING_DATA_REDIS_PORT: "${REDIS_PORT:-6379}"
SPRING_DATA_REDIS_PASSWORD: "${REDIS_PASSWORD}"
SPRING_DATA_REDIS_DATABASE: "${REDIS_DATABASE:-0}"
volumes:
- ./data/uploads:/data/uploads # 上传文件持久化目录
restart: unless-stopped
# ---------------------------------------------------------------------------
# 控制台前端(必须)
# 租户登录、App 管理、功能配置界面
# nginx 代理 / 根路径
# ---------------------------------------------------------------------------
tenant-web:
image: ${REGISTRY}/tenant-web:${IMAGE_TAG}
profiles: ["base"]
restart: unless-stopped
# ---------------------------------------------------------------------------
# 运营后台前端(必须)
# 管理员登录界面,nginx 代理 /ops
# ---------------------------------------------------------------------------
ops-web:
image: ${REGISTRY}/ops-web:${IMAGE_TAG}
profiles: ["base"]
restart: unless-stopped
# ---------------------------------------------------------------------------
# Nginx 反向代理(必须)
# 统一入口:端口 80HTTP和 443HTTPS
# 路由所有请求到各后端容器
# ---------------------------------------------------------------------------
nginx:
image: nginx:1.27-alpine
profiles: ["base"]
ports:
- "80:80" # HTTP
- "443:443" # HTTPS需要配置证书,见 docs/runbook.md
volumes:
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./config/nginx/conf.d:/etc/nginx/conf.d:ro
depends_on:
tenant-service:
condition: service_started
tenant-web:
condition: service_started
ops-web:
condition: service_started
restart: unless-stopped
# ---------------------------------------------------------------------------
# IM 服务可选,profile: im
# 端口8082内部
# 提供IM HTTP API/api/im/)和 WebSocket/ws/im/
# ---------------------------------------------------------------------------
im-service:
image: ${REGISTRY}/im-service:${IMAGE_TAG}
profiles: ["im"]
env_file:
- ./config/xuqm.env
- ./config/secrets.env
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SPRING_DATA_REDIS_HOST: "${REDIS_HOST}"
SPRING_DATA_REDIS_PORT: "${REDIS_PORT:-6379}"
SPRING_DATA_REDIS_PASSWORD: "${REDIS_PASSWORD}"
SPRING_DATA_REDIS_DATABASE: "${REDIS_DATABASE:-0}"
TENANT_SERVICE_URL: "http://tenant-service:9001"
PUSH_SERVICE_URL: "http://push-service:8083"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 推送服务可选,profile: push
# 端口8083内部
# 负责通过华为/小米/OPPO/vivo/荣耀/APNs/FCM 下发推送通知
# ---------------------------------------------------------------------------
push-service:
image: ${REGISTRY}/push-service:${IMAGE_TAG}
profiles: ["push"]
env_file:
- ./config/xuqm.env
- ./config/secrets.env
- ./config/vendors/push.env # 各厂商推送凭据
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
restart: unless-stopped
# ---------------------------------------------------------------------------
# 版本管理服务可选,profile: update
# 端口8084内部
# 负责APP 版本发布、RN 热更新包、应用市场自动提交
# ---------------------------------------------------------------------------
update-service:
image: ${REGISTRY}/update-service:${IMAGE_TAG}
profiles: ["update"]
env_file:
- ./config/xuqm.env
- ./config/secrets.env
- ./config/vendors/store-submit.env # 各应用市场发布凭据
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
SDK_TENANT_SERVICE_URL: "http://tenant-service:9001"
volumes:
- ./data/update:/data/update # 版本包存储目录
restart: unless-stopped
# ---------------------------------------------------------------------------
# License 服务可选,profile: license
# 端口8085内部
# 负责设备激活数量校验和 License 有效期管理
# ---------------------------------------------------------------------------
license-service:
image: ${REGISTRY}/license-service:${IMAGE_TAG}
profiles: ["license"]
env_file:
- ./config/xuqm.env
- ./config/secrets.env
environment:
SPRING_DATASOURCE_URL: "jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:-3306}/${MYSQL_DATABASE:-xuqm_private}?useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true"
SPRING_DATASOURCE_USERNAME: "${MYSQL_USERNAME:-xuqm}"
SPRING_DATASOURCE_PASSWORD: "${MYSQL_PASSWORD}"
restart: unless-stopped
在新工单中引用 查看 Git Blame 复制永久链接