# Docker Compose生产环境配置文件 # 若依框架前后端分离Docker部署方案 - 生产环境 # Requirements: 5.3, 6.5 version: '3.8' services: # Redis缓存服务 - 生产环境配置 anxin-redis: image: redis:7.2-alpine container_name: anxin-redis-prod restart: always environment: TZ: Asia/Shanghai ports: - "127.0.0.1:${REDIS_PORT_EXPORT:-6379}:6379" # 生产环境仅绑定本地接口 volumes: - redis-data-prod:/data - redis-logs-prod:/var/log/redis networks: - anxin-prod-network deploy: resources: limits: memory: ${REDIS_MEMORY_LIMIT:-256M} cpus: '${REDIS_CPU_LIMIT:-0.5}' reservations: memory: 128M cpus: '0.25' healthcheck: test: ["CMD", "redis-cli", "ping"] timeout: 10s retries: 5 interval: 30s start_period: 30s command: redis-server --appendonly yes --maxmemory 200mb --maxmemory-policy allkeys-lru --requirepass ${REDIS_PASSWORD:-} logging: driver: "json-file" options: max-size: "${LOG_MAX_SIZE:-200m}" max-file: "${LOG_MAX_FILES:-15}" security_opt: - no-new-privileges:true # MySQL数据库服务 - 生产环境配置 anxin-mysql: image: mysql:8.0.36 container_name: anxin-mysql-prod restart: always environment: MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} MYSQL_DATABASE: ${DB_NAME:-anxin_prod} MYSQL_USER: ${DB_USER:-anxin_prod} MYSQL_PASSWORD: ${DB_PASSWORD} TZ: Asia/Shanghai ports: - "${DB_PORT:-3306}:3306" # 允许外部访问,使用环境变量指定的端口 volumes: - mysql-data-prod:/var/lib/mysql - ./database/init:/docker-entrypoint-initdb.d:ro - ./configs/my.cnf.prod:/etc/mysql/conf.d/my.cnf:ro - mysql-logs-prod:/var/log/mysql networks: - anxin-prod-network deploy: resources: limits: memory: ${DATABASE_MEMORY_LIMIT:-1024M} cpus: '${DATABASE_CPU_LIMIT:-1.0}' reservations: memory: 512M cpus: '0.5' healthcheck: test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "root", "-p${MYSQL_ROOT_PASSWORD}"] timeout: 20s retries: 10 interval: 30s start_period: 60s logging: driver: "json-file" options: max-size: "${LOG_MAX_SIZE:-200m}" max-file: "${LOG_MAX_FILES:-15}" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp - /var/run/mysqld # Spring Boot后端服务 - 生产环境配置 anxin-backend: build: context: ../ dockerfile: docker/backend/Dockerfile target: production image: anxin-backend:prod container_name: anxin-backend-prod restart: always environment: # 数据库连接配置 - 使用与启动脚本一致的环境变量名 DB_HOST: anxin-mysql DB_PORT: 3306 DB_NAME: ${DB_NAME:-anxin_prod} DB_USER: ${DB_USER:-anxin_prod} DB_PASSWORD: ${DB_PASSWORD} # Redis配置 REDIS_HOST: ${REDIS_HOST:-anxin-redis} REDIS_PORT: ${REDIS_PORT:-6379} REDIS_PASSWORD: ${REDIS_PASSWORD:-} REDIS_DATABASE: ${REDIS_DATABASE:-0} # Spring Boot配置 SPRING_PROFILES_ACTIVE: ${SPRING_PROFILES_ACTIVE:-prod} SERVER_PORT: 8080 # JVM配置 JAVA_OPTS: ${JAVA_OPTS:--Xms1024m -Xmx2048m -Djava.security.egd=file:/dev/./urandom -XX:+UseG1GC -XX:+UseStringDeduplication} # 日志配置 LOG_LEVEL: ${LOG_LEVEL:-WARN} LOG_PATH: /app/logs LOG_MAX_SIZE: ${LOG_MAX_SIZE:-200MB} LOG_MAX_FILES: ${LOG_MAX_FILES:-15} # 文件上传路径 UPLOAD_PATH: /app/uploadPath # 系统配置 TZ: Asia/Shanghai # 生产环境特有配置 MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE: health,info,metrics MANAGEMENT_ENDPOINT_HEALTH_SHOW_DETAILS: never LOGGING_LEVEL_COM_RUOYI: WARN LOGGING_LEVEL_ROOT: WARN # 安全配置 SPRING_SECURITY_REQUIRE_SSL: true SERVER_SSL_ENABLED: false # 通过反向代理处理SSL ports: - "127.0.0.1:${BACKEND_PORT:-8080}:8080" # 生产环境仅绑定本地接口 volumes: - backend-logs-prod:/app/logs - backend-uploads-prod:/app/uploadPath - ./configs:/app/config:ro networks: - anxin-prod-network depends_on: anxin-mysql: condition: service_healthy anxin-redis: condition: service_healthy deploy: resources: limits: memory: ${BACKEND_MEMORY_LIMIT:-2048M} cpus: '${BACKEND_CPU_LIMIT:-2.0}' reservations: memory: 1024M cpus: '1.0' replicas: ${BACKEND_REPLICAS:-1} healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:8080/actuator/health || exit 1"] timeout: 30s retries: 5 interval: 30s start_period: 120s logging: driver: "json-file" options: max-size: "${LOG_MAX_SIZE:-200m}" max-file: "${LOG_MAX_FILES:-15}" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp # Vue3前端服务 - 生产环境配置 anxin-frontend: build: context: ../ dockerfile: docker/frontend/Dockerfile target: production args: API_BASE_URL: ${API_BASE_URL:-http://localhost:8080} NODE_ENV: production image: anxin-frontend:prod container_name: anxin-frontend-prod restart: always environment: TZ: Asia/Shanghai NODE_ENV: production ports: - "${FRONTEND_PORT:-80}:80" volumes: - frontend-logs-prod:/var/log/nginx - ./configs/nginx.conf.prod:/etc/nginx/conf.d/default.conf:ro networks: - anxin-prod-network depends_on: anxin-backend: condition: service_healthy deploy: resources: limits: memory: ${FRONTEND_MEMORY_LIMIT:-512M} cpus: '${FRONTEND_CPU_LIMIT:-1.0}' reservations: memory: 256M cpus: '0.5' replicas: ${FRONTEND_REPLICAS:-1} healthcheck: test: ["CMD-SHELL", "curl -f http://localhost/ || exit 1"] timeout: 10s retries: 3 interval: 30s start_period: 30s logging: driver: "json-file" options: max-size: "${LOG_MAX_SIZE:-200m}" max-file: "${LOG_MAX_FILES:-15}" security_opt: - no-new-privileges:true # 网络配置 - 生产环境 networks: anxin-prod-network: name: ${NETWORK_NAME:-anxin-prod-network} driver: bridge ipam: driver: default config: - subnet: ${SUBNET:-172.23.0.0/16} gateway: ${GATEWAY:-172.23.0.1} driver_opts: com.docker.network.bridge.name: anxin-prod-br0 # 卷配置 - 生产环境 volumes: # Redis数据持久化卷 redis-data-prod: driver: local driver_opts: type: none o: bind device: ${REDIS_DATA_PATH:-./data/production/redis} # Redis日志卷 redis-logs-prod: driver: local driver_opts: type: none o: bind device: ${REDIS_LOG_PATH:-./log/production/redis} # 数据库数据持久化卷 mysql-data-prod: driver: local driver_opts: type: none o: bind device: ${MYSQL_DATA_PATH:-./data/mysql} # 数据库日志卷 mysql-logs-prod: driver: local driver_opts: type: none o: bind device: ${MYSQL_LOG_PATH:-./log/mysql} # 后端应用日志卷 backend-logs-prod: driver: local driver_opts: type: none o: bind device: ${BACKEND_LOG_PATH:-./log/backend} # 后端文件上传卷 backend-uploads-prod: driver: local driver_opts: type: none o: bind device: ${BACKEND_UPLOAD_PATH:-./data/uploads} # 前端Nginx日志卷 frontend-logs-prod: driver: local driver_opts: type: none o: bind device: ${FRONTEND_LOG_PATH:-./log/nginx}