优化docker容器

2026-03-17 10:29:22 +08:00
parent 8acb8a3d2a
commit 38e8ace5ae
6 changed files with 138 additions and 232 deletions
--- a/backend/.dockerignore
+++ b/backend/.dockerignore
@@ -0,0 +1,8 @@
 venv/
 __pycache__/
 *.pyc
 .pytest_cache/
 .env
 .env.local
 *.db
 tests/
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -1,103 +1,51 @@
-# Base stage for all Python services
+# ============================================================
 #  Weibo-HotSign Backend Multi-Stage Dockerfile
 #  构建目标: auth-service, api-service
 # ============================================================
 # ---- 基础层 ----
 FROM python:3.11-slim AS base
 # Set working directory
 WORKDIR /app
-# Install common system dependencies for MySQL
+RUN apt-get update && apt-get install -y --no-install-recommends \
-RUN apt-get update && apt-get install -y \
+    gcc default-libmysqlclient-dev curl \
    gcc \
    default-libmysqlclient-dev \
    && rm -rf /var/lib/apt/lists/*
 # Copy and install unified requirements
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
-# Create non-root user for security
+# 复制共享模块
 COPY shared/ ./shared/
 RUN groupadd -r appuser && useradd -r -g appuser appuser
-# --- API Gateway Service Stage ---
+# ---- Auth Service ----
-FROM base AS api_gateway
+FROM base AS auth-service
-# Copy shared module
+COPY auth_service/ ./auth_service/
 COPY shared/ ./shared/
-# Copy application code
+ENV PYTHONPATH=/app
 COPY api_service/app/ ./app/
 # Switch to non-root user
 USER appuser
 EXPOSE 8001
-# Expose port
+HEALTHCHECK --interval=30s --timeout=10s --retries=3 \
    CMD curl -f http://localhost:8001/health || exit 1
 CMD ["uvicorn", "auth_service.app.main:app", "--host", "0.0.0.0", "--port", "8001"]
 # ---- API Service ----
 FROM base AS api-service
 COPY api_service/ ./api_service/
 ENV PYTHONPATH=/app
 USER appuser
 EXPOSE 8000
-# Health check
+HEALTHCHECK --interval=30s --timeout=10s --retries=3 \
 HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
    CMD curl -f http://localhost:8000/health || exit 1
-# Start application
+CMD ["uvicorn", "api_service.app.main:app", "--host", "0.0.0.0", "--port", "8000"]
 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
 # --- Auth Service Stage ---
 FROM base AS auth_service
 # Copy shared module
 COPY shared/ ./shared/
 # Copy application code
 COPY auth_service/app/ ./app/
 # Switch to non-root user
 USER appuser
 # Expose port
 EXPOSE 8000
 # Health check
 HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
    CMD curl -f http://localhost:8000/health || exit 1
 # Start application
 CMD ["python", "-m", "app.main"]
 # --- Task Scheduler Service Stage ---
 FROM base AS task_scheduler
 # Copy shared module
 COPY shared/ ./shared/
 # Copy application code
 COPY task_scheduler/app/ ./app/
 # Switch to non-root user
 USER appuser
 # Start Celery Beat scheduler
 CMD ["celery", "-A", "app.celery_app", "beat", "--loglevel=info"]
 # --- Sign-in Executor Service Stage ---
 FROM base AS signin_executor
 # Copy shared module
 COPY shared/ ./shared/
 # Copy application code
 COPY signin_executor/app/ ./app/
 # Switch to non-root user
 USER appuser
 # Expose port
 EXPOSE 8000
 # Health check
 HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
    CMD curl -f http://localhost:8000/health || exit 1
 # Start application
 CMD ["python", "-m", "app.main"]
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,170 +1,85 @@
 version: '3.8'
 # ============================================================
 #  Weibo-HotSign Docker Compose
 #  使用方式:
 #    1. 填写下方 x-db-env 中的 MySQL/Redis 密码
 #    2. docker-compose up -d --build
 #    3. 访问 http://localhost:5000
 # ============================================================
 # 共享环境变量（避免重复）
 x-db-env: &db-env
  DATABASE_URL: "mysql+aiomysql://weibo:123456@host.docker.internal:3306/weibo_hotsign?charset=utf8mb4"
  REDIS_URL: "redis://:123456@host.docker.internal:6379/0"
  USE_REDIS: "true"
  JWT_SECRET_KEY: "change-me-to-a-random-string-in-production"
  JWT_ALGORITHM: "HS256"
  JWT_EXPIRATION_HOURS: "24"
  COOKIE_ENCRYPTION_KEY: "change-me-to-a-32byte-key-prod!"
  WX_APPID: ""
  WX_SECRET: ""
  ENVIRONMENT: "production"
 services:
-  # Redis缓存服务
+  # 认证服务 (端口 8001)
-  redis:
+  auth-service:
-    image: redis:7-alpine
+    build:
-    container_name: weibo-redis
+      context: ./backend
      dockerfile: Dockerfile
      target: auth-service
    container_name: weibo-auth
    restart: unless-stopped
    ports:
-      - "6379:6379"
+      - "8001:8001"
-    volumes:
+    environment:
-      - redis_data:/data
+      <<: *db-env
    extra_hosts:
      - "host.docker.internal:host-gateway"
    networks:
-      - weibo-network
+      - weibo-net
-  # Nginx反向代理
+  # API 服务 (端口 8000)
-  nginx:
+  api-service:
-    image: nginx:alpine
+    build:
-    container_name: weibo-nginx
+      context: ./backend
      dockerfile: Dockerfile
      target: api-service
    container_name: weibo-api
    restart: unless-stopped
    ports:
-      - "80:80"
+      - "8000:8000"
-      - "443:443"
+    environment:
-    volumes:
+      <<: *db-env
-      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
+    extra_hosts:
-      - ./nginx/ssl:/etc/nginx/ssl
+      - "host.docker.internal:host-gateway"
    depends_on:
-      - api-gateway
+      - auth-service
      - frontend
    networks:
-      - weibo-network
+      - weibo-net
-  # 前端React应用
+  # Flask 前端 (端口 5000)
  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
    container_name: weibo-frontend
    restart: unless-stopped
    ports:
-      - "3000:3000"
+      - "5000:5000"
    environment:
-      - REACT_APP_API_BASE_URL=http://localhost/api/v1
+      FLASK_ENV: "production"
      FLASK_DEBUG: "False"
      SECRET_KEY: "change-me-flask-secret-key"
      API_BASE_URL: "http://api-service:8000"
      AUTH_BASE_URL: "http://auth-service:8001"
      SESSION_TYPE: "filesystem"
    depends_on:
-      - api-gateway
+      - api-service
      - auth-service
    networks:
-      - weibo-network
+      - weibo-net
  # API网关和主API服务
  api-gateway:
    build:
      context: ./backend
      dockerfile: Dockerfile
      target: api_gateway
    container_name: weibo-api-gateway
    ports:
      - "8000:8000"
    environment:
      - DATABASE_URL=mysql+aiomysql://weibo:123456789@XX.XX.XX.XX/weibo
      - REDIS_URL=redis://redis:6379
      - JWT_SECRET_KEY=your-super-secret-jwt-key-here
      - ENVIRONMENT=development
    depends_on:
      - redis
    networks:
      - weibo-network
  # 认证服务
  auth-service:
    build:
      context: ./backend
      dockerfile: Dockerfile
      target: auth_service
    container_name: weibo-auth-service
    ports:
      - "8001:8000"
    environment:
      - DATABASE_URL=mysql+aiomysql://weibo:123456789@XX.XX.XX.XX/weibo
      - JWT_SECRET_KEY=your-super-secret-jwt-key-here
    networks:
      - weibo-network
  # 任务调度服务
  task-scheduler:
    build:
      context: ./backend
      dockerfile: Dockerfile
      target: task_scheduler
    container_name: weibo-task-scheduler
    environment:
      - DATABASE_URL=mysql+aiomysql://weibo:123456789@XX.XX.XX.XX/weibo
      - REDIS_URL=redis://redis:6379
    depends_on:
      - redis
    networks:
      - weibo-network
  # 签到执行Worker
  signin-executor:
    build:
      context: ./backend
      dockerfile: Dockerfile
      target: signin_executor
    container_name: weibo-signin-executor
    environment:
      - DATABASE_URL=mysql+aiomysql://weibo:123456789@XX.XX.XX.XX/weibo
      - REDIS_URL=redis://redis:6379
      - PROXY_POOL_URL=http://proxy-pool:8080
      - BROWSER_AUTOMATION_URL=http://browser-automation:3001
    depends_on:
      - redis
    networks:
      - weibo-network
  # 通知中心服务
  notification-hub:
    build:
      context: ./backend/notification_hub
      dockerfile: Dockerfile
    container_name: weibo-notification-hub
    ports:
      - "8002:8000"
    environment:
      - REDIS_URL=redis://redis:6379
    depends_on:
      - redis
    networks:
      - weibo-network
  # 浏览器自动化服务
  browser-automation:
    build:
      context: ./backend/browser_automation_service
      dockerfile: Dockerfile
    container_name: weibo-browser-automation
    ports:
      - "3001:3000"
    environment:
      - PLAYWRIGHT_BROWSERS_PATH=/app/browsers
    volumes:
      - browser_data:/app/browsers
    networks:
      - weibo-network
  # 代理池管理器
  proxy-pool:
    build:
      context: ./elk-stack/proxy_pool
      dockerfile: Dockerfile
    container_name: weibo-proxy-pool
    ports:
      - "8080:8080"
    networks:
      - weibo-network
  # 浏览器指纹生成器
  fingerprint-generator:
    build:
      context: ./browser_fingerprint_generator
      dockerfile: Dockerfile
    container_name: weibo-fingerprint-generator
    ports:
      - "8081:8080"
    networks:
      - weibo-network
 volumes:
  redis_data:
  browser_data:
 networks:
-  weibo-network:
+  weibo-net:
    driver: bridge
--- a/frontend/.dockerignore
+++ b/frontend/.dockerignore
@@ -0,0 +1,5 @@
 venv/
 __pycache__/
 *.pyc
 flask_session/
 .env
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@@ -0,0 +1,29 @@
 # ============================================================
 #  Weibo-HotSign Frontend Dockerfile (Flask)
 # ============================================================
 FROM python:3.11-slim
 WORKDIR /app
 RUN apt-get update && apt-get install -y --no-install-recommends curl \
    && rm -rf /var/lib/apt/lists/*
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
 COPY . .
 # 创建 flask_session 目录
 RUN mkdir -p flask_session
 RUN groupadd -r appuser && useradd -r -g appuser appuser \
    && chown -R appuser:appuser /app
 USER appuser
 EXPOSE 5000
 HEALTHCHECK --interval=30s --timeout=10s --retries=3 \
    CMD curl -f http://localhost:5000/ || exit 1
 CMD ["python", "app.py"]
--- a/frontend/app.py
+++ b/frontend/app.py
@@ -911,5 +911,6 @@ def server_error(error):
    return render_template('500.html'), 500
 if __name__ == '__main__':
    debug_mode = os.getenv('FLASK_DEBUG', 'True').lower() in ('true', '1', 'yes')
    # use_reloader=False 避免 Windows 终端 QuickEdit 模式导致进程挂起
-    app.run(debug=True, port=5000, use_reloader=False)
+    app.run(host='0.0.0.0', debug=debug_mode, port=5000, use_reloader=False)