fix: Docker 生产部署构建上下文 — 统一 Dockerfile 从仓库根复制 shared pkg
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,27 @@
|
||||
# ========== Cyrene 生产环境 Docker 部署配置 ==========
|
||||
# 复制此文件为 .docker.env 并填入真实值
|
||||
# cp .docker.env.example .docker.env
|
||||
# 使用方式: docker compose --env-file .docker.env up -d
|
||||
|
||||
# ========== LLM API(必填) ==========
|
||||
LLM_API_URL=https://api.openai.com/v1
|
||||
LLM_API_KEY=sk-xxxxx
|
||||
LLM_MODEL=gpt-4o
|
||||
LLM_FALLBACK_MODEL=gpt-4o-mini
|
||||
|
||||
# ========== 数据库密码 ==========
|
||||
POSTGRES_PASSWORD=change-me-to-random-password
|
||||
|
||||
# ========== JWT ==========
|
||||
JWT_SECRET=change-me-to-random-secret-string
|
||||
JWT_EXPIRY_HOURS=720
|
||||
|
||||
# ========== Redis ==========
|
||||
REDIS_PASSWORD=
|
||||
|
||||
# ========== MinIO 对象存储 ==========
|
||||
MINIO_ACCESS_KEY=minioadmin
|
||||
MINIO_SECRET_KEY=change-me-to-random-password
|
||||
|
||||
# ========== Caddy / ACME(有域名时填写) ==========
|
||||
ACME_EMAIL=admin@example.com
|
||||
@@ -43,6 +43,7 @@ nginx-ssl.conf
|
||||
|
||||
# ========== 环境与敏感配置 ==========
|
||||
.env
|
||||
.docker.env
|
||||
backend/.env
|
||||
models.json
|
||||
thinking_schedule.json
|
||||
|
||||
@@ -5,14 +5,14 @@ RUN apk add --no-cache git ca-certificates
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 复制 go.mod/go.sum 并下载依赖(利用 Docker 缓存层)
|
||||
COPY go.mod go.sum ./
|
||||
# 复制服务代码 + 共享 pkg(保持目录结构以匹配 go.mod replace 路径)
|
||||
COPY backend/ai-core/ ./backend/ai-core/
|
||||
COPY backend/pkg/ ./backend/pkg/
|
||||
|
||||
WORKDIR /app/backend/ai-core
|
||||
RUN go mod download
|
||||
|
||||
# 复制源代码
|
||||
COPY . .
|
||||
|
||||
# 编译 (静态链接,适配 Alpine)
|
||||
# 编译 (静态链接)
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /ai-core ./cmd/main.go
|
||||
|
||||
# ========== 运行阶段 ==========
|
||||
@@ -24,13 +24,9 @@ RUN apk add --no-cache ca-certificates tzdata && \
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 从构建阶段复制二进制文件
|
||||
COPY --from=builder /ai-core .
|
||||
COPY --from=builder /app/backend/ai-core/internal/persona/ ./internal/persona/
|
||||
|
||||
# 复制人格配置文件 (运行时可能热加载)
|
||||
COPY --from=builder /app/internal/persona/ ./internal/persona/
|
||||
|
||||
# 非 root 用户
|
||||
RUN adduser -D -H cyrene
|
||||
USER cyrene
|
||||
|
||||
|
||||
@@ -5,12 +5,12 @@ RUN apk add --no-cache git ca-certificates
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 复制 go.mod/go.sum 并下载依赖
|
||||
COPY go.mod go.sum ./
|
||||
RUN go mod download
|
||||
# 复制服务代码 + 共享 pkg(保持目录结构以匹配 go.mod replace 路径)
|
||||
COPY backend/gateway/ ./backend/gateway/
|
||||
COPY backend/pkg/ ./backend/pkg/
|
||||
|
||||
# 复制源代码
|
||||
COPY . .
|
||||
WORKDIR /app/backend/gateway
|
||||
RUN go mod download
|
||||
|
||||
# 编译 (静态链接)
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /gateway ./cmd/main.go
|
||||
@@ -24,10 +24,8 @@ RUN apk add --no-cache ca-certificates tzdata && \
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 从构建阶段复制二进制文件
|
||||
COPY --from=builder /gateway .
|
||||
|
||||
# 非 root 用户
|
||||
RUN adduser -D -H cyrene
|
||||
USER cyrene
|
||||
|
||||
|
||||
@@ -5,14 +5,14 @@ RUN apk add --no-cache git ca-certificates
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 复制 go.mod 并下载依赖(利用 Docker 缓存层)
|
||||
COPY go.mod ./
|
||||
# 复制服务代码 + 共享 pkg(保持目录结构以匹配 go.mod replace 路径)
|
||||
COPY backend/iot-debug-service/ ./backend/iot-debug-service/
|
||||
COPY backend/pkg/ ./backend/pkg/
|
||||
|
||||
WORKDIR /app/backend/iot-debug-service
|
||||
RUN go mod download
|
||||
|
||||
# 复制源代码
|
||||
COPY . .
|
||||
|
||||
# 编译 (静态链接,适配 Alpine)
|
||||
# 编译 (静态链接)
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /iot-debug-service ./cmd/main.go
|
||||
|
||||
# ========== 运行阶段 ==========
|
||||
@@ -24,10 +24,8 @@ RUN apk add --no-cache ca-certificates tzdata && \
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 从构建阶段复制二进制文件
|
||||
COPY --from=builder /iot-debug-service .
|
||||
|
||||
# 非 root 用户
|
||||
RUN adduser -D -H cyrene
|
||||
USER cyrene
|
||||
|
||||
|
||||
@@ -1,19 +1,37 @@
|
||||
# Build stage
|
||||
# ========== 构建阶段 ==========
|
||||
FROM golang:1.26-alpine AS builder
|
||||
|
||||
WORKDIR /app
|
||||
COPY go.mod go.sum ./
|
||||
RUN go mod download
|
||||
COPY . .
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -o /memory-service ./cmd/
|
||||
RUN apk add --no-cache git ca-certificates
|
||||
|
||||
# Runtime stage
|
||||
WORKDIR /app
|
||||
|
||||
# 复制服务代码 + 共享 pkg(保持目录结构以匹配 go.mod replace 路径)
|
||||
COPY backend/memory-service/ ./backend/memory-service/
|
||||
COPY backend/pkg/ ./backend/pkg/
|
||||
|
||||
WORKDIR /app/backend/memory-service
|
||||
RUN go mod download
|
||||
|
||||
# 编译 (静态链接)
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /memory-service ./cmd/
|
||||
|
||||
# ========== 运行阶段 ==========
|
||||
FROM alpine:3.21
|
||||
|
||||
RUN apk --no-cache add ca-certificates
|
||||
RUN apk add --no-cache ca-certificates tzdata && \
|
||||
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
|
||||
echo "Asia/Shanghai" > /etc/timezone
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
COPY --from=builder /memory-service .
|
||||
|
||||
RUN adduser -D -H cyrene
|
||||
USER cyrene
|
||||
|
||||
EXPOSE 8091
|
||||
|
||||
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
||||
CMD wget --no-verbose --tries=1 --spider http://localhost:8091/api/v1/health || exit 1
|
||||
|
||||
ENTRYPOINT ["./memory-service"]
|
||||
|
||||
@@ -5,14 +5,14 @@ RUN apk add --no-cache git ca-certificates
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 复制 go.mod 并下载依赖(利用 Docker 缓存层)
|
||||
COPY go.mod ./
|
||||
# 复制服务代码 + 共享 pkg(保持目录结构以匹配 go.mod replace 路径)
|
||||
COPY backend/voice-service/ ./backend/voice-service/
|
||||
COPY backend/pkg/ ./backend/pkg/
|
||||
|
||||
WORKDIR /app/backend/voice-service
|
||||
RUN go mod download
|
||||
|
||||
# 复制源代码
|
||||
COPY . .
|
||||
|
||||
# 编译 (静态链接,适配 Alpine)
|
||||
# 编译 (静态链接)
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /voice-service ./cmd/main.go
|
||||
|
||||
# ========== 运行阶段 ==========
|
||||
@@ -24,10 +24,8 @@ RUN apk add --no-cache ca-certificates tzdata && \
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# 从构建阶段复制二进制文件
|
||||
COPY --from=builder /voice-service .
|
||||
|
||||
# 非 root 用户
|
||||
RUN adduser -D -H cyrene
|
||||
USER cyrene
|
||||
|
||||
|
||||
+15
-5
@@ -29,7 +29,9 @@ services:
|
||||
# ========== 后端服务 ==========
|
||||
gateway:
|
||||
container_name: cyrene_gateway
|
||||
build: ./backend/gateway
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./backend/gateway/Dockerfile
|
||||
environment:
|
||||
GATEWAY_PORT: "8080"
|
||||
ENV: production
|
||||
@@ -56,7 +58,9 @@ services:
|
||||
|
||||
ai-core:
|
||||
container_name: cyrene_ai_core
|
||||
build: ./backend/ai-core
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./backend/ai-core/Dockerfile
|
||||
environment:
|
||||
AI_CORE_PORT: "8081"
|
||||
PERSONA_DIR: "./internal/persona"
|
||||
@@ -77,7 +81,9 @@ services:
|
||||
|
||||
memory-service:
|
||||
container_name: cyrene_memory_service
|
||||
build: ./backend/memory-service
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./backend/memory-service/Dockerfile
|
||||
environment:
|
||||
PORT: "8091"
|
||||
POSTGRES_HOST: postgres
|
||||
@@ -92,7 +98,9 @@ services:
|
||||
|
||||
voice-service:
|
||||
container_name: cyrene_voice_service
|
||||
build: ./backend/voice-service
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./backend/voice-service/Dockerfile
|
||||
environment:
|
||||
PORT: "8093"
|
||||
WHISPER_BINARY: "./whisper.cpp/main"
|
||||
@@ -102,7 +110,9 @@ services:
|
||||
|
||||
iot-debug-service:
|
||||
container_name: cyrene_iot_debug_service
|
||||
build: ./backend/iot-debug-service
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./backend/iot-debug-service/Dockerfile
|
||||
environment:
|
||||
IOT_DEBUG_PORT: "8083"
|
||||
restart: unless-stopped
|
||||
|
||||
Reference in New Issue
Block a user