feat: 重构配置文件同步流程

- 将配置文件同步步骤从脚本改为使用，简化了部署过程 - 新增备份现有配置和生成新的及文件的逻辑 - 提升了配置文件的管理和部署效率此更改优化了生产环境的配置文件处理流程。
2025-07-16 15:17:07 +08:00
parent 840df2fb3c
commit 964126953a
1 changed files with 137 additions and 22 deletions
--- a/.gitea/workflows/deploy-backend.yml
+++ b/.gitea/workflows/deploy-backend.yml
@ -157,28 +157,143 @@ jobs:
          fi

      - name: 📦 同步配置文件
-        run: |
-          # 使用国内镜像源安装sshpass
-          echo "🔄 使用国内镜像源..."
-          sudo sed -i 's|http://.*.ubuntu.com|https://mirrors.aliyun.com|g' /etc/apt/sources.list
-          sudo apt-get update -o Acquire::Retries=3 -o Acquire::http::Timeout=30
-          sudo apt-get install -y --allow-unauthenticated sshpass
-          
-          # 同步配置文件到服务器
-          echo "📋 同步配置文件到服务器..."
-          export SSHPASS=${{ secrets.TYY_PWD }}
-          sshpass -e scp -o StrictHostKeyChecking=no -P ${{ secrets.PORT }} backend/docker-compose.prod.yml ${{ secrets.TYY_USER }}@${{ secrets.HOST }}:/data/docker/photography/backend/docker-compose.yml
-          
-          # 创建生产环境配置文件
-          echo "📋 创建生产环境配置..."
-          sed -e "s/DB_USER=.*/DB_USER=${{ secrets.POSTGRES_PHOTO_USER }}/" \
-              -e "s/DB_PASSWORD=.*/DB_PASSWORD=${{ secrets.POSTGRES_PHOTO_PWD }}/" \
-              -e "s/DB_HOST=.*/DB_HOST=localhost/" \
-              -e "s/APP_ENV=.*/APP_ENV=production/" \
-              backend/.env.example > /tmp/production.env
-          
-          sshpass -e scp -o StrictHostKeyChecking=no -P ${{ secrets.PORT }} /tmp/production.env ${{ secrets.TYY_USER }}@${{ secrets.HOST }}:/data/docker/photography/backend/.env
-          echo "✅ 配置文件同步完成"
+        uses: appleboy/ssh-action@v1.0.0
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.TYY_USER }}
+          password: ${{ secrets.TYY_PWD }}
+          port: ${{ secrets.PORT }}
+          script: |
+            echo "📦 开始同步配置文件..."
+            
+            # 创建目录
+            mkdir -p /data/docker/photography/backend
+            cd /data/docker/photography/backend
+            
+            # 备份现有配置
+            if [ -f docker-compose.yml ]; then
+              cp docker-compose.yml docker-compose.yml.backup.$(date +%Y%m%d-%H%M%S)
+              echo "📋 已备份现有配置"
+            fi
+            
+            # 生成新的配置文件
+            cat > docker-compose.yml << 'EOF'
+            # Photography Portfolio Backend - Production Docker Compose
+            # 生产环境配置 - 使用现有 PostgreSQL 和 Redis 服务
+
+            services:
+              # 后端API服务 (仅API服务，无数据库)
+              api:
+                image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
+                container_name: photography-api
+                environment:
+                  # 数据库配置 (连接现有服务)
+                  DB_HOST: localhost
+                  DB_PORT: 5432
+                  DB_NAME: photography
+                  DB_USER: ${{ secrets.POSTGRES_PHOTO_USER }}
+                  DB_PASSWORD: ${{ secrets.POSTGRES_PHOTO_PWD }}
+                  DB_SSL_MODE: disable
+                  
+                  # Redis配置 (连接现有服务)
+                  REDIS_HOST: localhost
+                  REDIS_PORT: 6379
+                  REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD }}
+                  REDIS_DB: 0
+                  
+                  # JWT配置
+                  JWT_SECRET: ${{ secrets.JWT_SECRET }}
+                  JWT_EXPIRE: 24h
+                  
+                  # 服务配置
+                  APP_ENV: production
+                  APP_PORT: 8080
+                  APP_HOST: 0.0.0.0
+                  
+                  # CORS配置
+                  CORS_ORIGINS: https://photography.iriver.top
+                  
+                  # 文件上传配置
+                  UPLOAD_PATH: /app/uploads
+                  UPLOAD_MAX_SIZE: 10485760
+                  
+                  # 日志配置
+                  LOG_LEVEL: info
+                  LOG_FORMAT: json
+                ports:
+                  - "8080:8080"
+                networks:
+                  - app_network
+                volumes:
+                  - uploads_data:/app/uploads
+                  - logs_data:/app/logs
+                restart: unless-stopped
+                healthcheck:
+                  test: ["CMD", "/usr/local/bin/health-check.sh"]
+                  interval: 30s
+                  timeout: 10s
+                  retries: 3
+                  start_period: 10s
+
+              # 数据库迁移服务 (一次性运行)
+              migrate:
+                image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
+                container_name: photography-migrate
+                environment:
+                  DB_HOST: localhost
+                  DB_PORT: 5432
+                  DB_NAME: photography
+                  DB_USER: ${{ secrets.POSTGRES_PHOTO_USER }}
+                  DB_PASSWORD: ${{ secrets.POSTGRES_PHOTO_PWD }}
+                  DB_SSL_MODE: disable
+                entrypoint: ["/migrate", "up"]
+                restart: "no"
+
+            volumes:
+              uploads_data:
+                driver: local
+              logs_data:
+                driver: local
+
+            networks:
+              app_network:
+                external: true
+            EOF
+            
+            # 创建环境变量文件
+            cat > .env << 'EOF'
+            # 生产环境配置
+            DB_HOST=localhost
+            DB_PORT=5432
+            DB_NAME=photography
+            DB_USER=${{ secrets.POSTGRES_PHOTO_USER }}
+            DB_PASSWORD=${{ secrets.POSTGRES_PHOTO_PWD }}
+            DB_SSL_MODE=disable
+            
+            REDIS_HOST=localhost
+            REDIS_PORT=6379
+            REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
+            REDIS_DB=0
+            
+            JWT_SECRET=${{ secrets.JWT_SECRET }}
+            JWT_EXPIRE=24h
+            
+            APP_ENV=production
+            APP_PORT=8080
+            APP_HOST=0.0.0.0
+            
+            CORS_ORIGINS=https://photography.iriver.top
+            
+            UPLOAD_PATH=/app/uploads
+            UPLOAD_MAX_SIZE=10485760
+            
+            LOG_LEVEL=info
+            LOG_FORMAT=json
+            EOF
+            
+            echo "✅ 配置文件同步完成"
+            echo "📋 已部署以下文件："
+            ls -la /data/docker/photography/backend/

      - name: 🚀 部署到生产环境
        uses: appleboy/ssh-action@v1.0.0