scottpan/integral-resell
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: scottpan:byhlc112
Branches Tags
scottpan:main scottpan:bygsf212 scottpan:sqszx202 scottpan:byhlc112 scottpan:czleilei240 scottpan:sxsy80 scottpan:czcf82 scottpan:czrt6 scottpan:czc231 scottpan:hapr191
...
pull from: scottpan:sqszx202
Branches Tags
scottpan:bygsf212 scottpan:sqszx202 scottpan:byhlc112 scottpan:czleilei240 scottpan:sxsy80 scottpan:czcf82 scottpan:czrt6 scottpan:czc231 scottpan:hapr191 scottpan:main

1 Commits
byhlc112 ... sqszx202

Author SHA1 Message Date
danaisuiyuan
854ec653a2 chore: add sqszx202 deployment config 2026-06-14 19:06:06 +08:00
46 changed files with 2855 additions and 11 deletions
Expand all files Collapse all files

79
deploy/docker/.env.example Normal file
View File

@@ -0,0 +1,79 @@
# ============================================================
# Docker 部署环境变量模板
# 使用方法: cp .env.example .env 然后按实际填写
# 注意: .env 切勿提交到 git
# ============================================================
# ---------- 基础 ----------
TZ=Asia/Shanghai
COMPOSE_PROJECT_NAME=integral-shop-sqszx202
# ---------- 阿里云 RDS for MySQL ----------
# 外网地址(与 59.110.91.202 同地域 VPC 时建议改为内网地址,更快更安全)
RDS_HOST=rm-bp1a178eq62lxba9xbo.mysql.rds.aliyuncs.com
RDS_PORT=3306
# 寄卖商城Webman PHP 后端)
RDS_INTEGRAL_DB=sqszx202
RDS_INTEGRAL_USER=yangtangyoupin
RDS_INTEGRAL_PASS=change-me
# 积分商城Spring Boot 后端) — 与寄卖商城共库共账号
RDS_SINGLE_DB=sqszx202
RDS_SINGLE_USER=yangtangyoupin
RDS_SINGLE_PASS=change-me
# ---------- 容器内 Redis ----------
REDIS_PASSWORD=change-me-redis
# 三个业务各自的 db 序号,建议互不冲突
REDIS_INTEGRAL_DB=0
REDIS_SINGLE_ADMIN_DB=25
REDIS_SINGLE_FRONT_DB=26
# 是否把 Redis 端口暴露到宿主机(生产建议不暴露,留空字符串即可关闭)
REDIS_HOST_PORT=6379
# ---------- 寄卖商城 H5 configs.js 注入 ----------
# 用户浏览器访问到的 API/图片/H5 域名(必须为外网可达 URL
INTEGRAL_API_PUBLIC_URL=https://admin.j3s4s5.com
INTEGRAL_IMG_PUBLIC_URL=https://admin.j3s4s5.com
INTEGRAL_H5_PUBLIC_URL=https://j3s4s5.com/
# 业务标识sn_id数字、appStr与寄卖商城 APP_SECRET 必须一致)
INTEGRAL_SN_ID=17533260260612
INTEGRAL_APP_STR=ZFyTNQTWEkCBczKzyUDJWE9Ecx260612
INTEGRAL_TITLE=宿迁盛泽鑫商贸
INTEGRAL_CONTRACT_PAGE=10012
# ---------- 寄卖商城 Webman 后端短信 / OSS ----------
# 不用就保持空值;启用时填写真实凭证(也可直接编辑 integral-resell/.env 文件)
SMS_CHANNEL=alibaba
SMS_SIGNNAME=宿迁盛泽鑫商贸
SMS_TEMPLATE=SMS_335105539
SMS_KEYID=LTAI5t6PReihGTE4zGJk1Sxa
SMS_KEYSECRET=rzFeYQ21VOIwf0wAnxYcY10uPjoiJ4
# OSS_TYPE=public 表示用本地 public/uploadoss 表示走阿里云 OSS
FILE_STORAGE=public
OSS_ACCESS_ID=
OSS_ACCESS_SECRET=
OSS_BUCKET=
OSS_ENDPOINT=
OSS_URL=
# ---------- 积分商城前端构建参数 ----------
# 留空即走与 Nginx 同域 /api/,最佳实践;如要直连后端写完整 URL
SINGLE_ADMIN_BASE_API=
SINGLE_H5_DOMAIN=
# ---------- 积分商城后端 JVM ----------
SINGLE_ADMIN_JAVA_OPTS=-Xms256m -Xmx512m
SINGLE_FRONT_JAVA_OPTS=-Xms256m -Xmx768m
# ---------- 积分商城订单同步(无 MER 时填默认) ----------
SYNC_SOURCE_ID=
SYNC_TARGET_MER_ID=0
# ---------- 宿主机暴露端口(可按需修改) ----------
INTEGRAL_H5_PORT=18080
SINGLE_ADMIN_WEB_PORT=18081
SINGLE_H5_PORT=18082

4
deploy/docker/.gitignore vendored Normal file
View File

@@ -0,0 +1,4 @@
# 部署敏感文件不入库
.env
**/houtai.env
integral-resell/.env

119
deploy/docker/README.md Normal file
View File

@@ -0,0 +1,119 @@
# Docker 部署 — 快速上手
> 详细方案见仓库根目录的 `DOCKER_DEPLOY.md`。本文件只列必要操作。
## 已提供的项目化部署目录
| 项目 | 步骤一 | 步骤二 |
|-----|------|------|
| `czleilei240` 参考模板 | `deploy/docker/step1-integral` | `deploy/docker/step2-single-shop` |
| `sqszx202` | `deploy/docker/step1-integral-sqszx202` | `deploy/docker/step2-single-shop-sqszx202` |
## 1. 准备环境变量
```bash
cd deploy/docker
cp .env.example .env
$EDITOR .env # 填入 RDS / Redis / 域名 等
cp integral-resell/.env.template integral-resell/.env
$EDITOR integral-resell/.env # 寄卖商城 Webman 后端配置
```
## 2. 阿里云 RDS 初始化
在 RDS 控制台新建:
- 寄卖商城库(默认名 `sqszx202`)→ 导入寄卖商城生产备份或初始化 SQL
- 积分商城库(默认名 `sqszx202`)→ 导入 `db/shop22-v2.sql`(或与生产对齐的 `db/jjy153-mysql.sql`
把 Docker 主机出口 IP 加入 RDS 白名单。
## 3. 构建并启动
```bash
# 一次性构建所有镜像(首次 5-15 分钟,含 Maven & Node 拉依赖)
docker compose build
# 后台启动全部服务
docker compose up -d
# 查看状态
docker compose ps
docker compose logs -f single-admin-api
docker compose logs -f single-front-api
docker compose logs -f integral-houtai
```
## 4. 验证
| URL | 期望 |
|-----|------|
| `http://<host>:18080/` | 寄卖商城 H5 首页 |
| `http://<host>:18080/api/...` | 转发到 integral-houtai |
| `http://<host>:18081/` | 积分商城管理后台登录页 |
| `http://<host>:18082/` | 积分商城用户端 H5 |
## 5. 常用运维
```bash
docker compose restart single-admin-api
docker compose build --no-cache single-front-api && docker compose up -d single-front-api
docker compose exec single-admin-api sh
docker compose down # 不删卷
docker compose down -v # 连卷一并删除(**慎用**
```
## 6. 备份卷
```bash
# 在 docker host 上运行
for v in integral-upload single-images redis-data; do
docker run --rm -v $v:/d -v $(pwd):/b alpine \
tar czf /b/${v}-$(date +%F).tgz -C /d .
done
```
## 7. "fast" 模式(跳过前端构建,使用源码已有 dist
如果源码目录里 `backend-adminend/dist``single_uniapp22miao/unpackage/dist/build/` 已经是最新构建产物,可加速:
```bash
docker compose build --build-arg=BUILDKIT_INLINE_CACHE=1 \
--target fast single-admin-web single-h5
```
## 8. 切换为外部 Redis
`.env``REDIS_HOST` 改为外部地址、注释 `docker-compose.yml` 中的 `redis:` 服务即可。Spring Boot 与 Webman 都通过环境变量读取 Redis 地址。
## 9. 远端一键部署59.110.91.202
```bash
cd scripts
cp server.env.example server.env # 已预填 59.110.91.202 / root密码按实际填写
# 首次(推荐):把密码登录换成 SSH key
ssh-copy-id root@59.110.91.202
# 然后把 server.env 里的 SSHPASS 留空或注释掉
# 同步代码并启动
./sync-to-server.sh up
# 同步完成后,若是首次部署还需要先在远端填写 .env
./bootstrap-remote-env.sh
./remote-up.sh ssh
# 远端cd /root/integral-shop/deploy/docker
# vim .env
# vim integral-resell/.env
# 编辑完退出后:
./remote-up.sh up
# 日常运维(本机执行,不用登录服务器)
./remote-up.sh ps
./remote-up.sh logs single-admin-api
./remote-up.sh restart single-front-api
./remote-up.sh build single-admin-web
```
> 用密码模式需要先 `brew install hudochenkov/sshpass/sshpass`macOS
> 用 SSH key 模式则任何依赖都不需要。

187
deploy/docker/docker-compose.yml Normal file
View File

@@ -0,0 +1,187 @@
# =============================================================
# 寄卖商城 + 积分商城 前后端 Docker 编排
# - 不含 MER-2.2 多商户
# - 不含 MySQL使用阿里云 RDS
# - 包含独立 Redis如需用外部 Redis注释掉 redis 服务并修改 REDIS_HOST
# =============================================================
name: integral-shop-sqszx202
x-common: &common
restart: unless-stopped
environment:
TZ: ${TZ:-Asia/Shanghai}
logging:
driver: json-file
options:
max-size: "20m"
max-file: "5"
networks:
inner:
driver: bridge
volumes:
redis-data:
integral-runtime:
integral-upload:
single-images:
single-logs:
services:
# ---------------- Redis ----------------
redis:
<<: *common
image: redis:6.2-alpine
container_name: integral-shop-redis
command: ["redis-server", "/etc/redis/redis.conf", "--requirepass", "${REDIS_PASSWORD}"]
volumes:
- ./redis/redis.conf:/etc/redis/redis.conf:ro
- redis-data:/data
networks: [inner]
# 仅当 REDIS_HOST_PORT 非空时暴露
ports:
- "${REDIS_HOST_PORT:-}:6379"
healthcheck:
test: ["CMD", "redis-cli", "-a", "${REDIS_PASSWORD}", "ping"]
interval: 10s
timeout: 3s
retries: 5
# ---------------- 寄卖商城Webman 后端 ----------------
integral-houtai:
<<: *common
build:
context: ../../integral-resell/houtai
dockerfile: ../../deploy/docker/integral-resell/houtai.Dockerfile
image: integral-shop/integral-houtai:latest
container_name: integral-houtai
networks: [inner]
volumes:
# .env 由宿主机模板渲染挂入容器;编辑此文件即可改 DB / OSS / 短信
- ./integral-resell/.env:/app/.env:ro
- integral-runtime:/app/runtime
- integral-upload:/app/public/upload
depends_on:
redis:
condition: service_healthy
# ---------------- 寄卖商城H5 静态站 ----------------
integral-h5:
<<: *common
build:
context: ../../integral-resell/h5
dockerfile: ../../deploy/docker/integral-resell/h5.Dockerfile
image: integral-shop/integral-h5:latest
container_name: integral-h5
networks: [inner]
environment:
TZ: ${TZ:-Asia/Shanghai}
# 这些会在 entrypoint 中被注入到 static/configs.js
INTEGRAL_TITLE: ${INTEGRAL_TITLE}
INTEGRAL_API_PUBLIC_URL: ${INTEGRAL_API_PUBLIC_URL}
INTEGRAL_IMG_PUBLIC_URL: ${INTEGRAL_IMG_PUBLIC_URL}
INTEGRAL_H5_PUBLIC_URL: ${INTEGRAL_H5_PUBLIC_URL}
INTEGRAL_SN_ID: ${INTEGRAL_SN_ID}
INTEGRAL_APP_STR: ${INTEGRAL_APP_STR}
INTEGRAL_CONTRACT_PAGE: ${INTEGRAL_CONTRACT_PAGE}
ports:
- "${INTEGRAL_H5_PORT:-18080}:80"
depends_on:
- integral-houtai
# ---------------- 积分商城:管理后台 API ----------------
single-admin-api:
<<: *common
build:
context: ../../single-shop-22/backend
dockerfile: ../../deploy/docker/single-shop/admin-api.Dockerfile
image: integral-shop/single-admin-api:latest
container_name: single-admin-api
networks: [inner]
environment:
TZ: ${TZ:-Asia/Shanghai}
JAVA_HEAP_OPTS: ${SINGLE_ADMIN_JAVA_OPTS:--Xms128m -Xmx256m}
SPRING_PROFILES_ACTIVE: docker
SERVER_PORT: "30032"
MYSQL_HOST: ${RDS_HOST}
MYSQL_PORT: ${RDS_PORT:-3306}
MYSQL_DATABASE: ${RDS_SINGLE_DB}
MYSQL_USERNAME: ${RDS_SINGLE_USER}
MYSQL_PASSWORD: ${RDS_SINGLE_PASS}
REDIS_HOST: redis
REDIS_PORT: "6379"
REDIS_PASSWORD: ${REDIS_PASSWORD}
REDIS_DATABASE: ${REDIS_SINGLE_ADMIN_DB:-25}
SYNC_SOURCE_ID: ${SYNC_SOURCE_ID:-}
SYNC_TARGET_MER_ID: ${SYNC_TARGET_MER_ID:-0}
volumes:
- ./single-shop/application-docker.yml:/config/application-docker.yml:ro
- single-images:/usr/local/crmeb/crmebimage
- single-logs:/app/log
depends_on:
redis:
condition: service_healthy
# ---------------- 积分商城:用户端 API ----------------
single-front-api:
<<: *common
build:
context: ../../single-shop-22/backend
dockerfile: ../../deploy/docker/single-shop/front-api.Dockerfile
image: integral-shop/single-front-api:latest
container_name: single-front-api
networks: [inner]
environment:
TZ: ${TZ:-Asia/Shanghai}
JAVA_OPTS: ${SINGLE_FRONT_JAVA_OPTS:--Xms256m -Xmx768m}
SPRING_PROFILES_ACTIVE: docker
SERVER_PORT: "30033"
MYSQL_HOST: ${RDS_HOST}
MYSQL_PORT: ${RDS_PORT:-3306}
MYSQL_DATABASE: ${RDS_SINGLE_DB}
MYSQL_USERNAME: ${RDS_SINGLE_USER}
MYSQL_PASSWORD: ${RDS_SINGLE_PASS}
REDIS_HOST: redis
REDIS_PORT: "6379"
REDIS_PASSWORD: ${REDIS_PASSWORD}
REDIS_DATABASE: ${REDIS_SINGLE_FRONT_DB:-26}
volumes:
- ./single-shop/application-docker.yml:/config/application-docker.yml:ro
- single-images:/usr/local/crmeb/crmebimage
- single-logs:/app/log
depends_on:
redis:
condition: service_healthy
# ---------------- 积分商城:管理后台 Web ----------------
single-admin-web:
<<: *common
build:
context: ../../single-shop-22/backend-adminend
dockerfile: ../../deploy/docker/single-shop/admin-web.Dockerfile
args:
VUE_APP_BASE_API: ${SINGLE_ADMIN_BASE_API:-}
image: integral-shop/single-admin-web:latest
container_name: single-admin-web
networks: [inner]
ports:
- "${SINGLE_ADMIN_WEB_PORT:-18081}:80"
depends_on:
- single-admin-api
# ---------------- 积分商城:用户端 H5 ----------------
single-h5:
<<: *common
build:
context: ../../single-shop-22/single_uniapp22miao
dockerfile: ../../deploy/docker/single-shop/h5.Dockerfile
args:
H5_API_DOMAIN: ${SINGLE_H5_DOMAIN:-}
image: integral-shop/single-h5:latest
container_name: single-h5
networks: [inner]
ports:
- "${SINGLE_H5_PORT:-18082}:80"
depends_on:
- single-front-api

37
deploy/docker/integral-resell/.env.template Normal file
View File

@@ -0,0 +1,37 @@
# =============================================================
# Webman 后端运行时配置 — 宿迁盛泽鑫商贸 sqszx202寄卖商城
# cp .env.template .env 并填入真实密码
# .env 不入库,由 docker-compose volumes: 挂入 /app/.env
# =============================================================
# MySQL阿里云 RDS
DB_HOST = 'rm-bp1a178eq62lxba9xbo.mysql.rds.aliyuncs.com'
DB_PORT = 3306
DB_DATABASE = 'sqszx202'
DB_USERNAME = 'yangtangyoupin'
DB_PASSWORD = 'change-me'
# Redis指向同 compose 内的 redis 容器)
REDIS_HOST = 'redis'
REDIS_PORT = 6379
REDIS_PASSWORD = 'change-me-redis'
# 短信(签名沿用任务单提供的阿里云短信配置)
SMS_CHANNEL = 'alibaba'
SMS_SIGNNAME = '宿迁盛泽鑫商贸'
SMS_TEMPLATE = 'SMS_335105539'
SMS_KEYID = 'LTAI5t6PReihGTE4zGJk1Sxa'
SMS_KEYSECRET = 'rzFeYQ21VOIwf0wAnxYcY10uPjoiJ4'
SMS_SDKAPPID = ''
# OSS不启用则走本地 public/upload
FILE_STORAGE = 'public'
OSS_ACCESS_ID = ''
OSS_ACCESS_SECRET = ''
OSS_BUCKET = ''
OSS_ENDPOINT = ''
OSS_URL = ''
# 业务标识(须与 H5 configs.js 的 sn_id / appStr 以及积分商城 admin 后台一致)
APP_SIGN = '1'
APP_SECRET = 'ZFyTNQTWEkCBczKzyUDJWE9Ecx260612'

83
deploy/docker/integral-resell/h5.Dockerfile Normal file
View File

@@ -0,0 +1,83 @@
# =============================================================
# 寄卖商城 H5 静态站运行时镜像
# 静态文件通过 bind-mount 挂入 /usr/share/nginx/html
# =============================================================
FROM nginx:1.25-alpine
ENV TZ=Asia/Shanghai
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
&& apk add --no-cache tzdata \
&& cp /usr/share/zoneinfo/$TZ /etc/localtime \
&& echo $TZ > /etc/timezone \
&& rm -f /etc/apk/cache/*.apk
RUN cat > /etc/nginx/conf.d/default.conf <<'NGX'
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
client_max_body_size 50m;
location ~* \.(?:js|css|png|jpg|jpeg|gif|svg|woff2?|ttf|map|pdf)$ {
expires 30d;
add_header Cache-Control "public, max-age=2592000";
try_files $uri =404;
}
location /api/ {
proxy_pass http://integral-houtai:8785/api/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location /upload/ {
proxy_pass http://integral-houtai:8785/upload/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location / {
try_files $uri $uri/ /index.html;
}
}
NGX
RUN cat > /docker-entrypoint.d/90-integral-configs.sh <<'SH' \
&& chmod +x /docker-entrypoint.d/90-integral-configs.sh
#!/bin/sh
set -eu
CONFIG_FILE=/usr/share/nginx/html/static/configs.js
js_escape() {
printf '%s' "$1" | awk '{ gsub(/\\/, "\\\\"); gsub("\047", "\\\047"); printf "%s", $0 }'
}
mkdir -p "$(dirname "$CONFIG_FILE")"
cat > "$CONFIG_FILE" <<EOF
window.configs = {
TITLE: '$(js_escape "${INTEGRAL_TITLE:-}")',
BASE_URL: '$(js_escape "${INTEGRAL_API_PUBLIC_URL:-}")/api',
IMG_URL: '$(js_escape "${INTEGRAL_IMG_PUBLIC_URL:-}")',
H5_URL: '$(js_escape "${INTEGRAL_H5_PUBLIC_URL:-}")',
sn_id: ${INTEGRAL_SN_ID:-0},
appStr: '$(js_escape "${INTEGRAL_APP_STR:-}")'
}
EOF
SH
EXPOSE 80

20
deploy/docker/integral-resell/houtai.Dockerfile Normal file
View File

@@ -0,0 +1,20 @@
# =============================================================
# 寄卖商城 Webman 后端运行时镜像
# 应用目录通过 bind-mount 挂入 /app镜像只提供基础运行环境
# =============================================================
FROM alpine:3.19
ENV TZ=Asia/Shanghai
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
&& apk add --no-cache bash curl tzdata ca-certificates \
&& cp /usr/share/zoneinfo/$TZ /etc/localtime \
&& echo $TZ > /etc/timezone \
&& rm -f /etc/apk/cache/*.apk
WORKDIR /app
EXPOSE 8785
CMD ["sh", "-c", "chmod +x /app/webman.bin && exec /app/webman.bin start"]

54
deploy/docker/nginx/admin.lehoo6.com.conf Normal file
View File

@@ -0,0 +1,54 @@
upstream resell_api {
server 127.0.0.1:18085;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name admin.lehoo6.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/admin.lehoo6.com;
include /www/server/panel/vhost/nginx/extension/admin.lehoo6.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/admin.lehoo6.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
location / {
proxy_pass http://resell_api;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
access_log /www/wwwlogs/admin.lehoo6.com.log;
error_log /www/wwwlogs/admin.lehoo6.com.error.log;
}

92
deploy/docker/nginx/jf.lehoo6.com.conf Normal file
View File

@@ -0,0 +1,92 @@
upstream jifenmall_h5 {
server 127.0.0.1:18082;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name jf.lehoo6.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/jf.lehoo6.com;
include /www/server/panel/vhost/nginx/extension/jf.lehoo6.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/jf.lehoo6.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#REWRITE-START
include /www/server/panel/vhost/rewrite/html_jf.lehoo6.com.conf;
#REWRITE-END
location /api/front {
proxy_pass http://127.0.0.1:30033/api/front;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location /api/admin {
proxy_pass http://127.0.0.1:30032/api/admin;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location /api/external {
proxy_pass http://127.0.0.1:30032/api/external;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location ^~ / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://jifenmall_h5;
}
}
access_log /www/wwwlogs/jf.lehoo6.com.log;
error_log /www/wwwlogs/jf.lehoo6.com.error.log;
}

59
deploy/docker/nginx/jfadmin.lehoo6.com.conf Normal file
View File

@@ -0,0 +1,59 @@
upstream jifenmall_admin {
server 127.0.0.1:18081;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name jfadmin.lehoo6.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/jfadmin.lehoo6.com;
include /www/server/panel/vhost/nginx/extension/jfadmin.lehoo6.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/jfadmin.lehoo6.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#REWRITE-START
include /www/server/panel/vhost/rewrite/html_jfadmin.lehoo6.com.conf;
#REWRITE-END
location ^~ / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://jifenmall_admin;
}
}
access_log /www/wwwlogs/jfadmin.lehoo6.com.log;
error_log /www/wwwlogs/jfadmin.lehoo6.com.error.log;
}

55
deploy/docker/nginx/lehoo6.com.conf Normal file
View File

@@ -0,0 +1,55 @@
upstream resell_h5 {
server 127.0.0.1:18080;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name lehoo6.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/lehoo6.com;
include /www/server/panel/vhost/nginx/extension/lehoo6.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/lehoo6.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/lehoo6.com_cert/nginx/lehoo6.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
location ^~ / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://resell_h5;
}
}
access_log /www/wwwlogs/lehoo6.com.log;
error_log /www/wwwlogs/lehoo6.com.error.log;
}

117
deploy/docker/nginx/leilei-jf.czchunfang.com.conf Normal file
View File

@@ -0,0 +1,117 @@
upstream jifenmall_h5 {
server 127.0.0.1:18082;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name leilei-jf.czchunfang.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/leilei-jf.czchunfang.com;
include /www/server/panel/vhost/nginx/extension/leilei-jf.czchunfang.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/leilei-jf.czchunfang.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leilei-jf.czchunfang.com_cert/nginx/leilei-jf.czchunfang.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leilei-jf.czchunfang.com_cert/nginx/leilei-jf.czchunfang.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#REWRITE-START
include /www/server/panel/vhost/rewrite/html_leilei-jf.czchunfang.com.conf;
#REWRITE-END
# ---------- API 直连 Docker 容器(不经 H5 Nginx 中转) ----------
# 前台 API用户端→ single-front-api 容器 30033
location /api/front {
proxy_pass http://127.0.0.1:30033/api/front;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
# 管理后台 API → single-admin-api 容器 30032
location /api/admin {
proxy_pass http://127.0.0.1:30032/api/admin;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
# 外部接口(同 admin-api
location /api/external {
proxy_pass http://127.0.0.1:30032/api/external;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
# ---------- H5 前端静态文件 → Docker single-h5 容器 ----------
location ^~ / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://jifenmall_h5;
}
}
location ~* (\.user.ini|\.htaccess|\.htpasswd|\.env.*|\.project|\.bashrc|\.bash_profile|\.bash_logout|\.DS_Store|\.gitignore|\.gitattributes|LICENSE|README\.md|CLAUDE\.md|CHANGELOG\.md|CHANGELOG|CONTRIBUTING\.md|TODO\.md|FAQ\.md|composer\.json|composer\.lock|package(-lock)?\.json|yarn\.lock|pnpm-lock\.yaml|\.\w+~|\.swp|\.swo|\.bak(up)?|\.old|\.tmp|\.temp|\.log|\.sql(\.gz)?|docker-compose\.yml|docker\.env|Dockerfile|\.csproj|\.sln|Cargo\.toml|Cargo\.lock|go\.mod|go\.sum|phpunit\.xml|phpunit\.xml|pom\.xml|build\.gradl|pyproject\.toml|requirements\.txt|application(-\w+)?\.(ya?ml|properties))$
{ return 404; }
location ~* /(\.git|\.svn|\.bzr|\.vscode|\.claude|\.idea|\.ssh|\.github|\.npm|\.yarn|\.pnpm|\.cache|\.husky|\.turbo|\.next|\.nuxt|node_modules|runtime)/
{ return 404; }
location ~ \.well-known { allow all; }
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
return 403;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d; error_log /dev/null; access_log /dev/null;
}
location ~ .*\.(js|css)?$ {
expires 12h; error_log /dev/null; access_log /dev/null;
}
access_log /www/wwwlogs/leilei-jf.czchunfang.com.log;
error_log /www/wwwlogs/leilei-jf.czchunfang.com.error.log;
}

80
deploy/docker/nginx/leilei-jfadmin.czchunfang.com.conf Normal file
View File

@@ -0,0 +1,80 @@
upstream jifenmall_admin {
server 127.0.0.1:18081;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name leilei-jfadmin.czchunfang.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/leilei-jfadmin.czchunfang.com;
include /www/server/panel/vhost/nginx/extension/leilei-jfadmin.czchunfang.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/leilei-jfadmin.czchunfang.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leilei-jfadmin.czchunfang.com_cert/nginx/leilei-jfadmin.czchunfang.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leilei-jfadmin.czchunfang.com_cert/nginx/leilei-jfadmin.czchunfang.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#REWRITE-START
include /www/server/panel/vhost/rewrite/html_leilei-jfadmin.czchunfang.com.conf;
#REWRITE-END
# ---------- 管理后台静态文件 → Docker single-admin-web 容器 ----------
# 管理后台前端调用的 API 指向 leilei-jf.czchunfang.com与 H5 共用 API 域名)
location ^~ / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://jifenmall_admin;
}
}
location ~* (\.user.ini|\.htaccess|\.htpasswd|\.env.*|\.project|\.bashrc|\.bash_profile|\.bash_logout|\.DS_Store|\.gitignore|\.gitattributes|LICENSE|README\.md|CLAUDE\.md|CHANGELOG\.md|CHANGELOG|CONTRIBUTING\.md|TODO\.md|FAQ\.md|composer\.json|composer\.lock|package(-lock)?\.json|yarn\.lock|pnpm-lock\.yaml|\.\w+~|\.swp|\.swo|\.bak(up)?|\.old|\.tmp|\.temp|\.log|\.sql(\.gz)?|docker-compose\.yml|docker\.env|Dockerfile|\.csproj|\.sln|Cargo\.toml|Cargo\.lock|go\.mod|go\.sum|phpunit\.xml|phpunit\.xml|pom\.xml|build\.gradl|pyproject\.toml|requirements\.txt|application(-\w+)?\.(ya?ml|properties))$
{ return 404; }
location ~* /(\.git|\.svn|\.bzr|\.vscode|\.claude|\.idea|\.ssh|\.github|\.npm|\.yarn|\.pnpm|\.cache|\.husky|\.turbo|\.next|\.nuxt|node_modules|runtime)/
{ return 404; }
location ~ \.well-known { allow all; }
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
return 403;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d; error_log /dev/null; access_log /dev/null;
}
location ~ .*\.(js|css)?$ {
expires 12h; error_log /dev/null; access_log /dev/null;
}
access_log /www/wwwlogs/leilei-jfadmin.czchunfang.com.log;
error_log /www/wwwlogs/leilei-jfadmin.czchunfang.com.error.log;
}

82
deploy/docker/nginx/leilei.czchunfang.com.conf Normal file
View File

@@ -0,0 +1,82 @@
upstream resell_h5 {
server 127.0.0.1:18080;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name leilei.czchunfang.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/leilei.czchunfang.com;
include /www/server/panel/vhost/nginx/extension/leilei.czchunfang.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/leilei.czchunfang.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
#error_page 404/404.html;
#HTTP_TO_HTTPS_START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
#HTTP_TO_HTTPS_END
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leilei.czchunfang.com_cert/nginx/leilei.czchunfang.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leilei.czchunfang.com_cert/nginx/leilei.czchunfang.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#REWRITE-START
include /www/server/panel/vhost/rewrite/html_leilei.czchunfang.com.conf;
#REWRITE-END
# 寄卖商城 H5 → Docker integral-h5 容器(内部已含 /api/ /upload/ 反代到 webman:8785
location ^~ / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://resell_h5;
}
}
location ~* (\.user.ini|\.htaccess|\.htpasswd|\.env.*|\.project|\.bashrc|\.bash_profile|\.bash_logout|\.DS_Store|\.gitignore|\.gitattributes|LICENSE|README\.md|CLAUDE\.md|CHANGELOG\.md|CHANGELOG|CONTRIBUTING\.md|TODO\.md|FAQ\.md|composer\.json|composer\.lock|package(-lock)?\.json|yarn\.lock|pnpm-lock\.yaml|\.\w+~|\.swp|\.swo|\.bak(up)?|\.old|\.tmp|\.temp|\.log|\.sql(\.gz)?|docker-compose\.yml|docker\.env|Dockerfile|\.csproj|\.sln|Cargo\.toml|Cargo\.lock|go\.mod|go\.sum|phpunit\.xml|phpunit\.xml|pom\.xml|build\.gradl|pyproject\.toml|requirements\.txt|application(-\w+)?\.(ya?ml|properties))$
{ return 404; }
location ~* /(\.git|\.svn|\.bzr|\.vscode|\.claude|\.idea|\.ssh|\.github|\.npm|\.yarn|\.pnpm|\.cache|\.husky|\.turbo|\.next|\.nuxt|node_modules|runtime)/
{ return 404; }
location ~ \.well-known { allow all; }
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
return 403;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d; error_log /dev/null; access_log /dev/null;
}
location ~ .*\.(js|css)?$ {
expires 12h; error_log /dev/null; access_log /dev/null;
}
access_log /www/wwwlogs/leilei.czchunfang.com.log;
error_log /www/wwwlogs/leilei.czchunfang.com.error.log;
}

82
deploy/docker/nginx/leileiadmin.czchunfang.com.conf Normal file
View File

@@ -0,0 +1,82 @@
upstream resell_api {
server 127.0.0.1:18085;
keepalive 10240;
}
server
{
listen 80;
listen 443 ssl http2;
server_name leileiadmin.czchunfang.com;
index index.html index.htm default.htm default.html;
root /www/wwwroot/leileiadmin.czchunfang.com;
include /www/server/panel/vhost/nginx/extension/leileiadmin.czchunfang.com/*.conf;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/leileiadmin.czchunfang.com.conf;
#CERT-APPLY-CHECK--END
#SSL-START
#error_page 404/404.html;
#HTTP_TO_HTTPS_START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
#HTTP_TO_HTTPS_END
ssl_certificate /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leileiadmin.czchunfang.com_cert/nginx/leileiadmin.czchunfang.com.pem;
ssl_certificate_key /www/wwwroot/integral-shop/deploy/docker/ssl-cert/leileiadmin.czchunfang.com_cert/nginx/leileiadmin.czchunfang.com.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#REWRITE-START
include /www/server/panel/vhost/rewrite/html_leileiadmin.czchunfang.com.conf;
#REWRITE-END
# 寄卖商城后台 API → Docker integral-houtai 容器webman.bin 写死端口 8785
location ^~ / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
if (!-f $request_filename) {
proxy_pass http://resell_api;
}
}
location ~* (\.user.ini|\.htaccess|\.htpasswd|\.env.*|\.project|\.bashrc|\.bash_profile|\.bash_logout|\.DS_Store|\.gitignore|\.gitattributes|LICENSE|README\.md|CLAUDE\.md|CHANGELOG\.md|CHANGELOG|CONTRIBUTING\.md|TODO\.md|FAQ\.md|composer\.json|composer\.lock|package(-lock)?\.json|yarn\.lock|pnpm-lock\.yaml|\.\w+~|\.swp|\.swo|\.bak(up)?|\.old|\.tmp|\.temp|\.log|\.sql(\.gz)?|docker-compose\.yml|docker\.env|Dockerfile|\.csproj|\.sln|Cargo\.toml|Cargo\.lock|go\.mod|go\.sum|phpunit\.xml|phpunit\.xml|pom\.xml|build\.gradl|pyproject\.toml|requirements\.txt|application(-\w+)?\.(ya?ml|properties))$
{ return 404; }
location ~* /(\.git|\.svn|\.bzr|\.vscode|\.claude|\.idea|\.ssh|\.github|\.npm|\.yarn|\.pnpm|\.cache|\.husky|\.turbo|\.next|\.nuxt|node_modules|runtime)/
{ return 404; }
location ~ \.well-known { allow all; }
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
return 403;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d; error_log /dev/null; access_log /dev/null;
}
location ~ .*\.(js|css)?$ {
expires 12h; error_log /dev/null; access_log /dev/null;
}
access_log /www/wwwlogs/leileiadmin.czchunfang.com.log;
error_log /www/wwwlogs/leileiadmin.czchunfang.com.error.log;
}

39
deploy/docker/redis/redis.conf Normal file
View File

@@ -0,0 +1,39 @@
# =============================================================
# Redis 6.2 — 容器内最小化生产配置
# 密码由 docker-compose 通过 --requirepass 参数注入
# =============================================================
bind 0.0.0.0
protected-mode yes
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
# 数据持久化: AOF + 一份 RDB 兜底
appendonly yes
appendfsync everysec
save 900 1
save 300 10
save 60 10000
dir /data
dbfilename dump.rdb
appendfilename "appendonly.aof"
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
# 内存策略
maxmemory 512mb
maxmemory-policy allkeys-lru
# 日志
loglevel notice
logfile ""
# 慢日志
slowlog-log-slower-than 10000
slowlog-max-len 128
# 客户端
maxclients 1000

1
deploy/docker/scripts/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
server.env

39
deploy/docker/scripts/bootstrap-remote-env.sh Executable file
View File

@@ -0,0 +1,39 @@
#!/usr/bin/env bash
# =============================================================
# 首次部署:在远端创建 .env 模板(仅在缺失时创建)
# 同步代码后执行: ./bootstrap-remote-env.sh
# 之后 ssh 上去 vim 这两个文件填入真实密码即可
# =============================================================
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
if [ -f "$SCRIPT_DIR/server.env" ]; then
set -a; . "$SCRIPT_DIR/server.env"; set +a
fi
SERVER_HOST="${SERVER_HOST:?}"
SERVER_USER="${SERVER_USER:-root}"
SERVER_PORT="${SERVER_PORT:-22}"
REMOTE_DIR="${REMOTE_DIR:-/root/integral-shop}"
if [ -n "${SSHPASS:-}" ]; then
command -v sshpass >/dev/null || { echo "需要 sshpass"; exit 1; }
export SSHPASS
SSH=(sshpass -e ssh -p "$SERVER_PORT" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null)
else
SSH=(ssh -p "$SERVER_PORT" -o StrictHostKeyChecking=no)
fi
"${SSH[@]}" "${SERVER_USER}@${SERVER_HOST}" bash -se <<EOSSH
set -e
cd "${REMOTE_DIR}/deploy/docker"
[ -f .env ] || { cp .env.example .env; echo "[+] 已创建 .env (基于 .env.example)"; }
[ -f integral-resell/.env ] || { cp integral-resell/.env.template integral-resell/.env; echo "[+] 已创建 integral-resell/.env"; }
echo
echo "请在远端编辑以下文件填入真实参数:"
echo " ${REMOTE_DIR}/deploy/docker/.env"
echo " ${REMOTE_DIR}/deploy/docker/integral-resell/.env"
EOSSH

219
deploy/docker/scripts/deploy-step1.sh Executable file
View File

@@ -0,0 +1,219 @@
#!/usr/bin/env bash
# =============================================================
# 寄卖商城integral-resell一键部署脚本
# 目标服务器59.110.91.202
# 使用方式bash deploy/docker/scripts/deploy-step1.sh
# =============================================================
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../.." && pwd)"
STEP1_DIR="${PROJECT_ROOT}/deploy/docker/step1-integral-sqszx202"
# ---------- 读取服务器配置 ----------
if [ -f "$SCRIPT_DIR/server.env" ]; then
set -a; . "$SCRIPT_DIR/server.env"; set +a
else
echo "[!] 未找到 server.env请先创建"; exit 1
fi
SERVER_HOST="${SERVER_HOST:?}"
SERVER_USER="${SERVER_USER:-root}"
SERVER_PORT="${SERVER_PORT:-22}"
REMOTE_DIR="${REMOTE_DIR:-/root/integral-shop}"
REMOTE_STEP1="${REMOTE_DIR}/deploy/docker/step1-integral-sqszx202"
REDIS_PASS="${REDIS_PASS:?请通过环境变量 REDIS_PASS 提供 Redis 密码}"
DB_PASS="${DB_PASS:?请通过环境变量 DB_PASS 提供数据库密码}"
SMS_KEYID="${SMS_KEYID:-LTAI5t6PReihGTE4zGJk1Sxa}"
SMS_KEYSECRET="${SMS_KEYSECRET:-rzFeYQ21VOIwf0wAnxYcY10uPjoiJ4}"
APP_SECRET="${APP_SECRET:-ZFyTNQTWEkCBczKzyUDJWE9Ecx260612}"
# ---------- SSH / rsync 通道 ----------
SSH_OPTS="-p $SERVER_PORT -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
if [ -n "${SSHPASS:-}" ]; then
command -v sshpass >/dev/null 2>&1 || { echo "需要 sshpass"; exit 1; }
export SSHPASS
SSH=(sshpass -e ssh $SSH_OPTS)
RSYNC_SSH="sshpass -e ssh $SSH_OPTS"
else
SSH=(ssh $SSH_OPTS)
RSYNC_SSH="ssh $SSH_OPTS"
fi
RSYNC_BIN="/opt/homebrew/bin/rsync"
[ -x "$RSYNC_BIN" ] || RSYNC_BIN="rsync"
remote() { "${SSH[@]}" "${SERVER_USER}@${SERVER_HOST}" "$@"; }
echo ""
echo "══════════════════════════════════════════════════════"
echo " 寄卖商城 Docker 一键部署 → ${SERVER_HOST}"
echo "══════════════════════════════════════════════════════"
# ─── 1. 生成本地临时 env 文件 ─────────────────────────────────
echo ""
echo "▶ [1/6] 生成临时 .env / houtai.env ..."
TMPENV=$(mktemp -d)
trap 'rm -rf "$TMPENV"' EXIT
cat > "$TMPENV/.env" <<EOF
TZ=Asia/Shanghai
REDIS_PASSWORD=${REDIS_PASS}
INTEGRAL_TITLE=宿迁盛泽鑫商贸
INTEGRAL_API_PUBLIC_URL=https://admin.j3s4s5.com
INTEGRAL_IMG_PUBLIC_URL=https://admin.j3s4s5.com
INTEGRAL_H5_PUBLIC_URL=https://j3s4s5.com/
INTEGRAL_SN_ID=17533260260612
INTEGRAL_APP_STR=ZFyTNQTWEkCBczKzyUDJWE9Ecx260612
INTEGRAL_CONTRACT_PAGE=10012
INTEGRAL_H5_PORT=18080
RESELL_API_PORT=18085
RESELL_H5_DIR=/www/wwwroot/j3s4s5.com
RESELL_HOUTAI_DIR=/www/wwwroot/admin.j3s4s5.com
EOF
cat > "$TMPENV/houtai.env" <<EOF
DB_HOST = 'rm-bp1a178eq62lxba9xbo.mysql.rds.aliyuncs.com'
DB_PORT = 3306
DB_DATABASE = 'sqszx202'
DB_USERNAME = 'yangtangyoupin'
DB_PASSWORD = '${DB_PASS}'
REDIS_HOST = 'redis'
REDIS_PORT = 6379
REDIS_PASSWORD = '${REDIS_PASS}'
SMS_CHANNEL = 'alibaba'
SMS_SIGNNAME = '宿迁盛泽鑫商贸'
SMS_TEMPLATE = 'SMS_335105539'
SMS_KEYID = '${SMS_KEYID}'
SMS_KEYSECRET = '${SMS_KEYSECRET}'
SMS_SDKAPPID = ''
FILE_STORAGE = 'public'
OSS_ACCESS_ID = ''
OSS_ACCESS_SECRET = ''
OSS_BUCKET = ''
OSS_ENDPOINT = ''
OSS_URL = ''
APP_SIGN = '1'
APP_SECRET = '${APP_SECRET}'
EOF
echo " ✓ 临时文件已生成"
# ─── 2. rsync 项目文件 ────────────────────────────────────────
echo ""
echo "▶ [2/6] rsync 项目文件 → ${SERVER_USER}@${SERVER_HOST}:${REMOTE_DIR}/"
remote "mkdir -p '${REMOTE_DIR}'"
"$RSYNC_BIN" -avz --partial \
-e "$RSYNC_SSH" \
--no-owner --no-group \
--exclude '.git/' \
--exclude '.DS_Store' \
--exclude '**/.env' \
--exclude '**/houtai.env' \
--exclude '**/*.key' \
--exclude '**/*.pem' \
--exclude '*.log' \
--exclude '**/.idea/' \
--exclude '**/.cursor/' \
--exclude '**/.vscode/' \
--exclude '**/node_modules/' \
--exclude '**/target/' \
--exclude '**/unpackage/cache/' \
--exclude '**/unpackage/dist/dev/' \
--exclude 'integral-resell/houtai/runtime/' \
--exclude 'single-shop-22/backend/logs/' \
--exclude 'single-shop-22/backend/crmebimage/' \
--exclude 'MER-2.2_2601/' \
--exclude 'db/' \
--exclude 'deploy/docker/scripts/server.env' \
"${PROJECT_ROOT}/" "${SERVER_USER}@${SERVER_HOST}:${REMOTE_DIR}/"
echo " ✓ 项目文件同步完成"
# ─── 3. 上传 env 文件 ─────────────────────────────────────────
echo ""
echo "▶ [3/6] 上传 .env 和 houtai.env ..."
"$RSYNC_BIN" -avz \
-e "$RSYNC_SSH" \
"$TMPENV/.env" \
"${SERVER_USER}@${SERVER_HOST}:${REMOTE_STEP1}/.env"
"$RSYNC_BIN" -avz \
-e "$RSYNC_SSH" \
"$TMPENV/houtai.env" \
"${SERVER_USER}@${SERVER_HOST}:${REMOTE_STEP1}/houtai.env"
echo " ✓ env 文件上传完成"
# ─── 4. 创建宿主机挂载目录 + 同步 H5 到 wwwroot ──────────────
echo ""
echo "▶ [4/6] 创建宿主机目录 & 同步 H5 静态文件 ..."
remote "
set -e
mkdir -p /www/wwwroot/j3s4s5.com
mkdir -p /www/wwwroot/admin.j3s4s5.com/public/upload
mkdir -p /www/wwwroot/admin.j3s4s5.com/runtime/logs
mkdir -p /www/wwwroot/admin.j3s4s5.com/runtime/sessions
echo ' ✓ 宿主机目录已就绪'
# 同步 H5 静态文件
rsync -a --delete \
'${REMOTE_DIR}/h5/' \
'/www/wwwroot/j3s4s5.com/'
chmod -R a+rX /www/wwwroot/j3s4s5.com
find /www/wwwroot/j3s4s5.com -type d -exec chmod 755 {} +
find /www/wwwroot/j3s4s5.com -type f -exec chmod 644 {} +
echo ' ✓ H5 静态文件已同步到 /www/wwwroot/j3s4s5.com/'
# 同步 webman 应用文件webman.bin / public / index.html到宿主机
# 容器启动后直接从此目录运行FTP 更新文件后 restart 即可生效
rsync -a --exclude='runtime/' --exclude='.env' \
'${REMOTE_DIR}/houtai/' \
'/www/wwwroot/admin.j3s4s5.com/'
chmod +x /www/wwwroot/admin.j3s4s5.com/webman.bin
echo ' ✓ webman 应用文件已同步到 /www/wwwroot/admin.j3s4s5.com/'
ls /www/wwwroot/admin.j3s4s5.com/ | head -8
"
# ─── 5. docker compose build & up ────────────────────────────
echo ""
echo "▶ [5/6] docker compose build --no-cache ..."
echo " (首次构建耗时 5-15 分钟,请耐心等待)"
remote "
set -e
cd '${REMOTE_STEP1}'
docker compose --env-file .env build --no-cache
echo ' ✓ 镜像构建完成'
"
echo ""
echo "▶ [6/6] docker compose up -d ..."
remote "
set -e
cd '${REMOTE_STEP1}'
docker compose --env-file .env up -d
echo ''
docker compose --env-file .env ps
"
# ─── 完成 ─────────────────────────────────────────────────────
echo ""
echo "══════════════════════════════════════════════════════"
echo " ✅ 寄卖商城部署完成!"
echo ""
echo " H5 前台: https://j3s4s5.com/ 或 http://${SERVER_HOST}:18080"
echo " API 端口: https://admin.j3s4s5.com/api/ 或 http://${SERVER_HOST}:18085"
echo ""
echo " 查看日志:"
echo " cd ${REMOTE_STEP1} && docker compose --env-file .env logs -f"
echo ""
echo " 查看容器状态:"
echo " docker compose --env-file .env ps"
echo "══════════════════════════════════════════════════════"

92
deploy/docker/scripts/remote-up.sh Executable file
View File

@@ -0,0 +1,92 @@
#!/usr/bin/env bash
# =============================================================
# 远端执行 docker compose 命令
# 用法:
# ./remote-up.sh up # build + up -d
# ./remote-up.sh build # 仅 build
# ./remote-up.sh restart svc # 重启某服务
# ./remote-up.sh logs [svc] # 跟日志
# ./remote-up.sh ps # 服务状态
# ./remote-up.sh ssh # 登录到远端
# =============================================================
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
if [ -f "$SCRIPT_DIR/server.env" ]; then
# shellcheck disable=SC1091
set -a
. "$SCRIPT_DIR/server.env"
set +a
fi
SERVER_HOST="${SERVER_HOST:?SERVER_HOST 未配置,请先 cp server.env.example server.env}"
SERVER_USER="${SERVER_USER:-root}"
SERVER_PORT="${SERVER_PORT:-22}"
REMOTE_DIR="${REMOTE_DIR:-/root/integral-shop}"
if [ -n "${SSHPASS:-}" ]; then
command -v sshpass >/dev/null 2>&1 || { echo "需要 sshpass"; exit 1; }
export SSHPASS
SSH=(sshpass -e ssh -p "$SERVER_PORT" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -t)
else
SSH=(ssh -p "$SERVER_PORT" -o StrictHostKeyChecking=no -t)
fi
run_remote() {
"${SSH[@]}" "${SERVER_USER}@${SERVER_HOST}" "cd ${REMOTE_DIR}/deploy/docker && $*"
}
cmd="${1:-up}"
shift || true
case "$cmd" in
up)
# 预检:必须存在 .env
run_remote "test -f .env && test -f integral-resell/.env" || {
cat <<EOF
[!] 远端缺少 .env 文件,请在远端执行:
ssh ${SERVER_USER}@${SERVER_HOST}
cd ${REMOTE_DIR}/deploy/docker
cp .env.example .env
vim .env
cp integral-resell/.env.template integral-resell/.env
vim integral-resell/.env
EOF
exit 1
}
run_remote "docker compose build && docker compose up -d && docker compose ps"
;;
build)
run_remote "docker compose build $*"
;;
restart)
run_remote "docker compose restart $*"
;;
logs)
run_remote "docker compose logs --tail 200 -f $*"
;;
ps|status)
run_remote "docker compose ps"
;;
down)
run_remote "docker compose down"
;;
pull)
run_remote "docker compose pull"
;;
ssh)
"${SSH[@]}" "${SERVER_USER}@${SERVER_HOST}"
;;
exec)
run_remote "docker compose exec $*"
;;
*)
echo "未知子命令: $cmd"
echo "支持: up | build | restart | logs | ps | down | pull | ssh | exec"
exit 2
;;
esac

21
deploy/docker/scripts/server.env.example Normal file
View File

@@ -0,0 +1,21 @@
# =============================================================
# 部署目标服务器配置 — 复制为 server.env 并按实际填写
# 不要提交到 git
# =============================================================
# 远端服务器
# 宝塔 Docker 管理面板: https://59.110.91.202:14874/docker/conmanger
SERVER_HOST=59.110.91.202
SERVER_USER=root
SERVER_PORT=22
# 部署到服务器的目标目录
REMOTE_DIR=/root/integral-shop
# 用密码登录时填写(需要 sshpass
# macOS: brew install hudochenkov/sshpass/sshpass
# Linux: apt-get install -y sshpass
# 留空则走 SSH key推荐先 ssh-copy-id root@59.110.91.202
SSHPASS=
# 是否在 rsync 之后自动 build + upyes / no
AUTO_UP=yes

123
deploy/docker/scripts/sync-to-server.sh Executable file
View File

@@ -0,0 +1,123 @@
#!/usr/bin/env bash
# =============================================================
# 通过 rsync 把整个工程同步到远端服务器
# 用法:
# 1. 复制 server.env.example -> server.env填入主机/密码
# 2. ./sync-to-server.sh # 仅同步
# ./sync-to-server.sh up # 同步后在远端 docker compose build && up -d
# ./sync-to-server.sh logs # 远端 docker compose logs
# =============================================================
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../.." && pwd)"
# 读取服务器配置
if [ -f "$SCRIPT_DIR/server.env" ]; then
# shellcheck disable=SC1091
set -a
. "$SCRIPT_DIR/server.env"
set +a
elif [ -f "$SCRIPT_DIR/server.env.example" ]; then
echo "[!] 未发现 server.env请先 cp server.env.example server.env 并修改"
exit 1
fi
SERVER_HOST="${SERVER_HOST:?SERVER_HOST 未配置}"
SERVER_USER="${SERVER_USER:-root}"
SERVER_PORT="${SERVER_PORT:-22}"
REMOTE_DIR="${REMOTE_DIR:-/root/integral-shop}"
# ---------- 选择 SSH/rsync 通道 ----------
if [ -n "${SSHPASS:-}" ]; then
if ! command -v sshpass >/dev/null 2>&1; then
echo "[!] 检测到 SSHPASS 但未安装 sshpass"
echo " macOS: brew install hudochenkov/sshpass/sshpass"
echo " Linux: apt-get install -y sshpass"
exit 1
fi
export SSHPASS
SSH=(sshpass -e ssh -p "$SERVER_PORT" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null)
RSYNC_SSH="sshpass -e ssh -p $SERVER_PORT -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
else
SSH=(ssh -p "$SERVER_PORT" -o StrictHostKeyChecking=no -o ServerAliveInterval=30)
RSYNC_SSH="ssh -p $SERVER_PORT -o StrictHostKeyChecking=no -o ServerAliveInterval=30"
fi
remote() {
"${SSH[@]}" "${SERVER_USER}@${SERVER_HOST}" "$@"
}
# ---------- 1. 远端目录准备 ----------
echo "[1/3] 准备远端目录 ${SERVER_USER}@${SERVER_HOST}:${REMOTE_DIR}"
remote "mkdir -p '${REMOTE_DIR}'"
# 优先使用 homebrew rsyncmacOS 内置版本 2.6.9 太旧)
RSYNC_BIN="/opt/homebrew/bin/rsync"
[ -x "$RSYNC_BIN" ] || RSYNC_BIN="rsync"
# ---------- 2. rsync ----------
echo "[2/3] rsync ${PROJECT_ROOT}/ -> ${SERVER_USER}@${SERVER_HOST}:${REMOTE_DIR}/"
"$RSYNC_BIN" -avz --delete --partial \
-e "$RSYNC_SSH" \
--exclude '.git/' \
--exclude '.DS_Store' \
--exclude '*.log' \
--exclude '**/.idea/' \
--exclude '**/.cursor/' \
--exclude '**/.vscode/' \
--exclude '**/node_modules/' \
--exclude '**/target/' \
--exclude '**/unpackage/cache/' \
--exclude '**/unpackage/dist/dev/' \
--exclude 'integral-resell/houtai/runtime/logs/' \
--exclude 'integral-resell/houtai/runtime/sessions/' \
--exclude 'integral-resell/houtai/runtime/login/' \
--exclude 'integral-resell/houtai/runtime/webman.pid' \
--exclude 'single-shop-22/backend/logs/' \
--exclude 'single-shop-22/backend/crmebimage/' \
--exclude 'single-shop-22/backend-adminend/dist/' \
--exclude 'MER-2.2_2601/' \
--exclude 'db/mysql-recover-20260514/' \
--exclude 'db/yangtangyoupin.sql' \
--exclude 'deploy/docker/.env' \
--exclude 'deploy/docker/integral-resell/.env' \
--exclude 'deploy/docker/scripts/server.env' \
"${PROJECT_ROOT}/" "${SERVER_USER}@${SERVER_HOST}:${REMOTE_DIR}/"
# ---------- 3. 远端 env 文件提示 ----------
echo "[3/3] 检查远端环境文件"
remote "test -f ${REMOTE_DIR}/deploy/docker/.env || echo '[!] 远端缺少 deploy/docker/.env请按下面提示创建'"
remote "test -f ${REMOTE_DIR}/deploy/docker/integral-resell/.env || echo '[!] 远端缺少 deploy/docker/integral-resell/.env'"
echo
echo "==============================================="
echo " rsync 完成"
echo " 远端目录: ${REMOTE_DIR}"
echo "==============================================="
# ---------- 后续动作 ----------
case "${1:-${AUTO_UP:-}}" in
up|yes|YES)
echo "[远端] 执行 docker compose build && up -d"
"$SCRIPT_DIR/remote-up.sh" up
;;
build)
"$SCRIPT_DIR/remote-up.sh" build
;;
logs)
shift || true
"$SCRIPT_DIR/remote-up.sh" logs "$@"
;;
"")
echo "下一步:"
echo " $0 up # 同步并启动"
echo " $0 build # 仅构建"
echo " $0 logs # 查看日志"
;;
*)
echo "未知参数: $1"
exit 2
;;
esac

54
deploy/docker/single-shop/admin-api.Dockerfile Normal file
View File

@@ -0,0 +1,54 @@
# =============================================================
# 积分商城 管理端 APImiao-admin-2.2.jar
# JAR 由宿主机 bind-mount 进来(/app/app.jar无需 Maven 编译
# 宿主机路径:${SINGLE_ADMIN_JAR} → /app/app.jar
# FTP 更新 JAR 后docker compose --env-file .env restart single-admin-api
# =============================================================
FROM eclipse-temurin:17-jre-jammy
ENV TZ=Asia/Shanghai \
LANG=C.UTF-8 LC_ALL=C.UTF-8 \
DEBIAN_FRONTEND=noninteractive
# 切换阿里云 Ubuntu 镜像源(服务器访问 archive.ubuntu.com 超时)
RUN sed -i \
-e 's|http://archive.ubuntu.com|https://mirrors.aliyun.com|g' \
-e 's|http://security.ubuntu.com|https://mirrors.aliyun.com|g' \
/etc/apt/sources.list
RUN apt-get update && apt-get install -y --no-install-recommends \
tzdata ca-certificates curl \
fontconfig fonts-dejavu fonts-wqy-zenhei \
&& ln -sf /usr/share/zoneinfo/$TZ /etc/localtime \
&& echo $TZ > /etc/timezone \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /app /config /usr/local/crmeb/crmebimage /app/log
# 堆大小(可通过 compose environment 覆盖)
ENV JAVA_HEAP_OPTS="-Xms128m -Xmx256m"
# Spring Boot 2.2.6 + Java 17 必须的模块开放参数
ENV JAVA_MODULE_OPTS="\
--add-opens java.base/java.lang=ALL-UNNAMED \
--add-opens java.base/java.lang.reflect=ALL-UNNAMED \
--add-opens java.base/java.util=ALL-UNNAMED \
--add-opens java.base/java.io=ALL-UNNAMED \
--add-opens java.base/java.math=ALL-UNNAMED \
--add-opens java.base/sun.net.util=ALL-UNNAMED \
--add-opens java.base/java.net=ALL-UNNAMED"
WORKDIR /app
# /app/app.jar 由 docker-compose volumes bind-mount 进来
EXPOSE 30032
# 等价于nohup java -Xms128m -Xmx256m -jar miao-admin-2.2.jar > admin.log &
ENTRYPOINT ["sh","-c","exec java \
$JAVA_HEAP_OPTS \
$JAVA_MODULE_OPTS \
-Dfile.encoding=UTF-8 \
-Duser.timezone=$TZ \
-jar /app/app.jar \
--spring.profiles.active=${SPRING_PROFILES_ACTIVE:-docker} \
--spring.config.additional-location=file:/config/ \
--server.port=${SERVER_PORT:-30032}"]

61
deploy/docker/single-shop/admin-web.Dockerfile Normal file
View File

@@ -0,0 +1,61 @@
# =============================================================
# 积分商城 管理后台前端Vue 2 SPA
# 纯 Nginx 运行时镜像,不含 Node 构建阶段
# 静态文件由宿主机 bind-mount 进来(${SINGLE_ADMIN_WEB_DIR}:/usr/share/nginx/html
# 宿主机目录示例:/www/wwwroot/jfadmin.j3s4s5.com/
# 更新方式rsync 新 dist 到宿主机目录 → 无需重建镜像
# =============================================================
FROM nginx:1.25-alpine
ENV TZ=Asia/Shanghai
# 切换阿里云 Alpine 镜像源
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
&& apk add --no-cache tzdata \
&& cp /usr/share/zoneinfo/$TZ /etc/localtime \
&& echo $TZ > /etc/timezone \
&& rm -f /etc/apk/cache/*.apk
# Nginx 反代配置
# /api/ 和 /adminapi/ 代理到 single-admin-api 容器
RUN cat > /etc/nginx/conf.d/default.conf <<'NGX'
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
client_max_body_size 50m;
add_header X-Frame-Options SAMEORIGIN always;
location ~* \.(?:js|css|png|jpg|jpeg|gif|svg|woff2?|ttf|map)$ {
expires 30d;
add_header Cache-Control "public, max-age=2592000, immutable";
try_files $uri =404;
}
location /api/ {
proxy_pass http://single-admin-api:30032/api/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location /adminapi/ {
proxy_pass http://single-admin-api:30032/adminapi/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
try_files $uri $uri/ /index.html;
}
}
NGX
EXPOSE 80

71
deploy/docker/single-shop/application-docker.yml Normal file
View File

@@ -0,0 +1,71 @@
# =============================================================
# 积分商城 Docker 部署专用 Spring profile
# 通过 --spring.config.additional-location=file:/config/ + --spring.profiles.active=docker
# 加载本文件,并由环境变量覆盖关键参数
# =============================================================
server:
port: ${SERVER_PORT:-30032}
crmeb:
imagePath: /usr/local/crmeb/
domain: https://j3s4s5.com
captchaOn: false
asyncConfig: true
demoSite: false
spring:
datasource:
name: ${MYSQL_DATABASE}
type: com.alibaba.druid.pool.DruidDataSource
driver-class-name: com.mysql.jdbc.Driver
url: jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT:3306}/${MYSQL_DATABASE}?useUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8&useSSL=false&allowPublicKeyRetrieval=true
username: ${MYSQL_USERNAME}
password: ${MYSQL_PASSWORD}
druid:
initial-size: 5
min-idle: 5
max-active: 50
max-wait: 60000
validation-query: SELECT 1
test-while-idle: true
test-on-borrow: false
test-on-return: false
redis:
host: ${REDIS_HOST:redis}
port: ${REDIS_PORT:6379}
password: ${REDIS_PASSWORD:}
database: ${REDIS_DATABASE:0}
timeout: 10000
jedis:
pool:
max-active: 200
max-wait: -1
max-idle: 10
min-idle: 0
time-between-eviction-runs: -1
second:
database: ${REDIS_SECOND_DATABASE:1}
# 订单同步(无 MER 时填默认)
sync:
source-id: ${SYNC_SOURCE_ID:}
target-mer-id: ${SYNC_TARGET_MER_ID:0}
logging:
level:
io.swagger.*: error
com.zbjk.crmeb: info
org.springframework.boot.autoconfigure: ERROR
config: classpath:logback-spring.xml
file:
path: /app/log
mybatis-plus:
configuration:
log-impl:
swagger:
basic:
enable: false
check: false

54
deploy/docker/single-shop/front-api.Dockerfile Normal file
View File

@@ -0,0 +1,54 @@
# =============================================================
# 积分商城 用户端 APImiao-front-2.2.jar
# JAR 由宿主机 bind-mount 进来(/app/app.jar无需 Maven 编译
# 宿主机路径:${SINGLE_FRONT_JAR} → /app/app.jar
# FTP 更新 JAR 后docker compose --env-file .env restart single-front-api
# =============================================================
FROM eclipse-temurin:17-jre-jammy
ENV TZ=Asia/Shanghai \
LANG=C.UTF-8 LC_ALL=C.UTF-8 \
DEBIAN_FRONTEND=noninteractive
# 切换阿里云 Ubuntu 镜像源(服务器访问 archive.ubuntu.com 超时)
RUN sed -i \
-e 's|http://archive.ubuntu.com|https://mirrors.aliyun.com|g' \
-e 's|http://security.ubuntu.com|https://mirrors.aliyun.com|g' \
/etc/apt/sources.list
RUN apt-get update && apt-get install -y --no-install-recommends \
tzdata ca-certificates curl \
fontconfig fonts-dejavu fonts-wqy-zenhei \
&& ln -sf /usr/share/zoneinfo/$TZ /etc/localtime \
&& echo $TZ > /etc/timezone \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /app /config /usr/local/crmeb/crmebimage /app/log
# 堆大小(可通过 compose environment 覆盖)
ENV JAVA_HEAP_OPTS="-Xms128m -Xmx256m"
# Spring Boot 2.2.6 + Java 17 必须的模块开放参数
ENV JAVA_MODULE_OPTS="\
--add-opens java.base/java.lang=ALL-UNNAMED \
--add-opens java.base/java.lang.reflect=ALL-UNNAMED \
--add-opens java.base/java.util=ALL-UNNAMED \
--add-opens java.base/java.io=ALL-UNNAMED \
--add-opens java.base/java.math=ALL-UNNAMED \
--add-opens java.base/sun.net.util=ALL-UNNAMED \
--add-opens java.base/java.net=ALL-UNNAMED"
WORKDIR /app
# /app/app.jar 由 docker-compose volumes bind-mount 进来
EXPOSE 30033
# 等价于nohup java -Xms128m -Xmx256m -jar miao-front-2.2.jar > front.log &
ENTRYPOINT ["sh","-c","exec java \
$JAVA_HEAP_OPTS \
$JAVA_MODULE_OPTS \
-Dfile.encoding=UTF-8 \
-Duser.timezone=$TZ \
-jar /app/app.jar \
--spring.profiles.active=${SPRING_PROFILES_ACTIVE:-docker} \
--spring.config.additional-location=file:/config/ \
--server.port=${SERVER_PORT:-30033}"]

55
deploy/docker/single-shop/h5.Dockerfile Normal file
View File

@@ -0,0 +1,55 @@
# =============================================================
# 积分商城 用户端 H5uni-app SPA
# 纯 Nginx 运行时镜像,不含 Node 构建阶段
# 静态文件由宿主机 bind-mount 进来(${SINGLE_H5_DIR}:/usr/share/nginx/html
# 宿主机目录示例:/www/wwwroot/jf.j3s4s5.com/
# 更新方式rsync 新 dist 到宿主机目录 → 无需重建镜像
# =============================================================
FROM nginx:1.25-alpine
ENV TZ=Asia/Shanghai
# 切换阿里云 Alpine 镜像源
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
&& apk add --no-cache tzdata \
&& cp /usr/share/zoneinfo/$TZ /etc/localtime \
&& echo $TZ > /etc/timezone \
&& rm -f /etc/apk/cache/*.apk
# Nginx 反代配置
# API 请求代理到 single-front-api 容器Docker 内网,不经宝塔 Nginx
RUN cat > /etc/nginx/conf.d/default.conf <<'NGX'
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
client_max_body_size 50m;
add_header X-Frame-Options SAMEORIGIN always;
location ~* \.(?:js|css|png|jpg|jpeg|gif|svg|woff2?|ttf|map)$ {
expires 30d;
add_header Cache-Control "public, max-age=2592000, immutable";
try_files $uri =404;
}
# 前台 API单点登录/商品/订单等)
location /api/ {
proxy_pass http://single-front-api:30033/api/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location / {
try_files $uri $uri/ /index.html;
}
}
NGX
EXPOSE 80

37
deploy/docker/single-shop/nginx-admin-web.conf Normal file
View File

@@ -0,0 +1,37 @@
# 仅供参考: 内容已内联到 admin-web.Dockerfile
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
client_max_body_size 50m;
add_header X-Frame-Options SAMEORIGIN always;
location ~* \.(?:js|css|png|jpg|jpeg|gif|svg|woff2?|ttf|map)$ {
expires 30d;
add_header Cache-Control "public, max-age=2592000, immutable";
try_files $uri =404;
}
location /api/ {
proxy_pass http://single-admin-api:30032/api/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location /adminapi/ {
proxy_pass http://single-admin-api:30032/adminapi/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
try_files $uri $uri/ /index.html;
}
}

30
deploy/docker/single-shop/nginx-h5.conf Normal file
View File

@@ -0,0 +1,30 @@
# 仅供参考: 内容已内联到 h5.Dockerfile
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
client_max_body_size 50m;
add_header X-Frame-Options SAMEORIGIN always;
location ~* \.(?:js|css|png|jpg|jpeg|gif|svg|woff2?|ttf|map)$ {
expires 30d;
add_header Cache-Control "public, max-age=2592000, immutable";
try_files $uri =404;
}
location /api/ {
proxy_pass http://single-front-api:30033/api/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
client_max_body_size 50m;
}
location / {
try_files $uri $uri/ /index.html;
}
}

7
deploy/docker/ssl-cert/.gitignore vendored Normal file
View File

@@ -0,0 +1,7 @@
# 忽略证书文件,不入库
*.pem
*.key
*.crt
*.cer
*.p12
*.pfx

31
deploy/docker/step1-integral-sqszx202/.env.example Normal file
View File

@@ -0,0 +1,31 @@
# =============================================================
# 步骤一:寄卖商城环境变量 — 宿迁盛泽鑫商贸 sqszx202
# cp .env.example .env 并填入真实密码
# .env 不入库
# =============================================================
TZ=Asia/Shanghai
# ---------- Redis容器内 ----------
REDIS_PASSWORD=change-me-redis
# ---------- H5 对外域名(浏览器可达) ----------
INTEGRAL_TITLE=宿迁盛泽鑫商贸
INTEGRAL_API_PUBLIC_URL=https://admin.j3s4s5.com
INTEGRAL_IMG_PUBLIC_URL=https://admin.j3s4s5.com
INTEGRAL_H5_PUBLIC_URL=https://j3s4s5.com/
INTEGRAL_SN_ID=17533260260612
INTEGRAL_APP_STR=ZFyTNQTWEkCBczKzyUDJWE9Ecx260612
INTEGRAL_CONTRACT_PAGE=10012
# ---------- 宿主机暴露端口 ----------
INTEGRAL_H5_PORT=18080
# webman API 直连端口(宝塔 Nginx admin.j3s4s5.com → 此端口)
RESELL_API_PORT=18085
# ---------- 宿主机目录映射bind mount与原部署路径一致----------
# 寄卖商城 H5 静态文件目录(手动改 JS/configs.js 直接生效,无需重建镜像)
RESELL_H5_DIR=/www/wwwroot/j3s4s5.com
# webman 后台完整应用目录FTP 上传新 webman.bin/public/ 后 restart 容器即可更新)
# 上传图片、public/upload 等均包含在此目录内,无需单独挂载
RESELL_HOUTAI_DIR=/www/wwwroot/admin.j3s4s5.com

2
deploy/docker/step1-integral-sqszx202/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
.env
houtai.env

105
deploy/docker/step1-integral-sqszx202/README.md Normal file
View File

@@ -0,0 +1,105 @@
# 步骤一:寄卖商城 Docker 部署(宿迁盛泽鑫商贸 sqszx202
项目:`integral-resell`(寄卖商城)
服务:`redis` · `integral-houtai`Webman PHP 8.0)· `integral-h5`Nginx 静态站)· `edge-nginx`Docker HTTPS 入口)
步骤二(积分商城)与本步骤完全独立,可以单独部署、单独重启。
> 这套目录结构与 `deploy/docker/step1-integral` 保持一致,按 `czleilei240` 已验证方案复制而来。
> 当前默认域名假设为:
> - 寄卖商城 H5`j3s4s5.com`
> - 寄卖商城后台/API`admin.j3s4s5.com`
> - 积分商城 H5`jf.j3s4s5.com`
> - 积分商城管理后台:`jfadmin.j3s4s5.com`
>
> 以上四个域名统一使用 `deploy/docker/ssl-cert/j3s4s5.com_cert/nginx/` 下的泛域名证书。
---
## 快速部署
```bash
cd deploy/docker/step1-integral-sqszx202
# 1. 准备环境变量
cp .env.example .env
cp houtai.env.example houtai.env
vim .env
vim houtai.env
# 2. 首次部署:在服务器上确保宿主机目录存在
mkdir -p /www/wwwroot/j3s4s5.com
mkdir -p /www/wwwroot/admin.j3s4s5.com/public/upload
# 3. 将 H5 静态文件同步到宿主机目录(首次 / 每次前端更新后)
rsync -av h5/ /www/wwwroot/j3s4s5.com/
chmod -R a+rX /www/wwwroot/j3s4s5.com
# 4. 构建并启动edge-nginx 会在宿主机监听 80/443
docker compose --env-file .env up -d --build
# 5. 查看状态
docker compose --env-file .env ps
docker compose --env-file .env logs -f integral-houtai
```
---
## 目录映射
| 宿主机路径 | 容器路径 | 用途 |
|---|---|---|
| `/www/wwwroot/j3s4s5.com` | `/usr/share/nginx/html` | H5 静态文件,手动改 JS 即时生效 |
| `/www/wwwroot/admin.j3s4s5.com` | `/app` | webman 后台完整应用目录 |
| `./houtai.env` | `/app/.env` | 运行时配置,只读挂入 |
| `../ssl-cert/j3s4s5.com_cert/nginx` | `/etc/nginx/ssl/j3s4s5.com_cert` | `j3s4s5.com``admin.j3s4s5.com``jf.j3s4s5.com``jfadmin.j3s4s5.com` 共用 SSL 证书 |
| `integral-runtime`named vol| `/app/runtime` | webman PID、session 等运行时数据 |
| 域名 | 用途 | Docker 容器端口 | 宿主机端口 | Docker 入口 |
|---|---|---|---|---|
| `j3s4s5.com` | 寄卖商城 H5 | integral-h5:80 | **80/443**,直连测试 **18080** | `edge-nginx` |
| `admin.j3s4s5.com` | 寄卖商城 API / 后台 | integral-houtai:**8785** | **80/443**,直连测试 **18085** | `edge-nginx` |
---
## 验证
| 地址 | 预期 |
|------|------|
| `https://j3s4s5.com/` | 寄卖商城 H5 首页 |
| `https://admin.j3s4s5.com/api/...` | 寄卖商城 API |
| `http://59.110.91.202:18080/` | H5 直连测试 |
| `ss -lntp \| grep -E ':(80\|443)'` | 看到 Docker Nginx 监听宿主机 80/443 |
---
## 常用命令
```bash
docker compose --env-file .env restart integral-houtai
docker compose --env-file .env restart edge-nginx
docker compose --env-file .env logs -f integral-houtai
docker compose --env-file .env logs -f edge-nginx
docker compose --env-file .env exec integral-houtai bash
docker compose --env-file .env down
docker compose --env-file .env down -v
```
---
## 关键一致性检查
| 位置 | 值 |
|---|---|
| `.env` INTEGRAL_API_PUBLIC_URL | `https://admin.j3s4s5.com` |
| `.env` INTEGRAL_H5_PUBLIC_URL | `https://j3s4s5.com/` |
| `.env` INTEGRAL_APP_STR | `ZFyTNQTWEkCBczKzyUDJWE9Ecx260612` |
| `houtai.env` APP_SECRET | 同上 |
| `.env` INTEGRAL_SN_ID | `17533260260612` |
---
## 待确认项
- 短信当前使用阿里云签名 `宿迁盛泽鑫商贸`、模板 `SMS_335105539`,如更换短信账号需同步更新 `houtai.env`
- 如果寄卖后台域名不是 `admin.j3s4s5.com`,请统一替换 `.env.example`、README 和入口 Nginx 配置

102
deploy/docker/step1-integral-sqszx202/docker-compose.yml Normal file
View File

@@ -0,0 +1,102 @@
# =============================================================
# 步骤一寄卖商城integral-resell独立部署
# 客户:宿迁盛泽鑫商贸 sqszx202
# 包含服务redis · integral-houtai(webman) · integral-h5(Nginx) · edge-nginx(HTTPS入口)
# =============================================================
name: resell-sqszx202
x-common: &common
restart: unless-stopped
environment:
TZ: ${TZ:-Asia/Shanghai}
logging:
driver: json-file
options:
max-size: "20m"
max-file: "5"
networks:
integral-net:
driver: bridge
volumes:
integral-redis-data:
integral-runtime:
services:
redis:
<<: *common
build:
context: .
dockerfile: redis.Dockerfile
image: resell-sqszx202/redis:local
container_name: integral-redis-sqszx202
command: ["--requirepass", "${REDIS_PASSWORD}", "--appendonly", "yes"]
volumes:
- integral-redis-data:/data
networks: [integral-net]
healthcheck:
test: ["CMD", "redis-cli", "-a", "${REDIS_PASSWORD}", "ping"]
interval: 10s
timeout: 3s
retries: 5
integral-houtai:
<<: *common
build:
context: ../integral-resell
dockerfile: houtai.Dockerfile
image: resell-sqszx202/houtai:latest
container_name: integral-houtai-sqszx202
networks: [integral-net]
ports:
- "${RESELL_API_PORT:-18085}:8785"
volumes:
- ${RESELL_HOUTAI_DIR}:/app
- ./houtai.env:/app/.env:ro
- integral-runtime:/app/runtime
depends_on:
redis:
condition: service_healthy
integral-h5:
<<: *common
build:
context: ../integral-resell
dockerfile: h5.Dockerfile
image: resell-sqszx202/h5:latest
container_name: integral-h5-sqszx202
networks: [integral-net]
environment:
TZ: ${TZ:-Asia/Shanghai}
INTEGRAL_TITLE: ${INTEGRAL_TITLE}
INTEGRAL_API_PUBLIC_URL: ${INTEGRAL_API_PUBLIC_URL}
INTEGRAL_IMG_PUBLIC_URL: ${INTEGRAL_IMG_PUBLIC_URL}
INTEGRAL_H5_PUBLIC_URL: ${INTEGRAL_H5_PUBLIC_URL}
INTEGRAL_SN_ID: ${INTEGRAL_SN_ID}
INTEGRAL_APP_STR: ${INTEGRAL_APP_STR}
INTEGRAL_CONTRACT_PAGE: ${INTEGRAL_CONTRACT_PAGE}
volumes:
- ${RESELL_H5_DIR}:/usr/share/nginx/html
ports:
- "${INTEGRAL_H5_PORT:-18080}:80"
depends_on:
- integral-houtai
edge-nginx:
<<: *common
image: nginx:1.25-alpine
container_name: edge-nginx-sqszx202
networks: [integral-net]
extra_hosts:
- "host.docker.internal:host-gateway"
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx-edge.conf:/etc/nginx/conf.d/default.conf:ro
- ../ssl-cert/j3s4s5.com_cert/nginx:/etc/nginx/ssl/j3s4s5.com_cert:ro
depends_on:
- integral-h5
- integral-houtai

37
deploy/docker/step1-integral-sqszx202/houtai.env.example Normal file
View File

@@ -0,0 +1,37 @@
# =============================================================
# Webman 后端运行时配置 — 宿迁盛泽鑫商贸 sqszx202寄卖商城
# cp houtai.env.example houtai.env 并填入真实密码
# houtai.env 不入库,由 docker-compose volumes: 挂入 /app/.env
# =============================================================
# MySQL阿里云 RDS
DB_HOST = 'rm-bp1a178eq62lxba9xbo.mysql.rds.aliyuncs.com'
DB_PORT = 3306
DB_DATABASE = 'sqszx202'
DB_USERNAME = 'yangtangyoupin'
DB_PASSWORD = 'change-me'
# Redis指向同 compose 内的 redis 容器)
REDIS_HOST = 'redis'
REDIS_PORT = 6379
REDIS_PASSWORD = 'change-me-redis'
# 短信(需按该项目实际通道填写)
SMS_CHANNEL = 'alibaba'
SMS_SIGNNAME = '宿迁盛泽鑫商贸'
SMS_TEMPLATE = 'SMS_335105539'
SMS_KEYID = 'LTAI5t6PReihGTE4zGJk1Sxa'
SMS_KEYSECRET = 'rzFeYQ21VOIwf0wAnxYcY10uPjoiJ4'
SMS_SDKAPPID = ''
# OSS不启用则走本地 public/upload
FILE_STORAGE = 'public'
OSS_ACCESS_ID = ''
OSS_ACCESS_SECRET = ''
OSS_BUCKET = ''
OSS_ENDPOINT = ''
OSS_URL = ''
# 业务标识(须与 H5 configs.js 的 sn_id / appStr 以及积分商城 admin 后台一致)
APP_SIGN = '1'
APP_SECRET = 'ZFyTNQTWEkCBczKzyUDJWE9Ecx260612'

102
deploy/docker/step1-integral-sqszx202/nginx-edge.conf Normal file
View File

@@ -0,0 +1,102 @@
server {
listen 80;
server_name j3s4s5.com admin.j3s4s5.com jf.j3s4s5.com jfadmin.j3s4s5.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
http2 on;
server_name jf.j3s4s5.com;
ssl_certificate /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.pem;
ssl_certificate_key /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
client_max_body_size 50m;
location / {
proxy_pass http://host.docker.internal:18082;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
server {
listen 443 ssl;
http2 on;
server_name jfadmin.j3s4s5.com;
ssl_certificate /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.pem;
ssl_certificate_key /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
client_max_body_size 50m;
location / {
proxy_pass http://host.docker.internal:18081;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
server {
listen 443 ssl;
http2 on;
server_name j3s4s5.com;
ssl_certificate /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.pem;
ssl_certificate_key /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
client_max_body_size 50m;
location / {
proxy_pass http://integral-h5:80;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
server {
listen 443 ssl;
http2 on;
server_name admin.j3s4s5.com;
ssl_certificate /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.pem;
ssl_certificate_key /etc/nginx/ssl/j3s4s5.com_cert/j3s4s5.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
client_max_body_size 50m;
location / {
proxy_pass http://integral-houtai:8785;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}

13
deploy/docker/step1-integral-sqszx202/redis.Dockerfile Normal file
View File

@@ -0,0 +1,13 @@
# 使用 Alpine 通过 apk 安装 Redis绕过镜像源问题
FROM alpine:3.19
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
&& apk add --no-cache redis tzdata \
&& cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone
VOLUME /data
WORKDIR /data
EXPOSE 6379
ENTRYPOINT ["redis-server"]

41
deploy/docker/step2-single-shop-sqszx202/.env.example Normal file
View File

@@ -0,0 +1,41 @@
# =============================================================
# 步骤二:积分商城环境变量 — 宿迁盛泽鑫商贸 sqszx202
# 使用方法cp .env.example .env 然后填入真实密码
# .env 不入库(已加入 .gitignore
# =============================================================
TZ=Asia/Shanghai
# ---------- Redis容器内与步骤一独立 ----------
REDIS_PASSWORD=change-me-redis
# ---------- 阿里云 RDS ----------
RDS_HOST=rm-bp1a178eq62lxba9xbo.mysql.rds.aliyuncs.com
RDS_DB=sqszx202
RDS_USER=yangtangyoupin
RDS_PASSWORD=change-me
# ---------- 订单同步(多商户 source / target ----------
SYNC_SOURCE_ID=
SYNC_TARGET_MER_ID=0
# ---------- Java JAR 宿主机路径FTP 更新后 restart 容器即可) ----------
SINGLE_FRONT_JAR=/www/wwwroot/javaapi/miao-front-2.2.jar
SINGLE_ADMIN_JAR=/www/wwwroot/javaapi/miao-admin-2.2.jar
# ---------- Java 日志目录bind-mount 到宿主机,直接 tail -f 查看) ----------
SINGLE_FRONT_LOG_DIR=/www/wwwroot/javaapi/logs/front
SINGLE_ADMIN_LOG_DIR=/www/wwwroot/javaapi/logs/admin
# ---------- 图片/PDF 目录(与步骤一 H5 Nginx 共享宿主机路径) ----------
CRMEB_IMAGE_DIR=/www/wwwroot/j3s4s5.com
# ---------- 前端静态目录bind-mountrsync 更新后立即生效) ----------
# 积分商城 H5uni-app SPA对应域名 jf.j3s4s5.com
SINGLE_H5_DIR=/www/wwwroot/jf.j3s4s5.com
# 积分商城管理后台Vue SPA对应域名 jfadmin.j3s4s5.com
SINGLE_ADMIN_WEB_DIR=/www/wwwroot/jfadmin.j3s4s5.com
# ---------- 宿主机暴露端口(供宝塔 Nginx 反代) ----------
SINGLE_ADMIN_PORT=18081
SINGLE_H5_PORT=18082

1
deploy/docker/step2-single-shop-sqszx202/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
.env

123
deploy/docker/step2-single-shop-sqszx202/README.md Normal file
View File

@@ -0,0 +1,123 @@
# 步骤二:积分商城 Docker 部署(宿迁盛泽鑫商贸 sqszx202
项目:`single-shop-22`(积分商城)
服务:`redis` · `single-front-api`Spring Boot· `single-admin-api`Spring Boot
`single-admin-web`Vue 管理后台)· `single-h5`uni-app H5
步骤一(寄卖商城)与本步骤完全独立,可以单独部署、单独重启。
> 这套方案参考 `deploy/docker/step2-single-shop`,按 `czleilei240` 已验证结构复制。
> 当前默认域名假设为:
> - 积分商城 H5`jf.j3s4s5.com`
> - 积分商城管理后台:`jfadmin.j3s4s5.com`
---
## 部署前提:宿主机文件准备
### 1. Java JARSpring Boot API
```bash
mkdir -p /www/wwwroot/javaapi/logs/front
mkdir -p /www/wwwroot/javaapi/logs/admin
scp single-shop-22/backend/crmeb-front/target/miao-front-2.2.jar root@59.110.91.202:/www/wwwroot/javaapi/
scp single-shop-22/backend/crmeb-admin/target/miao-admin-2.2.jar root@59.110.91.202:/www/wwwroot/javaapi/
```
### 2. 前端静态文件
```bash
mkdir -p /www/wwwroot/jf.j3s4s5.com
rsync -a --delete single-shop-22/single_uniapp22miao/unpackage/dist/build/web/ \
root@59.110.91.202:/www/wwwroot/jf.j3s4s5.com/
chmod -R 755 /www/wwwroot/jf.j3s4s5.com/
mkdir -p /www/wwwroot/jfadmin.j3s4s5.com
rsync -a --delete single-shop-22/backend-adminend/dist/ \
root@59.110.91.202:/www/wwwroot/jfadmin.j3s4s5.com/
chmod -R 755 /www/wwwroot/jfadmin.j3s4s5.com/
```
### 3. 图片/PDF 目录
```bash
mkdir -p /www/wwwroot/j3s4s5.com
```
---
## 快速部署
```bash
cd deploy/docker/step2-single-shop-sqszx202
cp .env.example .env
vim .env
docker compose --env-file .env build
docker compose --env-file .env up -d
docker compose --env-file .env ps
docker compose --env-file .env logs -f single-front-api
docker compose --env-file .env logs -f single-admin-api
```
---
## 域名与端口
| 域名 | 用途 | 宿主机端口 |
|---|---|---|
| `jf.j3s4s5.com` | 积分商城 H5uni-app | **18082** |
| `jfadmin.j3s4s5.com` | 积分商城管理后台Vue | **18081** |
> Spring Boot API 端口30032 / 30033仅容器内监听不对外暴露。
> 宝塔 Nginx 通过域名反代到 `127.0.0.1:18081 / 18082`,再由容器内 Nginx 转发到 API。
> 图片/PDF 实际落盘路径为宿主机 `/www/wwwroot/j3s4s5.com/crmebimage/public/...`。
---
## 验证
| 地址 | 预期 |
|------|------|
| `https://jf.j3s4s5.com/` | 积分商城 H5 |
| `https://jfadmin.j3s4s5.com/` | 积分商城管理后台 |
| `http://59.110.91.202:18082/` | H5 直连测试 |
| `http://59.110.91.202:18081/` | 管理后台直连测试 |
---
## bind-mount 目录总览
| 宿主机路径 | 挂入容器路径 | 说明 |
|---|---|---|
| `/www/wwwroot/javaapi/miao-front-2.2.jar` | `/app/app.jar` | 用户端 API JAR |
| `/www/wwwroot/javaapi/miao-admin-2.2.jar` | `/app/app.jar` | 管理端 API JAR |
| `/www/wwwroot/javaapi/logs/front/` | `/app/log` | 用户端 API 日志 |
| `/www/wwwroot/javaapi/logs/admin/` | `/app/log` | 管理端 API 日志 |
| `/www/wwwroot/j3s4s5.com/` | `/usr/local/crmeb/` | 图片/PDF 写入目录 |
| `/www/wwwroot/jf.j3s4s5.com/` | `/usr/share/nginx/html` | H5 静态文件 |
| `/www/wwwroot/jfadmin.j3s4s5.com/` | `/usr/share/nginx/html` | 管理后台静态文件 |
| `../single-shop/application-docker.yml` | `/config/application-docker.yml` | Spring Boot 配置 |
---
## sqszx202 关键配置对照
| 配置项 | 值 |
|---|---|
| RDS Host | `rm-bp1a178eq62lxba9xbo.mysql.rds.aliyuncs.com` |
| DB / User | `sqszx202` / `yangtangyoupin` |
| imagePath 宿主机目录 | `/www/wwwroot/j3s4s5.com/` |
| SYNC_SOURCE_ID | `` |
| SYNC_TARGET_MER_ID | `0` |
| Spring profile | `docker`(通过 `application-docker.yml` 注入) |
---
## 待确认项
- 如果积分管理后台域名不是 `jfadmin.j3s4s5.com`,需要同步替换 `.env.example`、README 和宝塔 Nginx 配置
- Redis 仍按 Docker 内置实例方案生成;若你想接外部 Redis可以再帮你补一版外部 Redis 配置

161
deploy/docker/step2-single-shop-sqszx202/docker-compose.yml Normal file
View File

@@ -0,0 +1,161 @@
# =============================================================
# 步骤二积分商城single-shop-22独立部署
# 客户:宿迁盛泽鑫商贸 sqszx202
# 包含服务redis · single-admin-api · single-front-api
# single-admin-web(Vue) · single-h5(uni-app)
# =============================================================
name: jifenmall-sqszx202
x-common: &common
restart: unless-stopped
environment:
TZ: ${TZ:-Asia/Shanghai}
logging:
driver: json-file
options:
max-size: "20m"
max-file: "5"
x-spring-common: &spring-common
<<: *common
environment:
TZ: ${TZ:-Asia/Shanghai}
MYSQL_HOST: ${RDS_HOST}
MYSQL_DATABASE: ${RDS_DB}
MYSQL_USERNAME: ${RDS_USER}
MYSQL_PASSWORD: ${RDS_PASSWORD}
REDIS_HOST: redis
REDIS_PORT: 6379
REDIS_PASSWORD: ${REDIS_PASSWORD}
SYNC_SOURCE_ID: ${SYNC_SOURCE_ID:-}
SYNC_TARGET_MER_ID: ${SYNC_TARGET_MER_ID:-0}
networks:
single-net:
driver: bridge
volumes:
single-redis-data:
services:
redis:
<<: *common
build:
context: .
dockerfile: redis.Dockerfile
image: jifenmall-sqszx202/redis:local
container_name: single-redis-sqszx202
command: ["--requirepass", "${REDIS_PASSWORD}", "--appendonly", "yes"]
volumes:
- single-redis-data:/data
networks: [single-net]
healthcheck:
test: ["CMD", "redis-cli", "-a", "${REDIS_PASSWORD}", "ping"]
interval: 10s
timeout: 3s
retries: 5
single-front-api:
<<: *spring-common
build:
context: .
dockerfile: ../single-shop/front-api.Dockerfile
image: jifenmall-sqszx202/front-api:local
container_name: single-front-api-sqszx202
networks: [single-net]
ports:
- "127.0.0.1:30033:30033"
volumes:
- ${SINGLE_FRONT_JAR}:/app/app.jar:ro
- ${CRMEB_IMAGE_DIR}:/usr/local/crmeb
- ${SINGLE_FRONT_LOG_DIR}:/app/log
- ../single-shop/application-docker.yml:/config/application-docker.yml:ro
environment:
TZ: ${TZ:-Asia/Shanghai}
MYSQL_HOST: ${RDS_HOST}
MYSQL_DATABASE: ${RDS_DB}
MYSQL_USERNAME: ${RDS_USER}
MYSQL_PASSWORD: ${RDS_PASSWORD}
REDIS_HOST: redis
REDIS_PORT: 6379
REDIS_PASSWORD: ${REDIS_PASSWORD}
SYNC_SOURCE_ID: ${SYNC_SOURCE_ID:-}
SYNC_TARGET_MER_ID: ${SYNC_TARGET_MER_ID:-0}
SERVER_PORT: 30033
depends_on:
redis:
condition: service_healthy
healthcheck:
test: ["CMD-SHELL", "curl -sf http://localhost:30033/actuator/health || exit 1"]
interval: 30s
timeout: 10s
retries: 5
start_period: 90s
single-admin-api:
<<: *spring-common
build:
context: .
dockerfile: ../single-shop/admin-api.Dockerfile
image: jifenmall-sqszx202/admin-api:local
container_name: single-admin-api-sqszx202
networks: [single-net]
ports:
- "127.0.0.1:30032:30032"
volumes:
- ${SINGLE_ADMIN_JAR}:/app/app.jar:ro
- ${CRMEB_IMAGE_DIR}:/usr/local/crmeb
- ${SINGLE_ADMIN_LOG_DIR}:/app/log
- ../single-shop/application-docker.yml:/config/application-docker.yml:ro
environment:
TZ: ${TZ:-Asia/Shanghai}
MYSQL_HOST: ${RDS_HOST}
MYSQL_DATABASE: ${RDS_DB}
MYSQL_USERNAME: ${RDS_USER}
MYSQL_PASSWORD: ${RDS_PASSWORD}
REDIS_HOST: redis
REDIS_PORT: 6379
REDIS_PASSWORD: ${REDIS_PASSWORD}
SYNC_SOURCE_ID: ${SYNC_SOURCE_ID:-}
SYNC_TARGET_MER_ID: ${SYNC_TARGET_MER_ID:-0}
SERVER_PORT: 30032
depends_on:
redis:
condition: service_healthy
healthcheck:
test: ["CMD-SHELL", "curl -sf http://localhost:30032/actuator/health || exit 1"]
interval: 30s
timeout: 10s
retries: 5
start_period: 90s
single-admin-web:
<<: *common
build:
context: .
dockerfile: ../single-shop/admin-web.Dockerfile
image: jifenmall-sqszx202/admin-web:local
container_name: single-admin-web-sqszx202
networks: [single-net]
ports:
- "${SINGLE_ADMIN_PORT:-18081}:80"
volumes:
- ${SINGLE_ADMIN_WEB_DIR}:/usr/share/nginx/html
depends_on:
- single-admin-api
single-h5:
<<: *common
build:
context: .
dockerfile: ../single-shop/h5.Dockerfile
image: jifenmall-sqszx202/h5:local
container_name: single-h5-sqszx202
networks: [single-net]
ports:
- "${SINGLE_H5_PORT:-18082}:80"
volumes:
- ${SINGLE_H5_DIR}:/usr/share/nginx/html
depends_on:
- single-front-api

18
deploy/docker/step2-single-shop-sqszx202/redis.Dockerfile Normal file
View File

@@ -0,0 +1,18 @@
# =============================================================
# RedisAlpine + apk 安装,绕过 Docker Hub 镜像拉取问题)
# 与 step1 方案一致:不依赖 docker.io只需 registry-1.docker.io 拉 alpine:3.19
# =============================================================
FROM alpine:3.19
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
&& apk add --no-cache redis tzdata \
&& cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone \
&& rm -f /etc/apk/cache/*.apk
VOLUME /data
WORKDIR /data
EXPOSE 6379
ENTRYPOINT ["redis-server"]

55
docs/resell-change-sqszx202.md Executable file
View File

@@ -0,0 +1,55 @@
# 新公司宿迁盛泽鑫商贸项目的h5端目录h5 修改任务
Ecs ip 59.110.91.202
## **修改任务**
- 新建分支sqszx202合并byhlc112分支的最新代码到该分支并根据上述信息修改相关需要变更项使符合该新公司项目环境
## 配置项修改
1.新项目公司名称eg盛泽鑫商贸
2.使用"盛泽鑫商贸"的**HTML十进制实体**编码修改wa_options表中name=system_config中的value值里的title信息
3.相关配置项:
A. **寄卖商城API地址**https://admin.j3s4s5.com/api
B. **寄卖商城后台地址**https://admin.j3s4s5.com
C. **寄卖商城H5地址**https://j3s4s5.com/
D. **云服务器寄卖商城H5目录**/www/wwwroot/j3s4s5.com
E. **云服务器寄卖商城后台目录**/www/wwwroot/admin.j3s4s5.com
F. **积分商城地址**https://jf.j3s4s5.com
G. **云服务器积分商城目录**/www/wwwroot/jf.j3s4s5.com
4. 短信服务
SMS_SIGNNAME = '宿迁盛泽鑫商贸'
SMS_TEMPLATE = 'SMS_335105539'
SMS_KEYID = 'LTAI5t6PReihGTE4zGJk1Sxa'
SMS_KEYSECRET = 'rzFeYQ21VOIwf0wAnxYcY10uPjoiJ4'
5. **webman.bin相关**
sn_id: 17533260260612
APP_SECRET: ZFyTNQTWEkCBczKzyUDJWE9Ecx260612
### **寄卖商城H5**中需要修改的文件
A.修改h5/static/configs.js中如下内容
TITLE: '宿迁盛泽鑫商贸',
BASE_URL: 'https://admin.j3s4s5.com/api',
IMG_URL: 'https://admin.j3s4s5.com',
H5_URL: 'https://j3s4s5.com',
**sn_id**、**appStr**必须修改为webman.bin相关中的值
B. 修改h5/static/js/pages-personal-index.6f5415f9.js
第270行https://jf.j3s4s5.com/pages/integral/points?username=
C. 修改h5/static/js/pages-sub-pages-webview-index.1042489b.js
第15行https://jf.j3s4s5.com/?sn_id
第43行https://jf.j3s4s5.com/?user_id=
### **寄卖商城后端**项目中需要修改的文件
- 修改houtai/.env环境变量配置文件中的短信信息、APP_SECRET。
- mysql数据库使用阿里云rdsrm-bp1a178eq62lxba9xbo.mysql.rds.aliyuncs.com
- rds中项目数据库名sqszx202

12
h5/static/configs.js
View File

@@ -1,12 +1,12 @@
"use strict"
const configs = {
TITLE: '宝应宏煜春商贸',
BASE_URL: 'https://admin.h5y2c.com/api',
IMG_URL: 'https://admin.h5y2c.com',
H5_URL: 'https://h5y2c.com/',
TITLE: '宿迁盛泽鑫商贸',
BASE_URL: 'https://admin.j3s4s5.com/api',
IMG_URL: 'https://admin.j3s4s5.com',
H5_URL: 'https://j3s4s5.com/',
contractPage: 10012,
// 须与积分商城 wa_options 及寄卖后台 APP_SECRET 一致;上线前从后台核对后填入,勿沿用他司示例值。
sn_id: 17533260260529,
appStr: 'ZFyTNQTWEkCBczKzyUDJWE9Ecx260529',
sn_id: 17533260260612,
appStr: 'ZFyTNQTWEkCBczKzyUDJWE9Ecx260612',
// appKey: ,
}

4
h5/static/js/pages-personal-index.6f5415f9.js
View File

@@ -267,7 +267,7 @@
// http://jf.suzhouyuqi.com/pages/integral/points?username=
arguments[0] = e = t.$handleEvent(e),
window.location.href =
"https://jf.h5y2c.com/pages/integral/points?username=" +
"https://jf.j3s4s5.com/pages/integral/points?username=" +
t.userInfo.mobile + "#/pages/integral/points"
}
}
@@ -926,4 +926,4 @@
A.a
}
}
]);
]);

6
h5/static/js/pages-sub-pages-webview-index.1042489b.js
View File

@@ -12,7 +12,7 @@
o = {
data: function() {
return {
urlSrc: "https://jf.h5y2c.com/?sn_id=".concat(uni.$sn_id),
urlSrc: "https://jf.j3s4s5.com/?sn_id=".concat(uni.$sn_id),
passback: ""
}
},
@@ -40,7 +40,7 @@
void 0 === a ?
void 0 : a.id,
e.passback && setTimeout((function() {
window.location.href = "https://jf.h5y2c.com/?user_id=" + e.passback
window.location.href = "https://jf.j3s4s5.com/?user_id=" + e.passback
}), 200));
case 4:
case "end":
@@ -132,4 +132,4 @@
n["default"] = u.exports
}
}
]);
]);