自动部署

.gitea/workflows/deploy.yaml

@@ -0,0 +1,93 @@
+name: 构建并部署 H5 前端
+
+on:
+  push:
+    branches:
+      - main
+      - dev
+      - test
+
+env:
+  REGISTRY: registry.boss160.cn
+  IMAGE_NAME: registry.boss160.cn/junhong/one-pipe-h5
+  DEPLOY_DIR: /opt/junhong_cmp_h5
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: 检出代码
+        run: |
+          # 添加 Nix 路径到 PATH（git 安装在这里）
+          export PATH="$HOME/.nix-profile/bin:/usr/local/bin:/usr/bin:/bin:$PATH"
+          # 跳过 SSL 验证（内网自签名证书）
+          export GIT_SSL_NO_VERIFY=1
+          git clone https://git.boss160.cn/csxj2026/one-pipe-h5.git .
+          git checkout ${{ github.sha }}
+
+      - name: 设置镜像标签
+        id: tag
+        run: |
+          if [ "${{ github.ref }}" = "refs/heads/main" ]; then
+            echo "tag=latest" >> $GITHUB_OUTPUT
+          elif [ "${{ github.ref }}" = "refs/heads/dev" ]; then
+            echo "tag=dev" >> $GITHUB_OUTPUT
+          elif [ "${{ github.ref }}" = "refs/heads/test" ]; then
+            echo "tag=test" >> $GITHUB_OUTPUT
+          else
+            echo "tag=unknown" >> $GITHUB_OUTPUT
+          fi
+
+      - name: 登录 Docker Registry
+        run: |
+          echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "${{ env.REGISTRY }}" --username "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
+
+      - name: 构建 Docker 镜像
+        run: |
+          docker build -t ${{ env.IMAGE_NAME }}:${{ steps.tag.outputs.tag }} .
+          docker tag ${{ env.IMAGE_NAME }}:${{ steps.tag.outputs.tag }} ${{ env.IMAGE_NAME }}:${{ github.sha }}
+
+      - name: 推送镜像到 Registry
+        run: |
+          docker push ${{ env.IMAGE_NAME }}:${{ steps.tag.outputs.tag }}
+          docker push ${{ env.IMAGE_NAME }}:${{ github.sha }}
+
+      - name: 部署到本地（仅 main 分支）
+        if: github.ref == 'refs/heads/main'
+        run: |
+          # 确保部署目录存在
+          mkdir -p ${{ env.DEPLOY_DIR }}
+          
+          # 调试：显示当前目录和文件
+          echo "📍 当前工作目录: $(pwd)"
+          echo "📁 当前目录内容:"
+          ls -la
+          
+          # 强制更新 docker-compose.prod.yml（确保使用最新配置）
+          echo "📋 更新部署配置文件..."
+          cp -v docker-compose.prod.yml ${{ env.DEPLOY_DIR }}/
+          
+          cd ${{ env.DEPLOY_DIR }}
+          
+          echo "📥 拉取最新镜像..."
+          docker compose -f docker-compose.prod.yml pull
+          
+          echo "🚀 重启服务..."
+          docker compose -f docker-compose.prod.yml up -d
+          
+          echo "⏳ 等待服务启动..."
+          sleep 5
+          
+          echo "✅ 部署完成！"
+          docker compose -f docker-compose.prod.yml ps
+
+      - name: 构建结果通知
+        if: always()
+        run: |
+          if [ "${{ job.status }}" = "success" ]; then
+            echo "✅ 构建成功: ${{ steps.tag.outputs.tag }}"
+            echo "📦 镜像标签: ${{ github.sha }}"
+          else
+            echo "❌ 构建失败"
+          fi

Dockerfile

@@ -0,0 +1,57 @@
+# ================================
+# 阶段 1: 构建阶段
+# ================================
+FROM --platform=linux/amd64 registry.boss160.cn/base/node:18-alpine AS builder
+
+# 使用阿里云镜像源加速
+RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
+
+# 设置工作目录
+WORKDIR /build
+
+# 设置 npm 镜像源
+RUN npm config set registry https://registry.npmmirror.com
+
+# 复制 package.json 和 package-lock.json（利用 Docker 缓存）
+COPY package*.json ./
+
+# 安装依赖
+RUN npm ci --legacy-peer-deps
+
+# 复制源代码
+COPY . .
+
+# 构建生产版本（跳过类型检查）
+ENV VUE_CLI_SKIP_TYPE_CHECK=true
+RUN npm run build
+
+# ================================
+# 阶段 2: 运行阶段 (nginx)
+# ================================
+FROM --platform=linux/amd64 registry.boss160.cn/base/nginx:alpine
+
+# 使用阿里云镜像源加速
+RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
+
+# 设置时区
+ENV TZ=Asia/Shanghai
+RUN apk add --no-cache tzdata
+
+# 删除默认 nginx 配置
+RUN rm -rf /etc/nginx/conf.d/*
+
+# 复制自定义 nginx 配置
+COPY docker/nginx.conf /etc/nginx/conf.d/default.conf
+
+# 从构建阶段复制构建产物
+COPY --from=builder /build/dist /usr/share/nginx/html
+
+# 暴露端口
+EXPOSE 80
+
+# 健康检查
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+    CMD wget --no-verbose --tries=1 --spider http://127.0.0.1/health || exit 1
+
+# 启动 nginx
+CMD ["nginx", "-g", "daemon off;"]

docker-compose.prod.yml

@@ -0,0 +1,26 @@
+version: '3.8'
+
+services:
+  h5:
+    image: registry.boss160.cn/junhong/one-pipe-h5:latest
+    container_name: one-pipe-h5
+    restart: unless-stopped
+    ports:
+      - "3002:80"
+    networks:
+      - h5-network
+    healthcheck:
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1/health"]
+      interval: 30s
+      timeout: 3s
+      retries: 3
+      start_period: 5s
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+
+networks:
+  h5-network:
+    driver: bridge

docker/nginx.conf

@@ -0,0 +1,41 @@
+server {
+    listen 80;
+    server_name localhost;
+    
+    # gzip 压缩
+    gzip on;
+    gzip_vary on;
+    gzip_proxied any;
+    gzip_comp_level 6;
+    gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
+    
+    # 静态资源目录
+    root /usr/share/nginx/html;
+    index index.html;
+    
+    # 健康检查端点
+    location /health {
+        access_log off;
+        return 200 'ok';
+        add_header Content-Type text/plain;
+    }
+    
+    # 静态资源缓存（JS/CSS/图片）
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        access_log off;
+    }
+    
+    # Vue Router history 模式支持
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+    
+    # 禁止访问隐藏文件
+    location ~ /\. {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+}