aheh/PrivyDrop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: refresh docker deployment workflow

Browse Source
This commit is contained in:
david_bai
2025-09-26 14:02:55 +08:00
parent 67b46d0b30
commit cfcd60145a
25 changed files with 5392 additions and 2659 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/DEPLOYMENT_docker.md
+80 -30
View File
@@ -6,30 +6,33 @@ This guide provides a one-click Docker deployment solution for PrivyDrop, suppor
Compared to traditional deployment methods, Docker deployment offers the following advantages:
| Comparison | Traditional Deployment | Docker Deployment |
|-----------|----------------------|------------------|
| **Deploy Time** | 30-60 minutes | 5 minutes |
| **Technical Requirements** | Linux ops experience | Basic Docker knowledge |
| **Environment Requirements** | Public IP + Domain | Works on private networks |
| **Configuration Complexity** | 10+ manual steps | One-click auto configuration |
| **Success Rate** | ~70% | >95% |
| **Maintenance Difficulty** | Manual multi-service management | Automatic container management |
| Comparison | Traditional Deployment | Docker Deployment |
| ---------------------------- | ------------------------------- | ------------------------------ |
| **Deploy Time** | 30-60 minutes | 5 minutes |
| **Technical Requirements** | Linux ops experience | Basic Docker knowledge |
| **Environment Requirements** | Public IP + Domain | Works on private networks |
| **Configuration Complexity** | 10+ manual steps | One-click auto configuration |
| **Success Rate** | ~70% | >95% |
| **Maintenance Difficulty** | Manual multi-service management | Automatic container management |
## 📋 System Requirements
### Minimum Configuration
- **CPU**: 1 core
- **Memory**: 512MB
- **Disk**: 2GB available space
- **Network**: Any network environment (private/public)
### Recommended Configuration
- **CPU**: 2+ cores
- **Memory**: 1GB+
- **Memory**: 1GB+
- **Disk**: 5GB+ available space
- **Network**: 100Mbps+
### Software Dependencies
- Docker 20.10+
- Docker Compose 2.0+ (or docker-compose 1.27+)
- curl (for health checks)
@@ -52,7 +55,7 @@ cd PrivyDrop
bash deploy.sh
# After deployment completes, visit:
# http://localhost:3000
# http://localhost:3002
```
That's it! 🎉
@@ -60,6 +63,7 @@ That's it! 🎉
## 📚 Deployment Modes
### Basic Mode (Default)
**Use Case**: Private network file transfer, personal use, testing environment
```bash
@@ -67,12 +71,14 @@ bash deploy.sh
```
**Features**:
- ✅ HTTP access
- ✅ Private network P2P transfer
- ✅ Uses public STUN servers
- ✅ Uses public STUN servers
- ✅ Zero configuration startup
### Public Mode
**Use Case**: Servers with public IP but no domain
```bash
@@ -80,12 +86,14 @@ bash deploy.sh --mode public --with-turn
```
**Features**:
- ✅ HTTP access
- ✅ Built-in TURN server
- ✅ Supports complex network environments
- ✅ Automatic NAT traversal configuration
### Full Mode
**Use Case**: Production environment, public servers with domain
```bash
@@ -93,12 +101,15 @@ bash deploy.sh --domain your-domain.com --mode full --with-nginx --with-turn
```
**Features**:
- ✅ HTTPS secure access
- ✅ Self-signed SSL certificates
- ✅ Nginx reverse proxy
- ✅ Built-in TURN server
- ✅ Complete production environment configuration
> Tip: If your network uses carrier-grade NAT or proxy and is mis-detected as public, append `--mode private` to skip public-IP probing and force basic mode. When the detected LAN IP is not the one you expect, append `--local-ip 192.168.x.x` to override it explicitly.
## 🔧 Advanced Configuration
### Custom Ports
@@ -110,6 +121,18 @@ BACKEND_PORT=8081
HTTP_PORT=8000
```
### Build-Time Proxy (optional)
Set the following variables in `.env` (or export them before running `deploy.sh`) when the build needs to go through a proxy. The configuration generator now preserves these fields on subsequent runs.
```bash
HTTP_PROXY=http://your-proxy:7890
HTTPS_PROXY=http://your-proxy:7890
NO_PROXY=localhost,127.0.0.1,backend,frontend,redis,coturn
```
`docker-compose` passes these values as build args; the Dockerfiles expose them as environment variables so `npm`/`pnpm` automatically reuse the proxy. Leave them blank if you don't need a proxy.
### Enable Specific Services
```bash
@@ -123,44 +146,44 @@ bash deploy.sh --with-turn
bash deploy.sh --with-nginx --with-turn
```
### Development Mode Deployment
```bash
# Enable development mode (supports hot code reloading)
bash deploy.sh --dev
```
## 🌐 Access Methods
### Local Access
- **Frontend App**: http://localhost:3000
- **Frontend App**: http://localhost:3002
- **API Interface**: http://localhost:3001
- **Health Check**: http://localhost:3001/health
### LAN Access
After deployment, the script automatically displays LAN access addresses:
```
🌐 LAN Access:
Frontend App: http://192.168.1.100:3000
Frontend App: http://192.168.1.100:3002
Backend API: http://192.168.1.100:3001
```
### HTTPS Access (if enabled)
- **Secure Access**: https://localhost
- **Certificate Location**: `docker/ssl/ca-cert.pem`
**Note**: When first accessing HTTPS, the browser will warn about an untrusted certificate. This is normal. You can:
1. Click "Advanced" → "Continue to site"
2. Or import the `docker/ssl/ca-cert.pem` certificate into your browser
## 🔍 Management Commands
### View Service Status
```bash
docker-compose ps
```
### View Service Logs
```bash
# View all service logs
docker-compose logs -f
@@ -172,6 +195,7 @@ docker-compose logs -f redis
```
### Restart Services
```bash
# Restart all services
docker-compose restart
@@ -181,6 +205,7 @@ docker-compose restart backend
```
### Stop Services
```bash
# Stop services but keep data
docker-compose stop
@@ -190,6 +215,7 @@ docker-compose down
```
### Complete Cleanup
```bash
# Clean all containers, images and data
bash deploy.sh --clean
@@ -200,26 +226,33 @@ bash deploy.sh --clean
### Common Issues
#### 1. Port Already in Use
**Symptom**: Deployment shows port occupation warning
```
⚠️ The following ports are already in use: 3000, 3001
⚠️ The following ports are already in use: 3002, 3001
```
**Solution**:
```bash
# Method 1: Modify port configuration
echo "FRONTEND_PORT=8080" >> .env
echo "BACKEND_PORT=8081" >> .env
# Method 2: Stop programs using the ports
sudo ss -tulpn | grep :3000
```bash
# First try cleaning previous containers
bash deploy.sh --clean # or docker-compose down
# If the port is still occupied, locate the process
sudo ss -tulpn | grep :3002
sudo kill -9 <PID>
# Finally, adjust the exposed ports in .env if necessary
vim .env # Update FRONTEND_PORT / BACKEND_PORT
```
#### 2. Insufficient Memory
**Symptom**: Containers fail to start or restart frequently
**Solution**:
```bash
# Check memory usage
free -h
@@ -232,9 +265,11 @@ sudo swapon /swapfile
```
#### 3. Docker Permission Issues
**Symptom**: Permission denied errors
**Solution**:
```bash
# Add user to docker group
sudo usermod -aG docker $USER
@@ -244,16 +279,18 @@ newgrp docker
```
#### 4. Service Inaccessible
**Symptom**: Browser cannot open pages
**Solution**:
```bash
# 1. Check service status
docker-compose ps
# 2. Check health status
curl http://localhost:3001/health
curl http://localhost:3000/api/health
curl http://localhost:3002/api/health
# 3. View detailed logs
docker-compose logs -f
@@ -263,9 +300,11 @@ sudo ufw status
```
#### 5. WebRTC Connection Failure
**Symptom**: Cannot establish P2P connections
**Solution**:
```bash
# Enable TURN server
bash deploy.sh --with-turn
@@ -285,7 +324,7 @@ bash test-health-apis.sh
# Manual service checks
curl http://localhost:3001/health # Backend basic check
curl http://localhost:3001/health/detailed # Backend detailed check
curl http://localhost:3000/api/health # Frontend check
curl http://localhost:3002/api/health # Frontend check
```
### Performance Monitoring
@@ -306,11 +345,13 @@ docker system prune -f
### Production Environment Optimization
1. **Enable Nginx Caching**:
```bash
bash deploy.sh --with-nginx
```
2. **Configure Resource Limits**:
```yaml
# Add to docker-compose.yml
services:
@@ -324,6 +365,7 @@ services:
```
3. **Enable Log Rotation**:
```bash
# Configure log size limits
echo '{"log-driver":"json-file","log-opts":{"max-size":"10m","max-file":"3"}}' | sudo tee /etc/docker/daemon.json
@@ -333,6 +375,7 @@ sudo systemctl restart docker
### Network Optimization
1. **Use Dedicated Network**:
```yaml
networks:
privydrop-network:
@@ -343,6 +386,7 @@ networks:
```
2. **Enable HTTP/2**:
```bash
# Auto-enabled (requires HTTPS)
bash deploy.sh --mode full --with-nginx
@@ -353,6 +397,7 @@ bash deploy.sh --mode full --with-nginx
### SSL/TLS Configuration
1. **Self-signed Certificates** (default):
- Automatically generated and configured
- Suitable for private networks and testing
- Certificate location: `docker/ssl/`
@@ -364,6 +409,7 @@ bash deploy.sh --mode full --with-nginx
### Network Security
1. **Firewall Configuration**:
```bash
# Ubuntu/Debian
sudo ufw allow 80/tcp
@@ -438,16 +484,19 @@ docker-compose up -d
## 🆘 Getting Help
### Command Line Help
```bash
bash deploy.sh --help
```
### Online Resources
- [Project Homepage](https://github.com/david-bai00/PrivyDrop)
- [Live Demo](https://www.privydrop.app/)
- [Issue Reporting](https://github.com/david-bai00/PrivyDrop/issues)
### Community Support
- GitHub Issues: Technical questions and bug reports
- GitHub Discussions: Usage discussions and feature suggestions
@@ -456,6 +505,7 @@ bash deploy.sh --help
## 📝 Changelog
### v1.0.0 (Docker Version)
- ✅ Added Docker one-click deployment support
- ✅ Added health check APIs
- ✅ Added automatic environment detection and configuration generation
@@ -465,4 +515,4 @@ bash deploy.sh --help
---
**🎉 Congratulations! You have successfully deployed PrivyDrop. Start enjoying secure, private file sharing!**
**🎉 Congratulations! You have successfully deployed PrivyDrop. Start enjoying secure, private file sharing!**
docs/DEPLOYMENT_docker.zh-CN.md
+97 -47
View File
@@ -6,34 +6,37 @@
相比传统部署方式,Docker 部署具有以下优势:
| 对比项目 | 传统部署 | Docker 部署 |
|---------|---------|------------|
| **部署时间** | 30-60分钟 | 5分钟 |
| **技术要求** | Linux运维经验 | 会用Docker即可 |
| **环境要求** | 公网IP + 域名 | 内网即可使用 |
| **配置复杂度** | 10+个手动步骤 | 一键自动配置 |
| **成功率** | ~70% | >95% |
| **维护难度** | 需要手动管理多个服务 | 容器自动管理 |
| 对比项目 | 传统部署 | Docker 部署 |
| -------------- | -------------------- | ---------------- |
| **部署时间** | 30-60 分钟 | 5 分钟 |
| **技术要求** | Linux 运维经验 | 会用 Docker 即可 |
| **环境要求** | 公网 IP + 域名 | 内网即可使用 |
| **配置复杂度** | 10+个手动步骤 | 一键自动配置 |
| **成功率** | ~70% | >95% |
| **维护难度** | 需要手动管理多个服务 | 容器自动管理 |
## 📋 系统要求
### 最低配置
- **CPU**: 1核
- **CPU**: 1 核
- **内存**: 512MB
- **磁盘**: 2GB 可用空间
- **网络**: 任意网络环境(内网/公网均可)
### 推荐配置
- **CPU**: 2核及以上
- **内存**: 1GB及以上
- **磁盘**: 5GB及以上可用空间
- **网络**: 100Mbps及以上
- **CPU**: 2 核及以上
- **内存**: 1GB 及以上
- **磁盘**: 5GB 及以上可用空间
- **网络**: 100Mbps 及以上
### 软件依赖
- Docker 20.10+
- Docker Compose 2.0+ (或 docker-compose 1.27+)
- curl (用于健康检查)
- openssl (用于SSL证书生成)
- openssl (用于 SSL 证书生成)
## 🚀 快速开始
@@ -52,7 +55,7 @@ cd PrivyDrop
bash deploy.sh
# 等待部署完成后访问
# http://localhost:3000
# http://localhost:3002
```
就是这么简单!🎉
@@ -60,6 +63,7 @@ bash deploy.sh
## 📚 部署模式详解
### 基础模式 (默认)
**适用场景**: 内网文件传输、个人使用、测试环境
```bash
@@ -67,25 +71,29 @@ bash deploy.sh
```
**特性**:
- ✅ HTTP 访问
- ✅ 内网 P2P 传输
- ✅ 使用公共 STUN 服务器
- ✅ 零配置启动
### 公网模式
**适用场景**: 有公网IP但无域名的服务器
**适用场景**: 有公网 IP 但无域名的服务器
```bash
bash deploy.sh --mode public --with-turn
```
**特性**:
- ✅ HTTP 访问
- ✅ 内置 TURN 服务器
- ✅ 支持复杂网络环境
- ✅ 自动配置 NAT 穿透
### 完整模式
**适用场景**: 生产环境、有域名的公网服务器
```bash
@@ -93,12 +101,15 @@ bash deploy.sh --domain your-domain.com --mode full --with-nginx --with-turn
```
**特性**:
- ✅ HTTPS 安全访问
- ✅ 自签名 SSL 证书
- ✅ Nginx 反向代理
- ✅ 内置 TURN 服务器
- ✅ 完整生产环境配置
> 提示:若家庭宽带/运营商代理导致脚本误判为公网环境,可追加 `--mode private` 强制跳过公网检测,按基础模式执行;如果自动识别到的局域网地址不是你想要的,可进一步追加 `--local-ip 192.168.x.x` 显式指定。
## 🔧 高级配置
### 自定义端口
@@ -110,6 +121,18 @@ BACKEND_PORT=8081
HTTP_PORT=8000
```
### 构建阶段代理(可选)
若需要在 Docker 构建时走网络代理,可在 `.env` 中设置以下变量,或者在执行 `deploy.sh` 之前通过环境变量导出。重新运行配置脚本时,这些字段会被保留:
```bash
HTTP_PROXY=http://你的代理:7890
HTTPS_PROXY=http://你的代理:7890
NO_PROXY=localhost,127.0.0.1,backend,frontend,redis,coturn
```
`docker-compose` 会把这些变量作为 build args 传递给前后端镜像,Dockerfile 中会自动设置为环境变量,从而让 `npm`/`pnpm` 使用代理。若无需代理,保持为空即可。
### 启用特定服务
```bash
@@ -123,44 +146,44 @@ bash deploy.sh --with-turn
bash deploy.sh --with-nginx --with-turn
```
### 开发模式部署
```bash
# 启用开发模式 (支持代码热更新)
bash deploy.sh --dev
```
## 🌐 访问方式
### 本机访问
- **前端应用**: http://localhost:3000
- **API接口**: http://localhost:3001
- **前端应用**: http://localhost:3002
- **API 接口**: http://localhost:3001
- **健康检查**: http://localhost:3001/health
### 局域网访问
部署完成后,脚本会自动显示局域网访问地址:
```
🌐 局域网访问:
前端应用: http://192.168.1.100:3000
前端应用: http://192.168.1.100:3002
后端API: http://192.168.1.100:3001
```
### HTTPS访问 (如果启用)
### HTTPS 访问 (如果启用)
- **安全访问**: https://localhost
- **证书位置**: `docker/ssl/ca-cert.pem`
**注意**: 首次访问HTTPS时,浏览器会提示证书不受信任,这是正常的。可以:
**注意**: 首次访问 HTTPS 时,浏览器会提示证书不受信任,这是正常的。可以:
1. 点击"高级" → "继续访问"
2. 或导入 `docker/ssl/ca-cert.pem` 证书到浏览器
## 🔍 管理命令
### 查看服务状态
```bash
docker-compose ps
```
### 查看服务日志
```bash
# 查看所有服务日志
docker-compose logs -f
@@ -172,6 +195,7 @@ docker-compose logs -f redis
```
### 重启服务
```bash
# 重启所有服务
docker-compose restart
@@ -181,6 +205,7 @@ docker-compose restart backend
```
### 停止服务
```bash
# 停ิ止服务但保留数据
docker-compose stop
@@ -190,6 +215,7 @@ docker-compose down
```
### 完全清理
```bash
# 清理所有容器、镜像和数据
bash deploy.sh --clean
@@ -200,26 +226,33 @@ bash deploy.sh --clean
### 常见问题
#### 1. 端口被占用
**现象**: 部署时提示端口已被占用
```
⚠️ 以下端口已被占用: 3000, 3001
⚠️ 以下端口已被占用: 3002, 3001
```
**解决方案**:
```bash
# 方法1: 修改端口配置
echo "FRONTEND_PORT=8080" >> .env
echo "BACKEND_PORT=8081" >> .env
# 方法2: 停止占用端口的程序
sudo ss -tulpn | grep :3000
```bash
# 方法1: 清理旧容器
bash deploy.sh --clean # 或 docker-compose down
# 方法2: 查找并结束占用进程
sudo ss -tulpn | grep :3002
sudo kill -9 <PID>
# 方法3: 如仍冲突,再调整端口
vim .env # 修改 FRONTEND_PORT / BACKEND_PORT
```
#### 2. 内存不足
**现象**: 容器启动失败或频繁重启
**解决方案**:
```bash
# 检查内存使用
free -h
@@ -231,10 +264,12 @@ sudo mkswap /swapfile
sudo swapon /swapfile
```
#### 3. Docker权限问题
#### 3. Docker 权限问题
**现象**: 提示权限不足
**解决方案**:
```bash
# 将用户添加到docker组
sudo usermod -aG docker $USER
@@ -244,16 +279,18 @@ newgrp docker
```
#### 4. 服务无法访问
**现象**: 浏览器无法打开页面
**解决方案**:
```bash
# 1. 检查服务状态
docker-compose ps
# 2. 检查健康状态
curl http://localhost:3001/health
curl http://localhost:3000/api/health
curl http://localhost:3002/api/health
# 3. 查看详细日志
docker-compose logs -f
@@ -262,10 +299,12 @@ docker-compose logs -f
sudo ufw status
```
#### 5. WebRTC连接失败
**现象**: 无法建立P2P连接
#### 5. WebRTC 连接失败
**现象**: 无法建立 P2P 连接
**解决方案**:
```bash
# 启用TURN服务器
bash deploy.sh --with-turn
@@ -285,7 +324,7 @@ bash test-health-apis.sh
# 手动检查各服务
curl http://localhost:3001/health # 后端基础检查
curl http://localhost:3001/health/detailed # 后端详细检查
curl http://localhost:3000/api/health # 前端检查
curl http://localhost:3002/api/health # 前端检查
```
### 性能监控
@@ -306,11 +345,13 @@ docker system prune -f
### 生产环境优化
1. **启用 Nginx 缓存**:
```bash
bash deploy.sh --with-nginx
```
2. **配置资源限制**:
```yaml
# 在 docker-compose.yml 中添加
services:
@@ -324,6 +365,7 @@ services:
```
3. **启用日志轮转**:
```bash
# 配置日志大小限制
echo '{"log-driver":"json-file","log-opts":{"max-size":"10m","max-file":"3"}}' | sudo tee /etc/docker/daemon.json
@@ -333,6 +375,7 @@ sudo systemctl restart docker
### 网络优化
1. **使用专用网络**:
```yaml
networks:
privydrop-network:
@@ -343,6 +386,7 @@ networks:
```
2. **启用 HTTP/2**:
```bash
# 自动启用 (需要 HTTPS)
bash deploy.sh --mode full --with-nginx
@@ -350,20 +394,22 @@ bash deploy.sh --mode full --with-nginx
## 🔒 安全配置
### SSL/TLS配置
### SSL/TLS 配置
1. **自签名证书** (默认):
- 自动生成和配置
- 适用于内网和测试环境
- 证书位置: `docker/ssl/`
2. **Let's Encrypt证书** (计划中):
2. **Let's Encrypt 证书** (计划中):
- 自动申请和续期
- 适用于有域名的生产环境
### 网络安全
1. **防火墙配置**:
```bash
# Ubuntu/Debian
sudo ufw allow 80/tcp
@@ -438,31 +484,35 @@ docker-compose up -d
## 🆘 获取帮助
### 命令行帮助
```bash
bash deploy.sh --help
```
### 在线资源
- [项目主页](https://github.com/david-bai00/PrivyDrop)
- [在线演示](https://www.privydrop.app/)
- [问题反馈](https://github.com/david-bai00/PrivyDrop/issues)
### 社区支持
- GitHub Issues: 技术问题和bug报告
- GitHub Issues: 技术问题和 bug 报告
- GitHub Discussions: 使用交流和功能建议
---
## 📝 更新日志
### v1.0.0 (Docker化版本)
### v1.0.0 (Docker 化版本)
- ✅ 新增 Docker 一键部署支持
- ✅ 新增健康检查API
- ✅ 新增健康检查 API
- ✅ 新增自动环境检测和配置生成
- ✅ 新增多种部署模式
- ✅ 新增完整的故障排除指南
- ✅ 支持内网部署,无需公网IP
- ✅ 支持内网部署,无需公网 IP
---
**🎉 恭喜!你已经成功部署了 PrivyDrop。开始享受安全、私密的文件分享吧!**
**🎉 恭喜!你已经成功部署了 PrivyDrop。开始享受安全、私密的文件分享吧!**