dbcc06edbc
阶段二:认证授权模块 - User实体类、Mapper、DataService - Token服务(Redis存储)、密码加密(BCrypt) - 认证拦截器、UserContext上下文 - 登录/登出接口 阶段三:核心业务模块 - 用户管理:CRUD、状态管理、密码重置 - 模板管理:CRUD、状态管理 - 工作日志:CRUD、权限控制 配置分离架构 - env.properties(环境敏感配置) - service.properties(服务配置) - logback-spring.xml更新 部署脚本 - deploy/目录(Nginx配置、启停脚本、备份脚本) 单元测试:29个测试全部通过
412 lines
7.6 KiB
Markdown
412 lines
7.6 KiB
Markdown
# 工作日志服务平台 - 部署指南
|
||
|
||
## 目录说明
|
||
|
||
```
|
||
deploy/
|
||
├── nginx/
|
||
│ └── worklog.conf # Nginx 配置文件
|
||
└── scripts/
|
||
├── backup.sh # 数据库备份脚本
|
||
├── start.sh # 应用启动脚本
|
||
├── stop.sh # 应用停止脚本
|
||
└── restart.sh # 应用重启脚本
|
||
```
|
||
|
||
## 一、服务器环境准备
|
||
|
||
### 1.1 系统要求
|
||
|
||
- 操作系统: Linux (Ubuntu 20.04+ / CentOS 7+)
|
||
- JDK: 21+
|
||
- MySQL: 8.0+
|
||
- Redis: 7.x
|
||
- Nginx: 1.18+
|
||
|
||
### 1.2 创建部署目录
|
||
|
||
```bash
|
||
# 创建应用目录
|
||
sudo mkdir -p /opt/worklog/worklog-api
|
||
sudo mkdir -p /opt/worklog/worklog-admin
|
||
sudo mkdir -p /opt/worklog/worklog-mobile
|
||
|
||
# 创建备份目录
|
||
sudo mkdir -p /backup/mysql
|
||
|
||
# 设置权限
|
||
sudo chown -R $USER:$USER /opt/worklog
|
||
sudo chown -R $USER:$USER /backup/mysql
|
||
```
|
||
|
||
## 二、应用部署
|
||
|
||
### 2.1 部署后端应用
|
||
|
||
1. **编译打包**
|
||
|
||
```bash
|
||
cd worklog-api
|
||
mvn clean package -DskipTests
|
||
```
|
||
|
||
2. **上传 JAR 文件**
|
||
|
||
```bash
|
||
scp target/worklog-api-1.0.0.jar user@server:/opt/worklog/worklog-api/
|
||
```
|
||
|
||
3. **上传部署脚本**
|
||
|
||
```bash
|
||
scp -r deploy/scripts user@server:/opt/worklog/worklog-api/
|
||
```
|
||
|
||
4. **配置 application.yml**
|
||
|
||
```bash
|
||
# 在服务器上创建配置文件
|
||
cd /opt/worklog/worklog-api
|
||
vi application.yml
|
||
|
||
# 复制 application.yml.example 内容并修改为生产环境配置
|
||
# 重点修改:
|
||
# - 数据库连接信息
|
||
# - Redis 连接信息
|
||
# - 日志路径
|
||
# - 文件上传路径
|
||
```
|
||
|
||
5. **启动应用**
|
||
|
||
```bash
|
||
cd /opt/worklog/worklog-api
|
||
./scripts/start.sh
|
||
```
|
||
|
||
6. **查看日志**
|
||
|
||
```bash
|
||
tail -f /opt/worklog/worklog-api/logs/console.log
|
||
tail -f /opt/worklog/worklog-api/logs/app.log
|
||
```
|
||
|
||
### 2.2 应用管理命令
|
||
|
||
```bash
|
||
# 启动应用
|
||
./scripts/start.sh
|
||
|
||
# 停止应用
|
||
./scripts/stop.sh
|
||
|
||
# 重启应用
|
||
./scripts/restart.sh
|
||
|
||
# 查看运行状态
|
||
ps aux | grep worklog-api
|
||
```
|
||
|
||
## 三、Nginx 配置
|
||
|
||
### 3.1 安装 Nginx
|
||
|
||
```bash
|
||
# Ubuntu
|
||
sudo apt update
|
||
sudo apt install nginx
|
||
|
||
# CentOS
|
||
sudo yum install nginx
|
||
```
|
||
|
||
### 3.2 配置 Nginx
|
||
|
||
1. **复制配置文件**
|
||
|
||
```bash
|
||
sudo cp deploy/nginx/worklog.conf /etc/nginx/sites-available/
|
||
sudo ln -s /etc/nginx/sites-available/worklog.conf /etc/nginx/sites-enabled/
|
||
```
|
||
|
||
2. **修改配置**
|
||
|
||
编辑 `/etc/nginx/sites-available/worklog.conf`,修改以下内容:
|
||
- `server_name`: 修改为实际域名
|
||
- 静态文件路径: 根据实际部署路径修改
|
||
|
||
3. **测试配置**
|
||
|
||
```bash
|
||
sudo nginx -t
|
||
```
|
||
|
||
4. **重启 Nginx**
|
||
|
||
```bash
|
||
sudo systemctl restart nginx
|
||
sudo systemctl enable nginx # 开机自启
|
||
```
|
||
|
||
### 3.3 HTTPS 配置(推荐)
|
||
|
||
1. **申请 SSL 证书**(使用 Let's Encrypt 免费证书)
|
||
|
||
```bash
|
||
sudo apt install certbot python3-certbot-nginx
|
||
sudo certbot --nginx -d worklog.example.com
|
||
```
|
||
|
||
2. **自动续期**
|
||
|
||
```bash
|
||
sudo certbot renew --dry-run
|
||
```
|
||
|
||
## 四、数据库备份
|
||
|
||
### 4.1 配置备份脚本
|
||
|
||
1. **修改配置**
|
||
|
||
编辑 `scripts/backup.sh`,确认以下配置:
|
||
- 数据库连接信息
|
||
- 备份目录路径
|
||
- 保留策略
|
||
|
||
2. **测试备份**
|
||
|
||
```bash
|
||
cd /opt/worklog/worklog-api
|
||
./scripts/backup.sh full
|
||
```
|
||
|
||
### 4.2 配置定时备份
|
||
|
||
```bash
|
||
# 编辑 crontab
|
||
crontab -e
|
||
|
||
# 添加以下内容:
|
||
# 每日凌晨 2:00 全量备份
|
||
0 2 * * * /opt/worklog/worklog-api/scripts/backup.sh full
|
||
|
||
# 每周日凌晨 1:00 全量备份(保留更久)
|
||
0 1 * * 0 /opt/worklog/worklog-api/scripts/backup.sh full
|
||
```
|
||
|
||
### 4.3 恢复数据库
|
||
|
||
```bash
|
||
./scripts/backup.sh restore /backup/mysql/worklog/full/full_20260224_020000.sql.gz
|
||
```
|
||
|
||
## 五、监控与日志
|
||
|
||
### 5.1 日志文件位置
|
||
|
||
```
|
||
/opt/worklog/worklog-api/logs/
|
||
├── console.log # 控制台输出
|
||
├── app.log # 应用日志
|
||
├── sql.log # SQL 日志
|
||
└── gc.log # GC 日志
|
||
```
|
||
|
||
### 5.2 查看日志
|
||
|
||
```bash
|
||
# 实时查看应用日志
|
||
tail -f /opt/worklog/worklog-api/logs/app.log
|
||
|
||
# 查看 SQL 日志
|
||
tail -f /opt/worklog/worklog-api/logs/sql.log
|
||
|
||
# 查看错误日志
|
||
grep ERROR /opt/worklog/worklog-api/logs/app.log
|
||
|
||
# 查看最近 100 行
|
||
tail -n 100 /opt/worklog/worklog-api/logs/app.log
|
||
```
|
||
|
||
### 5.3 日志清理
|
||
|
||
```bash
|
||
# 清理 7 天前的日志
|
||
find /opt/worklog/worklog-api/logs -name "*.log" -mtime +7 -delete
|
||
```
|
||
|
||
建议配置 logrotate 自动清理日志。
|
||
|
||
## 六、性能优化
|
||
|
||
### 6.1 JVM 参数调优
|
||
|
||
编辑 `scripts/start.sh` 中的 `JVM_OPTS`:
|
||
|
||
```bash
|
||
# 根据服务器内存调整堆大小
|
||
JVM_OPTS="-Xms1g -Xmx2g"
|
||
|
||
# 使用 G1 垃圾回收器
|
||
JVM_OPTS="${JVM_OPTS} -XX:+UseG1GC"
|
||
|
||
# GC 日志
|
||
JVM_OPTS="${JVM_OPTS} -Xloggc:${APP_HOME}/logs/gc.log"
|
||
```
|
||
|
||
### 6.2 数据库优化
|
||
|
||
1. 配置连接池参数(application.yml)
|
||
2. 添加合适的索引
|
||
3. 定期分析慢查询日志
|
||
|
||
### 6.3 Redis 优化
|
||
|
||
1. 配置持久化策略
|
||
2. 设置最大内存限制
|
||
3. 配置淘汰策略
|
||
|
||
## 七、故障排查
|
||
|
||
### 7.1 应用无法启动
|
||
|
||
1. 检查 JDK 版本: `java -version`
|
||
2. 检查端口占用: `netstat -tuln | grep 8080`
|
||
3. 查看启动日志: `tail -f logs/console.log`
|
||
4. 检查配置文件: `cat application.yml`
|
||
|
||
### 7.2 数据库连接失败
|
||
|
||
1. 检查 MySQL 服务: `systemctl status mysql`
|
||
2. 检查防火墙: `sudo ufw status`
|
||
3. 测试连接: `mysql -h localhost -u worklog -p`
|
||
4. 检查数据库用户权限
|
||
|
||
### 7.3 Redis 连接失败
|
||
|
||
1. 检查 Redis 服务: `systemctl status redis`
|
||
2. 测试连接: `redis-cli -h localhost -p 6379 -a password`
|
||
3. 检查配置文件: `/etc/redis/redis.conf`
|
||
|
||
### 7.4 Nginx 502 错误
|
||
|
||
1. 检查后端应用是否运行: `ps aux | grep worklog`
|
||
2. 检查端口: `netstat -tuln | grep 8080`
|
||
3. 查看 Nginx 错误日志: `tail -f /var/log/nginx/error.log`
|
||
|
||
## 八、安全加固
|
||
|
||
### 8.1 防火墙配置
|
||
|
||
```bash
|
||
# 只开放必要端口
|
||
sudo ufw allow 80/tcp # HTTP
|
||
sudo ufw allow 443/tcp # HTTPS
|
||
sudo ufw allow 22/tcp # SSH
|
||
sudo ufw enable
|
||
```
|
||
|
||
### 8.2 修改默认密码
|
||
|
||
1. MySQL root 密码
|
||
2. Redis 密码
|
||
3. 应用数据库用户密码
|
||
4. 管理员默认账号密码
|
||
|
||
### 8.3 限制 Swagger 访问
|
||
|
||
在生产环境建议:
|
||
1. 关闭 Swagger: `springdoc.swagger-ui.enabled=false`
|
||
2. 或通过 Nginx 限制内网访问
|
||
|
||
## 九、升级部署
|
||
|
||
### 9.1 升级步骤
|
||
|
||
1. 备份数据库
|
||
|
||
```bash
|
||
./scripts/backup.sh full
|
||
```
|
||
|
||
2. 停止应用
|
||
|
||
```bash
|
||
./scripts/stop.sh
|
||
```
|
||
|
||
3. 备份当前版本
|
||
|
||
```bash
|
||
cp worklog-api-1.0.0.jar worklog-api-1.0.0.jar.bak
|
||
```
|
||
|
||
4. 上传新版本
|
||
|
||
```bash
|
||
scp target/worklog-api-1.1.0.jar user@server:/opt/worklog/worklog-api/
|
||
```
|
||
|
||
5. 启动应用
|
||
|
||
```bash
|
||
# 修改 start.sh 中的 JAR 文件名
|
||
vi scripts/start.sh
|
||
./scripts/start.sh
|
||
```
|
||
|
||
6. 验证升级
|
||
|
||
```bash
|
||
# 检查健康状态
|
||
curl http://localhost:8080/api/v1/health
|
||
|
||
# 查看日志
|
||
tail -f logs/app.log
|
||
```
|
||
|
||
### 9.2 回滚方案
|
||
|
||
如果升级失败,执行回滚:
|
||
|
||
```bash
|
||
./scripts/stop.sh
|
||
cp worklog-api-1.0.0.jar.bak worklog-api-1.0.0.jar
|
||
./scripts/start.sh
|
||
```
|
||
|
||
## 十、常用命令速查
|
||
|
||
```bash
|
||
# 应用管理
|
||
./scripts/start.sh # 启动
|
||
./scripts/stop.sh # 停止
|
||
./scripts/restart.sh # 重启
|
||
|
||
# 数据库备份
|
||
./scripts/backup.sh full # 全量备份
|
||
./scripts/backup.sh restore <file> # 恢复
|
||
|
||
# 日志查看
|
||
tail -f logs/app.log # 应用日志
|
||
tail -f logs/sql.log # SQL 日志
|
||
grep ERROR logs/app.log # 错误日志
|
||
|
||
# Nginx
|
||
sudo nginx -t # 测试配置
|
||
sudo systemctl restart nginx # 重启
|
||
sudo systemctl status nginx # 状态
|
||
|
||
# 系统状态
|
||
ps aux | grep worklog # 进程状态
|
||
netstat -tuln | grep 8080 # 端口监听
|
||
df -h # 磁盘空间
|
||
free -h # 内存使用
|
||
top # 系统负载
|
||
```
|
||
|
||
## 联系方式
|
||
|
||
如有问题,请联系运维团队。
|