From 4c2d2e3678f34d9020f00f073cabe9ae2dc11c38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=BD=A0=E7=9A=84=E7=94=A8=E6=88=B7=E5=90=8D?=
 <你的邮箱>
Date: Tue, 4 Nov 2025 17:12:41 +0800
Subject: [PATCH] Add Docker deployment and CI/CD configuration
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add Dockerfile for multi-stage build
- Add docker-compose.yml for easy deployment
- Add Gitea Actions CI/CD workflow
- Add deployment script (deploy.sh)
- Add nginx and supervisord configuration
- Add deployment documentation

Deployment target: 192.168.9.149:8080

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .gitea/workflows/deploy.yml |  46 +++++++++
 DEPLOYMENT.md               | 190 ++++++++++++++++++++++++++++++++++++
 Dockerfile                  |  67 +++++++++++++
 deploy.sh                   |  95 ++++++++++++++++++
 docker-compose.yml          |  22 +++++
 docker/nginx.conf           |  50 ++++++++++
 docker/supervisord.conf     |  20 ++++
 7 files changed, 490 insertions(+)
 create mode 100644 .gitea/workflows/deploy.yml
 create mode 100644 DEPLOYMENT.md
 create mode 100644 Dockerfile
 create mode 100755 deploy.sh
 create mode 100644 docker-compose.yml
 create mode 100644 docker/nginx.conf
 create mode 100644 docker/supervisord.conf

diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
new file mode 100644
index 00000000..93bae6ba
--- /dev/null
+++ b/.gitea/workflows/deploy.yml
@@ -0,0 +1,46 @@
+name: Deploy to Production
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Deploy to server
+        uses: appleboy/ssh-action@v1.0.0
+        with:
+          host: 192.168.9.149
+          username: atai
+          password: wengewudi666808
+          port: 22
+          script: |
+            cd /home/atai/kt-financial-system
+
+            # 如果目录不存在，克隆仓库
+            if [ ! -d ".git" ]; then
+              cd /home/atai
+              git clone https://gitea.ktyun.cc/chenjiangjiang/kt-financial-system.git
+              cd kt-financial-system
+            fi
+
+            # 拉取最新代码
+            git pull origin main
+
+            # 停止并删除旧容器
+            docker-compose down
+
+            # 构建并启动新容器
+            docker-compose up -d --build
+
+            # 清理旧镜像
+            docker image prune -f
+
+            # 显示容器状态
+            docker-compose ps
diff --git a/DEPLOYMENT.md b/DEPLOYMENT.md
new file mode 100644
index 00000000..86e6a4bb
--- /dev/null
+++ b/DEPLOYMENT.md
@@ -0,0 +1,190 @@
+# KT财务系统部署文档
+
+## 🚀 快速部署
+
+### 方式1：使用部署脚本（推荐）
+
+```bash
+./deploy.sh
+```
+
+### 方式2：使用Gitea Actions自动部署
+
+推送代码到main分支后，Gitea Actions会自动触发部署。
+
+## 📋 部署要求
+
+### 服务器配置
+- **IP地址**: 192.168.9.149
+- **用户**: atai
+- **端口**: 22
+- **部署路径**: /home/atai/kt-financial-system
+- **访问地址**: http://192.168.9.149:8080
+
+### 依赖环境
+- Docker
+- Docker Compose
+- Git
+
+## 🛠️ 手动部署步骤
+
+### 1. 安装sshpass（本地Mac）
+
+```bash
+brew install hudochenkov/sshpass/sshpass
+```
+
+### 2. 服务器初始化
+
+SSH登录服务器：
+```bash
+ssh atai@192.168.9.149
+```
+
+安装Docker：
+```bash
+curl -fsSL https://get.docker.com | sh
+sudo usermod -aG docker $USER
+```
+
+安装Docker Compose：
+```bash
+sudo curl -L "https://github.com/docker/compose/releases/download/v2.23.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+sudo chmod +x /usr/local/bin/docker-compose
+```
+
+### 3. 克隆代码
+
+```bash
+cd /home/atai
+git clone https://gitea.ktyun.cc/chenjiangjiang/kt-financial-system.git
+cd kt-financial-system
+```
+
+### 4. 启动服务
+
+```bash
+docker-compose up -d --build
+```
+
+### 5. 查看状态
+
+```bash
+docker-compose ps
+docker-compose logs -f
+```
+
+## 📝 常用命令
+
+### 查看日志
+```bash
+docker-compose logs -f
+```
+
+### 重启服务
+```bash
+docker-compose restart
+```
+
+### 停止服务
+```bash
+docker-compose down
+```
+
+### 重新构建
+```bash
+docker-compose up -d --build
+```
+
+### 清理旧镜像
+```bash
+docker image prune -f
+```
+
+## 🔧 配置说明
+
+### 端口映射
+- **80** (容器内) → **8080** (宿主机)
+- 前端访问: http://192.168.9.149:8080
+- API访问: http://192.168.9.149:8080/api
+
+### 环境变量
+在 `docker-compose.yml` 中配置：
+```yaml
+environment:
+  - NODE_ENV=production
+  - TZ=Asia/Shanghai
+```
+
+## 🐛 故障排查
+
+### 容器无法启动
+```bash
+# 查看详细日志
+docker-compose logs
+
+# 查看容器状态
+docker-compose ps
+
+# 重新构建
+docker-compose up -d --build --force-recreate
+```
+
+### 端口被占用
+```bash
+# 检查端口占用
+sudo netstat -tulpn | grep 8080
+
+# 修改docker-compose.yml中的端口映射
+ports:
+  - "8081:80"  # 改为8081
+```
+
+### 内存不足
+```bash
+# 清理Docker系统
+docker system prune -a
+
+# 限制容器内存
+docker-compose.yml中添加:
+deploy:
+  resources:
+    limits:
+      memory: 2G
+```
+
+## 📊 监控
+
+### 查看资源使用
+```bash
+docker stats kt-financial-system
+```
+
+### 查看实时日志
+```bash
+docker-compose logs -f --tail=100
+```
+
+## 🔄 更新部署
+
+### 自动更新（Gitea Actions）
+推送代码到main分支即可自动部署
+
+### 手动更新
+```bash
+./deploy.sh
+```
+
+或：
+```bash
+ssh atai@192.168.9.149
+cd /home/atai/kt-financial-system
+git pull origin main
+docker-compose up -d --build
+```
+
+## 📞 技术支持
+
+遇到问题请联系技术团队或查看：
+- Gitea: https://gitea.ktyun.cc/chenjiangjiang/kt-financial-system
+- Docker文档: https://docs.docker.com
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..a57da493
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,67 @@
+# ===== 前端构建阶段 =====
+FROM node:20-alpine AS frontend-builder
+
+WORKDIR /app
+
+# 安装pnpm
+RUN npm install -g pnpm@9
+
+# 复制package文件
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
+COPY apps ./apps
+COPY packages ./packages
+COPY internal ./internal
+
+# 安装依赖
+RUN pnpm install --frozen-lockfile
+
+# 构建前端
+RUN pnpm build
+
+# ===== 后端构建阶段 =====
+FROM node:20-alpine AS backend-builder
+
+WORKDIR /app
+
+# 复制后端代码
+COPY apps/backend ./apps/backend
+COPY package.json pnpm-lock.yaml ./
+
+# 安装pnpm和依赖
+RUN npm install -g pnpm@9 && \
+    cd apps/backend && \
+    pnpm install --frozen-lockfile
+
+# ===== Nginx + Node.js 运行阶段 =====
+FROM node:20-alpine AS runner
+
+WORKDIR /app
+
+# 安装nginx和supervisord
+RUN apk add --no-cache nginx supervisor
+
+# 安装pnpm
+RUN npm install -g pnpm@9
+
+# 从构建阶段复制前端产物
+COPY --from=frontend-builder /app/apps/web-antd/dist /usr/share/nginx/html
+
+# 从构建阶段复制后端代码和依赖
+COPY --from=backend-builder /app/apps/backend /app/backend
+COPY --from=backend-builder /app/node_modules /app/node_modules
+
+# 创建nginx配置
+RUN mkdir -p /run/nginx && \
+    mkdir -p /var/log/supervisor
+
+# 复制nginx配置
+COPY docker/nginx.conf /etc/nginx/nginx.conf
+
+# 复制supervisor配置
+COPY docker/supervisord.conf /etc/supervisord.conf
+
+# 暴露端口
+EXPOSE 80 3000
+
+# 启动supervisor管理nginx和backend
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
diff --git a/deploy.sh b/deploy.sh
new file mode 100755
index 00000000..5d5342ee
--- /dev/null
+++ b/deploy.sh
@@ -0,0 +1,95 @@
+#!/bin/bash
+
+# KT财务系统部署脚本
+# 使用方法: ./deploy.sh
+
+set -e
+
+SERVER_IP="192.168.9.149"
+SERVER_USER="atai"
+SERVER_PASS="wengewudi666808"
+DEPLOY_PATH="/home/atai/kt-financial-system"
+REPO_URL="https://gitea.ktyun.cc/chenjiangjiang/kt-financial-system.git"
+
+echo "=== KT财务系统自动部署 ==="
+echo "目标服务器: $SERVER_IP"
+echo "部署路径: $DEPLOY_PATH"
+echo ""
+
+# 使用sshpass进行SSH连接（如果没有安装sshpass，会提示安装）
+if ! command -v sshpass &> /dev/null; then
+    echo "⚠️  sshpass 未安装"
+    echo "MacOS安装: brew install hudochenkov/sshpass/sshpass"
+    echo "Linux安装: sudo apt-get install sshpass"
+    exit 1
+fi
+
+echo "📦 开始部署..."
+
+sshpass -p "$SERVER_PASS" ssh -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP << 'ENDSSH'
+set -e
+
+# 切换到部署目录
+cd /home/atai
+
+# 检查Docker是否安装
+if ! command -v docker &> /dev/null; then
+    echo "❌ Docker未安装，正在安装..."
+    curl -fsSL https://get.docker.com | sh
+    sudo usermod -aG docker $USER
+    echo "✅ Docker安装完成"
+fi
+
+# 检查docker-compose是否安装
+if ! command -v docker-compose &> /dev/null; then
+    echo "❌ docker-compose未安装，正在安装..."
+    sudo curl -L "https://github.com/docker/compose/releases/download/v2.23.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+    sudo chmod +x /usr/local/bin/docker-compose
+    echo "✅ docker-compose安装完成"
+fi
+
+# 克隆或更新代码
+if [ ! -d "kt-financial-system" ]; then
+    echo "📥 克隆代码仓库..."
+    git clone https://gitea.ktyun.cc/chenjiangjiang/kt-financial-system.git
+else
+    echo "📥 更新代码..."
+    cd kt-financial-system
+    git pull origin main
+    cd ..
+fi
+
+cd kt-financial-system
+
+# 停止旧容器
+echo "🛑 停止旧容器..."
+docker-compose down || true
+
+# 构建并启动新容器
+echo "🚀 构建并启动新容器..."
+docker-compose up -d --build
+
+# 清理旧镜像
+echo "🧹 清理旧镜像..."
+docker image prune -f
+
+# 显示容器状态
+echo ""
+echo "✅ 部署完成！"
+echo ""
+echo "📊 容器状态:"
+docker-compose ps
+
+echo ""
+echo "📝 查看日志:"
+echo "docker-compose logs -f"
+ENDSSH
+
+echo ""
+echo "🎉 部署成功！"
+echo "🌐 访问地址: http://$SERVER_IP:8080"
+echo ""
+echo "📝 常用命令:"
+echo "  查看日志: ssh $SERVER_USER@$SERVER_IP 'cd $DEPLOY_PATH && docker-compose logs -f'"
+echo "  重启服务: ssh $SERVER_USER@$SERVER_IP 'cd $DEPLOY_PATH && docker-compose restart'"
+echo "  停止服务: ssh $SERVER_USER@$SERVER_IP 'cd $DEPLOY_PATH && docker-compose down'"
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000..1382577c
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,22 @@
+version: '3.8'
+
+services:
+  kt-financial:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: kt-financial-system
+    restart: unless-stopped
+    ports:
+      - "8080:80"
+    environment:
+      - NODE_ENV=production
+      - TZ=Asia/Shanghai
+    volumes:
+      - ./logs:/var/log
+    networks:
+      - kt-network
+
+networks:
+  kt-network:
+    driver: bridge
diff --git a/docker/nginx.conf b/docker/nginx.conf
new file mode 100644
index 00000000..921ca71c
--- /dev/null
+++ b/docker/nginx.conf
@@ -0,0 +1,50 @@
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log warn;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log /var/log/nginx/access.log main;
+
+    sendfile on;
+    tcp_nopush on;
+    keepalive_timeout 65;
+    gzip on;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+    server {
+        listen 80;
+        server_name _;
+
+        # 前端静态文件
+        location / {
+            root /usr/share/nginx/html;
+            try_files $uri $uri/ /index.html;
+            index index.html;
+        }
+
+        # API代理到后端
+        location /api/ {
+            proxy_pass http://localhost:3000;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection 'upgrade';
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_cache_bypass $http_upgrade;
+        }
+    }
+}
diff --git a/docker/supervisord.conf b/docker/supervisord.conf
new file mode 100644
index 00000000..2934a493
--- /dev/null
+++ b/docker/supervisord.conf
@@ -0,0 +1,20 @@
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisor/supervisord.log
+pidfile=/var/run/supervisord.pid
+
+[program:nginx]
+command=/usr/sbin/nginx -g 'daemon off;'
+autostart=true
+autorestart=true
+stdout_logfile=/var/log/nginx/stdout.log
+stderr_logfile=/var/log/nginx/stderr.log
+
+[program:backend]
+command=node /app/backend/dist/main.js
+directory=/app/backend
+autostart=true
+autorestart=true
+stdout_logfile=/var/log/backend/stdout.log
+stderr_logfile=/var/log/backend/stderr.log
+environment=NODE_ENV="production",PORT="3000"