部署指南
1. 环境要求
| 项目 | 最低要求 | 推荐配置 |
|---|---|---|
| Go | 1.21+ | 1.21+ |
| PostgreSQL | 14+ | 15+ |
| Redis | 6+ | 7+ |
| 内存 | 1 GB | 2 GB |
| CPU | 1 核 | 2 核 |
| 磁盘 | 5 GB | 20 GB |
2. Docker Compose 部署
2.1 目录结构
/opt/lingwang/
├── docker-compose.yml
├── config.yaml
└── data/
├── postgres/
└── redis/
2.2 docker-compose.yml
version: "3.8"
services:
app:
image: lingwang/app:latest
container_name: lingwang-app
restart: always
ports:
- "8080:8080"
volumes:
- ./config.yaml:/app/config.yaml:ro
- ./data/uploads:/app/uploads
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
networks:
- lingwang-net
postgres:
image: postgres:15-alpine
container_name: lingwang-postgres
restart: always
environment:
POSTGRES_DB: lingwang
POSTGRES_USER: lingwang
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-changeme}
volumes:
- ./data/postgres:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U lingwang -d lingwang"]
interval: 10s
timeout: 5s
retries: 5
networks:
- lingwang-net
redis:
image: redis:7-alpine
container_name: lingwang-redis
restart: always
command: redis-server --appendonly yes
volumes:
- ./data/redis:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
networks:
- lingwang-net
networks:
lingwang-net:
driver: bridge
2.3 启动步骤
# 创建目录
mkdir -p /opt/lingwang/data/postgres /opt/lingwang/data/redis
# 设置环境变量(可选)
export POSTGRES_PASSWORD=your_secure_password
# 启动服务
cd /opt/lingwang
docker-compose up -d
# 查看状态
docker-compose ps
# 查看日志
docker-compose logs -f app
3. 手动部署步骤
3.1 二进制构建
# 克隆代码
git clone https://github.com/your-org/lingwang.git
cd lingwang
# 安装依赖
go mod download
# 构建
go build -o lingwang ./cmd/server
# 验证
./lingwang version
3.2 配置文件
创建 config.yaml:
server:
host: "0.0.0.0"
port: 8080
mode: "release"
database:
host: "localhost"
port: 5432
user: "lingwang"
password: "changeme"
name: "lingwang"
sslmode: "disable"
max_open_conns: 25
max_idle_conns: 5
redis:
host: "localhost"
port: 6379
password: ""
db: 0
log:
level: "info"
format: "json"
output: "stdout"
upload:
path: "./uploads"
max_size: 10485760
session:
secret: "your-secret-key-change-in-production"
expire: 86400
3.3 数据库迁移
# 自动迁移(首次启动自动执行)
./lingwang migrate
# 或手动执行 SQL
psql -h localhost -U lingwang -d lingwang -f migrations/001_init.sql
3.4 启动服务
# 直接运行
./lingwang server
# 使用 systemd
cat > /etc/systemd/system/lingwang.service << EOF
[Unit]
Description=Lingwang Service
After=network.target
[Service]
Type=simple
User=lingwang
WorkingDirectory=/opt/lingwang
ExecStart=/opt/lingwang/lingwang server
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable lingwang
systemctl start lingwang
4. 配置参考
config.yaml 字段说明
| 字段 | 类型 | 默认值 | 说明 |
|---|---|---|---|
server.host |
string | 0.0.0.0 |
监听地址 |
server.port |
int | 8080 |
监听端口 |
server.mode |
string | debug |
运行模式:debug / release |
database.host |
string | localhost |
PostgreSQL 主机 |
database.port |
int | 5432 |
PostgreSQL 端口 |
database.user |
string | lingwang |
数据库用户 |
database.password |
string | changeme |
数据库密码 |
database.name |
string | lingwang |
数据库名 |
database.sslmode |
string | disable |
SSL 模式:disable / require / verify-full |
database.max_open_conns |
int | 25 |
最大打开连接数 |
database.max_idle_conns |
int | 5 |
最大空闲连接数 |
redis.host |
string | localhost |
Redis 主机 |
redis.port |
int | 6379 |
Redis 端口 |
redis.password |
string | "" |
Redis 密码 |
redis.db |
int | 0 |
Redis 数据库编号 |
log.level |
string | info |
日志级别:debug / info / warn / error |
log.format |
string | json |
日志格式:json / text |
log.output |
string | stdout |
日志输出:stdout / file |
log.file |
string | - | 日志文件路径(当 output=file 时) |
upload.path |
string | ./uploads |
上传文件存储路径 |
upload.max_size |
int | 10485760 |
最大上传文件大小(字节) |
session.secret |
string | - | Session 密钥(必填) |
session.expire |
int | 86400 |
Session 过期时间(秒) |
5. 环境变量列表
| 变量名 | 说明 | 默认值 | 必填 |
|---|---|---|---|
LINGWANG_SERVER_HOST |
服务监听地址 | 0.0.0.0 |
否 |
LINGWANG_SERVER_PORT |
服务监听端口 | 8080 |
否 |
LINGWANG_DB_HOST |
PostgreSQL 主机 | localhost |
否 |
LINGWANG_DB_PORT |
PostgreSQL 端口 | 5432 |
否 |
LINGWANG_DB_USER |
数据库用户 | lingwang |
否 |
LINGWANG_DB_PASSWORD |
数据库密码 | - | 是 |
LINGWANG_DB_NAME |
数据库名 | lingwang |
否 |
LINGWANG_DB_SSLMODE |
SSL 模式 | disable |
否 |
LINGWANG_REDIS_HOST |
Redis 主机 | localhost |
否 |
LINGWANG_REDIS_PORT |
Redis 端口 | 6379 |
否 |
LINGWANG_REDIS_PASSWORD |
Redis 密码 | "" |
否 |
LINGWANG_LOG_LEVEL |
日志级别 | info |
否 |
LINGWANG_SESSION_SECRET |
Session 密钥 | - | 是 |
POSTGRES_PASSWORD |
Docker postgres 密码 | - | Docker 部署时是 |
环境变量会覆盖 config.yaml 中的对应配置。
6. 反向代理 Nginx 配置
upstream lingwang_backend {
server 127.0.0.1:8080;
keepalive 64;
}
server {
listen 80;
server_name ops.sengyueplay.com;
client_max_body_size 10M;
location / {
proxy_pass http://lingwang_backend;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection "";
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
location /uploads/ {
alias /opt/lingwang/uploads/;
expires 7d;
add_header Cache-Control "public, immutable";
}
}
7. HTTPS Let's Encrypt 配置
7.1 安装 Certbot
# Ubuntu/Debian
apt update && apt install -y certbot python3-certbot-nginx
# CentOS/RHEL
yum install -y epel-release && yum install -y certbot nginx
7.2 获取证书并自动配置
certbot --nginx -d ops.sengyueplay.com
7.3 手动配置(使用上述 nginx.conf)
生成证书后手动编辑 /etc/nginx/sites-available/lingwang:
upstream lingwang_backend {
server 127.0.0.1:8080;
keepalive 64;
}
server {
listen 80;
server_name ops.sengyueplay.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name ops.sengyueplay.com;
ssl_certificate /etc/letsencrypt/live/ops.sengyueplay.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ops.sengyueplay.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/ops.sengyueplay.com/chain.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
client_max_body_size 10M;
location / {
proxy_pass http://lingwang_backend;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection "";
}
location /uploads/ {
alias /opt/lingwang/uploads/;
expires 7d;
add_header Cache-Control "public, immutable";
}
}
7.4 自动续期
# 测试续期
certbot renew --dry-run
# 设置定时任务(自动续期)
crontab -e
# 添加:0 0 * * * certbot renew --quiet --renew-hook "systemctl reload nginx"
8. 升级步骤
8.1 Docker Compose 升级
cd /opt/lingwang
# 拉取新镜像
docker-compose pull
# 备份数据
tar -czf backup-$(date +%Y%m%d).tar.gz data/
# 重启服务
docker-compose up -d
# 确认运行正常
docker-compose logs app
8.2 手动升级
cd /opt/lingwang
# 停止服务
systemctl stop lingwang
# 备份旧二进制
cp lingwang lingwang.bak
# 备份数据库
pg_dump -h localhost -U lingwang -d lingwang > db-backup-$(date +%Y%m%d).sql
# 拉取新代码并构建
git pull
go build -o lingwang-new ./cmd/server
# 替换二进制
mv lingwang-new lingwang
# 启动服务
systemctl start lingwang
# 检查状态
systemctl status lingwang
journalctl -u lingwang -f
9. 卸载
9.1 Docker Compose 卸载
cd /opt/lingwang
# 停止并删除容器
docker-compose down
# 删除镜像(可选)
docker-compose down --rmi local
# 删除数据(谨慎!确认已备份)
rm -rf data/
# 删除配置文件
rm -f config.yaml docker-compose.yml
9.2 手动部署卸载
# 停止服务
systemctl stop lingwang
systemctl disable lingwang
# 删除 systemd unit
rm /etc/systemd/system/lingwang.service
systemctl daemon-reload
# 删除文件和目录
rm -f /opt/lingwang/lingwang
rm -rf /opt/lingwang
# 删除数据库(谨慎!)
dropdb -h localhost -U lingwang lingwang
dropuser -h localhost -U lingwang lingwang
# 删除 Redis 数据
redis-cli -h localhost -p 6379 FLUSHDB