Docker Deployment Guide
Docker deployment is one of the recommended deployment methods for AstrNest, suitable for rapid deployment and containerized environments.
Prerequisites
- Docker: 20.10+
- Docker Compose: 2.0+
- At least 2GB RAM
- At least 5GB disk space
Quick Start
1. Prepare Deployment Directory
bash
# Clone the project
git clone <repository-url>
cd AstrNest
# Copy environment variable template
cp .env.example .env2. Configure Environment Variables
Edit the .env file and configure the necessary parameters:
bash
# Database configuration (must be modified)
MYSQL_ROOT_PASSWORD=YourStrongRootPass!
MYSQL_DATABASE=astrnest
MYSQL_USER=astrnest
MYSQL_PASSWORD=YourStrongDbPass!
# Backend configuration (must be modified)
ASTRNEST_DB_URL=jdbc:mysql://mysql:3306/astrnest?useSSL=false&allowPublicKeyRetrieval=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
ASTRNEST_DB_USERNAME=astrnest
ASTRNEST_DB_PASSWORD=YourStrongDbPass!
ASTRNEST_STORAGE_ROOT=/storage/upload
ASTRNEST_STORAGE_PUBLIC=/upload
ASTRNEST_STORAGE_STRATEGY=LOCAL
# Administrator configuration (must be modified)
ASTRNEST_ADMIN_USERNAME=admin
ASTRNEST_ADMIN_PASSWORD=YourStrongAdminPass!
ASTRNEST_ADMIN_DISPLAY=Super Administrator
ASTRNEST_ADMIN_EMAIL=admin@your-domain.com
# Site domain configuration
PUBLIC_SITE_URL=https://your-domain.com
PUBLIC_ASSET_URL=https://your-domain.com/upload
BACKEND_API_PUBLIC_URL=https://api.your-domain.com
ASTRNEST_ASSET_DOMAIN=
# Frontend configuration
VITE_API_BASE_URL=http://backend:8080
VITE_PUBLIC_ASSET_BASE=http://backend:8080/upload
VITE_SITE_NAME=AstrNest
# AI content review configuration (optional)
ASTRNEST_AI_TENCENT_SECRET_ID=
ASTRNEST_AI_TENCENT_SECRET_KEY=
ASTRNEST_AI_TENCENT_REGION=ap-beijing
ASTRNEST_AI_TENCENT_BUCKET=
# Email service configuration (optional)
SMTP_HOST=smtp.your-domain.com
SMTP_PORT=587
SMTP_USERNAME=your-email@your-domain.com
SMTP_PASSWORD=your-email-password⚠️ Security Tip: Please be sure to modify all default passwords and use strong passwords!
3. Start Services
bash
# Start all services
docker compose --env-file .env up -d
# Check service status
docker compose ps
# View logs
docker compose logs -f4. Verify Deployment
bash
# Health check
curl http://localhost:8080/actuator/health
# Expected response
{"status":"UP"}Service Architecture
Docker Compose deployment includes the following services:
| Service | Container Name | Port | Description |
|---|---|---|---|
| MySQL | astrnest-mysql | 3306 (internal) | Database service |
| Backend | astrnest-backend | 8080 | Spring Boot application, provides REST API |
| Frontend | astrnest-frontend | 80 | Vue 3 frontend interface, Nginx static file service |
Data Persistence
By default, data will be persisted to the following locations:
- MySQL data: Docker volume
mysql_data - Uploaded files:
./storage/uploaddirectory
Access Services
After deployment, you can access via the following addresses:
| Service | Address | Description |
|---|---|---|
| Frontend interface | http://your-server-ip or http://localhost | Web UI |
| Backend API | http://your-server-ip:8080 | REST API |
| API documentation | http://your-server-ip:8080/swagger-ui/index.html | Swagger UI |
| Health check | http://your-server-ip:8080/actuator/health | Service status |
Default Administrator Account
- Username:
admin - Password:
chenxi123(If you modifiedASTRNEST_ADMIN_PASSWORDin .env, use the new password)
⚠️ Important: Please change the default password immediately after first login!
Advanced Configuration
Custom Ports
Modify the port mapping in docker-compose.yml:
yaml
services:
backend:
ports:
- "8081:8080" # Host port:Container port
frontend:
ports:
- "8080:80" # Host port:Container portData Persistence Configuration
Ensure important data is persisted:
yaml
services:
mysql:
volumes:
- mysql_data:/var/lib/mysql
- ./backup:/backup
backend:
volumes:
- ./storage/upload:/storage/upload
- ./logs:/app/logs
volumes:
mysql_data:
driver: localResource Limits
Configure container resource limits:
yaml
services:
mysql:
deploy:
resources:
limits:
memory: 1G
reservations:
memory: 512M
backend:
deploy:
resources:
limits:
memory: 2G
reservations:
memory: 1GJVM Parameter Configuration
Configure JVM parameters in .env:
bash
JAVA_OPTS=-Xms512m -Xmx1024m -XX:+UseG1GCOperations Management
Service Management Commands
bash
# Start services
docker compose up -d
# Stop services
docker compose down
# Restart services
docker compose restart
# Restart a single service
docker compose restart backend
# Check service status
docker compose ps
# View service logs
docker compose logs [service-name]
docker compose logs -f backend
# Enter container
docker compose exec backend bash
docker compose exec mysql mysql -u root -pBackup and Recovery
Database Backup
bash
# Backup database
docker compose exec mysql mysqldump -u root -p${MYSQL_ROOT_PASSWORD} astrnest > backup/astrnest-$(date +%Y%m%d).sql
# Restore database
docker compose exec -i mysql mysql -u root -p${MYSQL_ROOT_PASSWORD} astrnest < backup/astrnest-backup.sqlFile Backup
bash
# Backup uploaded files
cp -r storage/upload backup/upload-$(date +%Y%m%d)
# Restore uploaded files
cp -r backup/upload-20240101 storage/uploadUpdate Services
bash
# Pull latest code
git pull origin main
# Rebuild images
docker compose build --no-cache
# Restart services
docker compose down
docker compose up -dMonitoring and Logging
View Container Status
bash
# View all container status
docker stats
# View container resource usage
docker container stats
# View container details
docker inspect astrnest-backendLog Management
bash
# View logs in real-time
docker compose logs -f backend
# View logs for a specific time period
docker compose logs --since="2024-01-01" backend
# Export logs to file
docker compose logs backend > backend-$(date +%Y%m%d).logSecurity Configuration
Change Default Password
Change the default administrator password immediately after deployment:
- Modify through the interface after logging in
- Or modify
ASTRNEST_ADMIN_PASSWORDin.envand restart the service
Configure SSL/TLS
Use reverse proxy to configure HTTPS:
nginx
server {
listen 443 ssl;
server_name your-domain.com;
ssl_certificate /path/to/ssl/cert.pem;
ssl_certificate_key /path/to/ssl/key.pem;
location / {
proxy_pass http://localhost:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /api/ {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /upload/ {
proxy_pass http://localhost:8080/upload/;
proxy_set_header Host $host;
expires 7d;
add_header Cache-Control "public";
}
}Troubleshooting
Container Fails to Start
bash
# View detailed error information
docker compose logs [service-name]
# Check port conflicts
netstat -tulpn | grep 8080
# Check resource limits
docker statsDatabase Connection Issues
bash
# Check MySQL container status
docker compose logs mysql
# Test database connection
docker compose exec mysql mysql -u astrnest -p${MYSQL_PASSWORD} -e "SHOW DATABASES;"File Permission Issues
bash
# Check mount directory permissions
ls -la ./storage/upload
# Modify directory permissions
sudo chown -R $USER:$USER ./storageAdvantages and Features
Advantages
- One-click deployment: Simplifies complex deployment processes, start all services with one command
- Environment isolation: Each service runs in an independent container without interference
- Easy to scale: Supports horizontal scaling and load balancing
- Version control: Facilitates rollback and version management
- Production-ready: Suitable for enterprise-level production environments
Features
- Automatic fault recovery: Automatically restarts when containers fail
- Resource management: Configurable CPU and memory limits
- Centralized logging: Unified log management
- Network isolation: Secure internal network communication
- Data persistence: Important data is persisted and not lost when containers restart
Choose Docker deployment for a stable and reliable production environment deployment solution, suitable for team collaboration and enterprise-level applications.
Next Steps
After successful deployment, it is recommended to: