部署指南
CmdAdmin 支持多种部署方式,包括传统服务器部署和 Docker 容器化部署。
环境要求
服务器环境
- JDK 21+
- PostgreSQL 15+ 或 MySQL 8+
- Redis 6+
- Nginx(用于前端部署)
生产环境配置
yaml
# application-prod.yml
spring:
datasource:
url: jdbc:postgresql://localhost:5432/cmdadmin
username: ${DB_USERNAME:cmdadmin}
password: ${DB_PASSWORD:your_password}
data:
redis:
host: ${REDIS_HOST:localhost}
port: ${REDIS_PORT:6379}
password: ${REDIS_PASSWORD:}
server:
port: 8080后端部署
1. 打包应用
bash
cd cmdAdmin
mvn clean package -DskipTests2. 启动应用
bash
# 方式1:直接启动
java -jar -Dspring.profiles.active=prod target/cmd-admin-1.0.0-SNAPSHOT.jar
# 方式2:后台启动
nohup java -jar -Dspring.profiles.active=prod target/cmd-admin-1.0.0-SNAPSHOT.jar > app.log 2>&1 &
# 方式3:使用 systemd(推荐)3. systemd 服务配置
创建 /etc/systemd/system/cmdadmin.service:
ini
[Unit]
Description=CmdAdmin Application
After=network.target
[Service]
Type=simple
User=cmdadmin
WorkingDirectory=/opt/cmdadmin
ExecStart=/usr/bin/java -jar -Dspring.profiles.active=prod cmd-admin-1.0.0-SNAPSHOT.jar
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target启动服务:
bash
sudo systemctl daemon-reload
sudo systemctl enable cmdadmin
sudo systemctl start cmdadmin
sudo systemctl status cmdadmin前端部署
1. 构建前端
bash
cd admin-web
npm install
npm run build2. Nginx 配置
nginx
server {
listen 80;
server_name your-domain.com;
# 前端静态资源
location / {
root /var/www/cmdadmin/dist;
index index.html;
try_files $uri $uri/ /index.html;
}
# API 代理
location /api {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# 文件上传大小限制
client_max_body_size 100M;
}3. 部署到 Nginx
bash
# 复制构建文件
sudo cp -r admin-web/dist /var/www/cmdadmin/
# 测试配置
sudo nginx -t
# 重载配置
sudo systemctl reload nginxSSL/HTTPS 配置
使用 Let's Encrypt
bash
# 安装 certbot
sudo apt install certbot python3-certbot-nginx
# 获取证书
sudo certbot --nginx -d your-domain.com
# 自动续期
sudo certbot renew --dry-run手动配置 SSL
nginx
server {
listen 443 ssl http2;
server_name your-domain.com;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
# ... 其他配置
}
server {
listen 80;
server_name your-domain.com;
return 301 https://$server_name$request_uri;
}性能优化
JVM 调优
bash
java -Xms2g -Xmx2g \
-XX:+UseG1GC \
-XX:MaxGCPauseMillis=200 \
-jar cmd-admin-1.0.0-SNAPSHOT.jar数据库连接池
yaml
spring:
datasource:
hikari:
maximum-pool-size: 20
minimum-idle: 10
connection-timeout: 30000
idle-timeout: 600000
max-lifetime: 1800000Nginx 优化
nginx
worker_processes auto;
worker_connections 4096;
gzip on;
gzip_types text/plain text/css application/json application/javascript;
location / {
expires 7d;
add_header Cache-Control "public, immutable";
}监控与日志
日志配置
yaml
logging:
level:
root: WARN
com.cmdadmin: INFO
file:
name: /var/log/cmdadmin/application.log
logback:
rollingpolicy:
max-file-size: 100MB
max-history: 30健康检查
bash
# 应用健康检查
curl http://localhost:8080/api/actuator/health
# 数据库连接检查
curl http://localhost:8080/api/actuator/health/db备份策略
数据库备份
bash
#!/bin/bash
# backup.sh
DATE=$(date +%Y%m%d_%H%M%S)
pg_dump -h localhost -U cmdadmin cmdadmin > /backup/cmdadmin_$DATE.sql
# 保留最近7天备份
find /backup -name "cmdadmin_*.sql" -mtime +7 -delete定时备份
bash
# 添加到 crontab
0 2 * * * /opt/cmdadmin/backup.sh常见问题
端口被占用
bash
# 查找占用 8080 端口的进程
lsof -i :8080
# 或
netstat -tlnp | grep 8080
# 终止进程
kill -9 <PID>内存不足
bash
# 查看内存使用
free -h
# 增加交换空间
sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile数据库连接失败
检查数据库服务状态:
bash
# PostgreSQL
sudo systemctl status postgresql
# MySQL
sudo systemctl status mysql安全建议
- 修改默认密码:admin / admin123
- 启用 HTTPS:使用 SSL 证书
- 防火墙配置:只开放必要端口
- 定期更新:及时更新系统和依赖
- 日志审计:定期检查异常日志