86a7865808
- 新增 backend/Dockerfile + frontend/Dockerfile (多阶段构建) - 新增 docker-compose.yml (postgres + redis + backend + frontend) - 新增 .env.example 模板 (前后端) - 新增 export API: 任务数据导出 + 审计日志导出 (CSV + 流式响应) - 安全加固: CORS 从环境变量配置, 安全 headers 中间件 - 生产环境自动禁用 API 文档 (Swagger/Redoc) - 添加 ENVIRONMENT, CORS_ORIGINS 配置项 - 前端启用 Next.js standalone 输出模式 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
57 lines
1.4 KiB
Docker
57 lines
1.4 KiB
Docker
# ===========================
|
||
# 秒思智能审核平台 - Backend Dockerfile
|
||
# 多阶段构建,基于 python:3.13-slim
|
||
# ===========================
|
||
|
||
# ---------- Stage 1: 构建依赖 ----------
|
||
FROM python:3.13-slim AS builder
|
||
|
||
WORKDIR /build
|
||
|
||
# 安装编译依赖
|
||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||
gcc \
|
||
libpq-dev \
|
||
&& rm -rf /var/lib/apt/lists/*
|
||
|
||
# 复制依赖描述文件
|
||
COPY pyproject.toml .
|
||
|
||
# 安装 Python 依赖到 /build/deps
|
||
RUN pip install --no-cache-dir --prefix=/build/deps .
|
||
|
||
# ---------- Stage 2: 运行时镜像 ----------
|
||
FROM python:3.13-slim AS runtime
|
||
|
||
WORKDIR /app
|
||
|
||
# 安装运行时系统依赖(FFmpeg 用于视频处理,libpq 用于 PostgreSQL)
|
||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||
ffmpeg \
|
||
libpq5 \
|
||
curl \
|
||
&& rm -rf /var/lib/apt/lists/*
|
||
|
||
# 从 builder 阶段复制已安装的 Python 依赖
|
||
COPY --from=builder /build/deps /usr/local
|
||
|
||
# 复制应用代码
|
||
COPY app/ ./app/
|
||
COPY alembic/ ./alembic/
|
||
COPY alembic.ini .
|
||
COPY pyproject.toml .
|
||
|
||
# 创建非 root 用户
|
||
RUN groupadd -r miaosi && useradd -r -g miaosi -d /app -s /sbin/nologin miaosi \
|
||
&& mkdir -p /tmp/videos \
|
||
&& chown -R miaosi:miaosi /app /tmp/videos
|
||
|
||
USER miaosi
|
||
|
||
EXPOSE 8000
|
||
|
||
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
|
||
CMD curl -f http://localhost:8000/health || exit 1
|
||
|
||
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
|