Edit yml and conf

.drone.yml

@@ -5,7 +5,7 @@ name: default
 # 触发分支
 trigger:
   branch:
-  - master
+    - master
 
 steps:
 
@@ -20,9 +20,6 @@ steps:
      - name: repository
        path: /cache
 
-  # 参考：
-  # https://www.jianshu.com/p/4aaac6c0c105
-  
   # 打包
   - name: build
     image: matderosa/maven-3.8-openjdk-17-gcc8.5

README.md

@@ -6,9 +6,7 @@
 * Springboot 3.1.1 + Mybatis-plus 3.5.3.2
 
 ### 配置
-Maven 配置 (用户配置)
-
-(阿里源通用配置，无私库，无第三方库，)
+Maven 配置 (用户配置) (阿里源)
 ```
 ./configuration/.m2/settings.xml
 ```

configuration/nginx/acme.md

@@ -0,0 +1,49 @@
+## acme证书
+
+1.安装
+```
+$ cd /opt
+$ git clone https://gitee.com/neilpang/acme.sh.git
+
+$ vim ~/.bashrc
+alias acme.sh='/opt/acme.sh/acme.sh'
+
+$ source ~/.bashrc
+$ acme.sh -v
+```
+
+2.登录
+```
+$ acme.sh --register-account -m 405348097@qq.com
+$ acme.sh --set-default-ca --server letsencrypt
+```
+
+3.api接口需要增加以下 nginx 配置
+```
+server {
+    listen          80;
+    server_name     duanju2.api.styujia.com;
+    
+    location ^~ /.well-known/acme-challenge/ {
+        root /home/webroot;
+        allow all;
+    }
+```
+并创建一个临时目录：
+```
+$ mkdir -p /home/webroot/.well-known/acme-challenge
+```
+
+4.生成证书
+```
+$ acme.sh --issue -d duanju2.manage.styujia.com -w /home/YujiaDuanjuAdmin/dist/
+$ acme.sh --issue -d duanju2.api.styujia.com -w /home/webroot/
+```
+
+5.设置自动更新
+```
+$ crontab  -e
+
+# 每天凌晨检查证书的有效期，如有需要，自动续签。
+30 0 * * * acme.sh --cron --home "/root/.acme.sh" > /dev/null
+```

configuration/nginx/ai.manage.conf

@@ -1,34 +1,48 @@
+upstream myapp {
+    server 127.0.0.1:8088;
+}
+
 server {
     listen          8088;
+    client_max_body_size 500M;
+
     location / {
-        root          /home/www/project/FrontendSys/dist;
         index         index.html;
+        root          /home/www/project/FrontendSys/dist;
+        # Vue 路由设置
         try_files $uri $uri/ /index.html;
-
         # 允许跨域
-        # add_header  Access-Control-Allow-Headers *;
-        # add_header  Access-Control-Allow-Origin *;
-        # add_header  Access-Control-Allow-Methods 'GET,POST,OPTIONS';
-        # add_header  Access-Control-Allow-Credentials 'true';
+        add_header  Access-Control-Allow-Headers *;
+        add_header  Access-Control-Allow-Origin $http_origin;
+        add_header  Access-Control-Allow-Methods 'GET,POST,OPTIONS';
+        add_header  Access-Control-Allow-Credentials 'true';
+    }
+
+    # 接口代理配置 (Vue项目代理)
+    location /api/ {
+        proxy_pass http://myapp/api/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
     }
+
 }
 
 server {
     listen          80;
     server_name     ai.manage.daoguyujia.com;
     location / {
-
-        proxy_pass http://127.0.0.1:8088;
+        proxy_pass http://myapp;
         proxy_http_version 1.1;
-        proxy_connect_timeout 4s;                # 配置点1
-        proxy_read_timeout 120s;                 # 配置点2，如果没效，可以考虑这个时间配置长一点
-        proxy_send_timeout 120s;                 # 配置点3
-        proxy_set_header Upgrade $http_upgrade;  # 支持wss
-        proxy_set_header Connection "upgrade";   # 支持wss
-
-        # proxy_set_header Host $proxy_host;
-        # proxy_set_header X-Real-IP $remote_addr;
-        # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_connect_timeout 4s;
+        proxy_read_timeout 120s;
+        proxy_send_timeout 120s;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
     }
 }
 

docker-compose.yml

@@ -1,4 +1,4 @@
-version: "1"
+version: "2"
 services:
   # 必须是小写
   backendsys-service:
@@ -19,13 +19,14 @@ services:
 
 #    ports:
 #      - "48080:48080"
-    # 使用 network_mode: host 就不能再指定 ports
+#    # 使用 network_mode: host 就不能再指定 ports
     network_mode: "host"
 
     environment:
       # 指定时区
       TZ: 'Asia/Shanghai'
-    #启动容器后执行的命令
-#    entrypoint: ["sh", "-c", "nohup java -Dloader.path=/app/build/libs -jar /app/build/backendsys.jar > /app/build/backendsys.log &"]
-    entrypoint: nohup java -Dloader.path=/app/build/libs -jar /app/build/backendsys.jar
+
+    # -Xms4g -Xmx12g (服务器 8核 16GB)
+    # -Xms1g -Xmx4g (服务器 4核 8GB)
+    entrypoint: nohup java -Xms1g -Xmx4g -Dloader.path=/app/build/libs -jar /app/build/backendsys.jar
     # -Dloader.path=/app/build/libs