生产部署
本文档介绍如何将学习追踪系统部署到生产环境。
📋 系统要求
- 操作系统: Ubuntu 20.04+ / CentOS 8+
- Node.js: 16.0+
- 内存: 4GB RAM (推荐8GB+)
- 存储: 20GB+ 可用空间
🚀 环境准备
安装Node.js
bash
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs安装PM2
bash
sudo npm install -g pm2
pm2 install pm2-logrotate配置PM2日志轮转
bash
pm2 set pm2-logrotate:max_size 10M
pm2 set pm2-logrotate:retain 7
pm2 set pm2-logrotate:compress true
pm2 set pm2-logrotate:dateFormat YYYY-MM-DD_HH-mm-ss
pm2 set pm2-logrotate:rotateInterval '0 0 * * *'⚙️ 环境变量配置
创建 .env.production:
bash
# 应用配置
NODE_ENV=production
PORT=3001
HOST=0.0.0.0
# 数据库配置
DB_HOST=localhost
DB_PORT=5432
DB_USER=study_tracker
DB_PASSWORD=your_strong_password
DB_NAME=study_tracker_prod
DB_POOL_MIN=2
DB_POOL_MAX=20
# Redis配置
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=your_redis_password
REDIS_DB=0
# JWT配置
JWT_SECRET=your_jwt_secret_key
JWT_REFRESH_SECRET=your_jwt_refresh_secret_key
JWT_EXPIRES_IN=7d
# HTTPS配置
ENABLE_HTTPS=true
SSL_CERT_PATH=/etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSL_KEY_PATH=/etc/letsencrypt/live/yourdomain.com/privkey.pem
# 邮件配置
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@example.com
SMTP_PASS=your_app_password🔐 HTTPS证书配置
使用Let's Encrypt
bash
sudo apt install certbot
sudo certbot certonly --standalone -d yourdomain.com📦 应用部署
1. 克隆项目
bash
sudo mkdir -p /var/www/study-tracker
sudo chown $USER:$USER /var/www/study-tracker
git clone https://github.com/your-username/study-tracker.git /var/www/study-tracker
cd /var/www/study-tracker2. 安装依赖
bash
npm ci --only=production
npm install
npm run build
npm prune --production3. 配置数据库
bash
NODE_ENV=production npm run db:migrate
NODE_ENV=production npm run db:seed🚀 PM2部署
启动应用
bash
pm2 start ecosystem.config.js --env production
pm2 save
pm2 startupPM2管理命令
bash
pm2 status
pm2 restart study-tracker
pm2 logs study-tracker
pm2 monit📊 监控和日志
日志文件位置
- 错误日志:
./logs/err.log - 输出日志:
./logs/out.log - 合并日志:
./logs/combined.log
性能监控
bash
pm2 status
pm2 monit
pm2 show study-tracker🔒 安全加固
防火墙配置
bash
sudo ufw enable
sudo ufw allow ssh
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw deny 3001/tcpNginx反向代理
创建 /etc/nginx/sites-available/study-tracker:
nginx
server {
listen 80;
server_name yourdomain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
location / {
proxy_pass http://your-server-ip:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}启用站点:
bash
sudo ln -s /etc/nginx/sites-available/study-tracker /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx🔄 自动部署
部署脚本
bash
#!/bin/bash
# deploy.sh
set -e
echo "开始部署..."
git pull origin main
npm ci --only=production
NODE_ENV=production npm run db:migrate
pm2 restart study-tracker
echo "部署完成!"🚨 故障排除
常见问题
应用无法启动
bash
sudo lsof -i :3001
pm2 logs study-tracker --err
pm2 env study-tracker数据库连接失败
bash
sudo systemctl status postgresql
psql -h your-server-ip -U study_tracker -d study_tracker_prodRedis连接失败
bash
sudo systemctl status redis-server
redis-cli pingHTTPS证书问题
bash
sudo certbot certificates
sudo certbot renew --dry-run性能优化
内存优化
bash
pm2 monit
pm2 restart study-tracker --max-memory-restart 1G数据库优化
sql
ANALYZE;
VACUUM;
REINDEX DATABASE study_tracker_prod;📈 监控和维护
健康检查
bash
#!/bin/bash
# health-check.sh
curl -f http://your-server-ip:3001/health || exit 1备份策略
bash
# 数据库备份
0 2 * * * /var/backups/backup-database.sh
# 日志清理
0 4 * * * find /var/www/study-tracker/logs -name "*.log.*" -mtime +30 -delete