version: '3.8' services: gxwebsoft-app: build: . container_name: gxwebsoft-server ports: - "8080:8080" environment: - SPRING_PROFILES_ACTIVE=prod - CERTIFICATE_LOAD_MODE=VOLUME - CERTIFICATE_CERT_ROOT_PATH=/app/certs - JAVA_OPTS=-Xms512m -Xmx1024m volumes: # 证书挂载卷 - 将主机的证书目录挂载到容器 - ./certs:/app/certs:ro # 日志挂载卷 - ./logs:/app/logs # 上传文件挂载卷 - ./uploads:/app/uploads networks: - gxwebsoft-network depends_on: - mysql - redis restart: unless-stopped healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/actuator/health"] interval: 30s timeout: 10s retries: 3 start_period: 60s mysql: image: mysql:8.0 container_name: gxwebsoft-mysql environment: MYSQL_ROOT_PASSWORD: root123456 MYSQL_DATABASE: gxwebsoft MYSQL_USER: gxwebsoft MYSQL_PASSWORD: gxwebsoft123 ports: - "3306:3306" volumes: - mysql_data:/var/lib/mysql - ./mysql/conf:/etc/mysql/conf.d - ./mysql/init:/docker-entrypoint-initdb.d networks: - gxwebsoft-network restart: unless-stopped command: --default-authentication-plugin=mysql_native_password redis: image: redis:6.2-alpine container_name: gxwebsoft-redis ports: - "6379:6379" volumes: - redis_data:/data - ./redis/redis.conf:/etc/redis/redis.conf networks: - gxwebsoft-network restart: unless-stopped command: redis-server /etc/redis/redis.conf networks: gxwebsoft-network: driver: bridge volumes: mysql_data: driver: local redis_data: driver: local # 证书目录结构说明 # 在项目根目录创建 certs 目录,结构如下: # ./certs/ # ├── wechat/ # │ ├── apiclient_key.pem # 微信支付商户私钥 # │ ├── apiclient_cert.pem # 微信支付商户证书 # │ └── wechatpay_cert.pem # 微信支付平台证书 # └── alipay/ # ├── app_private_key.pem # 支付宝应用私钥 # ├── appCertPublicKey.crt # 支付宝应用公钥证书 # ├── alipayCertPublicKey.crt # 支付宝公钥证书 # └── alipayRootCert.crt # 支付宝根证书 # # 证书文件权限设置: # chmod -R 444 certs/ # 设置证书文件为只读 # chmod 755 certs/ # 设置目录权限 # chmod 755 certs/wechat/ # chmod 755 certs/alipay/ # # 启动命令: # docker-compose up -d # # 查看日志: # docker-compose logs -f gxwebsoft-app # # 停止服务: # docker-compose down # # 重新构建并启动: # docker-compose up -d --build