version: '3.8' services: # 前端应用 ai-chat-web: build: context: . dockerfile: Dockerfile.prod args: - NODE_ENV=production image: ai-chat:latest container_name: ai-chat-web-prod restart: unless-stopped ports: - "80:80" environment: - TZ=Asia/Shanghai - NODE_ENV=production volumes: - ./logs/nginx:/var/log/nginx - ./ssl:/etc/nginx/ssl:ro # SSL证书目录(如果需要HTTPS) networks: - ai-chat-network healthcheck: test: ["CMD", "curl", "-f", "http://localhost:80/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s labels: - "traefik.enable=true" - "traefik.http.routers.ai-chat.rule=Host(`your-domain.com`)" - "traefik.http.services.ai-chat.loadbalancer.server.port=80" deploy: resources: limits: cpus: '1.0' memory: 512M reservations: cpus: '0.5' memory: 256M # 反向代理(可选,用于HTTPS和负载均衡) nginx-proxy: image: nginx:1.25-alpine container_name: ai-chat-proxy-prod restart: unless-stopped ports: - "443:443" volumes: - ./nginx-proxy.conf:/etc/nginx/conf.d/default.conf:ro - ./ssl:/etc/nginx/ssl:ro - ./logs/proxy:/var/log/nginx depends_on: - ai-chat-web networks: - ai-chat-network profiles: - https # 使用profile控制HTTPS代理 healthcheck: test: ["CMD", "nginx", "-t"] interval: 30s timeout: 10s retries: 3 # 监控服务(可选) watchtower: image: containrrr/watchtower container_name: ai-chat-watchtower restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock environment: - WATCHTOWER_CLEANUP=true - WATCHTOWER_POLL_INTERVAL=3600 # 每小时检查一次更新 - WATCHTOWER_INCLUDE_STOPPED=true profiles: - monitoring command: ai-chat-web-prod # 日志收集(可选) promtail: image: grafana/promtail:latest container_name: ai-chat-promtail restart: unless-stopped volumes: - ./logs:/var/log/app:ro - ./promtail-config.yml:/etc/promtail/config.yml:ro networks: - ai-chat-network profiles: - logging networks: ai-chat-network: driver: bridge ipam: config: - subnet: 172.20.0.0/16 volumes: nginx-logs: driver: local ssl-certs: driver: local