feat: 更新Dockerfile

backend/.dockerignore

@@ -0,0 +1,22 @@
+.git
+.gitignore
+.venv
+venv
+__pycache__
+*.py[cod]
+*.pyo
+*.pyd
+.Python
+.pytest_cache
+.mypy_cache
+.ruff_cache
+.coverage
+htmlcov
+dist
+build
+*.egg-info
+.env
+.env.*
+Dockerfile
+docker-compose*.yml
+README*

backend/Dockerfile

@@ -1,24 +1,38 @@
-FROM python:3.11-slim AS builder
+FROM python:3.13-slim AS builder
+
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    PIP_DISABLE_PIP_VERSION_CHECK=1 \
+    PIP_NO_CACHE_DIR=1
 
 WORKDIR /app
 
 COPY requirements.txt .
 
-# 安装依赖，使用清华镜像源
-RUN pip install --no-cache-dir --upgrade pip && \
-    pip install --no-cache-dir -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
+RUN python -m venv /opt/venv \
+    && /opt/venv/bin/pip install --upgrade pip -i https://pypi.tuna.tsinghua.edu.cn/simple \
+    && /opt/venv/bin/pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
+
 
-FROM python:3.11-slim AS runtime
+FROM python:3.13-slim AS runtime
 
-# 设置时区
-ENV TZ Asia/Shanghai
+ENV TZ=Asia/Shanghai \
+    PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    PATH="/opt/venv/bin:$PATH"
 
 WORKDIR /app
 
-COPY --from=builder /app /app
+RUN addgroup --system app \
+    && adduser --system --ingroup app app
+
+COPY --from=builder /opt/venv /opt/venv
+COPY . .
+
+RUN chown -R app:app /app
+
+USER app
 
-# 暴露端口
 EXPOSE 8001
 
-# 运行应用
 CMD ["python", "main.py", "run", "--env=prod"]

docker-compose.yml

@@ -3,10 +3,10 @@ version: '3.8'
 services:
   backend:
     container_name: backend
-    build:
-      context: ./backend
-      dockerfile: ./Dockerfile
-    image: backend:latest
+    # build:
+    #   context: ./backend
+    #   dockerfile: ./Dockerfile
+    image: xjz/backend:1.0.0
     restart: always
     environment:
       TZ: "Asia/Shanghai"
@@ -30,14 +30,14 @@ services:
 
   frontend:
     container_name: frontend
-    build:
-      context: ./frontend
-      dockerfile: ./Dockerfile
-    image: frontend:latest
+    # build:
+    #   context: ./frontend
+    #   dockerfile: ./Dockerfile
+    image: xjz/frontend:1.0.0
     restart: always
     environment:
       TZ: "Asia/Shanghai"
-      VITE_API_BASE_URL: ${VITE_API_BASE_URL:-http://localhost:8001}
+      VITE_API_BASE_URL: ${VITE_API_BASE_URL:-http://backend:8001}
     ports:
       - "5173:80"
     networks:

frontend/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:18-alpine AS build
+FROM node:24 AS build
 
 WORKDIR /app
 
@@ -10,7 +10,7 @@ COPY . .
 
 RUN pnpm build
 
-FROM nginx:alpine AS runtime
+FROM nginx:1.29.8 AS runtime
 
 COPY --from=build /app/dist /usr/share/nginx/html