feat(docker): 添加Docker配置和忽略文件

ExquisiteCore · ExquisiteCore · commit 4acb256cd452 · 2026-03-07T14:36:50.000+08:00
新增`.dockerignore`文件，用于指定在构建Docker镜像时忽略的文件和目录。
新增`.github/workflows/docker.yml`文件，用于定义GitHub Actions工作流，自动构建并推送Docker镜像到GitHub Container Registry。
新增`Dockerfile`，定义了构建前端和后端的多阶段构建过程，并最终生成运行时镜像。
新增`config.example.toml`文件，提供了一个配置文件的示例，用于初始化和配置应用程序。
修改`config.toml`文件，将S3存储的`bucket`和`region`字段默认值设置为空字符串，以便用户自定义配置。
修改`crates/common/src/config.rs`文件，添加对环境变量`MDP_STORAGE__FS__ROOT`和`MDP_STORAGE__S3__*`的支持，允许从环境变量中读取配置信息。
新增`docker-compose.yml`文件，用于定义Docker Compose服务，简化开发环境的启动和配置。
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,9 @@
+target/
+web/node_modules/
+web/dist/
+.git/
+data/
+uploads/
+*.md
+LICENSE
+.claude/
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -0,0 +1,51 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    tags:
+      - "v*"
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract version from tag
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=raw,value=latest
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/.gitignore b/.gitignore
@@ -1,10 +1,29 @@
+# Rust
 /target
 **/*.rs.bk
 *.pdb
+
+# Node
+/web/node_modules
+/web/dist
+
+# Data
+/data
+/uploads
+
+# Config (may contain secrets)
+config.toml
 .env
 *.log
-/uploads
-/data
-/.claude
-/web/node_modules
-/web/dist
+
+# IDE
+.vscode/
+.idea/
+*.swp
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Claude
+/.claude
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,50 @@
+# Stage 1: Build frontend
+FROM node:20-alpine AS frontend
+RUN corepack enable && corepack prepare pnpm@latest --activate
+WORKDIR /build
+COPY web/package.json web/pnpm-lock.yaml ./
+RUN pnpm install --frozen-lockfile
+COPY web/ ./
+RUN pnpm build
+
+# Stage 2: Build backend
+FROM rust:1.85-bookworm AS backend
+WORKDIR /build
+# Copy manifests first for dependency caching
+COPY Cargo.toml Cargo.lock ./
+COPY crates/common/Cargo.toml crates/common/Cargo.toml
+COPY crates/auth/Cargo.toml crates/auth/Cargo.toml
+COPY crates/storage/Cargo.toml crates/storage/Cargo.toml
+COPY crates/core/Cargo.toml crates/core/Cargo.toml
+COPY crates/api/Cargo.toml crates/api/Cargo.toml
+COPY crates/webdav/Cargo.toml crates/webdav/Cargo.toml
+COPY migration/Cargo.toml migration/Cargo.toml
+# Create dummy sources so cargo can resolve the workspace
+RUN mkdir -p src && echo "fn main() {}" > src/main.rs \
+    && mkdir -p crates/common/src && echo "" > crates/common/src/lib.rs \
+    && mkdir -p crates/auth/src && echo "" > crates/auth/src/lib.rs \
+    && mkdir -p crates/storage/src && echo "" > crates/storage/src/lib.rs \
+    && mkdir -p crates/core/src && echo "" > crates/core/src/lib.rs \
+    && mkdir -p crates/api/src && echo "" > crates/api/src/lib.rs \
+    && mkdir -p crates/webdav/src && echo "" > crates/webdav/src/lib.rs \
+    && mkdir -p migration/src && echo "" > migration/src/lib.rs
+RUN cargo build --release 2>/dev/null || true
+# Copy real sources and build
+COPY src/ src/
+COPY crates/ crates/
+COPY migration/ migration/
+RUN touch src/main.rs crates/*/src/lib.rs migration/src/lib.rs \
+    && cargo build --release
+
+# Stage 3: Runtime
+FROM debian:bookworm-slim
+RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/*
+WORKDIR /app
+COPY --from=backend /build/target/release/mediadrive-pro ./
+COPY --from=frontend /build/dist/ ./web/dist/
+COPY config.example.toml ./config.toml
+
+RUN mkdir -p data uploads
+
+EXPOSE 8080
+CMD ["./mediadrive-pro"]
diff --git a/config.example.toml b/config.example.toml
@@ -0,0 +1,29 @@
+[server]
+host = "0.0.0.0"
+port = 8080
+
+[database]
+url = "sqlite:./data/mediadrive.db?mode=rwc"
+max_connections = 5
+auto_migrate = true
+
+[storage]
+backend = "fs"
+
+[storage.fs]
+root = "./uploads"
+
+[storage.s3]
+bucket = ""
+region = ""
+endpoint = ""
+access_key_id = ""
+secret_access_key = ""
+
+[auth]
+jwt_secret = "change-me-in-production"
+access_token_ttl_secs = 1800
+
+[webdav]
+enabled = true
+prefix = "/dav"
diff --git a/config.toml b/config.toml
@@ -14,8 +14,8 @@ backend = "fs"
 root = "./uploads"
 
 [storage.s3]
-bucket = "mediadrive"
-region = "us-east-1"
+bucket = ""
+region = ""
 endpoint = ""
 access_key_id = ""
 secret_access_key = ""
diff --git a/crates/common/src/config.rs b/crates/common/src/config.rs
@@ -102,6 +102,83 @@ impl AppConfig {
         if let Ok(val) = std::env::var("MDP_STORAGE__BACKEND") {
             config.storage.backend = val;
         }
+        if let Ok(val) = std::env::var("MDP_STORAGE__FS__ROOT") {
+            config
+                .storage
+                .fs
+                .get_or_insert(FsStorageConfig {
+                    root: String::new(),
+                })
+                .root = val;
+        }
+        if let Ok(val) = std::env::var("MDP_STORAGE__S3__BUCKET") {
+            config
+                .storage
+                .s3
+                .get_or_insert(S3StorageConfig {
+                    bucket: String::new(),
+                    region: String::new(),
+                    endpoint: String::new(),
+                    access_key_id: String::new(),
+                    secret_access_key: String::new(),
+                })
+                .bucket = val;
+        }
+        if let Ok(val) = std::env::var("MDP_STORAGE__S3__REGION") {
+            config
+                .storage
+                .s3
+                .get_or_insert(S3StorageConfig {
+                    bucket: String::new(),
+                    region: String::new(),
+                    endpoint: String::new(),
+                    access_key_id: String::new(),
+                    secret_access_key: String::new(),
+                })
+                .region = val;
+        }
+        if let Ok(val) = std::env::var("MDP_STORAGE__S3__ENDPOINT") {
+            config
+                .storage
+                .s3
+                .get_or_insert(S3StorageConfig {
+                    bucket: String::new(),
+                    region: String::new(),
+                    endpoint: String::new(),
+                    access_key_id: String::new(),
+                    secret_access_key: String::new(),
+                })
+                .endpoint = val;
+        }
+        if let Ok(val) = std::env::var("MDP_STORAGE__S3__ACCESS_KEY_ID") {
+            config
+                .storage
+                .s3
+                .get_or_insert(S3StorageConfig {
+                    bucket: String::new(),
+                    region: String::new(),
+                    endpoint: String::new(),
+                    access_key_id: String::new(),
+                    secret_access_key: String::new(),
+                })
+                .access_key_id = val;
+        }
+        if let Ok(val) = std::env::var("MDP_STORAGE__S3__SECRET_ACCESS_KEY") {
+            config
+                .storage
+                .s3
+                .get_or_insert(S3StorageConfig {
+                    bucket: String::new(),
+                    region: String::new(),
+                    endpoint: String::new(),
+                    access_key_id: String::new(),
+                    secret_access_key: String::new(),
+                })
+                .secret_access_key = val;
+        }
+        if let Ok(val) = std::env::var("MDP_WEBDAV__ENABLED") {
+            config.webdav.enabled = val == "true" || val == "1";
+        }
 
         Ok(config)
     }
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,19 @@
+services:
+  mediadrive:
+    build: .
+    ports:
+      - "8080:8080"
+    volumes:
+      - ./data:/app/data
+      - ./uploads:/app/uploads
+      # - ./config.toml:/app/config.toml  # 自定义配置文件
+    environment:
+      - MDP_AUTH__JWT_SECRET=change-me-in-production
+      # 切换 S3 存储：
+      # - MDP_STORAGE__BACKEND=s3
+      # - MDP_STORAGE__S3__BUCKET=my-bucket
+      # - MDP_STORAGE__S3__REGION=us-east-1
+      # - MDP_STORAGE__S3__ENDPOINT=https://s3.example.com
+      # - MDP_STORAGE__S3__ACCESS_KEY_ID=xxx
+      # - MDP_STORAGE__S3__SECRET_ACCESS_KEY=xxx
+    restart: unless-stopped
