使用 Docker 部署 ExportX 上传服务适用于任何支持 Docker 的平台,包括 Google Cloud Run、DigitalOcean、AWS ECS 等。
前置条件
在开始之前,请确保您已安装:
- Docker (版本 20.10+)
- 云存储账户 (AWS S3、Cloudflare R2、或兼容 S3 的存储服务)
快速开始
1. 拉取 Docker 镜像
# 拉取最新版本
docker pull ghcr.io/edward00funny/exportx-upload:latest
# 或拉取特定版本
docker pull ghcr.io/edward00funny/exportx-upload:v1.0.02. 运行容器
使用 AWS S3 存储的基本示例:
docker run -d \
--name exportx-uploader \
-p 3000:3000 \
-e PORT=3000 \
-e AUTH_SECRET_KEY="your-secret-token" \
-e STORAGE_PROVIDER="S3" \
-e AWS_ACCESS_KEY_ID="your-aws-access-key" \
-e AWS_SECRET_ACCESS_KEY="your-aws-secret-key" \
-e AWS_S3_BUCKET="your-s3-bucket-name" \
-e AWS_S3_REGION="us-east-1" \
ghcr.io/edward00funny/exportx-upload:latest服务将在 http://localhost:3000 上运行。
构建自定义镜像
如果您需要自定义构建:
1. 克隆源代码
git clone https://github.com/Edward00Funny/exportx-upload.git
cd exportx-upload2. 构建镜像
docker build -t exportx-uploader .3. 运行自定义镜像
docker run -d \
--name exportx-uploader \
-p 3000:3000 \
-e PORT=3000 \
-e AUTH_SECRET_KEY="your-secret-token" \
exportx-uploader环境变量配置
基础配置
| 变量名 | 示例值 | 必需 | 说明 |
|---|---|---|---|
PORT |
3000 |
否 | 服务端口 (默认: 3000) |
AUTH_SECRET_KEY |
token1,token2,token3 |
是 | 认证密钥,支持多个(逗号分隔) |
AWS S3 配置
# AWS S3 环境变量
-e STORAGE_PROVIDER="S3"
-e AWS_ACCESS_KEY_ID="your-access-key"
-e AWS_SECRET_ACCESS_KEY="your-secret-key"
-e AWS_S3_BUCKET="your-bucket-name"
-e AWS_S3_REGION="us-east-1"Cloudflare R2 配置
# Cloudflare R2 环境变量
-e STORAGE_PROVIDER="R2"
-e R2_ACCOUNT_ID="your-account-id"
-e R2_ACCESS_KEY_ID="your-r2-access-key"
-e R2_SECRET_ACCESS_KEY="your-r2-secret-key"
-e R2_BUCKET_NAME="your-r2-bucket"存储桶配置
# 存储桶规则配置
-e BUCKET_main_s3_PROVIDER="S3"
-e BUCKET_main_s3_ALLOWED_PATHS="images,assets,*"
-e BUCKET_main_s3_EMAIL_WHITELIST="user@example.com,team@example.com"平台特定部署
Google Cloud Run
1. 构建并推送镜像
# 配置 gcloud
gcloud auth configure-docker
# 构建镜像
docker build -t gcr.io/YOUR_PROJECT_ID/exportx-uploader .
# 推送镜像
docker push gcr.io/YOUR_PROJECT_ID/exportx-uploader2. 部署到 Cloud Run
gcloud run deploy exportx-uploader \
--image gcr.io/YOUR_PROJECT_ID/exportx-uploader \
--platform managed \
--region us-central1 \
--allow-unauthenticated \
--set-env-vars PORT=8080,AUTH_SECRET_KEY=your-secret-token \
--set-env-vars STORAGE_PROVIDER=S3 \
--set-env-vars AWS_ACCESS_KEY_ID=your-access-key \
--set-env-vars AWS_SECRET_ACCESS_KEY=your-secret-key \
--set-env-vars AWS_S3_BUCKET=your-bucket \
--set-env-vars AWS_S3_REGION=us-east-1DigitalOcean App Platform
创建 app.yaml 文件:
name: exportx-uploader
services:
- name: web
source_dir: /
github:
repo: Edward00Funny/exportx-upload
branch: main
run_command: npm start
environment_slug: node-js
instance_count: 1
instance_size_slug: basic-xxs
envs:
- key: PORT
value: "8080"
- key: AUTH_SECRET_KEY
value: "your-secret-token"
- key: STORAGE_PROVIDER
value: "S3"
- key: AWS_ACCESS_KEY_ID
value: "your-access-key"
- key: AWS_SECRET_ACCESS_KEY
value: "your-secret-key"
- key: AWS_S3_BUCKET
value: "your-bucket"
- key: AWS_S3_REGION
value: "us-east-1"部署命令:
doctl apps create --spec app.yamlAWS ECS
1. 创建任务定义
{
"family": "exportx-uploader",
"networkMode": "awsvpc",
"requiresCompatibilities": ["FARGATE"],
"cpu": "256",
"memory": "512",
"executionRoleArn": "arn:aws:iam::YOUR_ACCOUNT:role/ecsTaskExecutionRole",
"containerDefinitions": [
{
"name": "exportx-uploader",
"image": "ghcr.io/edward00funny/exportx-upload:latest",
"portMappings": [
{
"containerPort": 3000,
"protocol": "tcp"
}
],
"environment": [
{
"name": "PORT",
"value": "3000"
},
{
"name": "AUTH_SECRET_KEY",
"value": "your-secret-token"
},
{
"name": "STORAGE_PROVIDER",
"value": "S3"
},
{
"name": "AWS_S3_BUCKET",
"value": "your-bucket"
},
{
"name": "AWS_S3_REGION",
"value": "us-east-1"
}
],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "/ecs/exportx-uploader",
"awslogs-region": "us-east-1",
"awslogs-stream-prefix": "ecs"
}
}
}
]
}Docker Compose
创建 docker-compose.yml 文件:
version: '3.8'
services:
exportx-uploader:
image: ghcr.io/edward00funny/exportx-upload:latest
container_name: exportx-uploader
ports:
- "3000:3000"
environment:
- PORT=3000
- AUTH_SECRET_KEY=your-secret-token,another-token
- STORAGE_PROVIDER=S3
- AWS_ACCESS_KEY_ID=your-access-key
- AWS_SECRET_ACCESS_KEY=your-secret-key
- AWS_S3_BUCKET=your-bucket
- AWS_S3_REGION=us-east-1
- BUCKET_main_s3_PROVIDER=S3
- BUCKET_main_s3_ALLOWED_PATHS=images,assets,*
- BUCKET_main_s3_EMAIL_WHITELIST=user@example.com,team@example.com
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3000/"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s运行:
docker-compose up -d验证部署
健康检查
curl http://localhost:3000/预期响应:
{
"status": "ok",
"message": "ExportX Upload Service"
}测试上传
curl -X POST \
-H "Authorization: Bearer your-secret-token" \
-H "X-User-Email: user@example.com" \
-F "file=@/path/to/test.png" \
-F "path=images" \
"http://localhost:3000/upload?bucket=main_s3"日志和监控
查看容器日志
# 查看实时日志
docker logs -f exportx-uploader
# 查看最近的日志
docker logs --tail 100 exportx-uploader监控指标
添加监控环境变量:
-e ENABLE_METRICS=true
-e METRICS_PORT=9090访问 http://localhost:9090/metrics 查看 Prometheus 指标。
故障排除
常见问题
-
容器无法启动
# 检查容器状态 docker ps -a # 查看详细日志 docker logs exportx-uploader -
存储连接失败
# 验证环境变量 docker exec exportx-uploader env | grep -E "(AWS|S3|R2)" # 测试存储连接 docker exec exportx-uploader curl -I https://your-bucket.s3.amazonaws.com/ -
权限问题
# 检查文件权限 docker exec exportx-uploader ls -la /app # 以 root 用户运行 docker run --user root ...
调试模式
启用调试模式:
docker run -d \
-e DEBUG=true \
-e LOG_LEVEL=debug \
...性能优化
生产环境配置
# docker-compose.prod.yml
version: '3.8'
services:
exportx-uploader:
image: ghcr.io/edward00funny/exportx-upload:latest
deploy:
replicas: 3
resources:
limits:
cpus: '0.50'
memory: 512M
reservations:
cpus: '0.25'
memory: 256M
environment:
- NODE_ENV=production
- PORT=3000
- MAX_FILE_SIZE=10MB
- CONCURRENT_UPLOADS=5负载均衡
使用 Nginx 作为负载均衡器:
upstream exportx_backend {
server exportx-uploader-1:3000;
server exportx-uploader-2:3000;
server exportx-uploader-3:3000;
}
server {
listen 80;
server_name your-domain.com;
location / {
proxy_pass http://exportx_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 上传相关配置
client_max_body_size 50M;
proxy_read_timeout 300s;
proxy_connect_timeout 75s;
}
}安全建议
- 使用非 root 用户运行容器
- 定期更新镜像
- 设置防火墙规则
- 使用 HTTPS
- 定期轮换认证密钥
需要帮助?请查看我们的 完整文档 或联系技术支持。