feat(docker): 新增并优化针对国内网络的Dockerfile配置

ExquisiteCore · ExquisiteCore · commit ef166a64e91a · 2025-05-27T22:59:24.000+08:00
新增两个Dockerfile变体(minimal/simple)并优化现有配置，主要改进包括：
- 使用阿里云镜像源加速apt包管理
- 配置USTC Rust镜像源提高crates下载速度
- 简化cargo配置生成方式
- 统一使用bookworm基础镜像
- 优化构建参数和超时设置

移除冗余配置并保持各变体间一致性，提升国内构建速度和可靠性
diff --git a/backend/Dockerfile.china b/backend/Dockerfile.china
@@ -1,38 +1,35 @@
-# Multi-stage build for Rust backend
+# 极简版 Rust 后端 Dockerfile - 针对国内网络优化
 FROM rust:1.86.0-slim AS chef
 
-# 配置国内镜像源加速
+# 配置阿里云镜像源
 RUN echo "deb http://mirrors.aliyun.com/debian/ bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
     echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
     echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list
 
-# 配置Rust镜像源和网络超时设置
-ENV RUSTUP_DIST_SERVER=https://mirrors.ustc.edu.cn/rust-static
-ENV RUSTUP_UPDATE_ROOT=https://mirrors.ustc.edu.cn/rust-static/rustup
-ENV CARGO_NET_RETRY=10
-ENV CARGO_NET_TIMEOUT=300
-ENV CARGO_HTTP_TIMEOUT=300
-ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
+# 配置最优Rust镜像源
+ENV CARGO_NET_RETRY=3
+ENV CARGO_NET_TIMEOUT=60
+ENV CARGO_HTTP_TIMEOUT=60
 
 RUN mkdir -p ~/.cargo && \
     echo '[source.crates-io]' > ~/.cargo/config.toml && \
     echo 'replace-with = "ustc"' >> ~/.cargo/config.toml && \
-    echo '' >> ~/.cargo/config.toml && \
     echo '[source.ustc]' >> ~/.cargo/config.toml && \
     echo 'registry = "https://mirrors.ustc.edu.cn/crates.io-index"' >> ~/.cargo/config.toml && \
-    echo '' >> ~/.cargo/config.toml && \
     echo '[net]' >> ~/.cargo/config.toml && \
-    echo 'retry = 10' >> ~/.cargo/config.toml && \
-    echo 'timeout = 300' >> ~/.cargo/config.toml && \
-    echo '' >> ~/.cargo/config.toml && \
-    echo '[http]' >> ~/.cargo/config.toml && \
-    echo 'timeout = 300' >> ~/.cargo/config.toml
+    echo 'retry = 3' >> ~/.cargo/config.toml && \
+    echo 'timeout = 60' >> ~/.cargo/config.toml
 
-# 预先拉取 cargo-chef 源码以避免网络问题
-RUN git clone --depth 1 https://mirrors.ustc.edu.cn/crates.io-index.git /tmp/crates-index || \
-    git clone --depth 1 https://github.com/rust-lang/crates.io-index.git /tmp/crates-index || true
+# 安装系统依赖
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    pkg-config \
+    libssl-dev \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+# 安装cargo-chef
+RUN cargo install cargo-chef --timeout 300
 
-RUN cargo install cargo-chef --timeout 600
 WORKDIR /app
 
 FROM chef AS planner
@@ -42,83 +39,47 @@ RUN cargo chef prepare --recipe-path recipe.json
 FROM chef AS builder
 COPY --from=planner /app/recipe.json recipe.json
 
-# 配置国内镜像源
-RUN echo "deb http://mirrors.aliyun.com/debian/ bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
-    echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
-    echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list
-
-# 配置Rust镜像源和网络超时设置
-ENV CARGO_NET_RETRY=10
-ENV CARGO_NET_TIMEOUT=300
-ENV CARGO_HTTP_TIMEOUT=300
-ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
-
-RUN mkdir -p ~/.cargo && \
-    echo '[source.crates-io]' > ~/.cargo/config.toml && \
-    echo 'replace-with = "ustc"' >> ~/.cargo/config.toml && \
-    echo '' >> ~/.cargo/config.toml && \
-    echo '[source.ustc]' >> ~/.cargo/config.toml && \
-    echo 'registry = "https://mirrors.ustc.edu.cn/crates.io-index"' >> ~/.cargo/config.toml && \
-    echo '' >> ~/.cargo/config.toml && \
-    echo '[net]' >> ~/.cargo/config.toml && \
-    echo 'retry = 10' >> ~/.cargo/config.toml && \
-    echo 'timeout = 300' >> ~/.cargo/config.toml && \
-    echo '' >> ~/.cargo/config.toml && \
-    echo '[http]' >> ~/.cargo/config.toml && \
-    echo 'timeout = 300' >> ~/.cargo/config.toml
-
-# Install system dependencies
-RUN apt-get update && apt-get install -y \
-    pkg-config \
-    libssl-dev \
-    ca-certificates \
-    && rm -rf /var/lib/apt/lists/*
-
-# Build dependencies - this layer is cached
-RUN cargo chef cook --release --recipe-path recipe.json --timeout 600
+# 构建依赖
+RUN cargo chef cook --release --recipe-path recipe.json
 
-# Copy source code and build application
+# 复制源码并构建
 COPY . .
-RUN CARGO_NET_RETRY=10 CARGO_NET_TIMEOUT=300 cargo build --release --timeout 600
+RUN cargo build --release
 
-# Runtime stage
+# 运行时阶段
 FROM debian:bookworm-slim AS runtime
 
-# 配置国内镜像源
+# 配置阿里云镜像源
 RUN echo "deb http://mirrors.aliyun.com/debian/ bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
     echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
     echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list
 
-# Install runtime dependencies
-RUN apt-get update && apt-get install -y \
+# 安装运行时依赖
+RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates \
     libssl3 \
     curl \
-    && rm -rf /var/lib/apt/lists/* \
-    && apt-get clean
+    && rm -rf /var/lib/apt/lists/*
 
-# Create non-root user
+# 创建用户
 RUN groupadd -r bloguser && useradd -r -g bloguser bloguser
 
 WORKDIR /app
 
-# Copy binary and config
+# 复制二进制文件
 COPY --from=builder /app/target/release/backend /app/backend
 COPY --from=builder /app/config.docker.toml /app/config.toml
 
-# Set ownership
 RUN chown -R bloguser:bloguser /app
 USER bloguser
 
 EXPOSE 8080
 
-# Health check
 HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
     CMD curl -f http://localhost:8080/health || exit 1
 
 CMD ["./backend"]
 
-# Production optimized stage
 FROM runtime AS production
 ENV RUST_LOG=info
 ENV RUST_BACKTRACE=0
diff --git a/backend/Dockerfile.fast b/backend/Dockerfile.fast
@@ -16,27 +16,25 @@ ENV CARGO_HTTP_MULTIPLEXING=false
 
 # 创建完整的cargo配置
 RUN mkdir -p ~/.cargo && \
-    cat > ~/.cargo/config.toml << 'EOF'
-[source.crates-io]
-replace-with = "rsproxy"
-
-[source.rsproxy]
-registry = "https://rsproxy.cn/crates.io-index"
-
-[source.rsproxy-sparse]
-registry = "sparse+https://rsproxy.cn/index/"
-
-[registries.rsproxy]
-index = "https://rsproxy.cn/crates.io-index"
-
-[net]
-retry = 3
-timeout = 60
-
-[http]
-timeout = 60
-multiplexing = false
-EOF
+    echo '[source.crates-io]' > ~/.cargo/config.toml && \
+    echo 'replace-with = "rsproxy"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[source.rsproxy]' >> ~/.cargo/config.toml && \
+    echo 'registry = "https://rsproxy.cn/crates.io-index"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[source.rsproxy-sparse]' >> ~/.cargo/config.toml && \
+    echo 'registry = "sparse+https://rsproxy.cn/index/"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[registries.rsproxy]' >> ~/.cargo/config.toml && \
+    echo 'index = "https://rsproxy.cn/crates.io-index"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[net]' >> ~/.cargo/config.toml && \
+    echo 'retry = 3' >> ~/.cargo/config.toml && \
+    echo 'timeout = 60' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[http]' >> ~/.cargo/config.toml && \
+    echo 'timeout = 60' >> ~/.cargo/config.toml && \
+    echo 'multiplexing = false' >> ~/.cargo/config.toml
 
 # 跳过cargo-chef安装，直接使用预编译二进制
 RUN apt-get update && apt-get install -y --no-install-recommends \
@@ -65,27 +63,25 @@ RUN echo "deb http://mirrors.aliyun.com/debian/ bookworm main contrib non-free n
 
 # 复制cargo配置
 RUN mkdir -p ~/.cargo && \
-    cat > ~/.cargo/config.toml << 'EOF'
-[source.crates-io]
-replace-with = "rsproxy"
-
-[source.rsproxy]
-registry = "https://rsproxy.cn/crates.io-index"
-
-[source.rsproxy-sparse]
-registry = "sparse+https://rsproxy.cn/index/"
-
-[registries.rsproxy]
-index = "https://rsproxy.cn/crates.io-index"
-
-[net]
-retry = 3
-timeout = 60
-
-[http]
-timeout = 60
-multiplexing = false
-EOF
+    echo '[source.crates-io]' > ~/.cargo/config.toml && \
+    echo 'replace-with = "rsproxy"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[source.rsproxy]' >> ~/.cargo/config.toml && \
+    echo 'registry = "https://rsproxy.cn/crates.io-index"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[source.rsproxy-sparse]' >> ~/.cargo/config.toml && \
+    echo 'registry = "sparse+https://rsproxy.cn/index/"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[registries.rsproxy]' >> ~/.cargo/config.toml && \
+    echo 'index = "https://rsproxy.cn/crates.io-index"' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[net]' >> ~/.cargo/config.toml && \
+    echo 'retry = 3' >> ~/.cargo/config.toml && \
+    echo 'timeout = 60' >> ~/.cargo/config.toml && \
+    echo '' >> ~/.cargo/config.toml && \
+    echo '[http]' >> ~/.cargo/config.toml && \
+    echo 'timeout = 60' >> ~/.cargo/config.toml && \
+    echo 'multiplexing = false' >> ~/.cargo/config.toml
 
 # 快速安装系统依赖
 RUN apt-get update && apt-get install -y --no-install-recommends \
diff --git a/backend/Dockerfile.minimal b/backend/Dockerfile.minimal
@@ -0,0 +1,74 @@
+# 最简版 Rust 后端 Dockerfile - 无cargo-chef，专为国内网络优化
+FROM rust:1.86.0-slim AS builder
+
+# 配置阿里云镜像源
+RUN echo "deb http://mirrors.aliyun.com/debian/ bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
+    echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+    echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list
+
+# 配置Rust镜像源
+ENV CARGO_NET_RETRY=3
+ENV CARGO_NET_TIMEOUT=60
+ENV CARGO_HTTP_TIMEOUT=60
+
+RUN mkdir -p ~/.cargo && \
+    echo '[source.crates-io]' > ~/.cargo/config.toml && \
+    echo 'replace-with = "ustc"' >> ~/.cargo/config.toml && \
+    echo '[source.ustc]' >> ~/.cargo/config.toml && \
+    echo 'registry = "https://mirrors.ustc.edu.cn/crates.io-index"' >> ~/.cargo/config.toml && \
+    echo '[net]' >> ~/.cargo/config.toml && \
+    echo 'retry = 3' >> ~/.cargo/config.toml && \
+    echo 'timeout = 60' >> ~/.cargo/config.toml
+
+# 安装系统依赖
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    pkg-config \
+    libssl-dev \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /app
+
+# 复制所有源码
+COPY . .
+
+# 直接构建（跳过cargo-chef）
+RUN cargo build --release
+
+# 运行时阶段
+FROM debian:bookworm-slim AS runtime
+
+# 配置阿里云镜像源
+RUN echo "deb http://mirrors.aliyun.com/debian/ bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
+    echo "deb http://mirrors.aliyun.com/debian/ bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+    echo "deb http://mirrors.aliyun.com/debian-security bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list
+
+# 安装运行时依赖
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    ca-certificates \
+    libssl3 \
+    curl \
+    && rm -rf /var/lib/apt/lists/*
+
+# 创建用户
+RUN groupadd -r bloguser && useradd -r -g bloguser bloguser
+
+WORKDIR /app
+
+# 复制二进制文件
+COPY --from=builder /app/target/release/backend /app/backend
+COPY --from=builder /app/config.docker.toml /app/config.toml
+
+RUN chown -R bloguser:bloguser /app
+USER bloguser
+
+EXPOSE 8080
+
+HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
+    CMD curl -f http://localhost:8080/health || exit 1
+
+CMD ["./backend"]
+
+FROM runtime AS production
+ENV RUST_LOG=info
+ENV RUST_BACKTRACE=0
diff --git a/backend/Dockerfile.simple b/backend/Dockerfile.simple
