refactor: simplify Railway deployment using existing GHCR images

- Use multi-stage build from existing backend/frontend images - Remove supervisord, use simple shell script - Single process model: backend runs in background, nginx foreground - Auto-generate encryption keys on startup
2026-06-04 09:58:22 +08:00 · 2026-01-06 18:31:39 +08:00
parent f0b4913ad6
commit 6e6bdf1e57
6 changed files with 76 additions and 181 deletions
@@ -1,6 +1,3 @@
-# Railway Nginx Configuration
-# Frontend static files + API proxy to backend
-
 server {
    listen ${PORT};
    server_name _;
@@ -8,45 +5,30 @@ server {
    root /usr/share/nginx/html;
    index index.html;

-    # Gzip compression
+    # Gzip
    gzip on;
-    gzip_vary on;
-    gzip_min_length 1024;
-    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/javascript application/json;
+    gzip_types text/plain text/css application/json application/javascript text/xml;

-    # Frontend routes (SPA)
+    # SPA 路由
    location / {
        try_files $uri $uri/ /index.html;
-
-        # Cache static assets
-        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
-            expires 1y;
-            add_header Cache-Control "public, immutable";
-        }
    }

-    # Proxy API requests to backend (runs on 8081 internally)
+    # API 代理到后端
    location /api/ {
-        proxy_pass http://127.0.0.1:8081/api/;
+        proxy_pass http://127.0.0.1:8080/api/;
        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
-        proxy_cache_bypass $http_upgrade;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-
-        # Timeout for long-running API calls (AI inference)
        proxy_connect_timeout 300s;
        proxy_send_timeout 300s;
        proxy_read_timeout 300s;
    }

-    # Health check endpoint
+    # 健康检查
    location /health {
-        return 200 "OK\n";
+        return 200 'OK';
        add_header Content-Type text/plain;
-        access_log off;
    }
 }
@@ -1,19 +0,0 @@
-#!/bin/sh
-# Backend startup wrapper - generates encryption keys if not set
-
-# Generate RSA private key if not set
-if [ -z "$RSA_PRIVATE_KEY" ]; then
-    echo "🔐 Generating RSA key pair..."
-    export RSA_PRIVATE_KEY=$(openssl genrsa 2048 2>/dev/null)
-    echo "✅ RSA key generated"
-fi
-
-# Generate data encryption key if not set
-if [ -z "$DATA_ENCRYPTION_KEY" ]; then
-    echo "🔐 Generating data encryption key..."
-    export DATA_ENCRYPTION_KEY=$(openssl rand -base64 32)
-    echo "✅ Data encryption key generated"
-fi
-
-# Start the backend
-exec /app/nofx
@@ -1,19 +0,0 @@
-#!/bin/sh
-# Nginx startup wrapper - substitutes PORT environment variable
-
-# Default PORT to 8080 if not set
-export PORT=${PORT:-8080}
-
-echo "🌐 Starting nginx on port $PORT..."
-echo "🔍 All environment variables with PORT:"
-env | grep -i port || echo "No PORT variables found"
-
-# Generate nginx config from template
-envsubst '${PORT}' < /etc/nginx/nginx.conf.template > /etc/nginx/http.d/default.conf
-
-# Show generated config for debugging
-echo "📄 Generated nginx config:"
-cat /etc/nginx/http.d/default.conf | head -10
-
-# Start nginx
-exec nginx -g "daemon off;"
@@ -0,0 +1,41 @@
+#!/bin/sh
+set -e
+
+# 默认端口
+export PORT=${PORT:-3000}
+echo "🚀 Starting NOFX on port $PORT..."
+
+# 生成加密密钥（如果没有设置）
+if [ -z "$RSA_PRIVATE_KEY" ]; then
+    echo "🔐 Generating RSA key..."
+    export RSA_PRIVATE_KEY=$(openssl genrsa 2048 2>/dev/null)
+fi
+
+if [ -z "$DATA_ENCRYPTION_KEY" ]; then
+    echo "🔐 Generating data encryption key..."
+    export DATA_ENCRYPTION_KEY=$(openssl rand -base64 32)
+fi
+
+# 生成 nginx 配置
+echo "📝 Generating nginx config for port $PORT..."
+envsubst '${PORT}' < /etc/nginx/nginx.conf.template > /etc/nginx/http.d/default.conf
+
+# 启动后端（后台运行）
+echo "🔧 Starting backend on port 8080..."
+/app/nofx &
+BACKEND_PID=$!
+
+# 等待后端启动
+sleep 3
+
+# 检查后端是否启动成功
+if ! kill -0 $BACKEND_PID 2>/dev/null; then
+    echo "❌ Backend failed to start"
+    exit 1
+fi
+
+echo "✅ Backend started (PID: $BACKEND_PID)"
+
+# 启动 nginx（前台运行）
+echo "🌐 Starting nginx on port $PORT..."
+exec nginx -g "daemon off;"
@@ -1,26 +0,0 @@
-[supervisord]
-nodaemon=true
-logfile=/dev/stdout
-logfile_maxbytes=0
-pidfile=/tmp/supervisord.pid
-
-[program:backend]
-command=/app/start-backend.sh
-directory=/app
-autostart=true
-autorestart=true
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-environment=API_SERVER_PORT="8081",DB_PATH="/app/data/data.db"
-
-[program:nginx]
-command=/app/start-nginx.sh
-autostart=true
-autorestart=true
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-environment=PORT="%(ENV_PORT)s"