# Build and start the application
docker-compose up -d
# View logs
docker-compose logs -f
# Stop the application
docker-compose down
# Stop and remove volumes (WARNING: deletes all data)
docker-compose down -vThe application will be available at:
- API: http://localhost:8090
- Admin UI: http://localhost:8090/_/
# Build image
docker build -t cardgames:latest .
# Run container
docker run -d \
--name cardgames \
-p 8090:8090 \
-v cardgames-data:/app/pb_data \
cardgames:latest
# View logs
docker logs -f cardgames
# Stop container
docker stop cardgames
# Remove container
docker rm cardgames- Enable Nginx profile:
docker-compose --profile production up -d-
Configure SSL (optional):
- Place SSL certificates in
./ssl/directory - Uncomment SSL configuration in
nginx.conf - Update
server_namewith your domain
- Place SSL certificates in
-
Access application:
- HTTP: http://your-domain.com
- HTTPS: https://your-domain.com
Create a .env file for production:
# Encryption key for sensitive data (32 characters)
PB_ENCRYPTION_ENV=your-32-character-encryption-key-here
# Data directory (inside container)
PB_DATA_DIR=/app/pb_dataData is stored in Docker volumes:
# List volumes
docker volume ls
# Backup data
docker run --rm -v cardgames-data:/data -v $(pwd):/backup alpine tar czf /backup/cardgames-backup.tar.gz -C /data .
# Restore data
docker run --rm -v cardgames-data:/data -v $(pwd):/backup alpine tar xzf /backup/cardgames-backup.tar.gz -C /dataMount game logic files for live updates:
# docker-compose.yml
services:
cardgames:
volumes:
- ./game_logics:/app/game_logics:roThen rebuild when you change Go code:
docker-compose up -d --buildThe container includes health checks:
# Check container health
docker ps
# Manual health check
curl http://localhost:8090/api/health# View all logs
docker-compose logs
# Follow logs
docker-compose logs -f
# View specific service
docker-compose logs -f cardgames
# Last 100 lines
docker-compose logs --tail=100# Check logs
docker-compose logs cardgames
# Check if port is in use
lsof -i :8090
# Rebuild image
docker-compose build --no-cache
docker-compose up -d# Enter container
docker exec -it cardgames sh
# Check data directory
ls -la /app/pb_data/
# Check database file
file /app/pb_data/data.db# Fix permissions
docker-compose down
docker run --rm -v cardgames-data:/data alpine chown -R 1000:1000 /data
docker-compose up -dFor horizontal scaling, use external database:
- Use PostgreSQL instead of SQLite
- Configure load balancer
- Enable session affinity for WebSocket connections
- Use Redis for session storage
Add monitoring with Prometheus and Grafana:
# docker-compose.yml
services:
prometheus:
image: prom/prometheus
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
ports:
- "9090:9090"
grafana:
image: grafana/grafana
ports:
- "3000:3000"-
Use strong encryption key
- Generate:
openssl rand -hex 16 - Store securely, never commit to git
- Generate:
-
Enable HTTPS in production
- Use Let's Encrypt for free SSL
- Configure nginx SSL properly
-
Restrict network access
- Use Docker networks
- Configure firewall rules
- Limit exposed ports
-
Regular backups
- Automate database backups
- Store backups offsite
- Test restore procedures
-
Update regularly
- Keep base images updated
- Update dependencies
- Monitor security advisories
# 构建并启动应用
docker-compose up -d
# 查看日志
docker-compose logs -f
# 停止应用
docker-compose down
# 停止并删除卷(警告:删除所有数据)
docker-compose down -v应用将在以下地址可用:
- API: http://localhost:8090
- 管理界面: http://localhost:8090/_/
# 构建镜像
docker build -t cardgames:latest .
# 运行容器
docker run -d \
--name cardgames \
-p 8090:8090 \
-v cardgames-data:/app/pb_data \
cardgames:latest
# 查看日志
docker logs -f cardgames
# 停止容器
docker stop cardgames
# 删除容器
docker rm cardgames- 启用 Nginx 配置:
docker-compose --profile production up -d-
配置 SSL(可选):
- 将 SSL 证书放在
./ssl/目录中 - 在
nginx.conf中取消注释 SSL 配置 - 使用您的域名更新
server_name
- 将 SSL 证书放在
-
访问应用:
- HTTP: http://your-domain.com
- HTTPS: https://your-domain.com
为生产环境创建 .env 文件:
# 敏感数据加密密钥(32 字符)
PB_ENCRYPTION_ENV=your-32-character-encryption-key-here
# 数据目录(容器内)
PB_DATA_DIR=/app/pb_data数据存储在 Docker 卷中:
# 列出卷
docker volume ls
# 备份数据
docker run --rm -v cardgames-data:/data -v $(pwd):/backup alpine tar czf /backup/cardgames-backup.tar.gz -C /data .
# 恢复数据
docker run --rm -v cardgames-data:/data -v $(pwd):/backup alpine tar xzf /backup/cardgames-backup.tar.gz -C /data挂载游戏逻辑文件以实现实时更新:
# docker-compose.yml
services:
cardgames:
volumes:
- ./game_logics:/app/game_logics:ro然后在更改 Go 代码时重新构建:
docker-compose up -d --build容器包含健康检查:
# 检查容器健康
docker ps
# 手动健康检查
curl http://localhost:8090/api/health# 查看所有日志
docker-compose logs
# 跟踪日志
docker-compose logs -f
# 查看特定服务
docker-compose logs -f cardgames
# 最后 100 行
docker-compose logs --tail=100# 检查日志
docker-compose logs cardgames
# 检查端口是否被占用
lsof -i :8090
# 重新构建镜像
docker-compose build --no-cache
docker-compose up -d# 进入容器
docker exec -it cardgames sh
# 检查数据目录
ls -la /app/pb_data/
# 检查数据库文件
file /app/pb_data/data.db# 修复权限
docker-compose down
docker run --rm -v cardgames-data:/data alpine chown -R 1000:1000 /data
docker-compose up -d-
使用强加密密钥
- 生成:
openssl rand -hex 16 - 安全存储,永远不要提交到 git
- 生成:
-
在生产环境启用 HTTPS
- 使用 Let's Encrypt 获取免费 SSL
- 正确配置 nginx SSL
-
限制网络访问
- 使用 Docker 网络
- 配置防火墙规则
- 限制暴露的端口
-
定期备份
- 自动化数据库备份
- 将备份存储在异地
- 测试恢复程序
-
定期更新
- 保持基础镜像更新
- 更新依赖项
- 监控安全公告
# 查看运行中的容器
docker-compose ps
# 重启服务
docker-compose restart cardgames
# 更新并重启
docker-compose pull
docker-compose up -d
# 清理未使用的资源
docker system prune -a
# 查看资源使用
docker stats