# Name of your application. Used to uniquely configure containers.
service: img_manager
# Name of the container image.
image: mumumumushu/img_manager
# Deploy to these servers.
servers:
web:
hosts:
- 45.78.59.154
labels:
# 使用域名隔离应用
traefik.http.routers.img_manager.rule: Host(`img-manager.mumumumushu.com`)
# 指定路由器名称,使用web入口点(端口80)
traefik.http.routers.img_manager.entrypoints: web
# 不启用TLS,简化配置
# traefik.http.routers.img_manager.tls: true
# 使用自定义端口而不是默认的80
traefik.http.services.img_manager.loadbalancer.server.port: 3000
# job:
# hosts:
# - 192.168.0.1
# cmd: bin/jobs
# Enable SSL auto certification via Let's Encrypt and allow for multiple apps on a single web server.
# Note: If using Cloudflare, set encryption mode in SSL/TLS setting to "Full" to enable CF-to-app encryption.
proxy:
# 暂时禁用SSL,简化部署
ssl: false
# 使用IP地址而不是域名,方便直接访问
host: 45.78.59.154
# 配置Traefik使用自定义端口
# options:
# # 定义多个入口点,包括非80端口
# traefik.entryPoints.web.address: ":80"
# traefik.entryPoints.websecure.address: ":443"
# # 启用HTTP自动跳转到HTTPS
# traefik.http.middlewares.redirect-to-https.redirectscheme.scheme: "https"
# traefik.http.routers.redirs.rule: "hostregexp(`{host:.+}`)"
# traefik.http.routers.redirs.entrypoints: "web"
# traefik.http.routers.redirs.middlewares: "redirect-to-https"
# Credentials for your image host.
registry:
# Specify the registry server, if you're not using Docker Hub
# server: registry.digitalocean.com / ghcr.io / ...
username: mumumumushu
# Always use an access token rather than real password when possible.
password:
- KAMAL_REGISTRY_PASSWORD
# Inject ENV variables into containers (secrets come from .kamal/secrets).
env:
secret:
- RAILS_MASTER_KEY
# Add Git credentials for private repositories
- GIT_CREDENTIALS
clear:
# Git repository configuration
GIT_REPOSITORY: git@git.tallty.com:mumumumushu/img-manager.git
GIT_BRANCH: main
# Force rebuild flags (set to true when you want to force rebuild)
FORCE_BUNDLE_INSTALL: false
FORCE_NPM_INSTALL: false
FORCE_VITE_BUILD: true
# Database configuration
RAILS_ENV: production
DATABASE_URL: sqlite3:///rails/storage/production.sqlite3
# Disable database migrations during startup to avoid SQLite issues
SKIP_DB_PREPARATION: true
# Run the Solid Queue Supervisor inside the web server's Puma process to do jobs.
SOLID_QUEUE_IN_PUMA: true
# Set number of processes dedicated to Solid Queue (default: 1)
# JOB_CONCURRENCY: 3
# Set number of cores available to the application on each server (default: 1).
# WEB_CONCURRENCY: 2
# Match this to any external database server to configure Active Record correctly
# DB_HOST: 192.168.0.2
# Log everything from Rails
RAILS_LOG_LEVEL: debug
# Aliases are triggered with "bin/kamal <alias>". You can overwrite arguments on invocation:
# "bin/kamal logs -r job" will tail logs from the first server in the job section.
aliases:
console: app exec --interactive --reuse "bin/rails console"
shell: app exec --interactive --reuse "bash"
logs: app logs -f
dbc: app exec --interactive --reuse "bin/rails dbconsole"
assets: app exec --interactive --reuse "bundle exec vite build"
migrate: app exec --interactive --reuse "bin/rails db:migrate"
# Use persistent storage volumes for external storage of code, files, and database
# These volumes will be mounted to the container and persist between deployments
volumes:
# Git code repository storage
- "/root/img_manager/code:/rails/code"
# Database storage with simpler configuration (no Z flag to avoid SELinux issues)
- "/root/img_manager/storage:/rails/storage"
# Uploaded files storage
- "/root/img_manager/uploads:/rails/public/uploads"
# Vite assets storage
- "/root/img_manager/public/vite:/rails/public/vite"
# Node modules storage
- "/root/img_manager/node_modules:/rails/node_modules"
# Logs storage
- "/root/img_manager/logs:/rails/log"
# Tmp directory for pids and other temporary files
- "/root/img_manager/tmp:/rails/tmp"
# Bundle gems storage
- "/root/img_manager/bundle:/bundle"
# SSH keys for Git access
- "/root/.ssh:/root/.ssh"
# Bridge fingerprinted assets, like JS and CSS, between versions to avoid
# hitting 404 on in-flight requests. Combines all files from new and old
# version inside the asset_path.
# Disable asset bridging for now to fix deployment issues
asset_path: false
# Deployment configuration for better reliability
# 增加部署超时时间,给应用更多时间启动
deploy_timeout: 120
# 增加容器排水超时时间
drain_timeout: 60
# 增加容器启动后的就绪延迟
readiness_delay: 30
# 禁用健康检查,直接部署应用
# bootstrap_healthcheck: false
# Kamal使用Docker的健康检查,不需要额外配置
# 健康检查已在Dockerfile中通过HEALTHCHECK指令配置
# Note: Run the setup script manually before deployment:
# scp ./bin/setup_volumes.sh root@45.78.59.154:/root/setup_volumes.sh
# ssh root@45.78.59.154 'chmod +x /root/setup_volumes.sh && /root/setup_volumes.sh'
# Configure the image builder.
builder:
arch: amd64
# cache:
# type: registry # 使用注册表缓存
# # Build image via remote server (useful for faster amd64 builds on arm64 computers)
# remote: ssh://docker@docker-builder-server
#
# # Pass arguments and secrets to the Docker build process
# args:
# RUBY_VERSION: 3.2.2
# secrets:
# - GITHUB_TOKEN
# - RAILS_MASTER_KEY
# Use a different ssh user than root
# ssh:
# user: app
# Use accessory services (secrets come from .kamal/secrets).
# accessories:
# db:
# image: mysql:8.0
# host: 192.168.0.2
# # Change to 3306 to expose port to the world instead of just local network.
# port: "127.0.0.1:3306:3306"
# env:
# clear:
# MYSQL_ROOT_HOST: '%'
# secret:
# - MYSQL_ROOT_PASSWORD
# files:
# - config/mysql/production.cnf:/etc/mysql/my.cnf
# - db/production.sql:/docker-entrypoint-initdb.d/setup.sql
# directories:
# - data:/var/lib/mysql
# redis:
# image: redis:7.0
# host: 192.168.0.2
# port: 6379
# directories:
# - data:/data