若依项目生产环境部署实战从零搭建到HTTPS全流程在当今企业级应用开发中SpringBootVue的前后端分离架构已成为主流选择。若依RuoYi作为这一架构的典型实现集成了权限管理、代码生成等企业级功能但许多团队在从开发环境转向生产部署时仍会遇到各种坑。本文将手把手带你完成若依系统的全栈部署涵盖从服务器准备到Nginx调优的全套实战经验。1. 部署前的环境准备在开始部署前我们需要确保服务器环境满足基本要求。根据若依官方文档建议生产环境推荐以下配置服务器最低配置要求CPU2核以上建议4核内存4GB以上建议8GB磁盘50GB以上SSD操作系统CentOS 7/Ubuntu 18.04软件依赖清单组件版本要求备注JDK1.8推荐OpenJDK 11MySQL5.7推荐8.0版本Redis5.0必须启用持久化Node.js14前端构建依赖Nginx1.18反向代理/静态资源服务提示建议所有组件都通过官方源安装避免使用第三方打包版本可能存在的兼容性问题。防火墙配置关键命令# 开放必要端口根据实际需要调整 firewall-cmd --zonepublic --add-port80/tcp --permanent firewall-cmd --zonepublic --add-port443/tcp --permanent firewall-cmd --zonepublic --add-port3306/tcp --permanent firewall-cmd --zonepublic --add-port6379/tcp --permanent firewall-cmd --reload目录结构规划建议/opt/ruoyi/ ├── backend/ # 后端项目目录 │ ├── app/ # 可执行JAR包 │ ├── config/ # 应用配置文件 │ └── logs/ # 日志文件 ├── frontend/ # 前端项目目录 │ └── dist/ # 前端构建产物 └── data/ # 数据存储 ├── mysql/ # 数据库数据 └── redis/ # Redis数据2. 后端项目部署实战2.1 数据库初始化首先创建专属数据库用户避免使用root账户CREATE DATABASE ry-cloud DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; CREATE USER ry-user% IDENTIFIED BY Complex-Password-123; GRANT ALL PRIVILEGES ON ry-cloud.* TO ry-user%; FLUSH PRIVILEGES;导入若依SQL文件时的常见问题处理如果遇到Row size too large错误需要修改MySQL配置innodb_file_formatBarracuda innodb_file_per_tableON innodb_large_prefixON2.2 生产环境配置调整修改application-prod.yml关键配置项server: port: 8080 servlet: context-path: / spring: datasource: url: jdbc:mysql://mysql-server:3306/ry-cloud?useSSLfalseallowPublicKeyRetrievaltrue username: ry-user password: Complex-Password-123 redis: host: redis-server port: 6379 password: redis-password-123 database: 0日志配置优化建议在logback-spring.xml中增加按天归档和最大保存天数配置appender nameFILE classch.qos.logback.core.rolling.RollingFileAppender rollingPolicy classch.qos.logback.core.rolling.TimeBasedRollingPolicy fileNamePattern/opt/ruoyi/backend/logs/ruoyi-%d{yyyy-MM-dd}.log/fileNamePattern maxHistory30/maxHistory /rollingPolicy /appender2.3 服务化部署方案推荐使用systemd管理SpringBoot应用# /etc/systemd/system/ruoyi.service [Unit] DescriptionRuoYi Service Aftersyslog.target network.target [Service] Userwww Groupwww ExecStart/usr/bin/java -Xms512m -Xmx1024m -jar /opt/ruoyi/backend/app/ruoyi.jar SuccessExitStatus143 Restartalways RestartSec10 [Install] WantedBymulti-user.target启用并启动服务systemctl daemon-reload systemctl enable ruoyi systemctl start ruoyi3. 前端项目部署进阶3.1 多环境构建配置在vite.config.js中配置不同环境的API地址export default defineConfig(({ mode }) { const env loadEnv(mode, process.cwd()) return { server: { proxy: { [env.VITE_APP_BASE_API]: { target: env.VITE_APP_API_URL, changeOrigin: true, rewrite: (path) path.replace(new RegExp(^${env.VITE_APP_BASE_API}), ) } } } } })对应环境文件.env.production配置VITE_APP_API_URL https://api.yourdomain.com VITE_APP_BASE_API /prod-api3.2 静态资源优化策略构建时启用gzip压缩npm install vite-plugin-compression -D在vite.config.js中添加import viteCompression from vite-plugin-compression plugins: [ viteCompression({ algorithm: gzip, ext: .gz, deleteOriginFile: false }) ]4. Nginx高级配置实战4.1 反向代理配置完整Nginx配置示例upstream ruoyi-backend { server 127.0.0.1:8080; keepalive 32; } server { listen 80; server_name yourdomain.com; location /prod-api/ { proxy_pass http://ruoyi-backend/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # 长连接优化 proxy_http_version 1.1; proxy_set_header Connection ; } location / { root /opt/ruoyi/frontend/dist; try_files $uri $uri/ /index.html; expires 30d; # 启用gzip gzip_static on; } }4.2 HTTPS安全加固使用Lets Encrypt免费证书certbot --nginx -d yourdomain.com自动续期配置# 添加定时任务 crontab -e 0 3 * * * /usr/bin/certbot renew --quiet --post-hook systemctl reload nginx安全加固配置建议ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers on; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; add_header Strict-Transport-Security max-age63072000 always;5. 部署后检查清单系统健康检查项服务进程状态systemctl status ruoyi ps aux | grep java端口监听检查netstat -tulnp | grep -E 80|443|8080数据库连接测试mysql -h mysql-server -u ry-user -p -e SHOW DATABASES;Redis连通性测试redis-cli -h redis-server -a yourpassword PING性能优化建议参数JVM参数调整根据服务器内存-Xms1g -Xmx2g -XX:MaxMetaspaceSize512mMySQL优化参数innodb_buffer_pool_size 1G innodb_log_file_size 256MRedis内存配置maxmemory 2gb maxmemory-policy allkeys-lru6. 常见问题解决方案跨域问题终极解决方案后端配置推荐Configuration public class CorsConfig implements WebMvcConfigurer { Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping(/**) .allowedOrigins(*) .allowedMethods(*) .allowedHeaders(*) .allowCredentials(true) .maxAge(3600); } }Nginx配置方案location / { add_header Access-Control-Allow-Origin $http_origin; add_header Access-Control-Allow-Methods GET, POST, OPTIONS; add_header Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization; add_header Access-Control-Expose-Headers Content-Length,Content-Range; }静态资源404问题排查步骤检查Nginx root路径是否正确确认文件权限www用户需有读取权限验证文件是否实际存在检查Nginx error日志获取详细信息性能瓶颈排查工具推荐ArthasJava诊断工具# 查看方法调用耗时 trace com.ruoyi.*Controller *Nginx状态监控location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; deny all; }7. 自动化部署进阶7.1 使用Docker Compose部署docker-compose.yml示例version: 3 services: mysql: image: mysql:8.0 environment: MYSQL_ROOT_PASSWORD: root123 MYSQL_DATABASE: ry-cloud volumes: - ./data/mysql:/var/lib/mysql ports: - 3306:3306 restart: always redis: image: redis:6 command: redis-server --requirepass redis123 volumes: - ./data/redis:/data ports: - 6379:6379 restart: always backend: build: ./backend ports: - 8080:8080 depends_on: - mysql - redis restart: always frontend: build: ./frontend ports: - 80:80 depends_on: - backend restart: always7.2 CI/CD集成示例GitLab CI.gitlab-ci.yml配置stages: - build - deploy build-backend: stage: build script: - mvn clean package -DskipTests artifacts: paths: - target/*.jar deploy-production: stage: deploy only: - master script: - scp target/ruoyi.jar userproduction-server:/opt/ruoyi/backend/app/ - ssh userproduction-server systemctl restart ruoyi8. 监控与维护基础监控方案Spring Boot Actuator配置management: endpoints: web: exposure: include: * endpoint: health: show-details: alwaysPrometheus监控集成!-- pom.xml添加依赖 -- dependency groupIdio.micrometer/groupId artifactIdmicrometer-registry-prometheus/artifactId /dependency日志收集方案ELK栈配置建议# Filebeat配置示例 filebeat.inputs: - type: log paths: - /opt/ruoyi/backend/logs/*.log output.logstash: hosts: [logstash-server:5044]9. 安全加固措施必做安全清单修改默认密码数据库、Redis关闭不必要的端口定期更新系统补丁配置防火墙规则实施备份策略敏感信息保护使用Vault管理密钥vault kv put secret/ruoyi mysql_passwordxxx redis_passwordxxxSpring Cloud Config集成spring: cloud: vault: host: vault-server port: 8200 scheme: http kv: enabled: true backend: secret profile-separator: / application-name: ruoyi10. 性能调优实战JVM调优参数示例-XX:UseG1GC -XX:MaxGCPauseMillis200 -XX:InitiatingHeapOccupancyPercent45 -XX:AlwaysPreTouch -XX:UseStringDeduplication数据库连接池优化spring: datasource: druid: initial-size: 5 min-idle: 5 max-active: 20 max-wait: 60000 time-between-eviction-runs-millis: 60000 min-evictable-idle-time-millis: 300000 validation-query: SELECT 1 test-while-idle: true test-on-borrow: false test-on-return: falseRedis连接池配置spring: redis: lettuce: pool: max-active: 20 max-idle: 10 min-idle: 5 max-wait: 3000在实际项目部署中我们团队发现最大的性能瓶颈往往出现在数据库连接管理和缓存策略上。通过合理配置连接池参数和实现多级缓存Redis Caffeine可以将系统吞吐量提升3-5倍。