From 55335097f91fbce96add8b96fa7a4ffe41086be3 Mon Sep 17 00:00:00 2001
From: GuanYuankai <whistle_op@hotmail.com>
Date: Tue, 25 Nov 2025 09:50:45 +0800
Subject: [PATCH] add prod files

---
 .drone.yml              | 71 +++++++++++++++++++++++++++++++++++++----
 docker-compose.prod.yml | 65 +++++++++++++++++++++++++++++++++++++
 2 files changed, 130 insertions(+), 6 deletions(-)
 create mode 100644 docker-compose.prod.yml

diff --git a/.drone.yml b/.drone.yml
index fd02c7b..3fd9831 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,4 +1,3 @@
-
 kind: pipeline
 type: docker 
 name: build-and-push-arm64
@@ -6,13 +5,16 @@ name: build-and-push-arm64
 platform:
   os: linux
   arch: arm64
+
+# 仅在打 tag 时触发 (如 v1.0.0)
 trigger:
   event:
     - tag
 
-
 steps:
-
+  # ----------------------------------------------------------
+  # 第一步：构建镜像并推送到 Gitea Registry
+  # ----------------------------------------------------------
   - name: build-and-push-to-gitea
     image: 192.168.0.75:3000/guanyuankai/plugins-docker:latest
     privileged: true
@@ -24,10 +26,67 @@ steps:
         from_secret: gitea_password
       repo: 192.168.0.75:3000/guanyuankai/bonus-edge-proxy
       insecure: true
-      mirror: "https://docker.m.daocloud.io"                                                                                                                                                                                                                                                                                                             
+      mirror: "https://docker.m.daocloud.io"
+      # 同时推送 latest 和 git tag (比如 v1.0.1)
       tags:
         - latest
-        
+        - "${DRONE_TAG}"
       dockerfile: docker/Dockerfile.prod
       context: .
-      platforms: linux/arm64
\ No newline at end of file
+      platforms: linux/arm64
+
+  # ----------------------------------------------------------
+  # 第二步：将最新的 Compose 文件同步到 RK3588 (新增步骤)
+  # ----------------------------------------------------------
+  - name: scp-config-to-edge
+    image: appleboy/drone-scp
+    settings:
+      host: 
+        from_secret: edge_host_ip
+      username: 
+        from_secret: edge_user
+      password: 
+        from_secret: edge_password
+      port: 22
+      target: /opt/edge-proxy
+      source: 
+        - docker-compose.prod.yml
+        - mediamtx.yml
+        - mosquitto/config/mosquitto.conf
+
+  # ----------------------------------------------------------
+  # 第三步：远程执行部署命令
+  # ----------------------------------------------------------
+  - name: deploy-to-edge
+    image: appleboy/drone-ssh
+    settings:
+      host: 
+        from_secret: edge_host_ip
+      username: 
+        from_secret: edge_user
+      password: 
+        from_secret: edge_password
+      port: 22
+      script:
+        # 1. 确保目录存在 (防止 SCP 自动创建目录权限问题，双重保险)
+        - mkdir -p /opt/edge-proxy
+        - cd /opt/edge-proxy
+        
+        # 2. [关键] 登录私有仓库，防止 Token 过期
+        #    注意：这里使用了 $ 符号，需要在 Drone Secret 里再配一套 registry_password 
+        #    或者直接用明文 (不推荐)，或者复用 gitea_password
+        - echo "$REGISTRY_PASSWORD" | docker login 192.168.0.75:3000 -u "$REGISTRY_USER" --password-stdin
+        
+        # 3. 拉取最新镜像
+        - docker compose -f docker-compose.prod.yml pull
+        
+        # 4. 重启服务 (Up -d 会重新加载 SCP 传过来的新 yaml 配置)
+        - docker compose -f docker-compose.prod.yml up -d --remove-orphans
+        
+        # 5. 清理无用镜像 (只清理悬空的)
+        - docker image prune -f
+    environment:
+      REGISTRY_USER:
+        from_secret: gitea_username
+      REGISTRY_PASSWORD:
+        from_secret: gitea_password
\ No newline at end of file
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
new file mode 100644
index 0000000..05d1c3b
--- /dev/null
+++ b/docker-compose.prod.yml
@@ -0,0 +1,65 @@
+# docker-compose.yml (最终版 - 使用命名卷)
+services:
+  edge-proxy:
+    image: 192.168.0.75:3000/guanyuankai/bonus-edge-proxy:latest
+    container_name: edge-proxy-prod
+    restart: unless-stopped
+    platform: linux/arm64
+    network_mode: "host"
+    privileged: true
+    devices:
+      - /dev/ttyS7:/dev/ttyS7
+      - /dev/ttyS9:/dev/ttyS9
+      - /dev/snd:/dev/snd
+      - /dev/mpp_service:/dev/mpp_service
+      - /dev/rga:/dev/rga
+      - /dev/dri:/dev/dri   
+      - source: /sys/bus/iio/devices/iio:device0
+        target: /sys/bus/iio/devices/iio:device0
+    group_add:
+      - "20"  
+      - "44"
+      - "110"
+      - "29"
+    volumes:
+      - prod_config_data:/app/config
+      
+      - /tmp/.X11-unix:/tmp/.X11-unix:rw
+    environment:
+      - DISPLAY=$DISPLAY 
+      - MQTT_HOST=127.0.0.1 
+    dns:
+      - 8.8.8.8        
+      - 114.114.114.114  
+    depends_on:
+      mqtt-broker:
+        condition: service_started
+
+  media-gateway:
+    image: bluenviron/mediamtx:latest
+    container_name: media-gateway
+    restart: unless-stopped
+    network_mode: "host"
+    privileged: true
+    volumes:
+      - ./mediamtx.yml:/mediamtx.yml
+
+  mqtt-broker:
+    image: eclipse-mosquitto:2.0
+    container_name: mqtt-broker
+    restart: unless-stopped
+    ports:
+      - "1883:1883"
+    volumes:
+      - ./mosquitto/config:/mosquitto/config
+      - ./mosquitto/data:/mosquitto/data
+      - ./mosquitto/log:/mosquitto/log、
+    healthcheck:
+        test: ["CMD-SHELL", "mosquitto_sub -t '$SYS/#' -C 1 | grep -v Error || exit 1"]
+        interval: 10s
+        timeout: 10s
+        retries: 3
+
+
+volumes:
+  prod_config_data:
\ No newline at end of file