全栈 docker compose 编排上移到根目录，简化部署流程

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

backend/CLAUDE.md

@@ -29,7 +29,6 @@ backend/
 │       ├── user-login-email/       # 邮箱登录服务 (port 8003)
 │       ├── user-register-email/    # 邮箱注册服务 (port 8004)
 │       ├── migrations/             # 数据库初始化 SQL
-│       ├── docker-compose.yml      # 用户服务本地编排
 │       └── Dockerfile              # 通用/遗留构建文件
 ├── gateway/                   # API 网关
 │   ├── Dockerfile
@@ -46,6 +45,8 @@ backend/
 └── README.md
 ```
 
+> 编排已统一上移到项目根目录的 `docker-compose.yml` / `docker-compose.dev.yml`，本目录不再存放 compose 文件。
+
 ## 微服务架构说明
 
 ### 服务拆分原则
@@ -192,7 +193,7 @@ OK
 
 ### 5. Docker 构建
 
-- 各微服务 Dockerfile 的构建上下文为**项目根目录**（`docker-compose.yml` 中使用 `context: ../..`）。
+- 各微服务 Dockerfile 的构建上下文为 **`backend/` 目录**（根目录 `docker-compose.yml` 中使用 `context: ./backend`）。
 - 构建采用多阶段（builder + runtime），基于 `rust:1.94.1-alpine3.23` 编译，最终运行在 `alpine:3.23`。
 - 共享代码更新时，需确保 `shared/` 目录在 Dockerfile 中被正确复制。
 
@@ -206,10 +207,21 @@ OK
 
 ## 常用命令
 
-### 启动用户服务（本地开发）
+### 启动整套后端（含网关 + 数据库 + 缓存）
+
+后端不再单独编排，由项目根目录的 docker compose 一并启动。详见 [根目录 CLAUDE.md](../CLAUDE.md#部署)。
+
 ```bash
-cd services/user-service
-docker-compose up --build
+# 在项目根目录
+docker compose -f docker-compose.dev.yml up -d --build   # 测试
+docker compose up -d --build                              # 正式
+```
+
+如需仅启动后端栈（不含前端）做联调：
+
+```bash
+docker compose -f docker-compose.dev.yml up -d --build user-db user-redis \
+  user-login-account user-register-account user-login-email user-register-email gateway
 ```
 
 ### 网关管理

backend/gateway/docker-compose.yml

@@ -1,29 +0,0 @@
-version: "3.8"
-
-services:
-  gateway:
-    build:
-      context: .
-      dockerfile: Dockerfile
-    container_name: api-gateway
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      # 开发环境：挂载配置便于热更新，生产环境应内嵌在镜像中
-      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
-      - ./nginx/conf.d:/etc/nginx/conf.d:ro
-    networks:
-      - default
-      - frontend_asset-helper-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost/health"]
-      interval: 30s
-      timeout: 3s
-      start_period: 5s
-      retries: 3
-
-networks:
-  frontend_asset-helper-network:
-    external: true

backend/gateway/nginx/nginx.conf

@@ -44,29 +44,28 @@ http {
     # 连接限制
     limit_conn_zone $binary_remote_addr zone=addr:10m;
 
-    # 上游服务 —— 通过宿主机端口访问各微服务（开发环境）
-    # 生产环境应改为容器名:端口，并确保同网络
+    # 上游服务 —— 通过 Docker 内部 DNS（服务名）访问，统一由根目录 docker-compose 编排
     upstream user_login_account {
         least_conn;
-        server host.docker.internal:20111 max_fails=3 fail_timeout=30s;
+        server user-login-account:8080 max_fails=3 fail_timeout=30s;
         keepalive 32;
     }
 
     upstream user_register_account {
         least_conn;
-        server host.docker.internal:20112 max_fails=3 fail_timeout=30s;
+        server user-register-account:8080 max_fails=3 fail_timeout=30s;
         keepalive 32;
     }
 
     upstream user_login_email {
         least_conn;
-        server host.docker.internal:20113 max_fails=3 fail_timeout=30s;
+        server user-login-email:8080 max_fails=3 fail_timeout=30s;
         keepalive 32;
     }
 
     upstream user_register_email {
         least_conn;
-        server host.docker.internal:20114 max_fails=3 fail_timeout=30s;
+        server user-register-email:8080 max_fails=3 fail_timeout=30s;
         keepalive 32;
     }
 

backend/services/user-service/docker-compose.yml

@@ -1,159 +0,0 @@
-version: "3.8"
-
-services:
-  user-login-account:
-    build:
-      context: ../..
-      dockerfile: services/user-service/user-login-account/Dockerfile
-    container_name: user-login-account
-    environment:
-      - RUST_LOG=info
-      - DATABASE_URL=postgres://postgres:postgres@user-db:5432/user-db
-      - REDIS_URL=redis://user-redis:6379/0
-      - SERVICE_NAME=user-login-account
-      - SERVICE_PORT=8080
-      - JWT_SECRET=${JWT_SECRET:-dev-secret-key}
-    ports:
-      - "${USER_LOGIN_ACCOUNT_PORT:-20111}:8080"
-    depends_on:
-      user-db:
-        condition: service_healthy
-      user-redis:
-        condition: service_healthy
-    networks:
-      - user-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-
-  user-register-account:
-    build:
-      context: ../..
-      dockerfile: services/user-service/user-register-account/Dockerfile
-    container_name: user-register-account
-    environment:
-      - RUST_LOG=info
-      - DATABASE_URL=postgres://postgres:postgres@user-db:5432/user-db
-      - REDIS_URL=redis://user-redis:6379/0
-      - SERVICE_NAME=user-register-account
-      - SERVICE_PORT=8080
-    ports:
-      - "${USER_REGISTER_ACCOUNT_PORT:-20112}:8080"
-    depends_on:
-      user-db:
-        condition: service_healthy
-      user-redis:
-        condition: service_healthy
-    networks:
-      - user-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-
-  user-login-email:
-    build:
-      context: ../..
-      dockerfile: services/user-service/user-login-email/Dockerfile
-    container_name: user-login-email
-    environment:
-      - RUST_LOG=info
-      - DATABASE_URL=postgres://postgres:postgres@user-db:5432/user-db
-      - REDIS_URL=redis://user-redis:6379/0
-      - SERVICE_NAME=user-login-email
-      - SERVICE_PORT=8080
-      - JWT_SECRET=${JWT_SECRET:-dev-secret-key}
-    ports:
-      - "${USER_LOGIN_EMAIL_PORT:-20113}:8080"
-    depends_on:
-      user-db:
-        condition: service_healthy
-      user-redis:
-        condition: service_healthy
-    networks:
-      - user-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-
-  user-register-email:
-    build:
-      context: ../..
-      dockerfile: services/user-service/user-register-email/Dockerfile
-    container_name: user-register-email
-    environment:
-      - RUST_LOG=info
-      - DATABASE_URL=postgres://postgres:postgres@user-db:5432/user-db
-      - REDIS_URL=redis://user-redis:6379/0
-      - SERVICE_NAME=user-register-email
-      - SERVICE_PORT=8080
-    ports:
-      - "${USER_REGISTER_EMAIL_PORT:-20114}:8080"
-    depends_on:
-      user-db:
-        condition: service_healthy
-      user-redis:
-        condition: service_healthy
-    networks:
-      - user-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-
-  user-db:
-    image: postgres:18.3-alpine3.23
-    container_name: user-db
-    environment:
-      - POSTGRES_USER=postgres
-      - POSTGRES_PASSWORD=postgres
-      - POSTGRES_DB=user-db
-    volumes:
-      - user-postgres-data:/var/lib/postgresql/data
-      - ./migrations:/docker-entrypoint-initdb.d:ro
-    ports:
-      - "${USER_POSTGRES_PORT:-20101}:5432"
-    networks:
-      - user-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U postgres -d user-db"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-
-  user-redis:
-    image: redis:8.6.2-alpine
-    container_name: user-redis
-    volumes:
-      - user-redis-data:/data
-    ports:
-      - "${USER_REDIS_PORT:-20103}:6379"
-    networks:
-      - user-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "redis-cli", "ping"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-
-networks:
-  user-network:
-    driver: bridge
-
-volumes:
-  user-postgres-data:
-    name: user-postgres-data
-  user-redis-data:
-    name: user-redis-data