From 6dba13713fde70c66e19b2348597f8994d90117a Mon Sep 17 00:00:00 2001
From: 86156 <823267011@qq.com>
Date: Tue, 30 Sep 2025 20:48:14 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=B7=A5=E4=BD=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docker-compose.yml                              | 15 ++++++---------
 python-inference-service/Dockerfile             |  4 ++--
 rtsp-vue/nginx.conf                             | 17 +++++++++--------
 ruoyi-admin/src/main/resources/application.yml  |  4 ++++
 .../java/com/ruoyi/video/init/InitServer.java   |  7 +++++--
 5 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 20ef184..68cd7bc 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,11 +5,10 @@ services:
     image: redis:7-alpine
     container_name: ${REDIS_HOST}
     restart: always
-    command: redis-server --appendonly yes ${REDIS_PASSWORD:+--requirepass ${REDIS_PASSWORD}}
+    command: redis-server --appendonly yes --bind 127.0.0.1 ${REDIS_PASSWORD:+--requirepass ${REDIS_PASSWORD}}
+    network_mode: "host"
     volumes:
       - redis-data:/data
-    networks:
-      - rtsp-network
     healthcheck:
       test: ["CMD", "redis-cli", "ping"]
       interval: 10s
@@ -22,13 +21,12 @@ services:
       dockerfile: Dockerfile
     container_name: ${PYTHON_SERVICE_HOST}
     restart: always
+    network_mode: "host"
     environment:
       TZ: ${TZ}
       MODEL_DIR: /app/models
     volumes:
       - ./python-inference-service/models:/app/models
-    networks:
-      - rtsp-network
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
       interval: 30s
@@ -41,6 +39,7 @@ services:
       dockerfile: ruoyi-admin/Dockerfile
     container_name: ${BACKEND_HOST}
     restart: always
+    network_mode: "host"
     depends_on:
       redis:
         condition: service_healthy
@@ -52,15 +51,13 @@ services:
       SPRING_DATASOURCE_URL: jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT}/${MYSQL_DATABASE}?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true
       SPRING_DATASOURCE_USERNAME: ${MYSQL_USER}
       SPRING_DATASOURCE_PASSWORD: ${MYSQL_PASSWORD}
-      SPRING_DATA_REDIS_HOST: ${REDIS_HOST}
+      SPRING_DATA_REDIS_HOST: localhost
       SPRING_DATA_REDIS_PORT: ${REDIS_PORT}
       SPRING_DATA_REDIS_PASSWORD: ${REDIS_PASSWORD}
-      PYTHON_API_URL: http://${PYTHON_SERVICE_HOST}:${PYTHON_SERVICE_PORT}
+      PYTHON_API_URL: http://localhost:${PYTHON_SERVICE_PORT}
     volumes:
       - backend-logs:/app/logs
       - backend-upload:/app/upload
-    networks:
-      - rtsp-network
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:8080/actuator/health"]
       interval: 30s
diff --git a/python-inference-service/Dockerfile b/python-inference-service/Dockerfile
index f5395d2..63aa2e3 100644
--- a/python-inference-service/Dockerfile
+++ b/python-inference-service/Dockerfile
@@ -45,5 +45,5 @@ EXPOSE 8000
 HEALTHCHECK --interval=30s --timeout=10s --retries=3 \
   CMD curl -f http://localhost:8000/health || exit 1
 
-# 启动应用
-CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "1"] 
\ No newline at end of file
+# 启动应用（只监听本地，外网无法访问）
+CMD ["uvicorn", "app.main:app", "--host", "127.0.0.1", "--port", "8000", "--workers", "1"] 
\ No newline at end of file
diff --git a/rtsp-vue/nginx.conf b/rtsp-vue/nginx.conf
index fff7d25..6d51f73 100644
--- a/rtsp-vue/nginx.conf
+++ b/rtsp-vue/nginx.conf
@@ -9,9 +9,9 @@ server {
         try_files $uri $uri/ /index.html;
     }
 
-    # 后端API代理
+    # 后端API代理（backend使用host网络）
     location /prod-api/ {
-        proxy_pass http://rtsp-backend:8080/;
+        proxy_pass http://127.0.0.1:8080/;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -23,7 +23,7 @@ server {
 
     # WebSocket支持（用于视频流）
     location /websocket/ {
-        proxy_pass http://rtsp-backend:8080/websocket/;
+        proxy_pass http://127.0.0.1:8080/websocket/;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
@@ -35,18 +35,18 @@ server {
         proxy_read_timeout 7d;
     }
 
-    # Python推理服务代理
+    # Python推理服务代理（映射到宿主机端口）
     location /python-api/ {
-        proxy_pass http://rtsp-python-service:8000/;
+        proxy_pass http://127.0.0.1:8000/;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
 
-    # 视频流代理（HTTP-FLV）
+    # 视频流代理（HTTP-FLV，backend使用host网络）
     location /live {
-        proxy_pass http://rtsp-backend:8866/live;
+        proxy_pass http://127.0.0.1:8866/live;
         proxy_http_version 1.1;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
@@ -54,11 +54,12 @@ server {
         proxy_set_header Connection "";
         proxy_buffering off;
         proxy_cache off;
+        chunked_transfer_encoding off;
     }
 
     # 视频流代理（HLS）
     location /hls {
-        proxy_pass http://rtsp-backend:8866/hls;
+        proxy_pass http://127.0.0.1:8866/hls;
         proxy_http_version 1.1;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index b06c132..387411c 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -17,6 +17,8 @@ ruoyi:
 server:
   # 服务器的HTTP端口，默认为8080
   port: 8080
+  # 只监听本地地址，外网无法直接访问（通过Nginx代理）
+  address: ${SERVER_ADDRESS:127.0.0.1}
   servlet:
     # 应用的访问路径
     context-path: /
@@ -147,6 +149,8 @@ xss:
 # 流媒体服务端口
 mediasServer:
   port: 8866
+  # 只监听本地地址，外网无法直接访问（通过Nginx代理）
+  address: ${MEDIA_SERVER_ADDRESS:127.0.0.1}
   # 网络超时，15秒
   netTimeout: 15000000
   # 读写超时，15秒
diff --git a/ruoyi-video/src/main/java/com/ruoyi/video/init/InitServer.java b/ruoyi-video/src/main/java/com/ruoyi/video/init/InitServer.java
index bd0216b..2885b73 100644
--- a/ruoyi-video/src/main/java/com/ruoyi/video/init/InitServer.java
+++ b/ruoyi-video/src/main/java/com/ruoyi/video/init/InitServer.java
@@ -36,6 +36,9 @@ public class InitServer implements CommandLineRunner {
     // 注入mediasServer.port的值
     @Value("${mediasServer.port}")
     private int port;
+    // 注入mediasServer.address的值（默认127.0.0.1，只监听本地）
+    @Value("${mediasServer.address:127.0.0.1}")
+    private String address;
     // 注入MediaServer对象
     @Autowired
     private MediaServer mediaServer;
@@ -100,8 +103,8 @@ public class InitServer implements CommandLineRunner {
                 ip, port,
                 ip, httpPort,
                 ip, httpPort);
-        // 启动MediaServer
-        this.mediaServer.start(new InetSocketAddress("0.0.0.0", this.port));
+        // 启动MediaServer（只监听配置的地址，默认127.0.0.1）
+        this.mediaServer.start(new InetSocketAddress(this.address, this.port));
     }
 
     // 初始化自动播放