# 🚀 部署指南

## 生产环境部署

### 使用 Gunicorn（推荐）

#### 1. 安装 Gunicorn

```bash
pip3 install gunicorn
```

#### 2. 创建 Gunicorn 配置文件

创建 `gunicorn.conf.py`:

```python
# Gunicorn配置
bind = "0.0.0.0:5000"
workers = 4
worker_class = "sync"
timeout = 120
keepalive = 5

# 日志
accesslog = "logs/access.log"
errorlog = "logs/error.log"
loglevel = "info"

# 进程命名
proc_name = "ai-assistant-web-client"

# 后台运行
daemon = False
```

#### 3. 启动服务

```bash
# 创建日志目录
mkdir -p logs

# 启动Gunicorn
gunicorn -c gunicorn.conf.py app:app
```

### 使用 uWSGI

#### 1. 安装 uWSGI

```bash
pip3 install uwsgi
```

#### 2. 创建 uWSGI 配置文件

创建 `uwsgi.ini`:

```ini
[uwsgi]
module = app:app
master = true
processes = 4
socket = 0.0.0.0:5000
protocol = http
chmod-socket = 660
vacuum = true
die-on-term = true
```

#### 3. 启动服务

```bash
uwsgi --ini uwsgi.ini
```

## Docker 部署

### 1. 创建 Dockerfile

创建 `Dockerfile`:

```dockerfile
FROM python:3.12-slim

WORKDIR /app

# 复制依赖文件
COPY requirements.txt .

# 安装依赖
RUN pip install --no-cache-dir -r requirements.txt gunicorn

# 复制应用文件
COPY . .

# 暴露端口
EXPOSE 5000

# 启动命令
CMD ["gunicorn", "-b", "0.0.0.0:5000", "-w", "4", "app:app"]
```

### 2. 创建 docker-compose.yml

```yaml
version: '3.8'

services:
  web-client:
    build: .
    ports:
      - "5000:5000"
    environment:
      - DEBUG=False
      - PORT=5000
    volumes:
      - ./logs:/app/logs
    restart: unless-stopped
```

### 3. 构建和运行

```bash
# 构建镜像
docker-compose build

# 启动服务
docker-compose up -d

# 查看日志
docker-compose logs -f

# 停止服务
docker-compose down
```

## Nginx 反向代理

### 配置示例

创建 `/etc/nginx/sites-available/ai-assistant-web`:

```nginx
server {
    listen 80;
    server_name your-domain.com;

    # 静态文件
    location /static {
        alias /path/to/web_client/static;
        expires 30d;
        add_header Cache-Control "public, immutable";
    }

    # 代理到Flask应用
    location / {
        proxy_pass http://127.0.0.1:5000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        
        # WebSocket支持（如果需要）
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}
```

启用配置：

```bash
sudo ln -s /etc/nginx/sites-available/ai-assistant-web /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
```

## Systemd 服务

### 创建服务文件

创建 `/etc/systemd/system/ai-assistant-web.service`:

```ini
[Unit]
Description=AI Assistant Web Client
After=network.target

[Service]
Type=notify
User=www-data
Group=www-data
WorkingDirectory=/path/to/web_client
Environment="PATH=/path/to/venv/bin"
ExecStart=/path/to/venv/bin/gunicorn -c gunicorn.conf.py app:app
ExecReload=/bin/kill -s HUP $MAINPID
KillMode=mixed
TimeoutStopSec=5
PrivateTmp=true

[Install]
WantedBy=multi-user.target
```

### 管理服务

```bash
# 重载systemd配置
sudo systemctl daemon-reload

# 启动服务
sudo systemctl start ai-assistant-web

# 开机自启
sudo systemctl enable ai-assistant-web

# 查看状态
sudo systemctl status ai-assistant-web

# 查看日志
sudo journalctl -u ai-assistant-web -f
```

## 性能优化

### 1. 启用 Gzip 压缩

在 Nginx 配置中添加：

```nginx
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/json;
```

### 2. 静态文件缓存

```nginx
location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff|woff2)$ {
    expires 1y;
    add_header Cache-Control "public, immutable";
}
```

### 3. 使用 CDN

将静态资源（CSS、JS、字体）托管到CDN。

## 安全建议

### 1. 使用 HTTPS

```bash
# 使用 Let's Encrypt
sudo certbot --nginx -d your-domain.com
```

### 2. 设置安全头

在 Nginx 配置中添加：

```nginx
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
```

### 3. 限制请求速率

```nginx
limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s;

location /api/ {
    limit_req zone=api burst=20 nodelay;
}
```

## 监控和日志

### 1. 日志轮转

创建 `/etc/logrotate.d/ai-assistant-web`:

```
/path/to/web_client/logs/*.log {
    daily
    rotate 14
    compress
    delaycompress
    notifempty
    create 0640 www-data www-data
    sharedscripts
    postrotate
        systemctl reload ai-assistant-web > /dev/null 2>&1 || true
    endscript
}
```

### 2. 健康检查

使用 `/api/health` 端点进行健康检查。

## 故障排查

### 查看日志

```bash
# Gunicorn日志
tail -f logs/error.log

# Nginx日志
tail -f /var/log/nginx/error.log

# Systemd日志
journalctl -u ai-assistant-web -f
```

### 常见问题

1. **502 Bad Gateway** - 检查Flask应用是否运行
2. **静态文件404** - 检查Nginx静态文件路径配置
3. **CORS错误** - 检查Flask-CORS配置

---

**部署成功后，记得测试所有功能！** ✅