update prod env

Dockerfile

@@ -1,4 +1,15 @@
-FROM python:3.13-slim-bookworm
+# ---------------------------------------------------------------------------
+# 禁止「FROM python:...」简写 — 会直连 docker.io / registry-1.docker.io。
+# Python 使用 DaoCloud 增加前缀形式：https://github.com/DaoCloud/public-image-mirror
+# 勿用裸 tag「3.13」；须 3.13-slim-bookworm。
+# ---------------------------------------------------------------------------
+FROM m.daocloud.io/docker.io/library/python:3.13-slim-bookworm
+
+# Debian bookworm: use Aliyun mirror for apt (default snapshot points at deb.debian.org).
+RUN sed -i \
+  -e 's|http://deb.debian.org/debian-security|https://mirrors.aliyun.com/debian-security|g' \
+  -e 's|http://deb.debian.org/debian|https://mirrors.aliyun.com/debian|g' \
+  /etc/apt/sources.list.d/debian.sources
 
 # OpenCV (pulled in by ultralytics) links against X11 client libs; slim images omit them.
 RUN apt-get update && apt-get install -y --no-install-recommends \
@@ -10,7 +21,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     libxcb1 \
     && rm -rf /var/lib/apt/lists/*
 
-COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
+# ghcr.io：「增加前缀」形式（与 kindest/node 示例一致）
+COPY --from=m.daocloud.io/ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
 
 WORKDIR /app
 
@@ -21,6 +33,17 @@ ENV PYTHONUNBUFFERED=1 \
 COPY pyproject.toml uv.lock main.py ./
 COPY app ./app/
 
+# uv.lock pins full download URLs. Rewrite to mainland-accessible mirrors (same paths / hashes).
+# PyPI: Tsinghua  |  PyTorch wheel index: 南大 (syncs download.pytorch.org / download-r2)
+RUN sed -i \
+  -e 's|https://files.pythonhosted.org|https://pypi.tuna.tsinghua.edu.cn|g' \
+  -e 's|https://pypi.org/simple|https://pypi.tuna.tsinghua.edu.cn/simple|g' \
+  -e 's|https://download-r2.pytorch.org|https://mirrors.nju.edu.cn/pytorch|g' \
+  -e 's|https://download.pytorch.org|https://mirrors.nju.edu.cn/pytorch|g' \
+  uv.lock
+
+ENV UV_DEFAULT_INDEX=https://pypi.tuna.tsinghua.edu.cn/simple
+
 RUN uv sync --frozen --no-dev
 
 ENV PATH="/app/.venv/bin:$PATH"

docker-compose.prod.yml

@@ -1,6 +1,9 @@
 # Production stack for the current codebase: FastAPI + PostgreSQL.
 # The API hard-fails on startup if the database is not reachable, so DB health is required.
 #
+# API 的 Dockerfile 必须使用带 DaoCloud 前缀的 Python 基础镜像（m.daocloud.io/docker.io/library/python:...），
+# 不能使用「FROM python:...」，否则会直连 registry-1.docker.io 导致构建失败。
+#
 # Base images: DaoCloud「增加前缀」镜像（README 推荐，减少 BuildKit 直连 registry-1.docker.io）
 # See https://github.com/DaoCloud/public-image-mirror
 #