diff --git a/deploy/Dockerfile b/deploy/Dockerfile
index 9202e651..ebd87c2e 100644
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -29,6 +29,7 @@ FROM m.daocloud.io/docker.io/library/eclipse-temurin:17-jre
 # 安装必要的工具和字体（支持中文）
 RUN apt-get update && apt-get install -y \
     curl \
+    netcat-openbsd \
     fontconfig \
     fonts-dejavu-core \
     && rm -rf /var/lib/apt/lists/*
diff --git a/deploy/docker-compose.prod.yml b/deploy/docker-compose.prod.yml
index 232a3d24..ba6c7831 100644
--- a/deploy/docker-compose.prod.yml
+++ b/deploy/docker-compose.prod.yml
@@ -1,5 +1,3 @@
-version: '3.8'
-
 # 生产环境配置覆盖
 services:
   qaup-postgres:
@@ -25,7 +23,7 @@ services:
     # 生产环境不暴露 Redis 端口
     ports: []
     # 启用持久化
-    command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD} --maxmemory 256mb --maxmemory-policy allkeys-lru
+    command: ["redis-server", "--appendonly", "yes", "--maxmemory", "256mb", "--maxmemory-policy", "allkeys-lru"]
     logging:
       driver: "json-file"
       options:
@@ -89,6 +87,4 @@ networks:
     driver: bridge
     ipam:
       config:
-        - subnet: 172.20.0.0/16
-    driver_opts:
-      com.docker.network.bridge.name: qaup-br0
\ No newline at end of file
+        - subnet: 172.30.0.0/16
diff --git a/deploy/docker-compose.yml b/deploy/docker-compose.yml
index 850e458c..c728986e 100644
--- a/deploy/docker-compose.yml
+++ b/deploy/docker-compose.yml
@@ -1,5 +1,3 @@
-version: '3.8'
-
 services:
   # PostgreSQL 数据库服务
   qaup-postgres:
@@ -12,12 +10,11 @@ services:
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-qaup123}
       APP_DB_USER: ${APP_DB_USER:-qaup_app}
       APP_DB_PASSWORD: ${APP_DB_PASSWORD:-qaup123}
-      PGDATA: /var/lib/postgresql/data/pgdata
     volumes:
       - postgres_data:/var/lib/postgresql/data
-      - ./docker/postgres/init-db.sh:/docker-entrypoint-initdb.d/01-init-db.sh:ro
-      - ./docker/postgres/qaup_database_schema.sql:/docker-entrypoint-initdb.d/02-schema.sql:ro
-      - ./docker/postgres/postgresql.conf:/etc/postgresql/postgresql.conf:ro
+      - ../docker/postgres/init-db.sh:/docker-entrypoint-initdb.d/01-init-db.sh:ro
+      - ../docker/postgres/qaup_database_schema.sql:/docker-entrypoint-initdb.d/02-schema.sql:ro
+      - ../docker/postgres/postgresql.conf:/etc/postgresql/postgresql.conf:ro
       - postgres_backup:/backup
       - postgres_logs:/var/log/postgresql
     ports:
@@ -44,9 +41,7 @@ services:
     image: redis:8.0-alpine
     container_name: qaup-redis
     restart: unless-stopped
-    command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD:-}
-    environment:
-      REDIS_PASSWORD: ${REDIS_PASSWORD:-}
+    command: ["redis-server", "--appendonly", "yes", "--maxmemory", "256mb", "--maxmemory-policy", "allkeys-lru"]
     volumes:
       - redis_data:/data
       - redis_logs:/var/log/redis
@@ -71,9 +66,6 @@ services:
 
   # QAUP 应用服务
   qaup-app:
-    build:
-      context: ..
-      dockerfile: deploy/Dockerfile
     image: qaup-app:latest
     container_name: qaup-app
     restart: unless-stopped
@@ -129,9 +121,6 @@ services:
 
   # Nginx 反向代理服务
   qaup-nginx:
-    build:
-      context: ..
-      dockerfile: deploy/docker/nginx/Dockerfile
     image: qaup-nginx:latest
     container_name: qaup-nginx
     restart: unless-stopped
@@ -172,46 +161,42 @@ services:
 volumes:
   postgres_data:
     driver: local
-    driver_opts:
-      type: none
-      o: bind
-      device: ${DATA_DIR:-./data}/postgres
   postgres_backup:
     driver: local
     driver_opts:
       type: none
       o: bind
-      device: ${BACKUP_DIR:-./backup}/postgres
+      device: ${PWD}/backup/postgres
   postgres_logs:
     driver: local
     driver_opts:
       type: none
       o: bind
-      device: ${LOG_DIR:-./logs}/postgres
+      device: ${PWD}/logs/postgres
   redis_data:
     driver: local
     driver_opts:
       type: none
       o: bind
-      device: ${DATA_DIR:-./data}/redis
+      device: ${PWD}/data/redis
   redis_logs:
     driver: local
     driver_opts:
       type: none
       o: bind
-      device: ${LOG_DIR:-./logs}/redis
+      device: ${PWD}/logs/redis
   app_logs:
     driver: local
     driver_opts:
       type: none
       o: bind
-      device: ${LOG_DIR:-./logs}/app
+      device: ${PWD}/logs/app
   app_uploads:
     driver: local
     driver_opts:
       type: none
       o: bind
-      device: ${DATA_DIR:-./data}/uploads
+      device: ${PWD}/data/uploads
   app_temp:
     driver: local
   nginx_logs:
@@ -219,7 +204,7 @@ volumes:
     driver_opts:
       type: none
       o: bind
-      device: ${LOG_DIR:-./logs}/nginx
+      device: ${PWD}/logs/nginx
   nginx_cache:
     driver: local
 
@@ -229,4 +214,4 @@ networks:
     driver: bridge
     ipam:
       config:
-        - subnet: 172.20.0.0/16
\ No newline at end of file
+        - subnet: 172.30.0.0/16
diff --git a/deploy/docker/docker-compose-manager.sh b/deploy/docker/docker-compose-manager.sh
index 9d7f5ce4..177fbd86 100755
--- a/deploy/docker/docker-compose-manager.sh
+++ b/deploy/docker/docker-compose-manager.sh
@@ -91,9 +91,9 @@ API_PREFIX=/prod-api
 MAX_UPLOAD_SIZE=20M
 
 # 目录配置
-DATA_DIR=./data
-LOG_DIR=./logs
-BACKUP_DIR=./backup
+DATA_DIR=../data
+LOG_DIR=../logs
+BACKUP_DIR=../backup
 
 # JVM 配置
 JVM_OPTS=-Dname=qaup-admin.jar -Duser.timezone=Asia/Shanghai -Xms512m -Xmx1024m
@@ -104,6 +104,8 @@ EOF
 # 获取 compose 文件参数
 get_compose_files() {
     local env=$1
+    
+    # 使用项目根目录下的 docker-compose 文件
     local base_file="$PROJECT_ROOT/docker-compose.yml"
     local env_file="$PROJECT_ROOT/docker-compose.$env.yml"
     
@@ -116,18 +118,61 @@ get_compose_files() {
 
 # 创建必要的目录
 create_directories() {
-    local data_dir=${DATA_DIR:-./data}
-    local log_dir=${LOG_DIR:-./logs}
-    local backup_dir=${BACKUP_DIR:-./backup}
+    local data_dir=${DATA_DIR:-../data}
+    local log_dir=${LOG_DIR:-../logs}
+    local backup_dir=${BACKUP_DIR:-../backup}
     
-    print_message $BLUE "创建必要的目录..."
-    mkdir -p "$data_dir"/{postgres,redis,uploads}
-    mkdir -p "$log_dir"/{postgres,redis,app,nginx}
-    mkdir -p "$backup_dir"/postgres
+    print_message $BLUE "检查并创建必要的目录..."
     
-    # 设置权限
-    chmod 755 "$data_dir" "$log_dir" "$backup_dir"
-    chmod 700 "$data_dir"/postgres
+    # 使用项目根目录下的目录结构，去掉 ../ 前缀
+    local actual_data_dir=${data_dir#../}
+    local actual_log_dir=${log_dir#../}
+    local actual_backup_dir=${backup_dir#../}
+    
+    # 创建目录结构
+    mkdir -p "$PROJECT_ROOT/$actual_data_dir"/{postgres,redis,uploads}
+    mkdir -p "$PROJECT_ROOT/$actual_log_dir"/{postgres,redis,app,nginx}
+    mkdir -p "$PROJECT_ROOT/$actual_backup_dir"/postgres
+    
+    # 只对新创建的基础目录设置权限，忽略已存在目录的权限错误
+    for dir in "$PROJECT_ROOT/$actual_data_dir" "$PROJECT_ROOT/$actual_log_dir" "$PROJECT_ROOT/$actual_backup_dir"; do
+        if [ -d "$dir" ]; then
+            chmod 755 "$dir" 2>/dev/null || true
+        fi
+    done
+    
+    print_message $GREEN "目录检查完成！"
+}
+
+# 清理旧容器和占用的端口
+cleanup_old_containers() {
+    print_message $YELLOW "清理旧容器和占用的端口..."
+    
+    # 首先尝试停止可能存在的 docker-compose 服务
+    cd "$PROJECT_ROOT"
+    docker-compose $(get_compose_files prod) --env-file "$ENV_FILE" down 2>/dev/null || true
+    
+    # 停止并删除可能存在的旧容器
+    local containers=("qaup-postgres" "qaup-redis" "qaup-app" "qaup-nginx")
+    
+    for container in "${containers[@]}"; do
+        if docker ps -a --format "table {{.Names}}" | grep -q "^${container}$"; then
+            print_message $BLUE "删除旧容器: $container"
+            docker rm -f "$container" 2>/dev/null || true
+        fi
+    done
+    
+    # 清理可能占用端口的容器（通过端口查找）
+    local ports=(5432 6379 8080 80 443)
+    for port in "${ports[@]}"; do
+        local container_id=$(docker ps --filter "publish=$port" -q 2>/dev/null || true)
+        if [ -n "$container_id" ]; then
+            print_message $BLUE "停止占用端口 $port 的容器: $container_id"
+            docker rm -f "$container_id" 2>/dev/null || true
+        fi
+    done
+    
+    print_message $GREEN "旧容器和端口清理完成！"
 }
 
 # 启动服务
@@ -138,7 +183,10 @@ start_services() {
     
     print_message $GREEN "启动 $env 环境服务..."
     check_env_file
-    create_directories
+    create_directories  # 智能创建目录，避免权限问题
+    
+    # 清理旧容器
+    cleanup_old_containers
     
     cd "$PROJECT_ROOT"
     docker-compose $(get_compose_files $env) --env-file "$ENV_FILE" up -d $services
diff --git a/deploy/docker/prepare-offline-images.sh b/deploy/docker/prepare-offline-images.sh
index e7a32097..43dcc8f5 100755
--- a/deploy/docker/prepare-offline-images.sh
+++ b/deploy/docker/prepare-offline-images.sh
@@ -302,11 +302,11 @@ echo "镜像文件列表:"
 ls -lh *.tar.gz
 echo ""
 echo "校验和文件已生成: checksums.sha256"
-# 复制必要的配置文件
+# 复制必要的配置文件到根目录
 echo "复制配置文件..."
-cp "$PROJECT_ROOT/deploy/docker-compose.yml" "$CONFIG_DIR/"
-cp "$PROJECT_ROOT/deploy/docker-compose.prod.yml" "$CONFIG_DIR/"
-cp "$PROJECT_ROOT/deploy/.env.template" "$CONFIG_DIR/"
+cp "$PROJECT_ROOT/deploy/docker-compose.yml" "$PROJECT_ROOT/offline-deploy/"
+cp "$PROJECT_ROOT/deploy/docker-compose.prod.yml" "$PROJECT_ROOT/offline-deploy/"
+cp "$PROJECT_ROOT/deploy/.env.template" "$PROJECT_ROOT/offline-deploy/"
 
 # 复制部署脚本
 cp "$PROJECT_ROOT/deploy/deploy.sh" "$SCRIPTS_DIR/"
diff --git a/deploy/docker/start.sh b/deploy/docker/start.sh
index aa8c940c..503a6a50 100755
--- a/deploy/docker/start.sh
+++ b/deploy/docker/start.sh
@@ -5,7 +5,7 @@ JVM_OPTS="${JVM_OPTS:--Dname=qaup-admin.jar -Duser.timezone=Asia/Shanghai -Xms51
 
 # 等待数据库就绪
 echo "等待数据库连接..."
-while ! nc -z ${DB_HOST:-qaup-postgres} ${DB_PORT:-5432}; do
+while ! timeout 3 bash -c "</dev/tcp/${DB_HOST:-qaup-postgres}/${DB_PORT:-5432}" 2>/dev/null; do
   echo "数据库未就绪，等待 5 秒..."
   sleep 5
 done
@@ -13,7 +13,7 @@ echo "数据库连接成功"
 
 # 等待 Redis 就绪
 echo "等待 Redis 连接..."
-while ! nc -z ${REDIS_HOST:-qaup-redis} ${REDIS_PORT:-6379}; do
+while ! timeout 3 bash -c "</dev/tcp/${REDIS_HOST:-qaup-redis}/${REDIS_PORT:-6379}" 2>/dev/null; do
   echo "Redis 未就绪，等待 3 秒..."
   sleep 3
 done