feat: Docker 部署完整环境变量 — 不再依赖 backend/.env
docker-compose.yml 新增 ADMIN_PASSWORD/INTERNAL_SERVICE_TOKEN 等关键变量, .docker.env.example 覆盖所有可配置项,确保容器内各服务启动不 panic。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
+25
-3
@@ -9,12 +9,20 @@ LLM_API_KEY=sk-xxxxx
|
||||
LLM_MODEL=gpt-4o
|
||||
LLM_FALLBACK_MODEL=gpt-4o-mini
|
||||
|
||||
# ========== 数据库密码 ==========
|
||||
POSTGRES_PASSWORD=change-me-to-random-password
|
||||
# ========== 管理员账号(必填) ==========
|
||||
ADMIN_USERNAME=admin
|
||||
ADMIN_PASSWORD=change-me-to-secure-password
|
||||
ADMIN_NICKNAME=管理员
|
||||
|
||||
# ========== JWT ==========
|
||||
# ========== 安全密钥(必填) ==========
|
||||
JWT_SECRET=change-me-to-random-secret-string
|
||||
JWT_EXPIRY_HOURS=720
|
||||
INTERNAL_SERVICE_TOKEN=change-me-to-random-token
|
||||
|
||||
# ========== 数据库 ==========
|
||||
POSTGRES_USER=cyrene
|
||||
POSTGRES_PASSWORD=change-me-to-random-password
|
||||
POSTGRES_DB=cyrene_ai
|
||||
|
||||
# ========== Redis ==========
|
||||
REDIS_PASSWORD=
|
||||
@@ -23,5 +31,19 @@ REDIS_PASSWORD=
|
||||
MINIO_ACCESS_KEY=minioadmin
|
||||
MINIO_SECRET_KEY=change-me-to-random-password
|
||||
|
||||
# ========== 注册与访问控制 ==========
|
||||
REGISTRATION_ENABLED=false
|
||||
ALLOWED_ORIGINS=http://localhost:5173,http://localhost:9090
|
||||
|
||||
# ========== WebSocket ==========
|
||||
WS_MAX_CONNECTIONS=1000
|
||||
SESSION_IDLE_TIMEOUT_MIN=30
|
||||
|
||||
# ========== 后台自主思考 ==========
|
||||
ENABLE_BACKGROUND_THINKING=true
|
||||
|
||||
# ========== Webhook(可选) ==========
|
||||
WEBHOOK_API_KEY=
|
||||
|
||||
# ========== Caddy / ACME(有域名时填写) ==========
|
||||
ACME_EMAIL=admin@example.com
|
||||
|
||||
+25
-2
@@ -33,10 +33,22 @@ services:
|
||||
context: .
|
||||
dockerfile: ./backend/gateway/Dockerfile
|
||||
environment:
|
||||
GATEWAY_PORT: "8080"
|
||||
ENV: production
|
||||
GATEWAY_PORT: "8080"
|
||||
JWT_SECRET: ${JWT_SECRET}
|
||||
JWT_EXPIRY_HOURS: "720"
|
||||
JWT_EXPIRY_HOURS: ${JWT_EXPIRY_HOURS:-720}
|
||||
INTERNAL_SERVICE_TOKEN: ${INTERNAL_SERVICE_TOKEN}
|
||||
ADMIN_USERNAME: ${ADMIN_USERNAME:-admin}
|
||||
ADMIN_PASSWORD: ${ADMIN_PASSWORD}
|
||||
ADMIN_NICKNAME: ${ADMIN_NICKNAME:-管理员}
|
||||
REGISTRATION_ENABLED: ${REGISTRATION_ENABLED:-false}
|
||||
ALLOWED_ORIGINS: ${ALLOWED_ORIGINS:-http://localhost:5173,http://localhost:9090}
|
||||
WS_MAX_CONNECTIONS: ${WS_MAX_CONNECTIONS:-1000}
|
||||
SESSION_IDLE_TIMEOUT_MIN: ${SESSION_IDLE_TIMEOUT_MIN:-30}
|
||||
WEBHOOK_API_KEY: ${WEBHOOK_API_KEY:-}
|
||||
LLM_API_URL: ${LLM_API_URL}
|
||||
LLM_API_KEY: ${LLM_API_KEY}
|
||||
LLM_MODEL: ${LLM_MODEL:-gpt-4o}
|
||||
AI_CORE_URL: http://ai-core:8081
|
||||
MEMORY_SERVICE_URL: http://memory-service:8091
|
||||
VOICE_SERVICE_URL: http://voice-service:8093
|
||||
@@ -64,16 +76,26 @@ services:
|
||||
environment:
|
||||
AI_CORE_PORT: "8081"
|
||||
PERSONA_DIR: "./internal/persona"
|
||||
ENV: production
|
||||
LLM_API_URL: ${LLM_API_URL}
|
||||
LLM_API_KEY: ${LLM_API_KEY}
|
||||
LLM_MODEL: ${LLM_MODEL:-gpt-4o}
|
||||
LLM_FALLBACK_MODEL: ${LLM_FALLBACK_MODEL:-gpt-4o-mini}
|
||||
INTERNAL_SERVICE_TOKEN: ${INTERNAL_SERVICE_TOKEN}
|
||||
ADMIN_NICKNAME: ${ADMIN_NICKNAME:-管理员}
|
||||
GATEWAY_URL: http://gateway:8080
|
||||
MEMORY_SERVICE_URL: http://memory-service:8091
|
||||
IOT_DEBUG_SERVICE_URL: http://iot-debug-service:8083
|
||||
SEARXNG_URL: http://searxng:8080
|
||||
ENABLE_BACKGROUND_THINKING: ${ENABLE_BACKGROUND_THINKING:-true}
|
||||
ENABLE_TOOLS: "true"
|
||||
TZ: Asia/Shanghai
|
||||
POSTGRES_HOST: postgres
|
||||
POSTGRES_PORT: "5432"
|
||||
POSTGRES_USER: ${POSTGRES_USER:-cyrene}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
||||
POSTGRES_DB: ${POSTGRES_DB:-cyrene_ai}
|
||||
POSTGRES_SSLMODE: disable
|
||||
depends_on:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
@@ -91,6 +113,7 @@ services:
|
||||
POSTGRES_USER: ${POSTGRES_USER:-cyrene}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
||||
POSTGRES_DB: ${POSTGRES_DB:-cyrene_ai}
|
||||
POSTGRES_SSLMODE: disable
|
||||
depends_on:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
|
||||
@@ -36,16 +36,33 @@ docker compose logs -f
|
||||
|
||||
## 环境变量
|
||||
|
||||
所有变量在 `.docker.env` 中配置。必填项:
|
||||
所有变量在 `.docker.env` 中配置,完整模板见 [.docker.env.example](../../.docker.env.example)。
|
||||
|
||||
### 必填(服务启动 panic 若缺失)
|
||||
|
||||
| 变量 | 说明 |
|
||||
|------|------|
|
||||
| `LLM_API_URL` | LLM API 地址 |
|
||||
| `LLM_API_KEY` | LLM API 密钥 |
|
||||
| `POSTGRES_PASSWORD` | 数据库密码 |
|
||||
| `ADMIN_PASSWORD` | 管理员密码 |
|
||||
| `JWT_SECRET` | JWT 签名密钥 |
|
||||
| `INTERNAL_SERVICE_TOKEN` | 服务间通信认证 Token |
|
||||
| `POSTGRES_PASSWORD` | 数据库密码 |
|
||||
| `MINIO_SECRET_KEY` | MinIO 密钥 |
|
||||
|
||||
### 推荐配置
|
||||
|
||||
| 变量 | 默认值 | 说明 |
|
||||
|------|--------|------|
|
||||
| `LLM_MODEL` | `gpt-4o` | 主模型 |
|
||||
| `LLM_FALLBACK_MODEL` | `gpt-4o-mini` | 回退模型 |
|
||||
| `ADMIN_USERNAME` | `admin` | 管理员用户名 |
|
||||
| `ADMIN_NICKNAME` | `管理员` | AI 对管理员的称呼 |
|
||||
| `REGISTRATION_ENABLED` | `false` | 开放注册(生产建议关闭) |
|
||||
| `ALLOWED_ORIGINS` | `http://localhost:5173,...` | CORS 白名单 |
|
||||
| `ENABLE_BACKGROUND_THINKING` | `true` | 后台自主思考 |
|
||||
| `ACME_EMAIL` | — | Let's Encrypt 证书邮箱 |
|
||||
|
||||
## 域名与 HTTPS
|
||||
|
||||
有域名时修改 [Caddyfile](../../Caddyfile):
|
||||
|
||||
Reference in New Issue
Block a user