2025-12-18 13:50:39 +08:00
|
|
|
|
# =============================================================================
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# TianShuAPI Docker Compose - 1Panel 环境配置
|
2025-12-18 13:50:39 +08:00
|
|
|
|
# =============================================================================
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# 此配置文件适用于已有 1Panel 环境,复用现有 Redis
|
2025-12-18 13:50:39 +08:00
|
|
|
|
# =============================================================================
|
|
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
|
# ===========================================================================
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# TianShuAPI Application
|
2025-12-18 13:50:39 +08:00
|
|
|
|
# ===========================================================================
|
|
|
|
|
|
sub2api:
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# 方式1:使用官方镜像(快速部署)
|
|
|
|
|
|
# image: weishaw/sub2api:latest
|
|
|
|
|
|
|
|
|
|
|
|
# 方式2:从本地代码构建(二次开发)
|
|
|
|
|
|
build:
|
|
|
|
|
|
context: ../
|
|
|
|
|
|
dockerfile: Dockerfile
|
|
|
|
|
|
args:
|
|
|
|
|
|
- BUILD_TAGS=embed
|
|
|
|
|
|
image: sub2api:local
|
2025-12-18 13:50:39 +08:00
|
|
|
|
container_name: sub2api
|
|
|
|
|
|
restart: unless-stopped
|
2025-12-30 20:28:41 +08:00
|
|
|
|
ulimits:
|
|
|
|
|
|
nofile:
|
|
|
|
|
|
soft: 100000
|
|
|
|
|
|
hard: 100000
|
2025-12-18 13:50:39 +08:00
|
|
|
|
ports:
|
|
|
|
|
|
- "${BIND_HOST:-0.0.0.0}:${SERVER_PORT:-8080}:8080"
|
|
|
|
|
|
volumes:
|
|
|
|
|
|
- sub2api_data:/app/data
|
|
|
|
|
|
environment:
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# Auto Setup
|
2025-12-18 13:50:39 +08:00
|
|
|
|
- AUTO_SETUP=true
|
|
|
|
|
|
|
|
|
|
|
|
# Server Configuration
|
|
|
|
|
|
- SERVER_HOST=0.0.0.0
|
|
|
|
|
|
- SERVER_PORT=8080
|
|
|
|
|
|
- SERVER_MODE=${SERVER_MODE:-release}
|
2025-12-29 03:17:25 +08:00
|
|
|
|
- RUN_MODE=${RUN_MODE:-standard}
|
2025-12-18 13:50:39 +08:00
|
|
|
|
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# Database Configuration
|
2025-12-18 13:50:39 +08:00
|
|
|
|
- DATABASE_HOST=postgres
|
|
|
|
|
|
- DATABASE_PORT=5432
|
|
|
|
|
|
- DATABASE_USER=${POSTGRES_USER:-sub2api}
|
|
|
|
|
|
- DATABASE_PASSWORD=${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}
|
|
|
|
|
|
- DATABASE_DBNAME=${POSTGRES_DB:-sub2api}
|
|
|
|
|
|
- DATABASE_SSLMODE=disable
|
|
|
|
|
|
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# Redis Configuration - 使用外部 Redis
|
|
|
|
|
|
- REDIS_HOST=${REDIS_HOST}
|
|
|
|
|
|
- REDIS_PORT=${REDIS_PORT:-6379}
|
|
|
|
|
|
- REDIS_PASSWORD=${REDIS_PASSWORD}
|
2025-12-18 13:50:39 +08:00
|
|
|
|
- REDIS_DB=${REDIS_DB:-0}
|
2026-01-31 00:53:39 +08:00
|
|
|
|
- REDIS_ENABLE_TLS=${REDIS_ENABLE_TLS:-false}
|
2025-12-18 13:50:39 +08:00
|
|
|
|
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# Admin Account
|
2025-12-18 13:50:39 +08:00
|
|
|
|
- ADMIN_EMAIL=${ADMIN_EMAIL:-admin@sub2api.local}
|
|
|
|
|
|
- ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
|
|
|
|
|
|
|
|
|
|
|
|
# JWT Configuration
|
|
|
|
|
|
- JWT_SECRET=${JWT_SECRET:-}
|
|
|
|
|
|
- JWT_EXPIRE_HOUR=${JWT_EXPIRE_HOUR:-24}
|
|
|
|
|
|
|
2026-01-26 08:45:43 +08:00
|
|
|
|
# =======================================================================
|
|
|
|
|
|
# TOTP (2FA) Configuration
|
|
|
|
|
|
# =======================================================================
|
|
|
|
|
|
# IMPORTANT: Set a fixed encryption key for TOTP secrets. If left empty,
|
|
|
|
|
|
# a random key will be generated on each startup, causing all existing
|
|
|
|
|
|
# TOTP configurations to become invalid (users won't be able to login
|
|
|
|
|
|
# with 2FA).
|
|
|
|
|
|
# Generate a secure key: openssl rand -hex 32
|
|
|
|
|
|
- TOTP_ENCRYPTION_KEY=${TOTP_ENCRYPTION_KEY:-}
|
|
|
|
|
|
|
2025-12-18 13:50:39 +08:00
|
|
|
|
# =======================================================================
|
|
|
|
|
|
# Timezone Configuration
|
|
|
|
|
|
# This affects ALL time operations in the application:
|
|
|
|
|
|
# - Database timestamps
|
|
|
|
|
|
# - Usage statistics "today" boundary
|
|
|
|
|
|
# - Subscription expiry times
|
|
|
|
|
|
# - Log timestamps
|
|
|
|
|
|
# Common values: Asia/Shanghai, America/New_York, Europe/London, UTC
|
|
|
|
|
|
# =======================================================================
|
|
|
|
|
|
- TZ=${TZ:-Asia/Shanghai}
|
2025-12-25 21:25:16 -08:00
|
|
|
|
|
2026-01-26 10:32:46 +08:00
|
|
|
|
# Gemini OAuth (可选)
|
2025-12-25 21:25:16 -08:00
|
|
|
|
- GEMINI_OAUTH_CLIENT_ID=${GEMINI_OAUTH_CLIENT_ID:-}
|
|
|
|
|
|
- GEMINI_OAUTH_CLIENT_SECRET=${GEMINI_OAUTH_CLIENT_SECRET:-}
|
|
|
|
|
|
- GEMINI_OAUTH_SCOPES=${GEMINI_OAUTH_SCOPES:-}
|
2026-01-01 04:22:39 +08:00
|
|
|
|
- GEMINI_QUOTA_POLICY=${GEMINI_QUOTA_POLICY:-}
|
2025-12-18 13:50:39 +08:00
|
|
|
|
depends_on:
|
|
|
|
|
|
postgres:
|
|
|
|
|
|
condition: service_healthy
|
2026-01-26 10:32:46 +08:00
|
|
|
|
extra_hosts:
|
|
|
|
|
|
- "host.docker.internal:host-gateway"
|
2025-12-18 13:50:39 +08:00
|
|
|
|
networks:
|
|
|
|
|
|
- sub2api-network
|
2026-01-26 10:32:46 +08:00
|
|
|
|
- 1panel-network
|
2025-12-18 13:50:39 +08:00
|
|
|
|
healthcheck:
|
|
|
|
|
|
test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
|
|
|
|
|
|
interval: 30s
|
|
|
|
|
|
timeout: 10s
|
|
|
|
|
|
retries: 3
|
|
|
|
|
|
start_period: 30s
|
|
|
|
|
|
|
|
|
|
|
|
# ===========================================================================
|
|
|
|
|
|
# PostgreSQL Database
|
|
|
|
|
|
# ===========================================================================
|
|
|
|
|
|
postgres:
|
2025-12-19 16:42:03 +08:00
|
|
|
|
image: postgres:18-alpine
|
2025-12-18 13:50:39 +08:00
|
|
|
|
container_name: sub2api-postgres
|
|
|
|
|
|
restart: unless-stopped
|
2025-12-30 20:28:41 +08:00
|
|
|
|
ulimits:
|
|
|
|
|
|
nofile:
|
|
|
|
|
|
soft: 100000
|
|
|
|
|
|
hard: 100000
|
2025-12-18 13:50:39 +08:00
|
|
|
|
volumes:
|
|
|
|
|
|
- postgres_data:/var/lib/postgresql/data
|
|
|
|
|
|
environment:
|
|
|
|
|
|
- POSTGRES_USER=${POSTGRES_USER:-sub2api}
|
|
|
|
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}
|
|
|
|
|
|
- POSTGRES_DB=${POSTGRES_DB:-sub2api}
|
|
|
|
|
|
- TZ=${TZ:-Asia/Shanghai}
|
|
|
|
|
|
networks:
|
|
|
|
|
|
- sub2api-network
|
|
|
|
|
|
healthcheck:
|
|
|
|
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-sub2api} -d ${POSTGRES_DB:-sub2api}"]
|
|
|
|
|
|
interval: 10s
|
|
|
|
|
|
timeout: 5s
|
|
|
|
|
|
retries: 5
|
|
|
|
|
|
start_period: 10s
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Volumes
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
volumes:
|
|
|
|
|
|
sub2api_data:
|
|
|
|
|
|
driver: local
|
|
|
|
|
|
postgres_data:
|
|
|
|
|
|
driver: local
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Networks
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
networks:
|
|
|
|
|
|
sub2api-network:
|
|
|
|
|
|
driver: bridge
|
2026-01-26 10:32:46 +08:00
|
|
|
|
1panel-network:
|
|
|
|
|
|
external: true
|
