feat: 增强SaaS后端功能与安全性

refactor: 重构数据库连接使用PostgreSQL替代SQLite feat(auth): 增加JWT验证的audience和issuer检查 feat(crypto): 添加AES-256-GCM字段加密支持 feat(api): 集成utoipa实现OpenAPI文档 fix(admin): 修复配置项表单验证逻辑 style: 统一代码格式与类型定义 docs: 更新技术栈文档说明PostgreSQL
2026-03-31 00:12:53 +08:00
parent 4d8d560d1f
commit 44256a511c
177 changed files with 9731 additions and 948 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,76 @@
+# ============================================================
+# ZCLAW SaaS Backend - Docker Compose
+# ============================================================
+# Usage:
+#   cp saas-env.example .env   # then edit .env with real values
+#   docker compose up -d
+#   docker compose logs -f saas
+# ============================================================
+
+services:
+  # ---- PostgreSQL 16 ----
+  postgres:
+    image: postgres:16-alpine
+    container_name: zclaw-postgres
+    restart: unless-stopped
+
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER:-postgres}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-your_secure_password}
+      POSTGRES_DB: ${POSTGRES_DB:-zclaw}
+
+    ports:
+      - "${POSTGRES_PORT:-5432}:5432"
+
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-zclaw}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 10s
+
+    networks:
+      - zclaw-saas
+
+  # ---- SaaS Backend ----
+  saas:
+    build:
+      context: .
+      dockerfile: Dockerfile
+
+    container_name: zclaw-saas
+    restart: unless-stopped
+
+    ports:
+      - "${SAAS_PORT:-8080}:8080"
+
+    env_file:
+      - saas-env.example
+
+    environment:
+      DATABASE_URL: postgres://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-your_secure_password}@postgres:5432/${POSTGRES_DB:-zclaw}
+
+    depends_on:
+      postgres:
+        condition: service_healthy
+
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 15s
+
+    networks:
+      - zclaw-saas
+
+volumes:
+  postgres_data:
+    driver: local
+
+networks:
+  zclaw-saas:
+    driver: bridge