feat(deploy): add Dockerfile, saas-env.example, nginx config, and production deployment guide

Multi-stage Docker build for zclaw-saas with dependency caching, environment variable template with security defaults, Nginx reverse proxy with SSE/WebSocket support and HTTPS, and comprehensive Chinese-language production deployment documentation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-31 10:26:30 +08:00
parent 8e6abc91e1
commit d0ae7d2770
4 changed files with 680 additions and 0 deletions
--- a/saas-env.example
+++ b/saas-env.example
@@ -0,0 +1,35 @@
+# ============================================================
+# ZCLAW SaaS Backend - Environment Variables
+# ============================================================
+# Usage:
+#   cp saas-env.example .env
+#   # Edit .env with your actual values
+#   docker compose up -d
+# ============================================================
+
+# ---- PostgreSQL 配置 ----
+POSTGRES_USER=zclaw
+POSTGRES_PASSWORD=请修改为强密码
+POSTGRES_DB=zclaw_saas
+
+# ---- SaaS 后端配置 ----
+
+# 数据库连接 URL (Docker 内部网络使用主机名 postgres)
+ZCLAW_DATABASE_URL=postgres://zclaw:请修改为强密码@postgres:5432/zclaw_saas
+
+# JWT 签名密钥 (至少32字符随机字符串)
+# 生成命令: openssl rand -hex 32
+ZCLAW_SAAS_JWT_SECRET=请使用openssl_rand_hex_32生成
+
+# TOTP/API Key 加密密钥 (64字符hex)
+# 生成命令: openssl rand -hex 32
+ZCLAW_TOTP_ENCRYPTION_KEY=请使用openssl_rand_hex_32生成
+
+# ---- 初始管理员账号 ----
+ZCLAW_ADMIN_USERNAME=admin
+ZCLAW_ADMIN_PASSWORD=请修改为强密码
+
+# ---- 运行模式 ----
+# 开发模式 (生产环境必须为 false 或不设置)
+# 设置为 true 会放宽安全限制: Cookie Secure=false, CORS 宽松等
+ZCLAW_SAAS_DEV=false