feat: 工程清理

2026-02-24 10:19:58 +08:00
parent c2567831d9
commit 53d55bb92f
13 changed files with 3 additions and 2207 deletions
--- a/deploy/docker-compose-aicodex.yml
+++ b/deploy/docker-compose-aicodex.yml
@@ -1,241 +0,0 @@
-# =============================================================================
-# aicodex2api Docker Compose Host Configuration (Local Build)
-# =============================================================================
-# Quick Start:
-#   1. Copy .env.example to .env and configure
-#   2. docker-compose -f docker-compose-host.yml up -d --build
-#   3. Check logs: docker-compose -f docker-compose-host.yml logs -f aicodex2api
-#   4. Access: http://localhost:8080
-#
-# This configuration builds the image from source (Dockerfile in project root).
-# All configuration is done via environment variables.
-# No Setup Wizard needed - the system auto-initializes on first run.
-# =============================================================================
-
-services:
-  # ===========================================================================
-  # aicodex2api Application
-  # ===========================================================================
-  aicodex2api:
-    image: yangjianbo/aicodex2api:latest
-    build:
-      context: ..
-      dockerfile: Dockerfile
-    container_name: aicodex2api
-    restart: unless-stopped
-    network_mode: host
-    ulimits:
-      nofile:
-        soft: 800000
-        hard: 800000
-    volumes:
-      # Data persistence (config.yaml will be auto-generated here)
-      - aicodex2api_data:/app/data
-      # Mount custom config.yaml (optional, overrides auto-generated config)
-      #- ./config.yaml:/app/data/config.yaml:ro
-    environment:
-      # =======================================================================
-      # Auto Setup (REQUIRED for Docker deployment)
-      # =======================================================================
-      - AUTO_SETUP=true
-
-      # =======================================================================
-      # Server Configuration
-      # =======================================================================
-      - SERVER_HOST=0.0.0.0
-      - SERVER_PORT=8080
-      - SERVER_MODE=${SERVER_MODE:-release}
-      - RUN_MODE=${RUN_MODE:-standard}
-
-      # =======================================================================
-      # Database Configuration (PostgreSQL)
-      # =======================================================================
-      # Using host network: point to host/external DB by DATABASE_HOST/DATABASE_PORT
-      - DATABASE_HOST=${DATABASE_HOST:-127.0.0.1}
-      - DATABASE_PORT=${DATABASE_PORT:-5432}
-      - DATABASE_USER=${POSTGRES_USER:-aicodex2api}
-      - DATABASE_PASSWORD=${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}
-      - DATABASE_DBNAME=${POSTGRES_DB:-aicodex2api}
-      - DATABASE_SSLMODE=disable
-      - DATABASE_MAX_OPEN_CONNS=${DATABASE_MAX_OPEN_CONNS:-50}
-      - DATABASE_MAX_IDLE_CONNS=${DATABASE_MAX_IDLE_CONNS:-10}
-      - DATABASE_CONN_MAX_LIFETIME_MINUTES=${DATABASE_CONN_MAX_LIFETIME_MINUTES:-30}
-      - DATABASE_CONN_MAX_IDLE_TIME_MINUTES=${DATABASE_CONN_MAX_IDLE_TIME_MINUTES:-5}
-
-      # =======================================================================
-      # Gateway Configuration
-      # =======================================================================
-      - GATEWAY_FORCE_CODEX_CLI=${GATEWAY_FORCE_CODEX_CLI:-false}
-      - GATEWAY_MAX_IDLE_CONNS=${GATEWAY_MAX_IDLE_CONNS:-2560}
-      - GATEWAY_MAX_IDLE_CONNS_PER_HOST=${GATEWAY_MAX_IDLE_CONNS_PER_HOST:-120}
-      - GATEWAY_MAX_CONNS_PER_HOST=${GATEWAY_MAX_CONNS_PER_HOST:-8192}
-
-      # =======================================================================
-      # Redis Configuration
-      # =======================================================================
-      # Using host network: point to host/external Redis by REDIS_HOST/REDIS_PORT
-      - REDIS_HOST=${REDIS_HOST:-127.0.0.1}
-      - REDIS_PORT=${REDIS_PORT:-6379}
-      - REDIS_PASSWORD=${REDIS_PASSWORD:-}
-      - REDIS_DB=${REDIS_DB:-0}
-      - REDIS_POOL_SIZE=${REDIS_POOL_SIZE:-1024}
-      - REDIS_MIN_IDLE_CONNS=${REDIS_MIN_IDLE_CONNS:-10}
-      - REDIS_ENABLE_TLS=${REDIS_ENABLE_TLS:-false}
-
-      # =======================================================================
-      # Admin Account (auto-created on first run)
-      # =======================================================================
-      - ADMIN_EMAIL=${ADMIN_EMAIL:-admin@aicodex2api.local}
-      - ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
-
-      # =======================================================================
-      # JWT Configuration
-      # =======================================================================
-      # Leave empty to auto-generate (recommended)
-      - JWT_SECRET=${JWT_SECRET:-}
-      - JWT_EXPIRE_HOUR=${JWT_EXPIRE_HOUR:-24}
-
-      # =======================================================================
-      # TOTP (2FA) Configuration
-      # =======================================================================
-      # IMPORTANT: Set a fixed encryption key for TOTP secrets. If left empty,
-      # a random key will be generated on each startup, causing all existing
-      # TOTP configurations to become invalid (users won't be able to login
-      # with 2FA).
-      # Generate a secure key: openssl rand -hex 32
-      - TOTP_ENCRYPTION_KEY=${TOTP_ENCRYPTION_KEY:-}
-
-      # =======================================================================
-      # Timezone Configuration
-      # This affects ALL time operations in the application:
-      # - Database timestamps
-      # - Usage statistics "today" boundary
-      # - Subscription expiry times
-      # - Log timestamps
-      # Common values: Asia/Shanghai, America/New_York, Europe/London, UTC
-      # =======================================================================
-      - TZ=${TZ:-Asia/Shanghai}
-
-      # =======================================================================
-      # Gemini OAuth Configuration (for Gemini accounts)
-      # =======================================================================
-      - GEMINI_OAUTH_CLIENT_ID=${GEMINI_OAUTH_CLIENT_ID:-}
-      - GEMINI_OAUTH_CLIENT_SECRET=${GEMINI_OAUTH_CLIENT_SECRET:-}
-      - GEMINI_OAUTH_SCOPES=${GEMINI_OAUTH_SCOPES:-}
-      - GEMINI_QUOTA_POLICY=${GEMINI_QUOTA_POLICY:-}
-
-      # Built-in OAuth client secrets (optional)
-      # SECURITY: This repo does not embed third-party client_secret.
-      - GEMINI_CLI_OAUTH_CLIENT_SECRET=${GEMINI_CLI_OAUTH_CLIENT_SECRET:-}
-      - ANTIGRAVITY_OAUTH_CLIENT_SECRET=${ANTIGRAVITY_OAUTH_CLIENT_SECRET:-}
-
-      # =======================================================================
-      # Security Configuration (URL Allowlist)
-      # =======================================================================
-      # Allow private IP addresses for CRS sync (for internal deployments)
-      - SECURITY_URL_ALLOWLIST_ALLOW_PRIVATE_HOSTS=${SECURITY_URL_ALLOWLIST_ALLOW_PRIVATE_HOSTS:-true}
-    depends_on:
-      postgres:
-        condition: service_healthy
-      redis:
-        condition: service_healthy
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-      start_period: 30s
-
-  # ===========================================================================
-  # PostgreSQL Database
-  # ===========================================================================
-  postgres:
-    image: postgres:18-alpine
-    container_name: aicodex2api-postgres
-    restart: unless-stopped
-    network_mode: host
-    ulimits:
-      nofile:
-        soft: 800000
-        hard: 800000
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-    environment:
-      # postgres:18-alpine 默认 PGDATA=/var/lib/postgresql/18/docker（位于镜像声明的匿名卷 /var/lib/postgresql 内）。
-      # 若不显式设置 PGDATA，则即使挂载了 postgres_data 到 /var/lib/postgresql/data，数据也不会落盘到该命名卷，
-      # docker compose down/up 后会触发 initdb 重新初始化，导致用户/密码等数据丢失。
-      - PGDATA=/var/lib/postgresql/data
-      - POSTGRES_USER=${POSTGRES_USER:-aicodex2api}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}
-      - POSTGRES_DB=${POSTGRES_DB:-aicodex2api}
-      - TZ=${TZ:-Asia/Shanghai}
-    command:
-      - "postgres"
-      - "-c"
-      - "listen_addresses=127.0.0.1"
-      # 监听端口：与应用侧 DATABASE_PORT 保持一致。
-      - "-c"
-      - "port=${DATABASE_PORT:-5432}"
-      # 连接数上限：需要结合应用侧 DATABASE_MAX_OPEN_CONNS 调整。
-      # 注意：max_connections 过大可能导致内存占用与上下文切换开销显著上升。
-      - "-c"
-      - "max_connections=${POSTGRES_MAX_CONNECTIONS:-1024}"
-      # 典型内存参数（建议结合机器内存调优；不确定就保持默认或小步调大）。
-      - "-c"
-      - "shared_buffers=${POSTGRES_SHARED_BUFFERS:-1GB}"
-      - "-c"
-      - "effective_cache_size=${POSTGRES_EFFECTIVE_CACHE_SIZE:-6GB}"
-      - "-c"
-      - "maintenance_work_mem=${POSTGRES_MAINTENANCE_WORK_MEM:-128MB}"
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-aicodex2api} -d ${POSTGRES_DB:-aicodex2api} -p ${DATABASE_PORT:-5432}"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-      start_period: 10s
-    # Note: bound to localhost only; not exposed to external network by default.
-
-  # ===========================================================================
-  # Redis Cache
-  # ===========================================================================
-  redis:
-    image: redis:8-alpine
-    container_name: aicodex2api-redis
-    restart: unless-stopped
-    network_mode: host
-    ulimits:
-      nofile:
-        soft: 100000
-        hard: 100000
-    volumes:
-      - redis_data:/data
-    command: >
-      redis-server
-      --bind 127.0.0.1
-      --port ${REDIS_PORT:-6379}
-      --maxclients ${REDIS_MAXCLIENTS:-50000}
-      --save 60 1
-      --appendonly yes
-      --appendfsync everysec
-      ${REDIS_PASSWORD:+--requirepass ${REDIS_PASSWORD}}
-    environment:
-      - TZ=${TZ:-Asia/Shanghai}
-      # REDISCLI_AUTH is used by redis-cli for authentication (safer than -a flag)
-      - REDISCLI_AUTH=${REDIS_PASSWORD:-}
-    healthcheck:
-      test: ["CMD-SHELL", "redis-cli -p ${REDIS_PORT:-6379} -a \"$REDISCLI_AUTH\" ping | grep -q PONG || redis-cli -p ${REDIS_PORT:-6379} ping | grep -q PONG"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-      start_period: 5s
-
-# =============================================================================
-# Volumes
-# =============================================================================
-volumes:
-  aicodex2api_data:
-    driver: local
-  postgres_data:
-    driver: local
-  redis_data:
-    driver: local