add

6 days ago · ba249c95ed
3 changed files with 128 additions and 4 deletions
--- a/.env
+++ b/.env
@ -9,4 +9,9 @@ DB_NAME=zpic
				@@ -9,4 +9,9 @@ DB_NAME=zpic
 REDIS_HOST=127.0.0.1
 REDIS_PORT=6379
 REDIS_DB=0
-REDIS_PASSWORD=redis_RnBRn5
+REDIS_PASSWORD=phLoaoPLWx9h
+
+NSFW_TOKEN=7l2OqQqvuMmG
+
+IMGPROXY_KEY=738407de5b7c42efddc6483dbec41d95
+IMGPROXY_SALT=f396da2b4802d257
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -1,11 +1,27 @@
				@@ -1,11 +1,27 @@
 services:
+  zpic:
+    container_name: zpic
+    image: helloz/zpic
+    networks:
+      - mynet
+    ports:
+      - "2080:2080"
+    # 环境变量
+    environment:
+      - WORKERS=2
+    depends_on:
+      - postgres
+      - redis
+    restart: always
+
  postgres:
+    container_name: postgres
    image: postgres:17-bookworm
    restart: unless-stopped
    environment:
-      POSTGRES_DB: ${DB_NAME}
-      POSTGRES_USER: ${DB_USER}
-      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      - POSTGRES_DB=${DB_NAME}
+      - POSTGRES_USER=${DB_USER}
+      - POSTGRES_PASSWORD=${DB_PASSWORD}
    volumes:
      - ./pgsql/data:/var/lib/postgresql/data
      - ./pgsql/postgres.conf:/etc/postgresql/postgresql.conf:ro
@ -15,6 +31,48 @@ services:
				@@ -15,6 +31,48 @@ services:
    networks:
      - mynet

+  redis:
+    image: redis:8-alpine
+    container_name: redis
+    networks:
+      - mynet
+    ports:
+      - "127.0.0.1:6379:6379"
+    restart: always
+    volumes:
+      - ./redis/data:/data
+      - ./redis/redis.conf:/data/redis.conf
+    command: ["redis-server", "/data/redis.conf"]
+
+  nsfw:
+    container_name: nsfw
+    image: helloz/nsfw
+    networks:
+      - mynet
+    ports:
+      - "6086:6086"
+    # 环境变量
+    environment:
+      - TOKEN=${NSFW_TOKEN}
+    restart: always
+
+  imgproxy:
+    image: hub.tcp.mk/imgproxy/imgproxy:latest
+    container_name: imgproxy
+    networks:
+      - mynet
+    ports:
+      - "8080:8080"
+    environment:
+      - IMGPROXY_KEY=${IMGPROXY_KEY}
+      - IMGPROXY_SALT=${IMGPROXY_SALT}
+      #- IMGPROXY_ALLOWED_SOURCES=https://your-bucket.s3.amazonaws.com,https://cdn.yoursite.com
+      - IMGPROXY_QUALITY=80
+      - IMGPROXY_AUTO_ROTATE=true
+      - IMGPROXY_AUTO_WEBP=true
+      - IMGPROXY_MAX_SRC_FILE_SIZE=10485760
+    restart: unless-stopped
+
 networks:
  mynet:
    driver: bridge
--- a/redis/redis.conf
+++ b/redis/redis.conf
@ -0,0 +1,61 @@
				@@ -0,0 +1,61 @@
+# --- 基础网络配置 ---
+# 生产环境务必绑定内网 IP，不要仅监听 0.0.0.0
+bind 127.0.0.1
+port 6379
+tcp-backlog 511
+timeout 0
+tcp-keepalive 300
+
+# --- 安全配置 ---
+# 生产环境必须设置强密码
+requirepass "phLoaoPLWx9h"
+# 禁用或重命名高危命令
+rename-command FLUSHALL ""
+rename-command FLUSHDB  ""
+rename-command DEBUG    ""
+
+# --- 运行模式 ---
+daemonize no
+pidfile /var/run/redis_6379.pid
+loglevel notice
+logfile /data/redis.log
+databases 16
+
+# --- RDB 持久化配置 ---
+# 开启 RDB，设置合理的快照频率
+# 格式：save <seconds> <changes>
+save 900 1      # 15分钟内至少1个 key 变化
+save 300 10     # 5分钟内至少10个 key 变化
+save 60 10000   # 1分钟内至少10000个 key 变化
+
+stop-writes-on-bgsave-error yes
+rdbcompression yes
+rdbchecksum yes
+dbfilename dump.rdb
+dir /data
+
+# --- AOF 持久化配置 (显式关闭) ---
+appendonly no
+
+# --- 内存管理 ---
+# 根据服务器实际可用内存设置，建议保留 20-30% 给系统和 BGSAVE 进程
+maxmemory 2gb
+# 达到内存上限时的淘汰策略：使用最少使用的 key (LRU)
+maxmemory-policy allkeys-lru
+# Redis 8 优化了内存碎片处理
+activedefrag yes
+
+# --- 性能优化与限制 ---
+maxclients 10000
+# 慢查询日志：执行时间超过 10 毫秒的记录
+slowlog-log-slower-than 10000
+slowlog-max-len 128
+
+# --- 线程 IO (Redis 6.0+ 特性，Redis 8 依然适用) ---
+# 根据 CPU 核心数调整，通常 8 核设为 3，16 核设为 6
+io-threads 4
+io-threads-do-reads yes
+
+# --- 保护机制 ---
+# 避免因为 Swap 导致的性能抖动
+# 请在操作系统层面设置 vm.swappiness=0