diff --git a/.env b/.env
new file mode 100644
index 0000000..3960bac
--- /dev/null
+++ b/.env
@@ -0,0 +1,12 @@
+BASE_URL=https://zpic.rss.ink:8443
+
+DB_USER=zpic_user
+DB_PASSWORD=ZR8e0b2G4eIp
+DB_HOST=127.0.0.1
+DB_PORT=5432
+DB_NAME=zpic
+
+REDIS_HOST=127.0.0.1
+REDIS_PORT=6379
+REDIS_DB=0
+REDIS_PASSWORD=redis_RnBRn5
\ No newline at end of file
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..ab34d26
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,20 @@
+services:
+  postgres:
+    image: postgres:17-bookworm
+    restart: unless-stopped
+    environment:
+      POSTGRES_DB: ${DB_NAME}
+      POSTGRES_USER: ${DB_USER}
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+    volumes:
+      - ./pgsql/data:/var/lib/postgresql/data
+      - ./pgsql/postgres.conf:/etc/postgresql/postgresql.conf:ro
+    command: ["postgres", "-c", "config_file=/etc/postgresql/postgresql.conf"]
+    ports:
+      - "127.0.0.1:5432:5432"
+    networks:
+      - mynet
+
+networks:
+  mynet:
+    internal: true
\ No newline at end of file
diff --git a/pgsql/postgres.conf b/pgsql/postgres.conf
new file mode 100644
index 0000000..d2f7bf0
--- /dev/null
+++ b/pgsql/postgres.conf
@@ -0,0 +1,49 @@
+# -----------------------------
+# 基础设置
+# -----------------------------
+listen_addresses = '127.0.0.1'      # 仅允许本地连接（由 Docker 网络控制访问）
+port = 5432
+max_connections = 100              # 根据应用连接池调整（如 pgbouncer 可设更低）
+
+# -----------------------------
+# 内存配置（根据主机内存调整）
+# -----------------------------
+shared_buffers = 256MB             # 推荐为物理内存的 25%，但不超过 8GB
+effective_cache_size = 1GB         # 推荐为物理内存的 50%~75%
+work_mem = 8MB                     # 每个排序/哈希操作可用内存（高并发时勿过大）
+maintenance_work_mem = 128MB       # VACUUM、CREATE INDEX 等维护操作内存
+
+# -----------------------------
+# WAL 与可靠性（关键！）
+# -----------------------------
+wal_level = replica                # 支持流复制和 PITR 备份
+synchronous_commit = on            # 保证事务持久性（若可容忍少量丢失，可设为 off 提升性能）
+checkpoint_timeout = 15min         # 减少检查点抖动
+checkpoint_completion_target = 0.9
+archive_mode = on                  # 启用归档（配合 wal-g/pgBackRest）
+archive_command = '/bin/true'      # 实际备份工具会覆盖此命令，此处先占位
+
+# -----------------------------
+# 日志（便于运维）
+# -----------------------------
+log_destination = 'stderr'
+logging_collector = on
+log_directory = 'log'
+log_filename = 'postgresql-%Y-%m-%d.log'
+log_statement = 'none'             # 生产建议为 'none' 或 'error'，避免性能开销
+log_timezone = 'Asia/Shanghai'
+log_min_duration_statement = 1000  # 记录执行超过 1 秒的慢查询（单位：毫秒）
+
+# -----------------------------
+# 时区与区域
+# -----------------------------
+timezone = 'Asia/Shanghai'
+lc_messages = 'en_US.UTF-8'
+lc_monetary = 'en_US.UTF-8'
+lc_numeric = 'en_US.UTF-8'
+lc_time = 'en_US.UTF-8'
+
+# -----------------------------
+# 其他安全建议
+# -----------------------------
+password_encryption = scram-sha-256  # 强制使用 SCRAM-SHA-256 密码加密
\ No newline at end of file