# 环境变量配置说明 - 宝塔部署 ## 📋 必需的环境变量 ### 1. 数据库配置 ```bash # MySQL数据库主机地址(本地数据库使用127.0.0.1或localhost) DB_HOST=127.0.0.1 # MySQL数据库端口(默认3306) DB_PORT=3306 # 数据库名称 DB_NAME=aigc_platform # 数据库用户名 DB_USERNAME=aigc_user # 数据库密码(请替换为你的实际密码) DB_PASSWORD=your_secure_password_here ``` ### 2. JWT配置 ```bash # JWT密钥(请生成一个足够长的随机字符串,至少64字符) JWT_SECRET=your-very-long-secret-key-at-least-64-characters-for-production-security # JWT过期时间(毫秒,默认604800000=7天) JWT_EXPIRATION=604800000 ``` ### 3. AI API配置 ```bash # AI API基础URL AI_API_BASE_URL=https://ai.comfly.chat AI_API_KEY=your_ai_api_key # 图片生成API配置 AI_IMAGE_API_BASE_URL=https://ai.comfly.chat AI_IMAGE_API_KEY=your_ai_image_api_key ``` ### 4. 支付宝配置 ```bash # 支付宝应用ID ALIPAY_APP_ID=your_alipay_app_id # 支付宝私钥 ALIPAY_PRIVATE_KEY=your_alipay_private_key # 支付宝公钥 ALIPAY_PUBLIC_KEY=your_alipay_public_key # 域名配置 ALIPAY_DOMAIN=https://yourdomain.com # 回调URL ALIPAY_NOTIFY_URL=https://yourdomain.com/api/payments/alipay/notify ALIPAY_RETURN_URL=https://yourdomain.com/payment/success ``` ### 5. 腾讯云SES邮件服务配置 ```bash # 腾讯云SES Secret ID TENCENT_SES_SECRET_ID=your_tencent_ses_secret_id # 腾讯云SES Secret Key TENCENT_SES_SECRET_KEY=your_tencent_ses_secret_key # 发件邮箱 TENCENT_SES_FROM_EMAIL=noreply@yourdomain.com # 邮件模板ID TENCENT_SES_TEMPLATE_ID=your_template_id ``` ### 6. 文件路径配置(可选) ```bash # FFmpeg可执行文件路径(Linux服务器) FFMPEG_PATH=/usr/bin/ffmpeg # 临时文件目录 TEMP_DIR=/app/temp # 上传文件目录 UPLOAD_PATH=/app/uploads # 日志文件路径 LOG_FILE_PATH=/app/logs/application.log ``` --- ## 🔧 宝塔面板设置环境变量 ### 方式一:通过启动脚本设置 在宝塔面板创建启动脚本 `start.sh`: ```bash #!/bin/bash # 设置环境变量 export DB_HOST=127.0.0.1 export DB_PORT=3306 export DB_NAME=aigc_platform export DB_USERNAME=aigc_user export DB_PASSWORD=jRbHPZbbkdm24yTT export JWT_SECRET=aigc-demo-secret-key-for-jwt-token-generation-2025-production-version-secure export AI_API_BASE_URL=https://ai.comfly.chat export AI_API_KEY=sk-xCX1X12e8Dpj4mRJKFMxFUnV29pzJQpPeuZFGqTwYOorjvOQ export AI_IMAGE_API_BASE_URL=https://ai.comfly.chat export AI_IMAGE_API_KEY=sk-xCX1X12e8Dpj4mRJKFMxFUnV29pzJQpPeuZFGqTwYOorjvOQ export ALIPAY_APP_ID=your_app_id export ALIPAY_PRIVATE_KEY=your_private_key export ALIPAY_PUBLIC_KEY=your_public_key export ALIPAY_DOMAIN=https://yourdomain.com export ALIPAY_NOTIFY_URL=https://yourdomain.com/api/payments/alipay/notify export ALIPAY_RETURN_URL=https://yourdomain.com/payment/success export TENCENT_SES_SECRET_ID=your_secret_id export TENCENT_SES_SECRET_KEY=your_secret_key export TENCENT_SES_FROM_EMAIL=noreply@yourdomain.com export TENCENT_SES_TEMPLATE_ID=your_template_id export FFMPEG_PATH=/usr/bin/ffmpeg export TEMP_DIR=/app/temp export UPLOAD_PATH=/app/uploads export LOG_FILE_PATH=/app/logs/application.log # 启动应用 java -jar -Dspring.profiles.active=prod demo-0.0.1-SNAPSHOT.jar ``` 赋予执行权限: ```bash chmod +x start.sh ``` ### 方式二:创建 .env 文件 创建 `.env` 文件: ```bash # 数据库配置 DB_HOST=127.0.0.1 DB_PORT=3306 DB_NAME=aigc_platform DB_USERNAME=aigc_user DB_PASSWORD=jRbHPZbbkdm24yTT # JWT配置 JWT_SECRET=aigc-demo-secret-key-for-jwt-token-generation-2025-production-version-secure JWT_EXPIRATION=604800000 # AI API配置 AI_API_BASE_URL=https://ai.comfly.chat AI_API_KEY=sk-xCX1X12e8Dpj4mRJKFMxFUnV29pzJQpPeuZFGqTwYOorjvOQ AI_IMAGE_API_BASE_URL=https://ai.comfly.chat AI_IMAGE_API_KEY=sk-xCX1X12e8Dpj4mRJKFMxFUnV29pzJQpPeuZFGqTwYOorjvOQ # 支付宝配置 ALIPAY_APP_ID=your_app_id ALIPAY_PRIVATE_KEY=your_private_key ALIPAY_PUBLIC_KEY=your_public_key ALIPAY_DOMAIN=https://yourdomain.com ALIPAY_NOTIFY_URL=https://yourdomain.com/api/payments/alipay/notify ALIPAY_RETURN_URL=https://yourdomain.com/payment/success # 腾讯云SES配置 TENCENT_SES_SECRET_ID=your_secret_id TENCENT_SES_SECRET_KEY=your_secret_key TENCENT_SES_FROM_EMAIL=noreply@yourdomain.com TENCENT_SES_TEMPLATE_ID=your_template_id # 文件路径配置 FFMPEG_PATH=/usr/bin/ffmpeg TEMP_DIR=/app/temp UPLOAD_PATH=/app/uploads LOG_FILE_PATH=/app/logs/application.log ``` 使用 `source` 加载环境变量后启动: ```bash source .env && java -jar -Dspring.profiles.active=prod demo-0.0.1-SNAPSHOT.jar ``` ### 方式三:systemd服务配置 创建 systemd 服务文件 `/etc/systemd/system/aigc-platform.service`: ```ini [Unit] Description=AIGC Platform Service After=network.target mysql.service [Service] Type=simple User=www WorkingDirectory=/www/wwwroot/aigc-platform ExecStart=/usr/bin/java -jar -Dspring.profiles.active=prod demo-0.0.1-SNAPSHOT.jar # 环境变量配置 Environment="DB_HOST=127.0.0.1" Environment="DB_PORT=3306" Environment="DB_NAME=aigc_platform" Environment="DB_USERNAME=aigc_user" Environment="DB_PASSWORD=jRbHPZbbkdm24yTT" Environment="JWT_SECRET=your-jwt-secret-key" Environment="AI_API_BASE_URL=https://ai.comfly.chat" Environment="AI_API_KEY=your_api_key" Restart=always RestartSec=10 [Install] WantedBy=multi-user.target ``` 启动服务: ```bash systemctl daemon-reload systemctl enable aigc-platform systemctl start aigc-platform systemctl status aigc-platform ``` --- ## ✅ 配置验证 启动应用后,检查日志确认数据库连接成功: ```bash # 查看启动日志 tail -f logs/application.log # 应该看到类似的日志: # INFO - HikariPool-1 - Starting... # INFO - HikariPool-1 - Start completed. # INFO - Started DemoApplication in X.XX seconds ``` 测试数据库连接: ```bash curl http://localhost:8080/api/health/ping ``` --- ## 🔐 安全建议 1. **不要将 .env 文件或包含密钥的启动脚本提交到Git** ```bash echo ".env" >> .gitignore echo "start.sh" >> .gitignore ``` 2. **定期更换JWT密钥和数据库密码** 3. **生产环境使用强密码** - 数据库密码:至少16位,包含大小写字母、数字、特殊字符 - JWT密钥:至少64字符随机字符串 4. **限制数据库访问** - 仅允许应用服务器IP访问MySQL - 不要使用root用户,创建专用数据库用户 5. **启用HTTPS** - 生产环境务必配置SSL证书 - 在Nginx/宝塔面板配置HTTPS --- ## 📝 快速配置模板(本地测试用) ```bash # 最小化配置(使用默认值) export DB_HOST=127.0.0.1 export DB_USERNAME=aigc_user export DB_PASSWORD=jRbHPZbbkdm24yTT export JWT_SECRET=aigc-demo-secret-key-for-jwt-token-generation-2025 # 启动应用 java -jar -Dspring.profiles.active=prod demo-0.0.1-SNAPSHOT.jar ```