完善 Docker 部署骨架并整理开源发布资料

- 调整 Dockerfile 与入口脚本，拆分应用、MySQL、Redis 的部署职责 - 新增 docker-compose、docker ignore 与 Docker 环境变量示例 - 重写 README 并补充 Docker 部署说明与第三方资产说明 - 将后台示例账号与 webhook token 改为安全占位值，移除弱口令默认兜底
2026-05-06 14:44:49 +08:00
parent 53b6ddc05c
commit 9589846113
11 changed files with 508 additions and 361 deletions
--- a/admin/dashboard/server.py
+++ b/admin/dashboard/server.py
@@ -32,6 +32,13 @@ sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__), '..', '.
 class DashboardServer:
    """统计看板服务器"""

+    # 公开仓库默认占位值：
+    # 1. 不再把 admin / admin123 这类弱口令作为代码级兜底；
+    # 2. 当用户未显式配置后台账号时，系统仍可启动，但会强烈提示其先完成配置；
+    # 3. 这里保留固定占位串，主要用于避免 None/空串把旧逻辑带偏。
+    SAFE_PLACEHOLDER_USERNAME = "please_change_me"
+    SAFE_PLACEHOLDER_PASSWORD = "please_change_me"
+
    def __init__(self, host: str = None, port: int = None,
                 username: str = None, password: str = None,
                 robot_instance=None):
@@ -41,8 +48,8 @@ class DashboardServer:
        # 优先使用传入的参数，其次使用配置文件中的参数
        self.host = host or self.config.get("server", {}).get("host", "0.0.0.0")
        self.port = port or self.config.get("server", {}).get("port", 8888)
-        self.username = username or self.config.get("auth", {}).get("username", "admin")
-        self.password = password or self.config.get("auth", {}).get("password", "admin123")
+        self.username = username or self.config.get("auth", {}).get("username", self.SAFE_PLACEHOLDER_USERNAME)
+        self.password = password or self.config.get("auth", {}).get("password", self.SAFE_PLACEHOLDER_PASSWORD)

        self.LOG = logger
        self.LOG.info(f"Dashboard配置加载完成: 服务器将运行在 {self.host}:{self.port}")
@@ -129,20 +136,29 @@ class DashboardServer:
                with open(config_path, 'r', encoding='utf-8') as f:
                    return toml.load(f)
            else:
-                # 如果配置文件不存在，创建默认配置
+                # 如果配置文件不存在，创建安全占位配置：
+                # 1. 公开仓库不再自动落地弱口令；
+                # 2. 保留最小可运行结构，避免因为缺文件直接崩溃；
+                # 3. 部署者看到占位值后，会更自然地完成首次替换。
                default_config = {
                    "server": {"host": "0.0.0.0", "port": 8888},
-                    "auth": {"username": "admin", "password": "admin123"}
+                    "auth": {
+                        "username": self.SAFE_PLACEHOLDER_USERNAME,
+                        "password": self.SAFE_PLACEHOLDER_PASSWORD,
+                    }
                }
                with open(config_path, 'w', encoding='utf-8') as f:
                    toml.dump(default_config, f)
                return default_config
        except Exception as e:
            self.LOG.error(f"加载Dashboard配置文件失败: {e}")
-            # 返回默认配置
+            # 返回默认配置兜底，但仍坚持使用安全占位值。
            return {
                "server": {"host": "0.0.0.0", "port": 8888},
-                "auth": {"username": "admin", "password": "admin123"}
+                "auth": {
+                    "username": self.SAFE_PLACEHOLDER_USERNAME,
+                    "password": self.SAFE_PLACEHOLDER_PASSWORD,
+                }
            }

    def _create_app(self) -> Flask: