Initial commit: SIC harness (backend, web, pi-adapter, configs, docs)
- pnpm monorepo: apps/api (Fastify + SQLite + SSE), apps/web (React+Vite), packages/shared, packages/pi-adapter - Local auth (admin/webhook-runner roles) + Keycloak JWT ready - Multi-session chat with reliable history (user persisted before LLM, assistant persisted after stream) - Markdown knowledge base with /api/docs/search + /api/docs/:id - YAML webhook catalog with backend-only execution, retry/backoff, audit (webhook_runs), and per-user rate limit - Skills config (sre-on-call, blameless-postmortem, security-incident) injected into LLM system prompt - LLM provider failover chain (config/models.yml fallback + LLM_FALLBACK_CHAIN override) - Context-aware webhooks panel + backend id-mention safety net - Per-message stats (time/duration/tokens/model), Markdown+GFM render, code & table copy/download buttons - Vitest suite, end-to-end smoke test (scripts/smoke.mjs), per-session system prompt override - /metrics Prometheus endpoint + /api/metrics JSON, request-id correlation - dotenv with explicit repo-root path; envString/envNumber helpers (handles empty-string env) - Runbooks + SOPs under knowledge/ in English; README, docs, and INDEX.md in English
This commit is contained in:
118
.env.example
Normal file
118
.env.example
Normal file
@@ -0,0 +1,118 @@
|
||||
# =============================================================
|
||||
# SIC — Super Incident Commander
|
||||
# Local development environment.
|
||||
#
|
||||
# How to use:
|
||||
# 1. Copy this file to `.env`:
|
||||
# cp .env.example .env
|
||||
# 2. Edit `.env` and fill in the secrets (at minimum MINIMAX_API_KEY).
|
||||
# 3. Start the API:
|
||||
# pnpm dev
|
||||
#
|
||||
# The API loads `.env` automatically via dotenv at boot. Real shell
|
||||
# environment variables always win over the file, so production /
|
||||
# docker setups that inject env vars keep working unchanged.
|
||||
#
|
||||
# Never commit a real `.env` file — it's gitignored.
|
||||
# =============================================================
|
||||
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Server
|
||||
# ---------------------------------------------------------------
|
||||
API_PORT=8787
|
||||
HOST=0.0.0.0
|
||||
API_BODY_LIMIT_BYTES=1048576
|
||||
CORS_ALLOWED_ORIGINS=
|
||||
WEB_PORT=3000
|
||||
WEB_VITE_API_PROXY=http://localhost:8787
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Auth
|
||||
# ---------------------------------------------------------------
|
||||
# local: dev mode, returns a synthetic `local-user` with admin + webhook-runner roles
|
||||
# keycloak: validates Authorization: Bearer JWT against OIDC_ISSUER/OIDC_AUDIENCE
|
||||
AUTH_MODE=local
|
||||
OIDC_ISSUER=https://auth.rikrdo.com/realms/homelab
|
||||
OIDC_AUDIENCE=pi-chat
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Persistence
|
||||
# ---------------------------------------------------------------
|
||||
DATABASE_URL=sqlite://./data/pi-chat.db
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# LLM provider (OpenAI-compatible)
|
||||
# ---------------------------------------------------------------
|
||||
# Default provider and base URL. The MiniMax and mr-auto model
|
||||
# entries in config/models.yml both read these.
|
||||
LLM_BASE_URL=https://api.minimax.io/v1
|
||||
|
||||
# Per-model fallback chain. Override the default chain parsed from
|
||||
# config/models.yml. Comma-separated model ids in the order to try.
|
||||
# Set to empty to disable and use the YAML-only chain.
|
||||
# Example: LLM_FALLBACK_CHAIN=balanced,mr-auto
|
||||
LLM_FALLBACK_CHAIN=
|
||||
LLM_API_KEY=
|
||||
DEFAULT_MODEL=fast
|
||||
|
||||
# Backwards-compat alias for the MiniMax key. Either this or LLM_API_KEY works.
|
||||
# Used by chat routes as a fallback when LLM_API_KEY is empty.
|
||||
MINIMAX_API_KEY=
|
||||
|
||||
# Per-model API key overrides (config/models.yml -> model.api_key_env).
|
||||
# Only the mr-auto model needs this; MiniMax shares LLM_API_KEY.
|
||||
MR_AUTO_API_KEY=
|
||||
|
||||
LLM_TIMEOUT_MS=30000
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Chat input limits
|
||||
# ---------------------------------------------------------------
|
||||
CHAT_MESSAGE_MAX_CHARS=8000
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Rate limits
|
||||
# ---------------------------------------------------------------
|
||||
# /api/chat/stream — per authenticated user
|
||||
CHAT_RATE_LIMIT_PER_MINUTE=20
|
||||
CHAT_RATE_LIMIT_BURST=5
|
||||
|
||||
# POST /api/webhooks/:id/run — per webhook id (across all users)
|
||||
WEBHOOK_RATE_LIMIT_PER_MINUTE=60
|
||||
WEBHOOK_RATE_LIMIT_BURST=10
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Webhook execution
|
||||
# ---------------------------------------------------------------
|
||||
WEBHOOK_TIMEOUT_MS=15000
|
||||
WEBHOOK_RETRY_MAX_ATTEMPTS=3
|
||||
WEBHOOK_RETRY_INITIAL_BACKOFF_MS=500
|
||||
WEBHOOK_RETRY_MAX_BACKOFF_MS=5000
|
||||
|
||||
# Audit retention
|
||||
WEBHOOK_RUNS_RETENTION_DAYS=30
|
||||
WEBHOOK_RUNS_MAX_PER_USER=1000
|
||||
WEBHOOK_AUDIT_PURGE_INTERVAL_MS=3600000
|
||||
|
||||
# Webhook usage stats window (days) for /api/webhooks/usage
|
||||
WEBHOOK_USAGE_WINDOW_DAYS=7
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Config file paths
|
||||
# ---------------------------------------------------------------
|
||||
# Each config file can be overridden with an env var. Defaults
|
||||
# resolve relative to apps/api (where the API is started).
|
||||
MODELS_CONFIG_PATH=
|
||||
WEBHOOKS_CONFIG_PATH=
|
||||
SKILLS_CONFIG_PATH=
|
||||
KNOWLEDGE_DIR=
|
||||
N8N_CONFIG_PATH=
|
||||
RAG_CONFIG_PATH=
|
||||
MCP_CONFIG_PATH=
|
||||
|
||||
# ---------------------------------------------------------------
|
||||
# Development
|
||||
# ---------------------------------------------------------------
|
||||
# Set to `1` to enable verbose Fastify logging.
|
||||
DEBUG=0
|
||||
Reference in New Issue
Block a user