- pnpm monorepo: apps/api (Fastify + SQLite + SSE), apps/web (React+Vite), packages/shared, packages/pi-adapter - Local auth (admin/webhook-runner roles) + Keycloak JWT ready - Multi-session chat with reliable history (user persisted before LLM, assistant persisted after stream) - Markdown knowledge base with /api/docs/search + /api/docs/:id - YAML webhook catalog with backend-only execution, retry/backoff, audit (webhook_runs), and per-user rate limit - Skills config (sre-on-call, blameless-postmortem, security-incident) injected into LLM system prompt - LLM provider failover chain (config/models.yml fallback + LLM_FALLBACK_CHAIN override) - Context-aware webhooks panel + backend id-mention safety net - Per-message stats (time/duration/tokens/model), Markdown+GFM render, code & table copy/download buttons - Vitest suite, end-to-end smoke test (scripts/smoke.mjs), per-session system prompt override - /metrics Prometheus endpoint + /api/metrics JSON, request-id correlation - dotenv with explicit repo-root path; envString/envNumber helpers (handles empty-string env) - Runbooks + SOPs under knowledge/ in English; README, docs, and INDEX.md in English
119 lines
4.0 KiB
Plaintext
119 lines
4.0 KiB
Plaintext
# =============================================================
|
|
# SIC — Super Incident Commander
|
|
# Local development environment.
|
|
#
|
|
# How to use:
|
|
# 1. Copy this file to `.env`:
|
|
# cp .env.example .env
|
|
# 2. Edit `.env` and fill in the secrets (at minimum MINIMAX_API_KEY).
|
|
# 3. Start the API:
|
|
# pnpm dev
|
|
#
|
|
# The API loads `.env` automatically via dotenv at boot. Real shell
|
|
# environment variables always win over the file, so production /
|
|
# docker setups that inject env vars keep working unchanged.
|
|
#
|
|
# Never commit a real `.env` file — it's gitignored.
|
|
# =============================================================
|
|
|
|
|
|
# ---------------------------------------------------------------
|
|
# Server
|
|
# ---------------------------------------------------------------
|
|
API_PORT=8787
|
|
HOST=0.0.0.0
|
|
API_BODY_LIMIT_BYTES=1048576
|
|
CORS_ALLOWED_ORIGINS=
|
|
WEB_PORT=3000
|
|
WEB_VITE_API_PROXY=http://localhost:8787
|
|
|
|
# ---------------------------------------------------------------
|
|
# Auth
|
|
# ---------------------------------------------------------------
|
|
# local: dev mode, returns a synthetic `local-user` with admin + webhook-runner roles
|
|
# keycloak: validates Authorization: Bearer JWT against OIDC_ISSUER/OIDC_AUDIENCE
|
|
AUTH_MODE=local
|
|
OIDC_ISSUER=https://auth.rikrdo.com/realms/homelab
|
|
OIDC_AUDIENCE=pi-chat
|
|
|
|
# ---------------------------------------------------------------
|
|
# Persistence
|
|
# ---------------------------------------------------------------
|
|
DATABASE_URL=sqlite://./data/pi-chat.db
|
|
|
|
# ---------------------------------------------------------------
|
|
# LLM provider (OpenAI-compatible)
|
|
# ---------------------------------------------------------------
|
|
# Default provider and base URL. The MiniMax and mr-auto model
|
|
# entries in config/models.yml both read these.
|
|
LLM_BASE_URL=https://api.minimax.io/v1
|
|
|
|
# Per-model fallback chain. Override the default chain parsed from
|
|
# config/models.yml. Comma-separated model ids in the order to try.
|
|
# Set to empty to disable and use the YAML-only chain.
|
|
# Example: LLM_FALLBACK_CHAIN=balanced,mr-auto
|
|
LLM_FALLBACK_CHAIN=
|
|
LLM_API_KEY=
|
|
DEFAULT_MODEL=fast
|
|
|
|
# Backwards-compat alias for the MiniMax key. Either this or LLM_API_KEY works.
|
|
# Used by chat routes as a fallback when LLM_API_KEY is empty.
|
|
MINIMAX_API_KEY=
|
|
|
|
# Per-model API key overrides (config/models.yml -> model.api_key_env).
|
|
# Only the mr-auto model needs this; MiniMax shares LLM_API_KEY.
|
|
MR_AUTO_API_KEY=
|
|
|
|
LLM_TIMEOUT_MS=30000
|
|
|
|
# ---------------------------------------------------------------
|
|
# Chat input limits
|
|
# ---------------------------------------------------------------
|
|
CHAT_MESSAGE_MAX_CHARS=8000
|
|
|
|
# ---------------------------------------------------------------
|
|
# Rate limits
|
|
# ---------------------------------------------------------------
|
|
# /api/chat/stream — per authenticated user
|
|
CHAT_RATE_LIMIT_PER_MINUTE=20
|
|
CHAT_RATE_LIMIT_BURST=5
|
|
|
|
# POST /api/webhooks/:id/run — per webhook id (across all users)
|
|
WEBHOOK_RATE_LIMIT_PER_MINUTE=60
|
|
WEBHOOK_RATE_LIMIT_BURST=10
|
|
|
|
# ---------------------------------------------------------------
|
|
# Webhook execution
|
|
# ---------------------------------------------------------------
|
|
WEBHOOK_TIMEOUT_MS=15000
|
|
WEBHOOK_RETRY_MAX_ATTEMPTS=3
|
|
WEBHOOK_RETRY_INITIAL_BACKOFF_MS=500
|
|
WEBHOOK_RETRY_MAX_BACKOFF_MS=5000
|
|
|
|
# Audit retention
|
|
WEBHOOK_RUNS_RETENTION_DAYS=30
|
|
WEBHOOK_RUNS_MAX_PER_USER=1000
|
|
WEBHOOK_AUDIT_PURGE_INTERVAL_MS=3600000
|
|
|
|
# Webhook usage stats window (days) for /api/webhooks/usage
|
|
WEBHOOK_USAGE_WINDOW_DAYS=7
|
|
|
|
# ---------------------------------------------------------------
|
|
# Config file paths
|
|
# ---------------------------------------------------------------
|
|
# Each config file can be overridden with an env var. Defaults
|
|
# resolve relative to apps/api (where the API is started).
|
|
MODELS_CONFIG_PATH=
|
|
WEBHOOKS_CONFIG_PATH=
|
|
SKILLS_CONFIG_PATH=
|
|
KNOWLEDGE_DIR=
|
|
N8N_CONFIG_PATH=
|
|
RAG_CONFIG_PATH=
|
|
MCP_CONFIG_PATH=
|
|
|
|
# ---------------------------------------------------------------
|
|
# Development
|
|
# ---------------------------------------------------------------
|
|
# Set to `1` to enable verbose Fastify logging.
|
|
DEBUG=0
|