yiekheng/cm_bot_v2
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Normalize rex/siong envs to .env.example + gitignore pattern

Browse Source 
Untracks envs/rex/.env and envs/siong/.env (kept on disk so existing
deploys keep working) and adds matching .env.example templates so a
fresh clone has something to copy from. .gitignore widens from
envs/dev/.env to envs/*/.env to cover all three deployments.

Per-deployment secrets are no longer committed; rotation deemed
unnecessary because the repo is hosted on a private self-hosted Gitea
instance.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
yiekheng 2026-05-02 17:12:56 +08:00
parent dff8be829c
commit 8b8978831b
6 changed files with 91 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -2,4 +2,4 @@ __pycache__
.DS_Store .DS_Store
*.html *.html
logs logs
envs/dev/.env envs/*/.env

22
README.md
View File

@ -9,21 +9,27 @@ Brief, copy/paste-ready steps to run the published images from `gitea.04080616.x
## Environment configs ## Environment configs
Pre-configured `.env` files for each deployment are in the `envs/` folder: Per-deployment templates live in `envs/<name>/.env.example` (committed). Each operator copies the example to a sibling `.env` (gitignored — never committed) and fills in the real secrets:
``` ```
envs/ envs/
├── rex/.env # Rex deployment (port 8001) ├── dev/.env.example # Local development tier — see "Local Development" below
└── siong/.env # Siong deployment (port 8005) ├── rex/.env.example # Rex deployment (port 8001)
└── siong/.env.example # Siong deployment (port 8005)
``` ```
For local development, copy the desired env to the project root: For Portainer-hosted deployments (rex/siong):
```bash ```bash
cp envs/rex/.env .env cp envs/rex/.env.example envs/rex/.env
# or # Fill in DB_PASSWORD, CM_AGENT_*, CM_SECURITY_PIN, TELEGRAM_BOT_TOKEN, etc.
cp envs/siong/.env .env # Then load the variables into the Portainer stack environment.
``` ```
For Portainer, load the env vars from the appropriate file into the stack environment variables. For local development, see the dev tier flow:
```bash
cp envs/dev/.env.example .env
bash scripts/dev.sh up
```
## Key variables ## Key variables
| Variable | Description | | Variable | Description |

28
envs/rex/.env
View File

@ -1,28 +0,0 @@
# === Deployment Identity ===
CM_DEPLOY_NAME=rex-cm
CM_WEB_HOST_PORT=8001
# === Docker Registry ===
CM_IMAGE_PREFIX=gitea.04080616.xyz/yiekheng
DOCKER_IMAGE_TAG=latest
# === Telegram ===
TELEGRAM_BOT_TOKEN=5315819168:AAH31xwNgPdnk123x97XalmTW6fQV5EUCFU
TELEGRAM_ALERT_CHAT_ID=818380985
# === Database ===
DB_HOST=192.168.0.210
DB_USER=rex_cm
DB_PASSWORD=hengserver
DB_NAME=rex_cm
DB_PORT=3306
DB_CONNECTION_TIMEOUT=8
DB_CONNECT_RETRIES=5
DB_CONNECT_RETRY_DELAY=2
# === Bot Config ===
CM_PREFIX_PATTERN=13c
CM_AGENT_ID=cm13a3
CM_AGENT_PASSWORD=Sky533535
CM_SECURITY_PIN=Sky533535
CM_BOT_BASE_URL=https://cm99.net

38
envs/rex/.env.example Normal file
View File

@ -0,0 +1,38 @@
# rex deployment template. Copy to envs/rex/.env (which is gitignored) and
# fill in the real secrets for the rex environment, OR paste the variables
# directly into the Portainer stack environment.
# === Runtime ===
# Leave unset (or 'false') in production. Setting CM_DEBUG=true exposes the
# Werkzeug debugger and is RCE if the port is reachable.
CM_DEBUG=false
# === Deployment Identity ===
CM_DEPLOY_NAME=rex-cm
CM_WEB_HOST_PORT=8001
# === Docker Registry / Build ===
CM_IMAGE_PREFIX=gitea.04080616.xyz/yiekheng
DOCKER_IMAGE_TAG=latest
# === Telegram ===
TELEGRAM_BOT_TOKEN=
TELEGRAM_ALERT_CHAT_ID=
TELEGRAM_ALERT_BOT_TOKEN=
# === Database ===
DB_HOST=
DB_USER=
DB_PASSWORD=
DB_NAME=
DB_PORT=3306
DB_CONNECTION_TIMEOUT=8
DB_CONNECT_RETRIES=5
DB_CONNECT_RETRY_DELAY=2
# === Bot Config ===
CM_PREFIX_PATTERN=
CM_AGENT_ID=
CM_AGENT_PASSWORD=
CM_SECURITY_PIN=
CM_BOT_BASE_URL=

28
envs/siong/.env
View File

@ -1,28 +0,0 @@
# === Deployment Identity ===
CM_DEPLOY_NAME=siong-cm
CM_WEB_HOST_PORT=8005
# === Docker Registry ===
CM_IMAGE_PREFIX=gitea.04080616.xyz/yiekheng
DOCKER_IMAGE_TAG=latest
# === Telegram ===
TELEGRAM_BOT_TOKEN=7028479329:AAH_UTPoYcaB0iZMXJjO7pKYxyub8ZSXn2E
TELEGRAM_ALERT_CHAT_ID=818380985
# === Database ===
DB_HOST=192.168.0.210
DB_USER=siong_cm
DB_PASSWORD=hengserver
DB_NAME=siong_cm
DB_PORT=3306
DB_CONNECTION_TIMEOUT=8
DB_CONNECT_RETRIES=5
DB_CONNECT_RETRY_DELAY=2
# === Bot Config ===
CM_PREFIX_PATTERN=13sa
CM_AGENT_ID=cm13a39
CM_AGENT_PASSWORD=Wenwen12345
CM_SECURITY_PIN=Wenwen12345
CM_BOT_BASE_URL=https://cm99.net

38
envs/siong/.env.example Normal file
View File

@ -0,0 +1,38 @@
# siong deployment template. Copy to envs/siong/.env (which is gitignored) and
# fill in the real secrets for the siong environment, OR paste the variables
# directly into the Portainer stack environment.
# === Runtime ===
# Leave unset (or 'false') in production. Setting CM_DEBUG=true exposes the
# Werkzeug debugger and is RCE if the port is reachable.
CM_DEBUG=false
# === Deployment Identity ===
CM_DEPLOY_NAME=siong-cm
CM_WEB_HOST_PORT=8005
# === Docker Registry / Build ===
CM_IMAGE_PREFIX=gitea.04080616.xyz/yiekheng
DOCKER_IMAGE_TAG=latest
# === Telegram ===
TELEGRAM_BOT_TOKEN=
TELEGRAM_ALERT_CHAT_ID=
TELEGRAM_ALERT_BOT_TOKEN=
# === Database ===
DB_HOST=
DB_USER=
DB_PASSWORD=
DB_NAME=
DB_PORT=3306
DB_CONNECTION_TIMEOUT=8
DB_CONNECT_RETRIES=5
DB_CONNECT_RETRY_DELAY=2
# === Bot Config ===
CM_PREFIX_PATTERN=
CM_AGENT_ID=
CM_AGENT_PASSWORD=
CM_SECURITY_PIN=
CM_BOT_BASE_URL=