yiekheng
954d382b54
- Drop SEED_OPERATOR_TELEGRAM_ID (legacy from the Telegram era). - Add SEED_OPERATOR_USERNAME + a comment pointing to scripts/set-password.sh as the bootstrap path. - Add OPERATOR_TOKEN_VERSION as the documented kill switch for the AES-GCM session cookie. - Document AUTH_SECRET more explicitly: refuse to leave blank, and point at scripts/gen_auth_secret.sh as the generator. - Add the bot fan-out tuning trio that's been in env.ts but not in the example: BOT_FIRE_CONCURRENCY / BOT_GROUP_CONCURRENCY / BOT_MAX_SEND_PER_MINUTE with the same comments as the schema. - Add a Docker Registry section for scripts/publish.sh: DOCKER_IMAGE_TAG and CM_IMAGE_PLATFORMS, mirroring the cm_bot_v2 .env.example shape. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
51 lines
1.9 KiB
Plaintext
51 lines
1.9 KiB
Plaintext
# === Postgres ===
|
|
DATABASE_URL=postgres://USER:PASS@192.168.0.210:5432/whatsapp_bot_dev
|
|
|
|
# === App data paths (inside containers) ===
|
|
DATA_DIR=/data
|
|
SESSIONS_DIR=/data/sessions
|
|
MEDIA_DIR=/data/media
|
|
|
|
# === Bot service ===
|
|
BOT_HEALTH_PORT=8081
|
|
BOT_LOG_LEVEL=info
|
|
|
|
# Reminder fan-out tuning. Defaults aim for an established WhatsApp
|
|
# account (~30-60 msg/min safe band). Bump cautiously.
|
|
# BOT_FIRE_CONCURRENCY pg-boss workers; max accounts firing in parallel.
|
|
# BOT_GROUP_CONCURRENCY per-account parallel group sends; parts within a
|
|
# group stay serial.
|
|
# BOT_MAX_SEND_PER_MINUTE per-account token-bucket rate.
|
|
BOT_FIRE_CONCURRENCY=8
|
|
BOT_GROUP_CONCURRENCY=3
|
|
BOT_MAX_SEND_PER_MINUTE=40
|
|
|
|
# === Seed (used by scripts/db.sh seed) ===
|
|
# The bootstrap operator's username. After seed, set their password
|
|
# via: echo 'change-me-now' | scripts/set-password.sh admin
|
|
SEED_OPERATOR_USERNAME=admin
|
|
SEED_OPERATOR_NAME=Operator
|
|
|
|
# === Web / Auth ===
|
|
# Port the Next.js container exposes on the host. Production deployment
|
|
# (wabot.04080616.xyz) uses 8100; dev/staging (test.04080616.xyz) uses 9000.
|
|
WEB_PORT=9000
|
|
|
|
# 32-byte secret used to derive the AES-256-GCM key for session cookies.
|
|
# DO NOT leave blank — the web container will refuse to issue cookies.
|
|
# Generate via: scripts/gen_auth_secret.sh --write
|
|
AUTH_SECRET=
|
|
|
|
# Bumping this invalidates every outstanding session cookie globally on
|
|
# the next request. Treat it as a kill switch (e.g. after a key leak)
|
|
# rather than a routine value.
|
|
OPERATOR_TOKEN_VERSION=1
|
|
|
|
# === Docker Registry (used by scripts/publish.sh) ===
|
|
# Tag pushed alongside latest. Override with the CLI arg or
|
|
# DOCKER_IMAGE_TAG=v1.2.3 scripts/publish.sh.
|
|
DOCKER_IMAGE_TAG=latest
|
|
# Buildx target platforms. linux/amd64 is the prod host arch; add
|
|
# linux/arm64 if you cross-build for an Apple-silicon runner.
|
|
CM_IMAGE_PLATFORMS=linux/amd64
|