2026-07-13 08:59:13 +00:00
|
|
|
|
# 巡樓 gateway — 可提交的設定範本。
|
|
|
|
|
|
# 複製為 gateway.yaml 後填入私有密鑰;gateway.yaml 已被 .gitignore 排除。
|
2026-07-10 12:54:45 +00:00
|
|
|
|
Name: haixun-gateway
|
|
|
|
|
|
Host: 0.0.0.0
|
|
|
|
|
|
Port: 8888
|
2026-07-13 01:15:30 +00:00
|
|
|
|
# AI 產文/試產可能超過 30s;過短會 503 且前端拿不到結果
|
|
|
|
|
|
Timeout: 120000
|
2026-07-10 12:54:45 +00:00
|
|
|
|
MaxBytes: 104857600
|
|
|
|
|
|
|
|
|
|
|
|
Log:
|
|
|
|
|
|
Mode: console
|
|
|
|
|
|
Level: info
|
|
|
|
|
|
|
|
|
|
|
|
# go-zero monc 快取(Redis)— 與 monc.MustNewModel / CacheRedis 對接
|
|
|
|
|
|
# 若 Redis 有 requirepass:設 Pass 或環境變數 REDIS_PASSWORD / HAIXUN_REDIS_PASSWORD
|
|
|
|
|
|
# (沒帶密碼會 NOAUTH,登入 API 回 500)
|
|
|
|
|
|
CacheRedis:
|
|
|
|
|
|
- Host: 127.0.0.1:6379
|
|
|
|
|
|
Type: node
|
|
|
|
|
|
Pass: ""
|
|
|
|
|
|
|
2026-07-15 15:23:59 +00:00
|
|
|
|
# Shared key prefix for this environment and a dedicated HMAC secret for
|
|
|
|
|
|
# credential-safe AI model-cache fingerprints. Prefer env REDIS_NAMESPACE and
|
|
|
|
|
|
# AI_MODEL_CACHE_FINGERPRINT_SECRET; do not reuse JWT, Scout, or encryption keys.
|
|
|
|
|
|
Redis:
|
|
|
|
|
|
Namespace: "haixun:dev:v1"
|
|
|
|
|
|
AIModelCacheFingerprintSecret: "REPLACE_WITH_A_DEDICATED_LONG_RANDOM_SECRET"
|
|
|
|
|
|
|
2026-07-10 12:54:45 +00:00
|
|
|
|
# Mongo — mon/monc 使用完整 URI(含帳密時寫在 URI;可用環境變數 MONGO_URI 覆寫)
|
|
|
|
|
|
# 本機有 auth 的例子:
|
|
|
|
|
|
# export MONGO_URI='mongodb://USER:PASS@127.0.0.1:27017/?authSource=admin'
|
|
|
|
|
|
# 沒設帳密但 Mongo 開了 auth → 查詢會失敗,登入會 500 而不是「密碼錯」
|
|
|
|
|
|
Mongo:
|
|
|
|
|
|
URI: "mongodb://127.0.0.1:27017"
|
|
|
|
|
|
Database: "haixun"
|
|
|
|
|
|
|
|
|
|
|
|
Auth:
|
2026-07-13 08:59:13 +00:00
|
|
|
|
# 至少 32 bytes,且不得與 RefreshSecret 相同。
|
|
|
|
|
|
AccessSecret: "REPLACE_WITH_A_LONG_RANDOM_ACCESS_SECRET"
|
2026-07-10 12:54:45 +00:00
|
|
|
|
AccessExpire: 86400
|
2026-07-13 08:59:13 +00:00
|
|
|
|
RefreshSecret: "REPLACE_WITH_A_DIFFERENT_LONG_RANDOM_REFRESH_SECRET"
|
2026-07-10 12:54:45 +00:00
|
|
|
|
RefreshExpire: 604800
|
|
|
|
|
|
|
2026-07-15 15:23:59 +00:00
|
|
|
|
# AES-256-GCM for member BYOK at rest. Generate Key with: openssl rand -base64 32
|
|
|
|
|
|
# Prefer env MEMBER_SETTINGS_ENCRYPTION_KEY_ID / MEMBER_SETTINGS_ENCRYPTION_KEY.
|
|
|
|
|
|
# Keep this key ID/key unchanged until persisted values have been migrated to a replacement.
|
|
|
|
|
|
MemberSettingsEncryption:
|
|
|
|
|
|
CurrentKeyID: "v1"
|
|
|
|
|
|
Key: "REPLACE_WITH_BASE64_32_BYTE_KEY"
|
|
|
|
|
|
|
2026-07-13 01:15:30 +00:00
|
|
|
|
# 平台預設 key(所有會員可用;會員在設定頁填的 BYOK 優先)
|
|
|
|
|
|
# 也可用環境變數覆寫:PLATFORM_XAI_KEY / PLATFORM_OPENCODE_KEY / PLATFORM_EXA_KEY / PLATFORM_AI_KEY
|
2026-07-10 12:54:45 +00:00
|
|
|
|
Platform:
|
2026-07-13 01:15:30 +00:00
|
|
|
|
# xAI(api.x.ai)— 人設 LLM、文案等
|
2026-07-13 08:59:13 +00:00
|
|
|
|
XAIKey: ""
|
2026-07-13 01:15:30 +00:00
|
|
|
|
# 相容舊名:XAIKey 空時會用 AIKey
|
2026-07-10 12:54:45 +00:00
|
|
|
|
AIKey: ""
|
2026-07-13 01:15:30 +00:00
|
|
|
|
# OpenCode Go(opencode.ai/zen/go)
|
2026-07-13 08:59:13 +00:00
|
|
|
|
OpenCodeKey: ""
|
2026-07-13 01:15:30 +00:00
|
|
|
|
# Exa 網搜
|
2026-07-13 08:59:13 +00:00
|
|
|
|
ExaKey: ""
|
|
|
|
|
|
ThreadsAppId: ""
|
|
|
|
|
|
ThreadsAppSecret: ""
|
|
|
|
|
|
|
|
|
|
|
|
Scout:
|
|
|
|
|
|
# Dedicated encryption key for Chrome storage state; do not reuse JWT keys.
|
|
|
|
|
|
SessionSecret: "REPLACE_WITH_A_DEDICATED_SCOUT_SESSION_SECRET"
|
|
|
|
|
|
# Private Playwright crawler service, called only by cmd/worker in dev_mode.
|
|
|
|
|
|
CrawlerEndpoint: ""
|
|
|
|
|
|
CrawlerToken: ""
|
2026-07-10 12:54:45 +00:00
|
|
|
|
|
|
|
|
|
|
Worker:
|
2026-07-13 08:59:13 +00:00
|
|
|
|
# 留空時 worker 會用 hostname + pid 產生唯一 owner id;多 worker 不可共用固定值。
|
|
|
|
|
|
ID: ""
|
2026-07-10 12:54:45 +00:00
|
|
|
|
PollIntervalMs: 2000
|
|
|
|
|
|
|
2026-07-13 08:59:13 +00:00
|
|
|
|
# 僅 cmd/seeder 使用,gateway/worker 不會讀取或寫入 log。
|
|
|
|
|
|
Seed:
|
|
|
|
|
|
AdminPassword: "REPLACE_WITH_A_STRONG_SEED_ADMIN_PASSWORD"
|
|
|
|
|
|
|
2026-07-10 12:54:45 +00:00
|
|
|
|
Bcrypt:
|
|
|
|
|
|
Cost: 10
|
|
|
|
|
|
|
2026-07-13 08:59:13 +00:00
|
|
|
|
# OAuth(未設定 provider 時相關 API 明確拒絕,不提供 mock 路徑)
|
2026-07-10 12:54:45 +00:00
|
|
|
|
OAuth:
|
|
|
|
|
|
GoogleClientID: ""
|
|
|
|
|
|
LineClientID: ""
|
|
|
|
|
|
LineClientSecret: ""
|
|
|
|
|
|
LineRedirectURI: ""
|
|
|
|
|
|
|
2026-07-15 15:23:59 +00:00
|
|
|
|
# Prefer STRIPE_* environment variables. Disabled/missing configuration never
|
|
|
|
|
|
# blocks startup; Stripe-dependent billing operations explicitly return 503.
|
|
|
|
|
|
Stripe:
|
|
|
|
|
|
Enabled: false
|
|
|
|
|
|
SecretKey: ""
|
|
|
|
|
|
WebhookSecret: ""
|
|
|
|
|
|
StarterPriceID: ""
|
|
|
|
|
|
ProPriceID: ""
|
|
|
|
|
|
SuccessURL: ""
|
|
|
|
|
|
CancelURL: ""
|
|
|
|
|
|
PortalReturnURL: ""
|
|
|
|
|
|
|
2026-07-10 12:54:45 +00:00
|
|
|
|
# 驗證碼/重設密碼寄信
|
|
|
|
|
|
#
|
|
|
|
|
|
# 本機(Mailpit,Mailgun 相容 SMTP 介面):
|
|
|
|
|
|
# Host: 127.0.0.1 Port: 1025 User/Password 可空
|
|
|
|
|
|
# UI: http://127.0.0.1:8025
|
|
|
|
|
|
# 容器:old/infra docker-compose 的 mailpit 服務
|
|
|
|
|
|
#
|
|
|
|
|
|
# 正式 Mailgun SMTP 例:
|
|
|
|
|
|
# Host: smtp.mailgun.org Port: 587
|
|
|
|
|
|
# User: postmaster@YOUR_DOMAIN Password: <API SMTP password>
|
2026-07-13 01:15:30 +00:00
|
|
|
|
# DevExposeCode: false試產
|
2026-07-10 12:54:45 +00:00
|
|
|
|
#
|
|
|
|
|
|
# env 覆寫:MAIL_SMTP_* 或 HAIXUN_SMTP_*(舊名相容)
|
|
|
|
|
|
Mail:
|
|
|
|
|
|
Sender: "Harbor Desk <noreply@haixun.local>"
|
|
|
|
|
|
SMTP:
|
|
|
|
|
|
Host: "127.0.0.1"
|
|
|
|
|
|
Port: 1025
|
|
|
|
|
|
User: ""
|
|
|
|
|
|
Password: ""
|
|
|
|
|
|
# 不再於 API 回傳驗證碼;碼只在郵件(Mailpit/SMTP)
|
|
|
|
|
|
DevExposeCode: false
|
|
|
|
|
|
|
|
|
|
|
|
# 前端 origin:重設信連結 + 預設 logo URL(/brand-mark.jpg)
|
|
|
|
|
|
# 遠端 dev:https://threads-tool-dev.30cm.net
|
2026-07-13 01:15:30 +00:00
|
|
|
|
PublicWebBase: "https://threads-tool-dev.30cm.net"
|
2026-07-13 08:59:13 +00:00
|
|
|
|
# 瀏覽器直連 gateway 時的 allowlist;同源 proxy 不需要列在此處。
|
|
|
|
|
|
# CORS_ALLOWED_ORIGINS 可用逗號附加額外的明確 origin,不能使用 *。
|
|
|
|
|
|
CORSAllowedOrigins:
|
|
|
|
|
|
- "https://threads-tool-dev.30cm.net"
|
|
|
|
|
|
- "http://127.0.0.1:5173"
|
|
|
|
|
|
- "http://localhost:5173"
|
2026-07-10 12:54:45 +00:00
|
|
|
|
|
|
|
|
|
|
# 郵件品牌(hermes 模板;LogoURL 空 = PublicWebBase/brand-mark.jpg)
|
|
|
|
|
|
Brand:
|
|
|
|
|
|
Name: "Harbor Desk"
|
|
|
|
|
|
LogoURL: ""
|
|
|
|
|
|
Copyright: "© Harbor Desk"
|
|
|
|
|
|
|
|
|
|
|
|
# 物件儲存(頭像等)— **只接 MinIO/S3**
|
|
|
|
|
|
#
|
|
|
|
|
|
# Endpoint = gateway 上傳用(本機 MinIO,一定要 :9000)
|
|
|
|
|
|
# PublicBaseURL = 瀏覽器讀圖用(走 nginx :80,不要寫 port、不要加 /bucket)
|
|
|
|
|
|
# 成品網址 = PublicBaseURL + "/" + key
|
|
|
|
|
|
# 例:http://10.0.0.5/haixun-assets/avatar/1000000/xxx.png
|
|
|
|
|
|
#
|
|
|
|
|
|
# Secret 建議用 env,不要 commit:
|
|
|
|
|
|
# export HAIXUN_STORAGE_S3_ACCESS_KEY=haixun
|
|
|
|
|
|
# export HAIXUN_STORAGE_S3_SECRET_KEY='你的密碼'
|
|
|
|
|
|
# 或 MINIO_ROOT_USER / MINIO_ROOT_PASSWORD(ApplyEnv 會讀)
|
|
|
|
|
|
ObjectStorage:
|
|
|
|
|
|
Endpoint: "http://127.0.0.1:9000"
|
|
|
|
|
|
Region: "us-east-1"
|
|
|
|
|
|
Bucket: "haixun-assets"
|
|
|
|
|
|
AccessKey: "haixun"
|
|
|
|
|
|
SecretKey: ""
|
|
|
|
|
|
UsePathStyle: true
|
|
|
|
|
|
# env HAIXUN_STORAGE_S3_PUBLIC_BASE_URL 會覆寫;勿用 /api/v1/public/assets(新後端無此 route)
|
|
|
|
|
|
PublicBaseURL: "https://threads-tool-dev.30cm.net/haixun-assets"
|
|
|
|
|
|
|