2febc37c2c
- authz: new ADMIN_TOKEN gates /internal/*; METRICS_PUBLIC=false by default, so /metrics returns 503 when neither METRICS_TOKEN nor API_KEYS is set (previously leaked pool topology). Startup logs loudly if API_KEYS is empty or admin falls back to chat keys. - lingma_client: keep a Popen handle instead of orphaning Lingma with start_new_session, drain stderr to logger at DEBUG, SIGTERM -> 5s grace -> SIGKILL on shutdown. Fixes the zombie-process leak on container reload. - pool: asyncio.gather to start N instances concurrently; N=2 pool shaves ~startup_timeout seconds off boot. - Dockerfile: HEALTHCHECK hits /healthz and greps for pool_ready>0 so Docker / compose orchestrators see "stuck on login" as unhealthy. Made-with: Cursor
99 lines
3.8 KiB
Plaintext
99 lines
3.8 KiB
Plaintext
# 网关监听地址
|
||
HOST=0.0.0.0
|
||
# 网关监听端口
|
||
PORT=8317
|
||
# API Key,可配置多个(逗号分隔)。空 = 不鉴权(启动会打 warning),仅用于本地 dev
|
||
API_KEYS=sk-your-api-key
|
||
# 独立的 /metrics 鉴权 token(留空则退化为 API_KEYS 亦可访问;若与 API_KEYS 同时为空,/metrics 默认 503)
|
||
METRICS_TOKEN=
|
||
# 显式把 /metrics 设为公开(仅在私网采集器场景使用)
|
||
METRICS_PUBLIC=false
|
||
# 独立的 /internal/* 管理 token(留空则退化为 API_KEYS);强烈建议生产环境单独配置
|
||
ADMIN_TOKEN=
|
||
# 日志级别(DEBUG / INFO / WARNING / ERROR)
|
||
LOG_LEVEL=INFO
|
||
|
||
# /v1/chat/completions 并发上限(<=0 表示不限流)
|
||
GATEWAY_MAX_IN_FLIGHT=4
|
||
# 排队等待超时秒数,超过后返回 429 + Retry-After
|
||
GATEWAY_QUEUE_TIMEOUT_SEC=30
|
||
|
||
# 容器内 Lingma 二进制路径
|
||
LINGMA_BIN=/app/data/bin/Lingma
|
||
# Lingma 获取方式:marketplace 或 vsix
|
||
LINGMA_SOURCE_TYPE=marketplace
|
||
# Marketplace 发布者
|
||
LINGMA_MARKETPLACE_PUBLISHER=Alibaba-Cloud
|
||
# Marketplace 扩展名
|
||
LINGMA_MARKETPLACE_EXTENSION=tongyi-lingma
|
||
# VSIX 下载地址(最新优先)
|
||
LINGMA_VSIX_URL=https://tongyi-code.oss-cn-hangzhou.aliyuncs.com/vscode/tongyi-lingma-latest.vsix
|
||
# 启动时总是尝试从 VSIX 刷新二进制
|
||
LINGMA_BOOTSTRAP_ALWAYS=true
|
||
# 强制刷新(true 时忽略本地缓存)
|
||
LINGMA_FORCE_REFRESH=false
|
||
# Lingma 工作目录(登录/会话数据)
|
||
LINGMA_WORK_DIR=/app/data/.lingma/vscode/sharedClientCache
|
||
# Lingma WebSocket 端口
|
||
LINGMA_SOCKET_PORT=36510
|
||
# Lingma 启动等待秒数
|
||
LINGMA_STARTUP_TIMEOUT=40
|
||
# 单次 RPC 超时秒数
|
||
LINGMA_RPC_TIMEOUT=30
|
||
|
||
# 默认模型(无法映射时使用)
|
||
DEFAULT_MODEL=org_auto
|
||
# 默认模式:chat 或 agent
|
||
DEFAULT_ASK_MODE=chat
|
||
|
||
# 专属域(可选)
|
||
DEDICATED_DOMAIN_URL=
|
||
|
||
# 未登录时是否自动登录
|
||
AUTO_LOGIN_ENABLED=true
|
||
# 自动登录是否无头浏览器
|
||
AUTO_LOGIN_HEADLESS=true
|
||
# 自动登录超时秒数
|
||
AUTO_LOGIN_TIMEOUT=180
|
||
# 自动登录重试次数
|
||
AUTO_LOGIN_MAX_RETRY=2
|
||
|
||
# Lingma 登录用户名(仅当 LINGMA_ACCOUNTS 为空时生效,单实例模式)
|
||
LINGMA_USERNAME=
|
||
# Lingma 登录密码(仅当 LINGMA_ACCOUNTS 为空时生效)
|
||
LINGMA_PASSWORD=
|
||
|
||
# ==== 多实例池(方案乙:多账号) ====
|
||
# 多账号列表,支持两种格式:
|
||
# CSV: user1:pass1,user2:pass2
|
||
# JSON: [{"username":"u1","password":"p1"},{"username":"u2","password":"p2"}]
|
||
# 配置后每个账号对应一个独立 Lingma 实例(独立 workDir + 独立自动登录)
|
||
LINGMA_ACCOUNTS=
|
||
# 实例数量:默认等于 LINGMA_ACCOUNTS 数;显式指定时账号不足会循环复用并打 warning
|
||
LINGMA_INSTANCE_COUNT=
|
||
|
||
# ==== 登录态注入:跳过 Playwright 自动登录 ====
|
||
# 方式 1:base64 字符串,内容 = tar.gz(workDir/cache/{id,user,quota,config.json})
|
||
# 通过 `POST /internal/session/export` 从另一个已登录实例导出得到。
|
||
# 配了这个就可以不填 LINGMA_USERNAME / LINGMA_PASSWORD。
|
||
# LINGMA_SESSION_BUNDLE=
|
||
|
||
# 方式 2:指向宿主机上的 bundle 文件路径(文件内容即 base64 字符串)
|
||
# LINGMA_SESSION_BUNDLE_FILE=/secrets/lingma-session.b64
|
||
|
||
# 多账号时走 JSON 模式,每个账号可以独立带 session_bundle:
|
||
# LINGMA_ACCOUNTS=[
|
||
# {"username":"u1","password":"p1","session_bundle":"H4sI..."},
|
||
# {"username":"u2","password":"p2","session_bundle_file":"/secrets/u2.b64"}
|
||
# ]
|
||
# 注意:一旦 workDir 里已经有登录态(cache/user 非空),bundle 会被跳过,
|
||
# 你手动登录的 / 旧容器的登录态不会被覆盖。
|
||
|
||
# ==== 会话复用(多轮对话命中上游 KV cache,减少首 token 延迟) ====
|
||
# 开关(默认开)
|
||
SESSION_REUSE_ENABLED=true
|
||
# 最多缓存多少条会话 (LRU)
|
||
SESSION_CACHE_MAX_ENTRIES=256
|
||
# 会话 TTL 秒数;超时自动失效,避免 Lingma 侧早已回收还在命中
|
||
SESSION_CACHE_TTL_SEC=1800
|