# ========================================== # MOMO 監控系統 - 環境變數配置模板 # ========================================== # 複製此檔案為 .env 並填入實際值 # 注意:.env 檔案已加入 .gitignore,不會被提交到版本控制 # ========================================== # 安全設定 # ========================================== # [必填] 登入密碼(弱密碼會被 LoginManager 拒絕) LOGIN_PASSWORD=your_strong_password_here # [必填] Flask session 簽章密鑰(建議 openssl rand -hex 32) SECRET_KEY=your_flask_secret_key_here # [預設 false] 開發測試用:設 true 可繞過所有 @login_required(生產環境嚴禁開啟) DISABLE_LOGIN=false # ========================================== # Telegram Bot 設定 # ========================================== TELEGRAM_BOT_TOKEN=your_telegram_bot_token TELEGRAM_CHAT_IDS=["chat_id_1","chat_id_2","chat_id_3"] # [選填] 舊腳本 fallback;新流程優先使用 TELEGRAM_CHAT_IDS JSON 陣列 TELEGRAM_CHAT_ID=chat_id_1 # ========================================== # Line Notify 設定 # ========================================== LINE_ENABLED=false LINE_CHANNEL_ACCESS_TOKEN=your_line_channel_access_token LINE_GROUP_ID=your_line_group_id # ========================================== # Email (SMTP) 設定 # ========================================== EMAIL_HOST=smtp.gmail.com EMAIL_PORT=587 EMAIL_HOST_USER=your_email@gmail.com EMAIL_HOST_PASSWORD=your_email_app_password EMAIL_SENDER=your_email@gmail.com EMAIL_RECEIVER=receiver_email@gmail.com # ========================================== # 網路設定 # ========================================== PUBLIC_URL=http://your_server_ip:port NGROK_AUTH_TOKEN=your_ngrok_auth_token # ========================================== # Image / Release Tag(docker-compose*.yml) # ========================================== MOMO_IMAGE=registry.wooo.work/wooo/momo-pro-system VERSION=stable FRONTEND_IMAGE=registry.wooo.work/wooo/momo-frontend FRONTEND_VERSION=stable # ========================================== # 市場情報模組設定(預設全部關閉) # ========================================== # Phase 1 僅允許安全骨架;正式爬蟲與 DB 寫入需逐步開啟 MARKET_INTEL_ENABLED=false MARKET_INTEL_CRAWLER_ENABLED=false MARKET_INTEL_WRITE_ENABLED=false # ========================================== # 通訊模組設定(從環境變數讀取) # ========================================== # --- Alert Webhook --- ALERT_WEBHOOK_USER=alertmanager ALERT_WEBHOOK_PASSWORD=your_secure_webhook_password_here # [預設 true] Alertmanager 告警自動修復開關;正式環境需配合 cooldown 與 allowlist AUTO_FIX_ENABLED=true # --- GitLab CI/CD --- GITLAB_URL=http://192.168.0.110:8929 GITLAB_TOKEN=your_gitlab_token_here GITLAB_PROJECT_ID=1 # --- Telegram Bot --- # ========================================== # HTTPS 設定(生產環境) # ========================================== # 如果部署在 HTTPS 環境,設為 true USE_HTTPS=false # ========================================== # Gunicorn Runtime 設定 # ========================================== # [預設 4] Web worker 數;正式環境需配合 PostgreSQL pool 上限 WEB_CONCURRENCY=4 # [預設 gthread] Thread worker 讓 /health 不會被 Dashboard 長查詢完全排隊 GUNICORN_WORKER_CLASS=gthread # [預設 4] 每個 worker 的 threads;正式環境需配合 DB pool 與 CPU 上限 GUNICORN_THREADS=4 # [預設 300] 長查詢 / 報表匯出 timeout 秒數 GUNICORN_TIMEOUT=300 # ========================================== # Database Settings # ========================================== # PostgreSQL Configuration (Production) POSTGRES_HOST=momo-postgres POSTGRES_PORT=5432 POSTGRES_USER=momo POSTGRES_PASSWORD=your_secure_postgres_password_here POSTGRES_DB=momo_analytics # SQLite Configuration (Development/Backup) SQLITE_PATH=data/momo_database.db # Database Type Selection (postgresql or sqlite) USE_POSTGRESQL=true # ========================================== # Google Drive 自動匯入設定 # ========================================== # 說明:系統會自動從 Google Drive 下載、匯入並刪除當日業績 Excel 檔案 # 設定方式:請參考 GOOGLE_DRIVE_SETUP.md # 認證檔案位置:config/google_credentials.json # Token 檔案位置:config/google_token.pickle(首次認證後自動產生) GDRIVE_FOLDER_PATH=業績報表/當日業績 GDRIVE_FILE_PATTERN=即時業績_當日 # ========================================== # Hermes 3 競價情報分析(Module 2 / ADR-012) # ========================================== # [選填] Hermes Ollama 端點;留空時自動走 GCP-A → GCP-B → 111(ADR-028) # 僅允許 http://34.143.170.20:11434、http://34.21.145.224:11434、http://192.168.0.111:11434 HERMES_URL= # [預設 120] Hermes 推理 timeout(秒);批量 300 筆預估 ~90s HERMES_TIMEOUT=120 # [選填] Embedding 服務主機;留空時自動走同一條 Ollama 三主機級聯 EMBEDDING_HOST= # [預設 45] Embedding API timeout;優先使用 Ollama /api/embed,舊節點 fallback /api/embeddings EMBEDDING_TIMEOUT=45 # ========================================== # Elephant Alpha AI Agent Super Orchestrator Settings # ========================================== # Description: Elephant Alpha (100B parameter model) for autonomous AI agent coordination # Provider: NVIDIA NIM hosted OpenAI-compatible API # Documentation: https://docs.nvidia.com/nim/large-language-models/latest/reference/api-reference.html # OpenRouter key 保留給舊流程;ElephantService 目前使用 NVIDIA_API_KEY。 OPENROUTER_API_KEY=sk-or-v1-your-openrouter-api-key-here # NVIDIA NIM hosted model;Ultra 253B 可能需帳號權限,預設用已驗證可呼叫的 Super 49B。 ELEPHANT_ALPHA_MODEL=nvidia/llama-3.3-nemotron-super-49b-v1.5 ELEPHANT_ALPHA_FALLBACK_MODELS=nvidia/llama-3.3-nemotron-super-49b-v1.5,nvidia/llama-3.1-nemotron-70b-instruct,meta/llama-3.1-8b-instruct # Elephant Alpha Behavior Configuration ELEPHANT_ALPHA_CONFIDENCE_THRESHOLD=0.7 ELEPHANT_ALPHA_MAX_AUTONOMOUS_DECISIONS_PER_HOUR=10 ELEPHANT_ALPHA_TIMEOUT_SECONDS=180 ELEPHANT_ALPHA_CONTEXT_WINDOW=256000 # Autonomous Engine Settings ELEPHANT_ALPHA_LEARNING_RATE=0.1 ELEPHANT_ALPHA_PERFORMANCE_TRACKING=true ELEPHANT_ALPHA_AUTO_ESCALATION_ENABLED=true # Integration Settings ELEPHANT_ALPHA_HERMES_URL= ELEPHANT_ALPHA_HERMES_MODEL=hermes3:latest ELEPHANT_ALPHA_NEMOTRON_NIM_ENDPOINT=https://integrate.api.nvidia.com/v1 ELEPHANT_ALPHA_URL=https://integrate.api.nvidia.com/v1/chat/completions ELEPHANT_ALPHA_OPENCLAW_GEMINI_ENDPOINT=https://generativelanguage.googleapis.com/v1beta # ── Google Gemini API(僅備援 / 鎖定場景)──────────────────────────────────── # Gemini 只能作為 Ollama 失敗備援或 ADR-028 鎖定場景,不可設為通用預設 provider # 取得方式:https://aistudio.google.com/app/apikey # 注意:Gemini 2.0 Flash 將於 2026-06-01 關閉,後續需遷移至 2.5 Flash GEMINI_API_KEY= GEMINI_MODEL=gemini-1.5-flash OPENCLAW_MODEL=gemini-2.5-flash-preview-05-20 # ── Anthropic Claude API(Phase 7 Frontier 升級)─────────────────────────── # 用途:Code Review 的 Ollama-first 主路徑失敗後,可選擇 Claude Opus 4.7 作雲端備援 # 取得方式:https://console.anthropic.com/settings/keys # feature flag CODE_REVIEW_USE_CLAUDE 預設 false;即使設 true 也必須先跑 Ollama 三主機 # 啟用備援步驟:(1) 設 ANTHROPIC_API_KEY (2) CODE_REVIEW_USE_CLAUDE=true ANTHROPIC_API_KEY= CODE_REVIEW_USE_CLAUDE=false CLAUDE_MODEL=claude-opus-4-7 CLAUDE_TIMEOUT=120 # Debug and Monitoring ELEPHANT_ALPHA_DEBUG_MODE=false ELEPHANT_ALPHA_METRICS_ENABLED=true ELEPHANT_ALPHA_AUDIT_LOGGING=true # ── System Maintenance API ────────────────────────────────────────────────── # X-Internal-Key 標頭認證金鑰(必填) # 用於 /api/system/cleanup/* 和 /api/system/health 等維護路由。 # 建議使用 openssl rand -hex 32 生成。 INTERNAL_API_KEY=your-secret-internal-key-here # ────────────────────────────────────────────────────────────────────────── # 初始管理員 / Bot API / SSH Jump(Phase 1-3 後新增的必需變數) # ────────────────────────────────────────────────────────────────────────── # [必填於首次部署] 初始管理員密碼(services/user_service.py create_initial_admin 用) INITIAL_ADMIN_PASSWORD=your_initial_admin_password_here # [選填] Bot API 端點認證 Token(routes/bot_api_routes.py) # 不設則所有 /bot/api/* 端點拒絕請求 BOT_API_TOKEN=your_bot_api_token_here # [必填] Post-deploy AI code review pipeline 自動修復主開關 # ADR-020 規定預設 true(任何 finding 一律自動觸發 AiderHeal,安全網=Git+CI/CD 回滾) # 僅在需要短期關閉自動修復鏈時設為 false CODE_REVIEW_OLLAMA_MODEL=qwen2.5-coder:7b CODE_REVIEW_OLLAMA_TIMEOUT=45 CODE_REVIEW_OLLAMA_SECONDARY_MODEL=gemma3:4b CODE_REVIEW_OLLAMA_SECONDARY_TIMEOUT=25 CODE_REVIEW_OLLAMA_FALLBACK_MODEL=hermes3:latest CODE_REVIEW_OLLAMA_FALLBACK_TIMEOUT=20 CODE_REVIEW_OLLAMA_NUM_PREDICT=384 CODE_REVIEW_OLLAMA_KEEP_ALIVE=24h CODE_REVIEW_HERMES_TIMEOUT=35 CODE_REVIEW_HERMES_PRIMARY_MODEL=qwen2.5-coder:7b CODE_REVIEW_HERMES_PRIMARY_TIMEOUT=35 CODE_REVIEW_HERMES_SECONDARY_MODEL=gemma3:4b CODE_REVIEW_HERMES_SECONDARY_TIMEOUT=25 CODE_REVIEW_HERMES_FALLBACK_MODEL=hermes3:latest CODE_REVIEW_HERMES_FALLBACK_TIMEOUT=20 CODE_REVIEW_HERMES_NUM_PREDICT=384 CODE_REVIEW_HERMES_MAX_FILES=2 CODE_REVIEW_HERMES_MAX_CHARS=900 CODE_REVIEW_HERMES_LLM_SCAN_ENABLED=false CODE_REVIEW_AUTO_FIX_ENABLED=true # [選填] 僅本機開發可設 true;正式環境不得允許不安全 internal webhook MOMO_ALLOW_INSECURE_INTERNAL_WEBHOOK_FOR_DEV=false # ────────────────────────────────────────────────────────────────────────── # AIOps / Autonomous Code Repair(ADR-014) # ────────────────────────────────────────────────────────────────────────── # [選填] Aider 自動修復執行所在 SSH 主機(預設 110 Gateway) HEAL_SSH_HOST=192.168.0.110 HEAL_SSH_USER=wooo HEAL_SSH_PORT=22 # [選填] SSH private key 路徑;未設定則使用 services/aider_heal_executor.py 預設值 DEPLOY_SSH_KEY_PATH=/home/wooo/.ssh/id_ed25519 # [選填] 110 主機上的 repo 路徑 AIDER_REPO_PATH=/home/wooo/ewoooc # [選填] Aider 使用的模型與 Ollama API endpoint;留空時自動走 GCP-A → GCP-B → 111 AIDER_MODEL=ollama/qwen2.5-coder:7b OLLAMA_API_BASE= # [選填] 自動修復安全閥 AIDER_MAX_DIFF_LINES=50 AIDER_MAX_HOURLY_FIX=5 MOMO_BASE_URL=https://mo.wooo.work # ────────────────────────────────────────────────────────────────────────── # Elephant Alpha / AutoHeal SSH 控制 # ────────────────────────────────────────────────────────────────────────── # [選填] AutoHeal/Elephant Alpha SSH 跳板設定 ELEPHANT_ALPHA_JUMP_HOST=192.168.0.110 ELEPHANT_ALPHA_JUMP_USER=wooo ELEPHANT_ALPHA_SSH_KEY_PATH=config/autoheal_id_ed25519 ELEPHANT_ALPHA_SSH_PORT=22 ELEPHANT_ALPHA_SSH_CONNECT_TIMEOUT=10 ELEPHANT_ALPHA_SSH_COMMAND_TIMEOUT=60 ELEPHANT_ALPHA_ALLOWED_SSH_HOSTS=192.168.0.188 # [選填] 自愈節流與狀態快取 ELEPHANT_ALPHA_CACHE_DB=:memory: ELEPHANT_ALPHA_ESCALATION_COOLDOWN_MIN=30 ELEPHANT_TIMEOUT=120 # ────────────────────────────────────────────────────────────────────────── # NVIDIA NIM / OpenClaw / Internal Webhook # ────────────────────────────────────────────────────────────────────────── # [選填] NemoTron / NIM / OpenClaw 相關服務共用 NVIDIA_API_KEY=your_nvidia_api_key_here INTERNAL_WEBHOOK_TOKEN=your_internal_webhook_token_here # [選填] EventRouter 失敗佇列與重播策略 MOMO_EVENT_ROUTER_QUEUE=/app/data/event_router_failed_deliveries.jsonl MOMO_EVENT_ROUTER_DEFAULT_DEDUP_SEC=0 MOMO_EVENT_ROUTER_REPLAY_ON_SUCCESS=true MOMO_EVENT_ROUTER_REPLAY_LIMIT=3 # [選填] AI 自動化 Smoke 歷史保存 MOMO_AI_AUTOMATION_SMOKE_HISTORY=/app/data/ai_automation_smoke_history.jsonl MOMO_AI_AUTOMATION_SMOKE_HISTORY_LIMIT=200 # [選填] OpenClaw Telegram bot OPENCLAW_BOT_TOKEN=your_openclaw_bot_token_here TELEGRAM_BOT_USERNAME=@OpenClawAwoooI_Bot OPENCLAW_BOT_USERNAME=@OpenClawAwoooI_Bot OPENCLAW_GROUP_ID=-1003940688311 OPENCLAW_ALLOWED_USERS= OPENCLAW_ADMIN_USER_IDS= # [預設 1] 舊行為:空白名單仍允許私訊;正式環境建議設 0 並填 OPENCLAW_ALLOWED_USERS OPENCLAW_ALLOW_PRIVATE_WITHOUT_WHITELIST=1 # [預設 24] PPT 報表快取保留時間(小時) OPENCLAW_PPT_CACHE_TTL_HOURS=24 # [預設 OFF] ADR-019 agent dispatch;啟用後只讓白名單 cmd 轉 NL agent 處理 OPENCLAW_AGENT_DISPATCH=0 OPENCLAW_AGENT_DISPATCH_CMDS=sales,top,vendor # [選填] AI provider 選擇與外部資料源;Gemini 不可設為預設,只能當 Ollama 備援 AI_PROVIDER=ollama YOUTUBE_API_KEY= GEMINI_TIMEOUT=60 # [預設 OFF] AI runtime feature flags;未完成部署驗收前不要在正式環境打開 AI_CALL_LOGGING_ENABLED=true MODEL_ROUTER_ENABLED=false COST_THROTTLE_ENABLED=false COST_THROTTLE_PROJECT_RATIO=1.10 COST_UNTHROTTLE_PROJECT_RATIO=0.95 RAG_ENABLED=false RAG_DEFAULT_THRESHOLD=0.85 RAG_DEFAULT_TOP_K=5 RAG_EMBED_MODEL=bge-m3:latest RAG_EMBED_DIM=1024 RAG_EMBED_NORMALIZE=true PPT_VISION_ENABLED=true PPT_VISION_MODEL=minicpm-v:latest PPT_VISION_TIMEOUT=120 PPT_VISION_MAX_SLIDES=1 PPT_AUTO_GENERATION_ENABLED=true PPT_AUTO_REPORT_TYPES=all PPT_AUTO_DEFAULT_CATEGORY=美妝保養 DEEPSEEK_DIRECT_ENABLED=false DEEPSEEK_API_KEY= DEEPSEEK_BASE_URL=https://api.deepseek.com/v1 DEEPSEEK_MODEL=deepseek-chat DEEPSEEK_TIMEOUT=60 OPENCLAW_DAILY_HERMES_TEMPLATE=true OPENCLAW_OLLAMA_MODEL=qwen2.5-coder:7b PROMOTION_PENDING_BATCH_SIZE=50 AWAITING_REVIEW_PUSH_BATCH=5 TELEGRAM_ADMIN_CHAT_ID= # ────────────────────────────────────────────────────────────────────────── # Ollama / MCP / 密碼政策 # ────────────────────────────────────────────────────────────────────────── OLLAMA_HOST= OLLAMA_HOST_PRIMARY=http://34.143.170.20:11434 OLLAMA_HOST_SECONDARY=http://34.21.145.224:11434 OLLAMA_HOST_FALLBACK=http://192.168.0.111:11434 OLLAMA_MODEL=gemma3:4b OLLAMA_TIMEOUT=120 OLLAMA_COPY_TIMEOUT=180 OLLAMA_EMBED_TIMEOUT=45 # [預設 true] OpenClaw Q&A 先走 Ollama,品質不足或失敗時才 fallback Gemini/NIM # 主機不提供單 caller override;一律走 OLLAMA_HOST_PRIMARY → OLLAMA_HOST_SECONDARY → OLLAMA_HOST_FALLBACK OPENCLAW_QA_OLLAMA_FIRST=true OPENCLAW_QA_OLLAMA_MODEL=qwen3:14b OPENCLAW_QA_OLLAMA_TIMEOUT=60 OPENCLAW_IMAGE_VISION_MODEL=minicpm-v:latest OPENCLAW_IMAGE_OLLAMA_TIMEOUT=45 OPENCLAW_IMAGE_GEMINI_MODEL=gemini-1.5-flash NEMOTRON_OLLAMA_FIRST=true NEMOTRON_OLLAMA_MODEL=qwen3:14b NEMOTRON_OLLAMA_TIMEOUT=180 # [預設 OFF] MCP Router;需先部署 docker-compose.mcp.yml 並完成健康檢查再開 MCP_ROUTER_ENABLED=false MCP_POSTGRES_URL=http://127.0.0.1:3001 MCP_FIRECRAWL_URL=http://127.0.0.1:3002 MCP_OMNISEARCH_URL=http://127.0.0.1:3003 MCP_FILESYSTEM_URL=http://127.0.0.1:3004 MCP_POSTGRES_PASSWORD=your_mcp_readonly_password_here TAVILY_API_KEY= EXA_API_KEY= FIRECRAWL_AUTH_KEY=momo-internal-only MCP_TIMEOUT_SEC=30 MCP_CACHE_TTL_SEC=3600 MCP_MAX_RESULT_BYTES=65536 MCP_CACHE_TTL_HOURS=24 MCP_GEMINI_MODEL=gemini-2.0-flash PASSWORD_MIN_LENGTH=8 PASSWORD_REQUIRE_UPPERCASE=true PASSWORD_REQUIRE_LOWERCASE=true PASSWORD_REQUIRE_DIGIT=true PASSWORD_REQUIRE_SPECIAL=false PASSWORD_SPECIAL_CHARS='!@#$%^&*()_+-=[]{}|;:,.<>?' PASSWORD_EXPIRY_DAYS=90 # ────────────────────────────────────────────────────────────────────────── # 備份 / 報表 / 同步 # ────────────────────────────────────────────────────────────────────────── BACKUP_DIR=/app/data/db_backups BACKUP_RETENTION_DAYS=7 DB_CONTAINER=momo-db REPORTS_DIR=/app/data/reports DATABASE_PATH=data/momo_database.db PG_SYNC_ENABLED=false PG_SYNC_INTERVAL=300 # [選填] 外部 BI 連結(模板全域變數) METABASE_URL=https://mo.wooo.work/metabase GRIST_URL=https://grist.wooo.work MB_SITE_URL=https://mo.wooo.work/metabase GRIST_ADMIN_EMAIL=admin@wooo.work GRAFANA_PASSWORD=change-me PGADMIN_EMAIL=admin@wooo.work PGADMIN_PASSWORD=change-me # ────────────────────────────────────────────────────────────────────────── # n8n Workflow Automation(monitoring profile) # ────────────────────────────────────────────────────────────────────────── N8N_HOST=192.168.0.110 N8N_PROTOCOL=http N8N_WEBHOOK_BASE_URL=http://192.168.0.110:5678/ N8N_USER=admin N8N_PASSWORD=change-me