1a1bc97bfc
- deploy.sh: wait for postgres healthcheck before app healthcheck - deploy.sh: add one-time JSON→PostgreSQL migration prompt (step 13) with migration marker file to avoid re-prompting on future deploys - deploy.sh: update summary to show both app and DB container names - deploy.sh: check POSTGRES_PASSWORD in required keys - .env.example: add POSTGRES_PASSWORD, ADMIN_EMAILS, emergency access vars Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
81 lines
4.6 KiB
Text
81 lines
4.6 KiB
Text
# AC Tool — production environment configuration
|
|
# Copy to .env and fill in the required values:
|
|
# cp .env.example .env && nano .env
|
|
|
|
# ── Application ───────────────────────────────────────────────────────────────
|
|
# Host port Docker will bind to (container always listens on 8000 internally)
|
|
APP_PORT=8100
|
|
|
|
# ── Azure AD / MSAL (SPA PKCE — no client secret required) ───────────────────
|
|
AZURE_TENANT_ID=e519c2e6-bc6d-4fdf-8d9c-923c2f002385
|
|
AZURE_CLIENT_ID=9079054c-9620-4757-a256-23413042f1ef
|
|
AZURE_REDIRECT_URI=https://ai-sandbox.oliver.solutions/ac-helper/
|
|
|
|
# ── Admin bootstrap ───────────────────────────────────────────────────────────
|
|
# First login with these emails automatically receives the admin role (comma-separated)
|
|
ADMIN_EMAIL=
|
|
ADMIN_EMAILS=
|
|
|
|
# ── Emergency access (bypass SSO) ────────────────────────────────────────────
|
|
# Set EMERGENCY_TOKEN to a long random string to allow token-based login when
|
|
# Azure AD / 2FA is unavailable. Leave blank to disable entirely.
|
|
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
|
|
EMERGENCY_TOKEN=
|
|
EMERGENCY_USER_EMAIL=
|
|
EMERGENCY_USER_NAME=Emergency Access
|
|
|
|
# ── OpenAI ────────────────────────────────────────────────────────────────────
|
|
OPENAI_API_KEY=
|
|
OPENAI_MODEL=gpt-4.1
|
|
OPENAI_REASONING_EFFORT=medium
|
|
OPENAI_TIMEOUT=3600
|
|
OPENAI_MAX_RETRIES=2
|
|
|
|
# ── Google Gemini ─────────────────────────────────────────────────────────────
|
|
# Required: used for AI spreadsheet commands
|
|
GEMINI_API_KEY=
|
|
GOOGLE_MODEL=gemini-2.0-flash-exp
|
|
GOOGLE_TEMPERATURE=0.7
|
|
GOOGLE_MAX_OUTPUT_TOKENS=100000
|
|
GOOGLE_THINKING_BUDGET=12000
|
|
GOOGLE_TIMEOUT=3600
|
|
|
|
# ── Anthropic Claude ──────────────────────────────────────────────────────────
|
|
ANTHROPIC_API_KEY=
|
|
ANTHROPIC_MODEL_OPUS=claude-opus-4-5-20251101
|
|
ANTHROPIC_MODEL_SONNET=claude-sonnet-4-5-20250929
|
|
ANTHROPIC_TEMPERATURE=1
|
|
ANTHROPIC_MAX_TOKENS=32000
|
|
ANTHROPIC_THINKING_BUDGET=12000
|
|
ANTHROPIC_TIMEOUT=300
|
|
|
|
# ── LlamaCloud (PDF parsing) ──────────────────────────────────────────────────
|
|
LLAMA_CLOUD_API_KEY=
|
|
|
|
# ── Brief extraction processing ───────────────────────────────────────────────
|
|
DEFAULT_PRIMARY_MODELS=anthropic-sonnet45,google-gemini20
|
|
DEFAULT_CONSOLIDATION_MODEL=anthropic-sonnet45
|
|
MINIMUM_SUCCESS_THRESHOLD=1
|
|
ENABLE_COST_ESTIMATION=true
|
|
MAX_PROCESSING_COST_USD=10.00
|
|
MAX_CONCURRENT_JOBS=5
|
|
|
|
# ── PostgreSQL ────────────────────────────────────────────────────────────────
|
|
# Password for the ac-tool DB user. Change before deploying.
|
|
# Generate with: python3 -c "import secrets; print(secrets.token_hex(24))"
|
|
POSTGRES_PASSWORD=
|
|
|
|
# ── Security ──────────────────────────────────────────────────────────────────
|
|
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
|
|
SESSION_SECRET=
|
|
|
|
# ── CORS ──────────────────────────────────────────────────────────────────────
|
|
ALLOWED_ORIGINS=https://ai-sandbox.oliver.solutions
|
|
|
|
# ── File upload ───────────────────────────────────────────────────────────────
|
|
MAX_UPLOAD_SIZE_MB=200
|
|
FILE_RETENTION_HOURS=24
|
|
WS_PING_INTERVAL_SECONDS=30
|
|
|
|
# ── Dev mode (must be false in production) ────────────────────────────────────
|
|
DEV_MODE=false
|