eigent/server/.env.example
Tong Chen 23843311ef
feat(remote-control): add space-scoped remote control and web UI (#1663)
Co-authored-by: Douglas <douglas.ym.lai@gmail.com>
2026-06-05 18:32:18 +08:00

67 lines
3.5 KiB
Text

debug=false
url_prefix=/api
secret_key=postgres
# Chat Share Secret Key
CHAT_SHARE_SECRET_KEY=put-your-secret-key-here
CHAT_SHARE_SALT=put-your-encode-salt-here
# Remote control public web origin. Set this to the HTTPS site users open
# from a phone or another computer, not the local desktop server.
# REMOTE_CONTROL_WEB_ORIGIN=https://www.eigent.ai
# If REMOTE_CONTROL_WEB_ORIGIN and SERVER_URL are different origins, list the
# web origins explicitly for browser API/WebSocket access.
# CORS_ALLOW_ORIGINS=https://www.eigent.ai
# Optional stricter per-WebSocket allowlists. If omitted, remote control derives
# from REMOTE_CONTROL_WEB_ORIGIN / CORS_ALLOW_ORIGINS and local dev origins.
# REMOTE_CONTROL_EVENTS_ALLOWED_ORIGINS=https://www.eigent.ai
# REMOTE_CONTROL_BRIDGE_ALLOWED_ORIGINS=https://www.eigent.ai
# Local dev browser origins accepted by remote-control WebSockets when explicit
# allowlists are not set. Comma-separated ports.
REMOTE_CONTROL_LOCAL_DEV_PORTS=3001,5173,5174
# How often a bridge WebSocket re-checks token blacklist state during pings.
REMOTE_CONTROL_BRIDGE_BLACKLIST_CHECK_INTERVAL_SECONDS=60
# Remote-control rate limits. These are per user/session/key limits, not global
# concurrency limits. Raise these for trusted beta traffic; use Traefik/WAF/CDN
# for global per-IP protection when exposing cloud relay publicly.
REMOTE_CONTROL_SESSION_CREATE_LIMIT=120
REMOTE_CONTROL_SESSION_CREATE_WINDOW_SECONDS=3600
REMOTE_CONTROL_COMMAND_BURST_LIMIT=10
REMOTE_CONTROL_COMMAND_BURST_WINDOW_SECONDS=1
REMOTE_CONTROL_COMMAND_MINUTE_LIMIT=120
REMOTE_CONTROL_COMMAND_MINUTE_WINDOW_SECONDS=60
REMOTE_CONTROL_STEPS_LIMIT=120
REMOTE_CONTROL_STEPS_WINDOW_SECONDS=60
REMOTE_CONTROL_WS_RECONNECT_LIMIT=30
REMOTE_CONTROL_WS_RECONNECT_WINDOW_SECONDS=60
# Comma-separated reverse proxy hosts/CIDRs whose X-Forwarded-For / X-Real-IP
# headers may be trusted for remote-control WS rate limits and audit logs.
# Set this to your Traefik / load balancer private IP or CIDR in production.
# Dokploy example: REMOTE_CONTROL_TRUSTED_PROXY_HOSTS=172.16.0.0/12
REMOTE_CONTROL_TRUSTED_PROXY_HOSTS=127.0.0.1,::1
# Only set true for local/dev diagnostics; it intentionally allows wildcard CORS/WS origins.
REMOTE_CONTROL_ALLOW_UNSAFE_ORIGINS=false
# Configuration if not running in docker
# database_url=postgresql://postgres:123456@localhost:5432/eigent
# redis_url=redis://localhost:6379/0
# celery_broker_url=redis://localhost:6379/0
# celery_result_url=redis://localhost:6379/0
# SESSION_REDIS_URL=redis://localhost:6379/1
# Trigger Schedule Poller Configuration
# ENABLE_TRIGGER_SCHEDULE_POLLER_TASK: Enable/disable scheduled trigger polling
ENABLE_TRIGGER_SCHEDULE_POLLER_TASK=true
# TRIGGER_SCHEDULE_POLLER_INTERVAL: Polling interval in minutes
TRIGGER_SCHEDULE_POLLER_INTERVAL=1
# TRIGGER_SCHEDULE_POLLER_BATCH_SIZE: Number of triggers to fetch per poll
TRIGGER_SCHEDULE_POLLER_BATCH_SIZE=100
# TRIGGER_SCHEDULE_MAX_DISPATCH_PER_TICK: Max triggers to dispatch per tick (0 = unlimited)
TRIGGER_SCHEDULE_MAX_DISPATCH_PER_TICK=0
# ENABLE_EXECUTION_TIMEOUT_CHECKER: Enable/disable execution timeout checking
ENABLE_EXECUTION_TIMEOUT_CHECKER=true
# EXECUTION_TIMEOUT_CHECKER_INTERVAL: check_execution_timeouts interval in minutes
EXECUTION_TIMEOUT_CHECKER_INTERVAL=1
# EXECUTION_PENDING_TIMEOUT_SECONDS: Timeout for pending executions (default 60 seconds)
EXECUTION_PENDING_TIMEOUT_SECONDS=60
# EXECUTION_RUNNING_TIMEOUT_SECONDS: Timeout for running executions (default 600 seconds / 10 minutes)
EXECUTION_RUNNING_TIMEOUT_SECONDS=600