diff --git a/.env.bare-metal.example b/.env.bare-metal.example new file mode 100644 index 0000000..112b42f --- /dev/null +++ b/.env.bare-metal.example @@ -0,0 +1,434 @@ +# ============================================================================== +# Heretek OpenClaw - Bare Metal Environment Configuration v2.0 +# ============================================================================== +# Copy this file to /etc/openclaw/.env and update with your values +# Usage: cp .env.bare-metal.example /etc/openclaw/.env +# +# Configuration: Bare Metal Deployment (Non-Docker) +# All services run on localhost with direct system access +# +# Generated: 2026-03-31 +# ============================================================================== + +# ============================================================================== +# LITEELM GATEWAY CONFIGURATION +# ============================================================================== + +# LiteLLM Master Key (REQUIRED - change in production!) +# Generate with: openssl rand -hex 32 +LITELLM_MASTER_KEY=heretek-master-key-change-me + +# LiteLLM Salt Key (used for encryption) +# Generate with: openssl rand -hex 32 +LITELLM_SALT_KEY=heretek-salt-change-me + +# LiteLLM Port +LITELLM_PORT=4000 + +# LiteLLM UI Credentials +LITELLM_UI_USERNAME=admin +LITELLM_UI_PASSWORD=heretek-admin-change-me + +# LiteLLM Host (for external access) +LITELLM_HOST=http://localhost:4000 + +# ============================================================================== +# PROVIDER API KEYS +# ============================================================================== +# See docs/configuration/PROVIDER_SETUP.md for detailed setup instructions +# See config/providers/ for pre-configured provider templates +# ============================================================================== + +# ------------------------------------------------------------------------------ +# MiniMax API (PRIMARY - All Agents Default) +# ------------------------------------------------------------------------------ +# Get your key from: https://platform.minimaxi.ai +MINIMAX_API_KEY=your-minimax-key-here +MINIMAX_API_BASE=https://api.minimaxi.chat/v1 + +# ------------------------------------------------------------------------------ +# z.ai Coding API (FAILOVER - GLM-5) +# ------------------------------------------------------------------------------ +# Endpoint: https://api.z.ai/api/coding/paas/v4 +ZAI_API_KEY=your-zai-key-here +ZAI_API_BASE=https://api.z.ai/api/coding/paas/v4 + +# ------------------------------------------------------------------------------ +# OpenAI API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://platform.openai.com/api-keys +# Models: GPT-4, GPT-4-Turbo, GPT-3.5-Turbo, o1 +OPENAI_API_KEY=sk-your-openai-key-here +OPENAI_API_BASE=https://api.openai.com/v1 +OPENAI_ORGANIZATION= + +# ------------------------------------------------------------------------------ +# Anthropic API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://console.anthropic.com/ +# Models: Claude-3-Opus, Claude-3-Sonnet, Claude-3-Haiku, Claude-3.5-Sonnet +ANTHROPIC_API_KEY=sk-ant-your-anthropic-key-here +ANTHROPIC_API_BASE=https://api.anthropic.com + +# ------------------------------------------------------------------------------ +# Google API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://makersuite.google.com/app/apikey +# Models: Gemini-Pro, Gemini-Ultra, Gemini-Flash +GOOGLE_API_KEY=your-google-api-key-here +GOOGLE_VERTEX_PROJECT_ID=your-gcp-project-id +GOOGLE_VERTEX_LOCATION=us-central1 + +# ------------------------------------------------------------------------------ +# Azure OpenAI API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Create resource at: https://portal.azure.com +# Models: Azure-hosted GPT-4, GPT-35-Turbo +AZURE_API_KEY=your-azure-openai-key-here +AZURE_API_BASE=https://your-resource.openai.azure.com/ +AZURE_API_VERSION=2024-02-15-preview + +# ------------------------------------------------------------------------------ +# xAI API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://console.x.ai/ +# Models: Grok-Beta, Grok-Vision, Grok-2 +XAI_API_KEY=your-xai-key-here +XAI_API_BASE=https://api.x.ai + +# ------------------------------------------------------------------------------ +# Ollama (Local Models - No API key required) +# ------------------------------------------------------------------------------ +OLLAMA_API_KEY=not-required +OLLAMA_HOST=http://localhost:11434 + +# ============================================================================== +# DATABASE CONFIGURATION (PostgreSQL) +# ============================================================================== +# PostgreSQL runs on localhost for bare metal deployment +# pgvector extension required for vector embeddings +# ============================================================================== + +POSTGRES_USER=openclaw +POSTGRES_PASSWORD=heretek-secure-password-change-me +POSTGRES_DB=openclaw +POSTGRES_HOST=localhost +POSTGRES_PORT=5432 +DATABASE_URL=postgresql://openclaw:heretek-secure-password-change-me@localhost:5432/openclaw + +# PostgreSQL connection pool settings +DATABASE_POOL_SIZE=10 +DATABASE_MAX_OVERFLOW=20 +DATABASE_POOL_TIMEOUT=30 + +# ============================================================================== +# REDIS CONFIGURATION +# ============================================================================== +# Redis runs on localhost for bare metal deployment +# Used for caching, rate limiting, and session storage +# ============================================================================== + +REDIS_HOST=localhost +REDIS_PORT=6379 +REDIS_URL=redis://localhost:6379/0 +# If password is enabled: +# REDIS_URL=redis://:your-redis-password@localhost:6379/0 + +# Redis connection settings +REDIS_DB=0 +REDIS_PASSWORD= +REDIS_SSL=false + +# ============================================================================== +# OLLAMA CONFIGURATION (Local LLM Runtime) +# ============================================================================== +# Ollama runs on localhost for bare metal deployment +# Supports AMD ROCm and NVIDIA CUDA GPUs +# ============================================================================== + +# GPU Mode: cpu, amd, nvidia +OLLAMA_GPU_MODE=cpu + +# Ollama host binding +OLLAMA_HOST_BINDING=127.0.0.1 +OLLAMA_PORT=11434 + +# Embedding model (nomic-embed-text-v2-moe recommended for 768 dimensions) +OLLAMA_EMBEDDING_MODEL=nomic-embed-text-v2-moe + +# Pre-pull models on startup (comma-separated) +# These models will be pulled when Ollama starts +OLLAMA_MODELS=nomic-embed-text-v2-moe,qwen3-embedding:8b + +# AMD ROCm Settings (if using AMD GPU) +# HSA_OVERRIDE_GFX_VERSION=10.3.0 + +# NVIDIA CUDA Settings (if using NVIDIA GPU) +# CUDA_VISIBLE_DEVICES=0 + +# ============================================================================== +# AGENT MODEL ASSIGNMENTS +# ============================================================================== +# These are virtual model names in LiteLLM. Each agent uses its passthrough +# endpoint (agent/steward, agent/alpha, etc.) which defaults to minimax/M2.7 +# Users can reassign models via LiteLLM WebUI without changing this file. +# ============================================================================== + +# Default model for all agent passthrough endpoints +DEFAULT_AGENT_MODEL=minimax/MiniMax-M2.7 + +# Failover model when primary is unavailable +FAILOVER_AGENT_MODEL=zai/glm-5-1 + +# Individual agent model overrides (optional - leave empty to use default) +# Uncomment and set to override the default model for specific agents +# AGENT_STEWARD_MODEL=minimax/MiniMax-M2.7 +# AGENT_ALPHA_MODEL=minimax/MiniMax-M2.7 +# AGENT_BETA_MODEL=minimax/MiniMax-M2.7 +# AGENT_CHARLIE_MODEL=minimax/MiniMax-M2.7 +# AGENT_EXAMINER_MODEL=minimax/MiniMax-M2.7 +# AGENT_EXPLORER_MODEL=minimax/MiniMax-M2.7 +# AGENT_SENTINEL_MODEL=minimax/MiniMax-M2.7 +# AGENT_CODER_MODEL=zai/glm-5-1 +# AGENT_DREAMER_MODEL=minimax/MiniMax-M2.7 +# AGENT_EMPATH_MODEL=minimax/MiniMax-M2.7 +# AGENT_HISTORIAN_MODEL=minimax/MiniMax-M2.7 + +# ============================================================================== +# LITEELM A2A AGENT CONFIGURATION +# ============================================================================== + +# Current agent name (steward, alpha, beta, charlie, examiner, explorer, sentinel, coder, dreamer, empath, historian) +AGENT_NAME=steward + +# Agent configuration JSON +# Each agent has: role, session (unique workspace identifier), port +AGENTS='{ + "steward": { + "role": "orchestrator", + "session": "agent:heretek:steward", + "port": 8001 + }, + "alpha": { + "role": "triad", + "session": "agent:heretek:alpha", + "port": 8002 + }, + "beta": { + "role": "triad", + "session": "agent:heretek:beta", + "port": 8003 + }, + "charlie": { + "role": "triad", + "session": "agent:heretek:charlie", + "port": 8004 + }, + "examiner": { + "role": "interrogator", + "session": "agent:heretek:examiner", + "port": 8005 + }, + "explorer": { + "role": "scout", + "session": "agent:heretek:explorer", + "port": 8006 + }, + "sentinel": { + "role": "guardian", + "session": "agent:heretek:sentinel", + "port": 8007 + }, + "coder": { + "role": "artisan", + "session": "agent:heretek:coder", + "port": 8008 + }, + "dreamer": { + "role": "visionary", + "session": "agent:heretek:dreamer", + "port": 8009 + }, + "empath": { + "role": "diplomat", + "session": "agent:heretek:empath", + "port": 8010 + }, + "historian": { + "role": "archivist", + "session": "agent:heretek:historian", + "port": 8011 + } +}' + +# ============================================================================== +# OPENCLAW SPECIFIC SETTINGS +# ============================================================================== + +# OpenClaw data directory +OPENCLAW_DATA_DIR=/root/.openclaw/data + +# OpenClaw workspace directory (agent workspaces) +OPENCLAW_WORKSPACE=/root/.openclaw/agents + +# OpenClaw logs directory +OPENCLAW_LOG_DIR=/var/log/openclaw + +# Collective memory directory +COLLECTIVE_MEMORY_DIR=/root/.openclaw/memory + +# Skills directory +SKILLS_DIR=/root/heretek/heretek-openclaw/skills + +# Plugins directory +PLUGINS_DIR=/root/heretek/heretek-openclaw/plugins + +# ============================================================================== +# RATE LIMITING & CACHING +# ============================================================================== + +# Rate limit settings (requests per minute) +RATE_LIMIT_ENABLED=true +RATE_LIMIT_REQUESTS_PER_MINUTE=60 + +# Cache settings +CACHE_ENABLED=true +CACHE_TTL_SECONDS=3600 + +# ============================================================================== +# LOGGING & MONITORING +# ============================================================================== + +# Log level: DEBUG, INFO, WARNING, ERROR +LOG_LEVEL=INFO + +# Enable detailed request logging +LITELLM_REQUEST_LOGGING=true + +# Cost tracking +LITELLM_COST_TRACKING_ENABLED=true + +# Performance metrics +LITELLM_METRICS_ENABLED=true + +# ============================================================================== +# A2A PROTOCOL SETTINGS +# ============================================================================== + +# A2A streaming support +LITELLM_STREAMING_ENABLED=true + +# Agent discovery +LITELLM_AGENT_DISCOVERY_ENABLED=true + +# Task handoff timeout (seconds) +A2A_TASK_HANDOFF_TIMEOUT=60 + +# Agent heartbeat interval (seconds) +A2A_HEARTBEAT_INTERVAL=30 + +# ============================================================================== +# WEBSOCKET CONFIGURATION +# ============================================================================== + +# WebSocket URL for real-time A2A message streaming +VITE_WS_URL=ws://localhost:18789 +WS_PORT=18789 + +# ============================================================================== +# FAILOVER CONFIGURATION +# ============================================================================== + +# Priority-based fallback enabled +LITELLM_PRIORITY_FALLBACK_ENABLED=true + +# Health check enabled +LITELLM_HEALTH_CHECK_ENABLED=true + +# Health check interval (seconds) +LITELLM_HEALTH_CHECK_INTERVAL=30 + +# Unhealthy threshold before fallback +LITELLM_UNHEALTHY_THRESHOLD=2 + +# ============================================================================== +# OBSERVABILITY - LANGFUSE & OPENTELEMETRY +# ============================================================================== + +# LangFuse Configuration +# Get your keys from: https://cloud.langfuse.com +LANGFUSE_ENABLED=false +LANGFUSE_PUBLIC_KEY=pk-lf-your-public-key-here +LANGFUSE_SECRET_KEY=sk-lf-your-secret-key-here +LANGFUSE_HOST=https://cloud.langfuse.com + +# OpenTelemetry Configuration +OTEL_ENABLED=false +OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4318/v1/traces +OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf +OTEL_EXPORTER_TYPE=console +OTEL_SERVICE_NAME=heretek-openclaw + +# ============================================================================== +# SECURITY +# ============================================================================== + +# CORS allowed origins (comma-separated) +CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:5173 + +# Admin emails for alerts +# ADMIN_EMAILS=admin@heretek.local + +# API rate limiting +API_RATE_LIMIT_ENABLED=true +API_RATE_LIMIT_REQUESTS_PER_MINUTE=100 + +# ============================================================================== +# BACKUP & RECOVERY +# ============================================================================== + +# Enable automatic backup +AUTO_BACKUP_ENABLED=true + +# Backup interval (hours) +BACKUP_INTERVAL_HOURS=24 + +# Backup retention (days) +BACKUP_RETENTION_DAYS=7 + +# Backup directory +BACKUP_DIR=/var/backups/openclaw + +# ============================================================================== +# SYSTEM PATHS (Bare Metal Specific) +# ============================================================================== + +# PostgreSQL data directory +POSTGRES_DATA_DIR=/var/lib/postgresql/15/main + +# Redis data directory +REDIS_DATA_DIR=/var/lib/redis + +# Ollama models directory +OLLAMA_DATA_DIR=/var/lib/ollama + +# LiteLLM config directory +LITELLM_CONFIG_DIR=/etc/litellm + +# OpenClaw config directory +OPENCLAW_CONFIG_DIR=/etc/openclaw + +# ============================================================================== +# SERVICE MANAGEMENT +# ============================================================================== + +# Systemd service names (for monitoring and restart scripts) +POSTGRES_SERVICE_NAME=postgresql +REDIS_SERVICE_NAME=redis +OLLAMA_SERVICE_NAME=ollama +LITELLM_SERVICE_NAME=litellm +OPENCLAW_SERVICE_NAME=openclaw-gateway + +# ============================================================================== +# END OF ENVIRONMENT CONFIGURATION +# ============================================================================== diff --git a/.env.vm.example b/.env.vm.example new file mode 100644 index 0000000..fc491d9 --- /dev/null +++ b/.env.vm.example @@ -0,0 +1,379 @@ +# ============================================================================== +# Heretek OpenClaw - VM Environment Configuration v2.0 +# ============================================================================== +# Copy this file to /etc/openclaw/.env and update with your values +# Usage: cp .env.vm.example /etc/openclaw/.env +# +# Configuration: VM Deployment (AWS EC2, GCP Compute, Azure VM, etc.) +# Optimized for cloud VM environments with security group considerations +# +# Generated: 2026-03-31 +# ============================================================================== + +# ============================================================================== +# LITEELM GATEWAY CONFIGURATION +# ============================================================================== + +# LiteLLM Master Key (REQUIRED - change in production!) +# Generate with: openssl rand -hex 32 +LITELLM_MASTER_KEY=heretek-master-key-change-me + +# LiteLLM Salt Key (used for encryption) +# Generate with: openssl rand -hex 32 +LITELLM_SALT_KEY=heretek-salt-change-me + +# LiteLLM Port (bind to 0.0.0.0 for external access) +LITELLM_PORT=4000 +LITELLM_HOST=0.0.0.0 + +# LiteLLM UI Credentials +LITELLM_UI_USERNAME=admin +LITELLM_UI_PASSWORD=heretek-admin-change-me + +# External URL for VM access (update with your VM's public IP or domain) +LITELLM_EXTERNAL_URL=http://YOUR_VM_IP:4000 + +# ============================================================================== +# PROVIDER API KEYS +# ============================================================================== +# See docs/configuration/PROVIDER_SETUP.md for detailed setup instructions +# See config/providers/ for pre-configured provider templates +# ============================================================================== + +# ------------------------------------------------------------------------------ +# MiniMax API (PRIMARY - All Agents Default) +# ------------------------------------------------------------------------------ +# Get your key from: https://platform.minimaxi.ai +MINIMAX_API_KEY=your-minimax-key-here +MINIMAX_API_BASE=https://api.minimaxi.chat/v1 + +# ------------------------------------------------------------------------------ +# z.ai Coding API (FAILOVER - GLM-5) +# ------------------------------------------------------------------------------ +# Endpoint: https://api.z.ai/api/coding/paas/v4 +ZAI_API_KEY=your-zai-key-here +ZAI_API_BASE=https://api.z.ai/api/coding/paas/v4 + +# ------------------------------------------------------------------------------ +# OpenAI API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://platform.openai.com/api-keys +OPENAI_API_KEY=sk-your-openai-key-here +OPENAI_API_BASE=https://api.openai.com/v1 +OPENAI_ORGANIZATION= + +# ------------------------------------------------------------------------------ +# Anthropic API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://console.anthropic.com/ +ANTHROPIC_API_KEY=sk-ant-your-anthropic-key-here +ANTHROPIC_API_BASE=https://api.anthropic.com + +# ------------------------------------------------------------------------------ +# Google API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://makersuite.google.com/app/apikey +GOOGLE_API_KEY=your-google-api-key-here +GOOGLE_VERTEX_PROJECT_ID=your-gcp-project-id +GOOGLE_VERTEX_LOCATION=us-central1 + +# ------------------------------------------------------------------------------ +# Azure OpenAI API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Create resource at: https://portal.azure.com +AZURE_API_KEY=your-azure-openai-key-here +AZURE_API_BASE=https://your-resource.openai.azure.com/ +AZURE_API_VERSION=2024-02-15-preview + +# ------------------------------------------------------------------------------ +# xAI API (OPTIONAL) +# ------------------------------------------------------------------------------ +# Get your key from: https://console.x.ai/ +XAI_API_KEY=your-xai-key-here +XAI_API_BASE=https://api.x.ai + +# ------------------------------------------------------------------------------ +# Ollama (Local Models - No API key required) +# ------------------------------------------------------------------------------ +OLLAMA_API_KEY=not-required +OLLAMA_HOST=http://localhost:11434 + +# ============================================================================== +# DATABASE CONFIGURATION (PostgreSQL) +# ============================================================================== +# PostgreSQL runs on localhost for VM deployment +# Bind to localhost only for security (use SSH tunnel for remote access) +# pgvector extension required for vector embeddings +# ============================================================================== + +POSTGRES_USER=openclaw +POSTGRES_PASSWORD=heretek-secure-password-change-me +POSTGRES_DB=openclaw +POSTGRES_HOST=localhost +POSTGRES_PORT=5432 +DATABASE_URL=postgresql://openclaw:heretek-secure-password-change-me@localhost:5432/openclaw + +# PostgreSQL connection pool settings (adjusted for VM resources) +DATABASE_POOL_SIZE=5 +DATABASE_MAX_OVERFLOW=10 +DATABASE_POOL_TIMEOUT=30 + +# ============================================================================== +# REDIS CONFIGURATION +# ============================================================================== +# Redis runs on localhost for VM deployment +# Bind to localhost only for security +# ============================================================================== + +REDIS_HOST=localhost +REDIS_PORT=6379 +REDIS_URL=redis://localhost:6379/0 +# If password is enabled (recommended for VM): +# REDIS_URL=redis://:your-redis-password@localhost:6379/0 + +# Redis connection settings +REDIS_DB=0 +REDIS_PASSWORD= +REDIS_SSL=false + +# ============================================================================== +# OLLAMA CONFIGURATION (Local LLM Runtime) +# ============================================================================== +# Ollama runs on localhost for VM deployment +# GPU support depends on VM instance type +# ============================================================================== + +# GPU Mode: cpu, amd, nvidia, auto +# For GPU-enabled VMs, set appropriately: +# - AWS g5 instances: nvidia +# - GCP g2 instances: nvidia +# - Azure NC series: nvidia +OLLAMA_GPU_MODE=auto + +# Ollama host binding (localhost for security) +OLLAMA_HOST_BINDING=127.0.0.1 +OLLAMA_PORT=11434 + +# Embedding model +OLLAMA_EMBEDDING_MODEL=nomic-embed-text-v2-moe + +# Pre-pull models on startup +OLLAMA_MODELS=nomic-embed-text-v2-moe + +# AMD ROCm Settings (for AMD GPU VMs) +# HSA_OVERRIDE_GFX_VERSION=10.3.0 + +# NVIDIA CUDA Settings (for NVIDIA GPU VMs) +# CUDA_VISIBLE_DEVICES=0 + +# ============================================================================== +# AGENT MODEL ASSIGNMENTS +# ============================================================================== + +# Default model for all agent passthrough endpoints +DEFAULT_AGENT_MODEL=minimax/MiniMax-M2.7 + +# Failover model when primary is unavailable +FAILOVER_AGENT_MODEL=zai/glm-5-1 + +# Individual agent model overrides (optional) +# AGENT_CODER_MODEL=zai/glm-5-1 + +# ============================================================================== +# LITEELM A2A AGENT CONFIGURATION +# ============================================================================== + +# Current agent name +AGENT_NAME=steward + +# Agent configuration JSON +AGENTS='{ + "steward": {"role": "orchestrator", "session": "agent:heretek:steward", "port": 8001}, + "alpha": {"role": "triad", "session": "agent:heretek:alpha", "port": 8002}, + "beta": {"role": "triad", "session": "agent:heretek:beta", "port": 8003}, + "charlie": {"role": "triad", "session": "agent:heretek:charlie", "port": 8004}, + "examiner": {"role": "interrogator", "session": "agent:heretek:examiner", "port": 8005}, + "explorer": {"role": "scout", "session": "agent:heretek:explorer", "port": 8006}, + "sentinel": {"role": "guardian", "session": "agent:heretek:sentinel", "port": 8007}, + "coder": {"role": "artisan", "session": "agent:heretek:coder", "port": 8008}, + "dreamer": {"role": "visionary", "session": "agent:heretek:dreamer", "port": 8009}, + "empath": {"role": "diplomat", "session": "agent:heretek:empath", "port": 8010}, + "historian": {"role": "archivist", "session": "agent:heretek:historian", "port": 8011} +}' + +# ============================================================================== +# OPENCLAW SPECIFIC SETTINGS +# ============================================================================== + +# OpenClaw directories +OPENCLAW_DATA_DIR=/root/.openclaw/data +OPENCLAW_WORKSPACE=/root/.openclaw/agents +OPENCLAW_LOG_DIR=/var/log/openclaw +COLLECTIVE_MEMORY_DIR=/root/.openclaw/memory +SKILLS_DIR=/root/heretek/heretek-openclaw/skills +PLUGINS_DIR=/root/heretek/heretek-openclaw/plugins + +# ============================================================================== +# RATE LIMITING & CACHING +# ============================================================================== + +# Rate limit settings (adjusted for VM deployment) +RATE_LIMIT_ENABLED=true +RATE_LIMIT_REQUESTS_PER_MINUTE=60 + +# Cache settings +CACHE_ENABLED=true +CACHE_TTL_SECONDS=3600 + +# ============================================================================== +# LOGGING & MONITORING +# ============================================================================== + +# Log level +LOG_LEVEL=INFO + +# Enable detailed request logging +LITELLM_REQUEST_LOGGING=true + +# Cost tracking +LITELLM_COST_TRACKING_ENABLED=true + +# Performance metrics +LITELLM_METRICS_ENABLED=true + +# ============================================================================== +# A2A PROTOCOL SETTINGS +# ============================================================================== + +LITELLM_STREAMING_ENABLED=true +LITELLM_AGENT_DISCOVERY_ENABLED=true +A2A_TASK_HANDOFF_TIMEOUT=60 +A2A_HEARTBEAT_INTERVAL=30 + +# ============================================================================== +# WEBSOCKET CONFIGURATION +# ============================================================================== + +# WebSocket URL for external access (update with your VM's public IP) +VITE_WS_URL=ws://YOUR_VM_IP:18789 +WS_PORT=18789 + +# ============================================================================== +# FAILOVER CONFIGURATION +# ============================================================================== + +LITELLM_PRIORITY_FALLBACK_ENABLED=true +LITELLM_HEALTH_CHECK_ENABLED=true +LITELLM_HEALTH_CHECK_INTERVAL=30 +LITELLM_UNHEALTHY_THRESHOLD=2 + +# ============================================================================== +# OBSERVABILITY - LANGFUSE & OPENTELEMETRY +# ============================================================================== + +# LangFuse Configuration +LANGFUSE_ENABLED=false +LANGFUSE_PUBLIC_KEY=pk-lf-your-public-key-here +LANGFUSE_SECRET_KEY=sk-lf-your-secret-key-here +LANGFUSE_HOST=https://cloud.langfuse.com + +# OpenTelemetry Configuration +OTEL_ENABLED=false +OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4318/v1/traces +OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf +OTEL_EXPORTER_TYPE=console +OTEL_SERVICE_NAME=heretek-openclaw + +# ============================================================================== +# SECURITY (VM-Specific) +# ============================================================================== + +# CORS allowed origins (update with your VM's public IP or domain) +CORS_ALLOWED_ORIGINS=http://YOUR_VM_IP:3000,http://YOUR_VM_IP:5173 + +# Admin emails for alerts +# ADMIN_EMAILS=admin@heretek.local + +# API rate limiting (stricter for public VMs) +API_RATE_LIMIT_ENABLED=true +API_RATE_LIMIT_REQUESTS_PER_MINUTE=100 + +# Bind addresses (localhost for internal services) +POSTGRES_BIND_ADDRESS=127.0.0.1 +REDIS_BIND_ADDRESS=127.0.0.1 +OLLAMA_BIND_ADDRESS=127.0.0.1 + +# Public bind addresses (for external access) +LITELLM_BIND_ADDRESS=0.0.0.0 +OPENCLAW_BIND_ADDRESS=0.0.0.0 + +# ============================================================================== +# BACKUP & RECOVERY (VM-Specific) +# ============================================================================== + +# Enable automatic backup +AUTO_BACKUP_ENABLED=true + +# Backup interval (hours) +BACKUP_INTERVAL_HOURS=24 + +# Backup retention (days) +BACKUP_RETENTION_DAYS=7 + +# Backup directory +BACKUP_DIR=/var/backups/openclaw + +# Cloud backup integration (optional) +# AWS S3 +# AWS_BACKUP_BUCKET=your-backup-bucket +# AWS_BACKUP_REGION=us-east-1 +# AWS_ACCESS_KEY_ID=your-aws-key +# AWS_SECRET_ACCESS_KEY=your-aws-secret + +# GCP Cloud Storage +# GCP_BACKUP_BUCKET=your-backup-bucket +# GCP_PROJECT_ID=your-project-id + +# Azure Blob Storage +# AZURE_BACKUP_CONTAINER=your-backup-container +# AZURE_STORAGE_ACCOUNT=your-storage-account +# AZURE_STORAGE_KEY=your-storage-key + +# ============================================================================== +# SYSTEM PATHS (VM Specific) +# ============================================================================== + +# Data directories +POSTGRES_DATA_DIR=/var/lib/postgresql/15/main +REDIS_DATA_DIR=/var/lib/redis +OLLAMA_DATA_DIR=/var/lib/ollama +LITELLM_CONFIG_DIR=/etc/litellm +OPENCLAW_CONFIG_DIR=/etc/openclaw + +# ============================================================================== +# SERVICE MANAGEMENT +# ============================================================================== + +# Systemd service names +POSTGRES_SERVICE_NAME=postgresql +REDIS_SERVICE_NAME=redis +OLLAMA_SERVICE_NAME=ollama +LITELLM_SERVICE_NAME=litellm +OPENCLAW_SERVICE_NAME=openclaw-gateway + +# ============================================================================== +# CLOUD-SPECIFIC SETTINGS +# ============================================================================== + +# Cloud provider detection (auto-detected by vm-install.sh) +# Options: aws, gcp, azure, digitalocean, linode, bare-metal +CLOUD_PROVIDER=auto + +# Instance metadata (auto-populated by vm-install.sh) +# INSTANCE_TYPE=auto +# INSTANCE_ID=auto +# REGION=auto + +# ============================================================================== +# END OF ENVIRONMENT CONFIGURATION +# ============================================================================== diff --git a/cli/README.md b/cli/README.md new file mode 100644 index 0000000..44ebfd2 --- /dev/null +++ b/cli/README.md @@ -0,0 +1,384 @@ +# OpenClaw CLI + +Unified command-line interface for Heretek OpenClaw deployment and management. + +## Installation + +### From Source + +```bash +cd cli +npm install +npm link +``` + +### Global Installation + +```bash +npm install -g @heretek/openclaw-cli +``` + +## Quick Start + +```bash +# Initialize OpenClaw +openclaw init + +# Deploy +openclaw deploy + +# Check status +openclaw status + +# View health +openclaw health check +``` + +## Commands + +### Core Commands + +| Command | Description | +|---------|-------------| +| `openclaw init` | Initialize deployment configuration | +| `openclaw deploy` | Deploy OpenClaw | +| `openclaw status` | Check deployment status | +| `openclaw logs` | View logs | +| `openclaw stop` | Stop deployment | + +### Management Commands + +| Command | Description | +|---------|-------------| +| `openclaw backup` | Manage backups | +| `openclaw config` | Manage configuration | +| `openclaw update` | Update OpenClaw | +| `openclaw agents` | Manage agents | +| `openclaw health` | Run health checks | + +## Command Reference + +### `openclaw init` + +Initialize deployment configuration with interactive setup wizard. + +```bash +# Interactive mode +openclaw init + +# Non-interactive mode +openclaw init --type docker --non-interactive + +# Specify output directory +openclaw init --output /path/to/config +``` + +**Options:** +- `-t, --type ` - Deployment type (docker, bare-metal, kubernetes, aws, gcp, azure) +- `-o, --output ` - Output directory for configuration +- `-n, --non-interactive` - Non-interactive mode (use defaults) +- `--skip-validation` - Skip configuration validation + +### `openclaw deploy` + +Deploy OpenClaw using the configured deployment type. + +```bash +# Interactive deployment +openclaw deploy + +# Deploy to Docker +openclaw deploy docker + +# Deploy to Kubernetes with Helm +openclaw deploy kubernetes --method helm + +# Deploy with build +openclaw deploy --build --force-recreate +``` + +**Options:** +- `-c, --config ` - Configuration file path +- `--build` - Build images before deployment +- `--force-recreate` - Force recreate containers +- `--pull` - Pull latest images +- `--method ` - Deployment method (helm, kustomize) for Kubernetes +- `--auto-approve` - Auto-approve Terraform changes +- `-y, --yes` - Skip confirmation prompts + +### `openclaw status` + +Check deployment status and display service health. + +```bash +# Full status +openclaw status + +# Service status only +openclaw status --services + +# Agent status only +openclaw status --agents + +# JSON output +openclaw status --json +``` + +**Options:** +- `-t, --type ` - Deployment type +- `--services` - Show service status only +- `--agents` - Show agent status only +- `--resources` - Show resource usage +- `--json` - Output as JSON + +### `openclaw logs` + +View logs from OpenClaw services. + +```bash +# View all logs +openclaw logs + +# View specific service logs +openclaw logs gateway + +# Follow logs +openclaw logs -f + +# Show last 200 lines +openclaw logs --tail 200 + +# Filter by pattern +openclaw logs --grep "error" +``` + +**Options:** +- `-f, --follow` - Follow log output +- `-n, --tail ` - Number of lines to show +- `--since