mirror of
https://gitea.ingwaz.work/Ingwaz/openbrain-mcp.git
synced 2026-03-31 06:39:06 +00:00
Provision auth key sets for VPS-backed e2e
This commit is contained in:
Agent Zero
@@ -29,7 +29,7 @@ OPENBRAIN__QUERY__TEXT_WEIGHT=0.4
|
||||
# Authentication (optional)
|
||||
OPENBRAIN__AUTH__ENABLED=false
|
||||
# Comma-separated list of API keys
|
||||
# OPENBRAIN__AUTH__API_KEYS=key1,key2,key3
|
||||
# OPENBRAIN__AUTH__API_KEYS=prod_live_key,ci_e2e_key,smoke_test_key
|
||||
|
||||
# Logging
|
||||
RUST_LOG=info,openbrain_mcp=debug
|
||||
|
||||
@@ -18,6 +18,7 @@ jobs:
|
||||
OPENBRAIN__DATABASE__USER: ${{ secrets.OPENBRAIN__DATABASE__USER }}
|
||||
OPENBRAIN__DATABASE__PASSWORD: ${{ secrets.OPENBRAIN__DATABASE__PASSWORD }}
|
||||
OPENBRAIN__DATABASE__POOL_SIZE: ${{ secrets.OPENBRAIN__DATABASE__POOL_SIZE }}
|
||||
OPENBRAIN__AUTH__API_KEYS: ${{ secrets.OPENBRAIN__AUTH__API_KEYS }}
|
||||
DEPLOY_DIR: /opt/openbrain-mcp
|
||||
SERVICE_NAME: openbrain-mcp
|
||||
steps:
|
||||
@@ -122,6 +123,7 @@ jobs:
|
||||
OPENBRAIN__DATABASE__USER='$OPENBRAIN__DATABASE__USER' \
|
||||
OPENBRAIN__DATABASE__PASSWORD='$OPENBRAIN__DATABASE__PASSWORD' \
|
||||
OPENBRAIN__DATABASE__POOL_SIZE='$OPENBRAIN__DATABASE__POOL_SIZE' \
|
||||
OPENBRAIN__AUTH__API_KEYS='$OPENBRAIN__AUTH__API_KEYS' \
|
||||
bash -s" <<'EOS'
|
||||
set -euo pipefail
|
||||
DEPLOY_DIR="${DEPLOY_DIR:-/opt/openbrain-mcp}"
|
||||
@@ -186,6 +188,10 @@ jobs:
|
||||
upsert_env "OPENBRAIN__DATABASE__USER" "$OPENBRAIN__DATABASE__USER"
|
||||
upsert_env "OPENBRAIN__DATABASE__PASSWORD" "$OPENBRAIN__DATABASE__PASSWORD"
|
||||
upsert_env "OPENBRAIN__DATABASE__POOL_SIZE" "$OPENBRAIN__DATABASE__POOL_SIZE"
|
||||
if [[ -n "${OPENBRAIN__AUTH__API_KEYS:-}" ]]; then
|
||||
upsert_env "OPENBRAIN__AUTH__ENABLED" "true"
|
||||
upsert_env "OPENBRAIN__AUTH__API_KEYS" "$OPENBRAIN__AUTH__API_KEYS"
|
||||
fi
|
||||
upsert_env "OPENBRAIN__EMBEDDING__MODEL_PATH" "$DEPLOY_DIR/models/all-MiniLM-L6-v2"
|
||||
upsert_env "ORT_DYLIB_PATH" "$DEPLOY_DIR/lib/libonnxruntime.so"
|
||||
upsert_env "OPENBRAIN__SERVER__HOST" "0.0.0.0"
|
||||
|
||||
13
README.md
13
README.md
@@ -83,12 +83,23 @@ Recommended env for VPS-backed runs:
|
||||
```bash
|
||||
OPENBRAIN_E2E_REMOTE=true
|
||||
OPENBRAIN_E2E_BASE_URL=https://ob.ingwaz.work
|
||||
OPENBRAIN_E2E_API_KEY=your_live_api_key
|
||||
OPENBRAIN_E2E_API_KEY=your_ci_e2e_key
|
||||
OPENBRAIN__AUTH__ENABLED=true
|
||||
```
|
||||
|
||||
The CI workflow uses this remote mode after `main` deploys so e2e coverage validates the VPS deployment rather than the local runner host.
|
||||
|
||||
For live deployments, prefer a dedicated key set rather than reusing one API key everywhere. The server already accepts a comma-separated key list via `OPENBRAIN__AUTH__API_KEYS`, so a practical split is:
|
||||
|
||||
- `prod_live_key` for normal agent traffic
|
||||
- `ci_e2e_key` for post-deploy CI verification
|
||||
- `smoke_test_key` for ad hoc diagnostics
|
||||
|
||||
In Gitea Actions, that means:
|
||||
|
||||
- repo secret `OPENBRAIN__AUTH__API_KEYS=prod_live_key,ci_e2e_key,smoke_test_key`
|
||||
- repo secret `OPENBRAIN_E2E_API_KEY=ci_e2e_key`
|
||||
|
||||
## Agent Zero Developer Prompt
|
||||
|
||||
For Agent Zero / A0, add the following section to the Developer agent role
|
||||
|
||||
Reference in New Issue
Block a user