4806c34a3c
Final cleanup phase of the MCP-first pivot.
docker-compose:
- docker-compose.yml: drop ollama service + OLLAMA_URL/MODEL env vars +
IMAGE_CACHE / VAPID env comments
- docker-compose.prod.yml: drop ollama service + Ollama env + GPU
reservation
- docker-compose.quickstart.yml: drop ollama service + Ollama env +
GPU-reservation comment; quickstart instructions now point at the
MCP Access tab instead of model-pull
Config:
- Drop OLLAMA_URL, OLLAMA_MODEL, OLLAMA_BACKGROUND_MODEL,
OLLAMA_KEEP_ALIVE_*, OLLAMA_NUM_CTX, EMBEDDING_MODEL (fastembed
is hard-coded inside services/embeddings.py)
- Drop IMAGE_CACHE_DIR, IMAGE_MAX_BYTES (image cache subsystem
deleted)
- Drop VAPID_PRIVATE_KEY, VAPID_PUBLIC_KEY, VAPID_CLAIMS_SUB (push
deleted in phase 8)
- Drop VOICE_ENABLED, STT_BACKEND, STT_MODEL, TTS_BACKEND (voice
deleted in phase 8)
- Drop Config.validate() rules for those keys
Image cache deletion:
- services/images.py, routes/images.py, models/image_cache.py
- models/__init__.py: drop ImageCache import
- app.py: drop images_bp registration
- alembic/versions/0054_drop_image_cache.py: DROP TABLE image_cache
Frontend client.ts orphan exports stripped:
- getVoiceStatus, getVoiceList, getVoiceLibrary, installVoice,
uninstallVoice, transcribeAudio, synthesiseSpeech,
VoiceStatusResult / VoiceEntry / VoiceLibraryEntry types
- getJournalConfig, saveJournalConfig, getJournalToday/Day/Days,
triggerJournalPrep, runJournalCurator, listPendingActions,
approvePendingAction, rejectPendingAction, listJournalMoments,
updateJournalMoment, deleteJournalMoment, geocodeAddress
- JournalConfig / JournalLocation / JournalConversation /
JournalMessage / JournalDayPayload / JournalMoment /
CuratorRunResult / PendingCuratorAction types
- consolidateProfile, clearProfileObservations, listProfileObservations
- ProfileObservationEntry, learned_summary/observations_* fields on
UserProfile
- consolidateTask (cascading update to TaskEditorView)
- getFableMcpInfo, getNewsItems, GetNewsItemsParams, NewsItem import
TaskEditorView:
- Drop the auto-summary banner + Re-consolidate button
- Drop isBodyAutoMaintained gate (editor is always user-controlled now)
- Drop reconsolidate function + reconsolidating ref
SettingsView:
- profile ref no longer initialises learned_summary /
observations_count / observations_updated_at (those fields are
gone from UserProfile type)
Surviving frontend composables/components flagged for likely future
cleanup but not deleted in this commit (no compile errors, just
unreferenced after Phase 7-8):
- useAssist, useFloatingAssist, useTagSuggestions, useVad,
useListenMode, useOnnxPreloader (composables)
- WorkspaceNoteEditor, WorkspaceTaskPanel, WeatherCard, InlineAssistPanel
(components)
- api/client.ts still references /api/notes/assist/* and
/api/notes/suggest-tags via useAssist + useTagSuggestions — those
endpoints 404 now but no caller hits them; dead at runtime, harmless.
Compose stack collapses to two services: `app` + `db`. No Ollama, no
voice models, no fable-mcp wheel build. First-boot install reduces to:
docker compose up -d
→ visit web UI → register → Settings → MCP Access → copy snippet
→ claude mcp add … → done.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
78 lines
3.7 KiB
Python
78 lines
3.7 KiB
Python
import os
|
|
|
|
|
|
def _read_secret(env_var: str, secret_file_var: str, default: str) -> str:
|
|
"""Read a config value from env var, or from a Docker secrets file."""
|
|
value = os.environ.get(env_var)
|
|
if value:
|
|
return value
|
|
secret_file = os.environ.get(secret_file_var)
|
|
if secret_file:
|
|
try:
|
|
with open(secret_file) as f:
|
|
return f.read().strip()
|
|
except FileNotFoundError:
|
|
pass
|
|
return default
|
|
|
|
|
|
class Config:
|
|
DATABASE_URL: str = _read_secret(
|
|
"DATABASE_URL",
|
|
"DATABASE_URL_FILE",
|
|
"postgresql+asyncpg://fabled:fabled@localhost:5432/fabledassistant",
|
|
)
|
|
SECRET_KEY: str = _read_secret("SECRET_KEY", "SECRET_KEY_FILE", "dev-secret-change-me")
|
|
SECURE_COOKIES: bool = os.environ.get("SECURE_COOKIES", "").lower() in ("1", "true", "yes")
|
|
LOG_LEVEL: str = os.environ.get("LOG_LEVEL", "INFO")
|
|
LOG_RETENTION_DAYS: int = int(os.environ.get("LOG_RETENTION_DAYS", "90"))
|
|
|
|
# SMTP defaults (overridden by DB settings when configured via admin UI)
|
|
SMTP_HOST: str = os.environ.get("SMTP_HOST", "")
|
|
SMTP_PORT: int = int(os.environ.get("SMTP_PORT", "587"))
|
|
SMTP_USERNAME: str = os.environ.get("SMTP_USERNAME", "")
|
|
SMTP_PASSWORD: str = _read_secret("SMTP_PASSWORD", "SMTP_PASSWORD_FILE", "")
|
|
SMTP_FROM_ADDRESS: str = os.environ.get("SMTP_FROM_ADDRESS", "")
|
|
SMTP_FROM_NAME: str = os.environ.get("SMTP_FROM_NAME", "Fabled Scribe")
|
|
SMTP_USE_TLS: bool = os.environ.get("SMTP_USE_TLS", "true").lower() in ("1", "true", "yes")
|
|
BASE_URL: str = os.environ.get("BASE_URL", "http://localhost:5000").rstrip("/")
|
|
TRUST_PROXY_HEADERS: bool = os.environ.get("TRUST_PROXY_HEADERS", "").lower() in ("1", "true", "yes")
|
|
|
|
# OIDC / OAuth2 SSO (e.g. Authentik)
|
|
OIDC_ISSUER: str = os.environ.get("OIDC_ISSUER", "")
|
|
OIDC_CLIENT_ID: str = os.environ.get("OIDC_CLIENT_ID", "")
|
|
OIDC_CLIENT_SECRET: str = _read_secret("OIDC_CLIENT_SECRET", "OIDC_CLIENT_SECRET_FILE", "")
|
|
OIDC_SCOPES: str = os.environ.get("OIDC_SCOPES", "openid profile email")
|
|
LOCAL_AUTH_ENABLED: bool = os.environ.get("LOCAL_AUTH_ENABLED", "true").lower() not in ("0", "false", "no")
|
|
|
|
# SearXNG web search (external instance). Currently only surfaced via
|
|
# /api/settings/search for the Integrations tab's status indicator —
|
|
# the MCP layer doesn't proxy web search (Claude has its own).
|
|
SEARXNG_URL: str = os.environ.get("SEARXNG_URL", "")
|
|
|
|
@classmethod
|
|
def oidc_enabled(cls) -> bool:
|
|
return bool(cls.OIDC_ISSUER and cls.OIDC_CLIENT_ID and cls.OIDC_CLIENT_SECRET)
|
|
|
|
@classmethod
|
|
def searxng_enabled(cls) -> bool:
|
|
return bool(cls.SEARXNG_URL)
|
|
|
|
@classmethod
|
|
def validate(cls) -> None:
|
|
"""Validate critical config values at startup. Raises ValueError on misconfiguration."""
|
|
errors: list[str] = []
|
|
if cls.LOG_RETENTION_DAYS < 1:
|
|
errors.append(f"LOG_RETENTION_DAYS={cls.LOG_RETENTION_DAYS} must be >= 1")
|
|
if not (1 <= cls.SMTP_PORT <= 65535):
|
|
errors.append(f"SMTP_PORT={cls.SMTP_PORT} must be between 1 and 65535")
|
|
if cls.oidc_enabled() and not cls.BASE_URL.startswith(("http://", "https://")):
|
|
errors.append(f"BASE_URL='{cls.BASE_URL}' must start with http:// or https:// when OIDC is enabled")
|
|
if cls.SECRET_KEY == "dev-secret-change-me" and cls.SECURE_COOKIES:
|
|
errors.append(
|
|
"SECRET_KEY is set to the insecure default but SECURE_COOKIES=true indicates "
|
|
"a production deployment. Set SECRET_KEY or SECRET_KEY_FILE before starting."
|
|
)
|
|
if errors:
|
|
raise ValueError("Configuration errors:\n" + "\n".join(f" - {e}" for e in errors))
|