From fe20f86c5d76efb105a207b31a97c6910dd7f2dc Mon Sep 17 00:00:00 2001 From: zhangxinhui02 Date: Sat, 3 Jan 2026 00:25:10 +0800 Subject: [PATCH] =?UTF-8?q?fix(helm=20chart):=20=E6=81=A2=E5=A4=8D?= =?UTF-8?q?=E8=A2=AB=E5=8F=AF=E4=B9=90=E8=AF=AF=E5=88=A0=E7=9A=84helm=20ch?= =?UTF-8?q?art=E7=9B=AE=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reapply "Helm chart" This reverts commit e1482977b1f924ec46c6437609c2d51eed41c698. 本次提交不会影响`webui_server.py` --- helm-chart/.gitignore | 2 + helm-chart/.gitlab-ci.yml | 45 + helm-chart/.helmignore | 2 + helm-chart/Chart.yaml | 6 + helm-chart/README.md | 118 +++ helm-chart/files/.env | 4 + helm-chart/files/k8s-init.sh | 36 + helm-chart/preprocessor/Dockerfile | 12 + helm-chart/preprocessor/preprocessor.py | 266 ++++++ helm-chart/preprocessor/requirements.txt | 2 + helm-chart/templates/NOTES.txt | 3 + helm-chart/templates/adapter/pvc.yaml | 33 + helm-chart/templates/adapter/service.yaml | 19 + helm-chart/templates/adapter/statefulset.yaml | 58 ++ helm-chart/templates/core/ingress.yaml | 26 + helm-chart/templates/core/pvc.yaml | 33 + helm-chart/templates/core/service.yaml | 34 + helm-chart/templates/core/statefulset.yaml | 103 +++ helm-chart/templates/napcat/ingress.yaml | 26 + helm-chart/templates/napcat/pvc.yaml | 18 + helm-chart/templates/napcat/service.yaml | 21 + helm-chart/templates/napcat/statefulset.yaml | 72 ++ .../templates/other/check-eula-privacy.yaml | 8 + .../templates/other/configmap-scripts.yaml | 9 + .../templates/other/job-preprocessor.yaml | 62 ++ helm-chart/templates/other/rbac.yaml | 36 + helm-chart/templates/sqlite-web/ingress.yaml | 26 + helm-chart/templates/sqlite-web/service.yaml | 21 + .../templates/sqlite-web/statefulset.yaml | 64 ++ .../templates/statistics/deployment.yaml | 61 ++ helm-chart/templates/statistics/ingress.yaml | 26 + helm-chart/templates/statistics/pvc.yaml | 18 + helm-chart/templates/statistics/service.yaml | 21 + helm-chart/values.yaml | 772 ++++++++++++++++++ 34 files changed, 2063 insertions(+) create mode 100644 helm-chart/.gitignore create mode 100644 helm-chart/.gitlab-ci.yml create mode 100644 helm-chart/.helmignore create mode 100644 helm-chart/Chart.yaml create mode 100644 helm-chart/README.md create mode 100644 helm-chart/files/.env create mode 100644 helm-chart/files/k8s-init.sh create mode 100644 helm-chart/preprocessor/Dockerfile create mode 100644 helm-chart/preprocessor/preprocessor.py create mode 100644 helm-chart/preprocessor/requirements.txt create mode 100644 helm-chart/templates/NOTES.txt create mode 100644 helm-chart/templates/adapter/pvc.yaml create mode 100644 helm-chart/templates/adapter/service.yaml create mode 100644 helm-chart/templates/adapter/statefulset.yaml create mode 100644 helm-chart/templates/core/ingress.yaml create mode 100644 helm-chart/templates/core/pvc.yaml create mode 100644 helm-chart/templates/core/service.yaml create mode 100644 helm-chart/templates/core/statefulset.yaml create mode 100644 helm-chart/templates/napcat/ingress.yaml create mode 100644 helm-chart/templates/napcat/pvc.yaml create mode 100644 helm-chart/templates/napcat/service.yaml create mode 100644 helm-chart/templates/napcat/statefulset.yaml create mode 100644 helm-chart/templates/other/check-eula-privacy.yaml create mode 100644 helm-chart/templates/other/configmap-scripts.yaml create mode 100644 helm-chart/templates/other/job-preprocessor.yaml create mode 100644 helm-chart/templates/other/rbac.yaml create mode 100644 helm-chart/templates/sqlite-web/ingress.yaml create mode 100644 helm-chart/templates/sqlite-web/service.yaml create mode 100644 helm-chart/templates/sqlite-web/statefulset.yaml create mode 100644 helm-chart/templates/statistics/deployment.yaml create mode 100644 helm-chart/templates/statistics/ingress.yaml create mode 100644 helm-chart/templates/statistics/pvc.yaml create mode 100644 helm-chart/templates/statistics/service.yaml create mode 100644 helm-chart/values.yaml diff --git a/helm-chart/.gitignore b/helm-chart/.gitignore new file mode 100644 index 00000000..8c2aec04 --- /dev/null +++ b/helm-chart/.gitignore @@ -0,0 +1,2 @@ +!napcat +!.env \ No newline at end of file diff --git a/helm-chart/.gitlab-ci.yml b/helm-chart/.gitlab-ci.yml new file mode 100644 index 00000000..d00ae558 --- /dev/null +++ b/helm-chart/.gitlab-ci.yml @@ -0,0 +1,45 @@ +stages: + - build-image + - package-helm-chart + +# 仅在helm-chart分支运行 +workflow: + rules: + - if: '$CI_COMMIT_BRANCH == "helm-chart"' + - when: never + +# 构建并推送processor镜像 +build-preprocessor: + stage: build-image + image: reg.mikumikumi.xyz/base/kaniko-builder:latest + variables: + BUILD_NO_CACHE: true + rules: + - changes: + - helm-chart/preprocessor/** + script: + - export BUILD_CONTEXT=helm-chart/preprocessor + - export TMP_DST=reg.mikumikumi.xyz/maibot/preprocessor + - export CHART_VERSION=$(cat helm-chart/Chart.yaml | grep '^version:' | cut -d' ' -f2) + - export BUILD_DESTINATION="${TMP_DST}:${CHART_VERSION}" + - export BUILD_ARGS="--destination ${TMP_DST}:latest" + - build + +# 打包并推送helm chart +package-helm-chart: + stage: package-helm-chart + image: reg.mikumikumi.xyz/mirror/helm:latest + rules: + - changes: + - helm-chart/files/** + - helm-chart/templates/** + - helm-chart/.gitignore + - helm-chart/.helmignore + - helm-chart/Chart.yaml + - helm-chart/README.md + - helm-chart/values.yaml + script: + - export CHART_VERSION=$(cat helm-chart/Chart.yaml | grep '^version:' | cut -d' ' -f2) + - helm registry login reg.mikumikumi.xyz --username ${CI_REGISTRY_USER} --password ${CI_REGISTRY_PASSWORD} + - helm package helm-chart + - helm push maibot-${CHART_VERSION}.tgz oci://reg.mikumikumi.xyz/maibot diff --git a/helm-chart/.helmignore b/helm-chart/.helmignore new file mode 100644 index 00000000..84ca3f29 --- /dev/null +++ b/helm-chart/.helmignore @@ -0,0 +1,2 @@ +preprocessor +.gitlab-ci.yml \ No newline at end of file diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml new file mode 100644 index 00000000..e77ebde3 --- /dev/null +++ b/helm-chart/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: maibot +description: "Maimai Bot, a cyber friend dedicated to group chats" +type: application +version: 0.12.0 +appVersion: 0.12.0 diff --git a/helm-chart/README.md b/helm-chart/README.md new file mode 100644 index 00000000..f3929696 --- /dev/null +++ b/helm-chart/README.md @@ -0,0 +1,118 @@ +# MaiBot Helm Chart + +这是麦麦的Helm Chart,可以方便地将麦麦部署在Kubernetes集群中。 + +当前Helm Chart对应的麦麦版本可以在`Chart.yaml`中查看`appVersion`项。 + +详细部署文档:[Kubernetes 部署](https://docs.mai-mai.org/manual/deployment/mmc_deploy_kubernetes.html) + +## 可用的Helm Chart版本列表 + +| Helm Chart版本 | 对应的MaiBot版本 | Commit SHA | +|----------------|--------------|------------------------------------------| +| 0.12.0 | 0.12.0 | baa6e90be7b20050fe25dfc74c0c70653601d00e | +| 0.11.6-beta | 0.11.6-beta | 0bfff0457e6db3f7102fb7f77c58d972634fc93c | +| 0.11.5-beta | 0.11.5-beta | ad2df627001f18996802f23c405b263e78af0d0f | +| 0.11.3-beta | 0.11.3-beta | cd6dc18f546f81e08803d3b8dba48e504dad9295 | +| 0.11.2-beta | 0.11.2-beta | d3c8cea00dbb97f545350f2c3d5bcaf252443df2 | +| 0.11.1-beta | 0.11.1-beta | 94e079a340a43dff8a2bc178706932937fc10b11 | +| 0.11.0-beta | 0.11.0-beta | 16059532d8ef87ac28e2be0838ff8b3a34a91d0f | +| 0.10.3-beta | 0.10.3-beta | 7618937cd4fd0ab1a7bd8a31ab244a8b0742fced | +| 0.10.0-alpha.0 | 0.10.0-alpha | 4efebed10aad977155d3d9e0c24bc6e14e1260ab | + +## TL; DR + +```shell +helm install maimai \ + oci://reg.mikumikumi.xyz/maibot/maibot \ + --namespace bot \ + --version \ + --values maibot.yaml +``` + +## Values项说明 + +`values.yaml`分为几个大部分。 + +1. `EULA` & `PRIVACY`: 用户必须同意这里的协议才能成功部署麦麦。 + +2. `pre_processor`: 部署之前的预处理Job的配置。 + +3. `adapter`: 麦麦的Adapter的部署配置。 + +4. `core`: 麦麦本体的部署配置。 + +5. `statistics_dashboard`: 麦麦的运行统计看板部署配置。 + + 麦麦每隔一段时间会自动输出html格式的运行统计报告,此统计报告可以部署为看板。 + + 出于隐私考虑,默认禁用。 + +6. `napcat`: Napcat的部署配置。 + + 考虑到复用外部Napcat实例的情况,Napcat部署已被解耦。用户可选是否要部署Napcat。 + + 默认会捆绑部署Napcat。 + +7. `sqlite_web`: sqlite-web的部署配置。 + + 通过sqlite-web可以在网页上操作麦麦的数据库,方便调试。不部署对麦麦的运行无影响。 + + 此服务如果暴露在公网会十分危险,默认不会部署。 + +8. `config`: 这里填写麦麦各部分组件的运行配置。 + + 这里填写的配置仅会在初次部署时或用户指定时覆盖实际配置文件,且需要严格遵守yaml文件的缩进格式。 + + - `override_*_config`: 指定本次部署/升级是否用以下配置覆盖实际配置文件。默认不覆盖。 + + - `adapter_config`: 对应adapter的`config.toml`。 + + 此配置文件中对于`napcat_server`和`maibot_server`的`host`和`port`字段的配置会被上面`adapter.service`中的配置覆盖,因此不需要改动。 + + - `core_model_config`: 对应core的`model_config.toml`。 + + - `core_bot_config`: 对应core的`bot_config.toml`。 + +## 部署说明 + +使用此Helm Chart的一些注意事项。 + +### 麦麦的配置 + +要修改麦麦的配置,最好的方法是通过WebUI来操作。此处的配置只会在初次部署时或者指定覆盖时注入到MaiBot中。 + +`0.11.6-beta`之前的版本将配置存储于k8s的ConfigMap资源中。随着版本迭代,MaiBot对配置文件的操作复杂性增加,k8s的适配复杂度也同步增加,且WebUI可以直接修改配置文件,因此自`0.11.6-beta`版本开始,各组件的配置不再存储于k8s的ConfigMap中,而是直接存储于存储卷的实际文件中。 + +从旧版本升级的用户,旧的ConfigMap的配置会自动迁移到新的存储卷的配置文件中。 + +### 部署时自动重置的配置 + +adapter的配置中的`napcat_server`和`maibot_server`的`host`和`port`字段,会在每次部署/更新Helm安装实例时被自动重置。 +core的配置中的`webui`和`maim_message`的部分字段也会在每次部署/更新Helm安装实例时被自动重置。 + +自动重置的原因: + +- core的Service的DNS名称是动态的(由安装实例名拼接),无法在adapter的配置文件中提前确定。 +- 为了使adapter监听所有地址以及保持Helm Chart中配置的端口号,需要在adapter的配置文件中覆盖这些配置。 +- core的WebUI启停需要由helm chart控制,以便正常创建Service和Ingress资源。 +- core的maim_message的api server现在可以作为k8s服务暴露出来。监听的IP和端口需要由helm chart控制,以便Service正确映射。 + +首次部署时,预处理任务会负责重置这些配置。这会需要一些时间,因此部署进程可能比较慢,且部分Pod可能会无法启动,等待一分钟左右即可。 + +### 跨节点PVC挂载问题 + +MaiBot的一些组件会挂载同一PVC,这主要是为了同步数据或修改配置。 + +如果k8s集群有多个节点,且共享相同PVC的Pod未调度到同一节点,那么就需要此PVC访问模式具备`ReadWriteMany`访问模式。 + +不是所有存储控制器都支持`ReadWriteMany`访问模式。 + +如果你的存储控制器无法支持`ReadWriteMany`访问模式,你可以通过`nodeSelector`配置将彼此之间共享相同PVC的Pod调度到同一节点来避免问题。 + +会共享PVC的组件列表: + +- `core`和`adapter`:共享`adapter-config`,用于为`core`的WebUI提供修改adapter的配置文件的能力。 +- `core`和`statistics-dashboard`:共享`statistics-dashboard`,用于同步统计数据的html文件。 +- `core`和`sqlite-web`:共享`maibot-core`,用于为`sqlite-web`提供操作MaiBot数据库的能力。 +- 部署时的预处理任务`preprocessor`和`adapter`、`core`:共享`adapter-config`和`core-config`,用于初始化`core`和`adapter`的配置文件。 diff --git a/helm-chart/files/.env b/helm-chart/files/.env new file mode 100644 index 00000000..c34eed76 --- /dev/null +++ b/helm-chart/files/.env @@ -0,0 +1,4 @@ +HOST=0.0.0.0 +PORT=8000 +WEBUI_HOST=0.0.0.0 +WEBUI_PORT=8001 diff --git a/helm-chart/files/k8s-init.sh b/helm-chart/files/k8s-init.sh new file mode 100644 index 00000000..3fd805f4 --- /dev/null +++ b/helm-chart/files/k8s-init.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# 此脚本用于覆盖core容器的默认启动命令,进行一些初始化 +# 由于k8s与docker-compose的卷挂载方式有所不同,需要利用此脚本为一些文件和目录提前创建好软链接 +# /MaiMBot/data是麦麦数据的实际挂载路径 +# /MaiMBot/statistics是统计数据的实际挂载路径 + +set -e +echo "[K8s Init] Preparing volume..." + +# 初次启动,在存储卷中检查并创建关键文件和目录 +mkdir -p /MaiMBot/data/plugins +mkdir -p /MaiMBot/data/logs +if [ ! -d "/MaiMBot/statistics" ] +then + echo "[K8s Init] Statistics volume is disabled." +else + touch /MaiMBot/statistics/index.html +fi + +# 删除默认插件目录,准备创建用户插件目录软链接 +rm -rf /MaiMBot/plugins + +# 创建软链接,从存储卷链接到实际位置 +ln -s /MaiMBot/data/plugins /MaiMBot/plugins +ln -s /MaiMBot/data/logs /MaiMBot/logs +if [ -f "/MaiMBot/statistics/index.html" ] +then + ln -s /MaiMBot/statistics/index.html /MaiMBot/maibot_statistics.html +fi + +echo "[K8s Init] Volume ready." + +# 启动麦麦 +echo "[K8s Init] Waking up MaiBot..." +echo +exec python bot.py diff --git a/helm-chart/preprocessor/Dockerfile b/helm-chart/preprocessor/Dockerfile new file mode 100644 index 00000000..58452dd5 --- /dev/null +++ b/helm-chart/preprocessor/Dockerfile @@ -0,0 +1,12 @@ +# 此镜像用于在部署helm chart时动态生成adapter的配置文件 +FROM python:3.13-slim + +WORKDIR /app + +ENV PYTHONUNBUFFERED=1 + +COPY . /app + +RUN pip3 install --no-cache-dir -r requirements.txt + +ENTRYPOINT ["python3", "preprocessor.py"] diff --git a/helm-chart/preprocessor/preprocessor.py b/helm-chart/preprocessor/preprocessor.py new file mode 100644 index 00000000..e8fe5b11 --- /dev/null +++ b/helm-chart/preprocessor/preprocessor.py @@ -0,0 +1,266 @@ +#!/bin/python3 +# 此脚本会被helm chart的post-install hook触发,在正式部署后通过k8s的job自动运行一次。 +# 这个脚本的作用是在部署helm chart时迁移旧版ConfigMap到配置文件,调整adapter的配置文件中的服务监听和服务连接字段,调整core的配置文件中的maim_message_api_server和WebUI配置。 +# +# - 迁移旧版ConfigMap到配置文件是因为0.11.6-beta之前版本的helm chart将各个配置文件存储在k8s的ConfigMap中, +# 由于功能复杂度提升,自0.11.6-beta版本开始配置文件采用文件形式存储到存储卷中。 +# 从旧版升级来的用户会通过这个脚本自动执行配置的迁移。 +# +# - 需要调整adapter的配置文件的原因是: +# 1. core的Service的DNS名称是动态的(由安装实例名拼接),无法在adapter的配置文件中提前确定。 +# 用于对外连接的maibot_server.host和maibot_server.port字段,会被替换为core的Service对应的DNS名称和8000端口(硬编码,用户无需配置)。 +# 2. 为了使adapter监听所有地址以及保持chart中配置的端口号,需要在adapter的配置文件中覆盖这些配置。 +# 用于监听的napcat_server.host和napcat_server.port字段,会被替换为0.0.0.0和8095端口(实际映射到的Service端口会在Service中配置)。 +# +# - 需要调整core的配置文件的原因是: +# 1. core的WebUI启停需要由helm chart控制,以便正常创建Service和Ingress资源。 +# 配置文件中的webui.enabled、webui.allowed_ips将由此脚本覆盖为正确配置。 +# 2. core的maim_message的api server现在可以作为k8s服务暴露出来。监听的IP和端口需要由helm chart控制,以便Service正确映射。 +# 配置文件中的maim_message.enable_api_server、maim_message.api_server_host、maim_message.api_server_port将由此脚本覆盖为正确配置。 + +import os +import toml +import time +import base64 +from kubernetes import client, config +from kubernetes.client.exceptions import ApiException +from datetime import datetime, timezone + +config.load_incluster_config() +core_api = client.CoreV1Api() +apps_api = client.AppsV1Api() + +# 读取部署的关键信息 +with open("/var/run/secrets/kubernetes.io/serviceaccount/namespace", 'r') as f: + namespace = f.read().strip() +release_name = os.getenv("RELEASE_NAME").strip() +is_webui_enabled = os.getenv("IS_WEBUI_ENABLED").lower() == "true" +is_maim_message_api_server_enabled = os.getenv("IS_MMSG_ENABLED").lower() == "true" +config_adapter_b64 = os.getenv("CONFIG_ADAPTER_B64") +config_core_env_b64 = os.getenv("CONFIG_CORE_ENV_B64") +config_core_bot_b64 = os.getenv("CONFIG_CORE_BOT_B64") +config_core_model_b64 = os.getenv("CONFIG_CORE_MODEL_B64") + + +def log(func: str, msg: str, level: str = 'INFO'): + print(f'[{datetime.now().strftime("%Y-%m-%d %H:%M:%S")}] [{level}] [{func}] {msg}') + + +def migrate_old_config(): + """迁移旧版配置""" + func_name = 'migrate_old_config' + log(func_name, 'Checking whether there are old configmaps to migrate...') + old_configmap_version = None + status_migrating = { # 存储adapter的config.toml、core的bot_config.toml和model_config.toml三个文件的迁移状态 + 'adapter_config.toml': False, + 'core_bot_config.toml': False, + 'core_model_config.toml': False + } + + # 如果存储卷中已存在配置文件,则跳过迁移 + if os.path.isfile('/app/config/core/bot_config.toml') or os.path.isfile('/app/config/core/model_config.toml') or \ + os.path.isfile('/app/config/adapter/config.toml'): + log(func_name, 'Found existing config file(s) in PV. Migration will be ignored. Done.') + return + + def migrate_cm_to_file(cm_name: str, key_name: str, file_path: str) -> bool: + """检测是否有指定名称的configmap,如果有的话备份到指定的配置文件里并删除configmap,返回是否已备份""" + try: + cm = core_api.read_namespaced_config_map( + name=cm_name, + namespace=namespace + ) + log(func_name, f'\tMigrating `{key_name}` of `{cm_name}`...') + with open(file_path, 'w', encoding='utf-8') as _f: + _f.write(cm.data[key_name]) + core_api.delete_namespaced_config_map( + name=cm_name, + namespace=namespace + ) + log(func_name, f'\tSuccessfully migrated `{key_name}` of `{cm_name}`.') + except ApiException as e: + if e.status == 404: + return False + return True + + # 对于0.11.5-beta版本,adapter的config.toml、core的bot_config.toml和model_config.toml均存储于不同的ConfigMap,需要依次迁移 + if True not in status_migrating.values(): + status_migrating['adapter_config.toml'] = migrate_cm_to_file(f'{release_name}-maibot-adapter-config', + 'config.toml', + '/app/config/adapter/config.toml') + status_migrating['core_bot_config.toml'] = migrate_cm_to_file(f'{release_name}-maibot-core-bot-config', + 'bot_config.toml', + '/app/config/core/bot_config.toml') + status_migrating['core_model_config.toml'] = migrate_cm_to_file(f'{release_name}-maibot-core-model-config', + 'model_config.toml', + '/app/config/core/model_config.toml') + if True in status_migrating.values(): + old_configmap_version = '0.11.5-beta' + + # 对于低于0.11.5-beta的版本,adapter的1个配置和core的3个配置位于各自的configmap中 + if True not in status_migrating.values(): + status_migrating['adapter_config.toml'] = migrate_cm_to_file(f'{release_name}-maibot-adapter', + 'config.toml', + '/app/config/adapter/config.toml') + status_migrating['core_bot_config.toml'] = migrate_cm_to_file(f'{release_name}-maibot-core', + 'bot_config.toml', + '/app/config/core/bot_config.toml') + status_migrating['core_model_config.toml'] = migrate_cm_to_file(f'{release_name}-maibot-core', + 'model_config.toml', + '/app/config/core/model_config.toml') + if True in status_migrating.values(): + old_configmap_version = 'before 0.11.5-beta' + + if old_configmap_version: + log(func_name, f'Migrating status for version `{old_configmap_version}`:') + for k, v in status_migrating.items(): + log(func_name, f'\t{k}: {v}') + if False in status_migrating.values(): + log(func_name, 'There is/are config(s) that not been migrated. Please check the config manually.', + level='WARNING') + else: + log(func_name, 'Successfully migrated old configs. Done.') + else: + log(func_name, 'Old config not found. Ignoring migration. Done.') + + +def write_config_files(): + """当注入了配置文件时(一般是首次安装或者用户指定覆盖),将helm chart注入的配置写入存储卷中的实际文件""" + func_name = 'write_config_files' + log(func_name, 'Detecting config files...') + if config_adapter_b64: + log(func_name, '\tWriting `config.toml` of adapter...') + config_str = base64.b64decode(config_adapter_b64).decode("utf-8") + with open('/app/config/adapter/config.toml', 'w', encoding='utf-8') as _f: + _f.write(config_str) + log(func_name, '\t`config.toml` of adapter wrote.') + if True: # .env直接覆盖 + log(func_name, '\tWriting .env file of core...') + config_str = base64.b64decode(config_core_env_b64).decode("utf-8") + with open('/app/config/core/.env', 'w', encoding='utf-8') as _f: + _f.write(config_str) + log(func_name, '\t`.env` of core wrote.') + if config_core_bot_b64: + log(func_name, '\tWriting `bot_config.toml` of core...') + config_str = base64.b64decode(config_core_bot_b64).decode("utf-8") + with open('/app/config/core/bot_config.toml', 'w', encoding='utf-8') as _f: + _f.write(config_str) + log(func_name, '\t`bot_config.toml` of core wrote.') + if config_core_model_b64: + log(func_name, '\tWriting `model_config.toml` of core...') + config_str = base64.b64decode(config_core_model_b64).decode("utf-8") + with open('/app/config/core/model_config.toml', 'w', encoding='utf-8') as _f: + _f.write(config_str) + log(func_name, '\t`model_config.toml` of core wrote.') + log(func_name, 'Detection done.') + + +def reconfigure_adapter(): + """调整adapter的配置文件的napcat_server和maibot_server字段,使其Service能被napcat连接以及连接到core的Service""" + func_name = 'reconfigure_adapter' + log(func_name, 'Reconfiguring `config.toml` of adapter...') + with open('/app/config/adapter/config.toml', 'r', encoding='utf-8') as _f: + config_adapter = toml.load(_f) + config_adapter.setdefault('napcat_server', {}) + config_adapter['napcat_server']['host'] = '0.0.0.0' + config_adapter['napcat_server']['port'] = 8095 + config_adapter.setdefault('maibot_server', {}) + config_adapter['maibot_server']['host'] = f'{release_name}-maibot-core' # 根据release名称动态拼接core服务的DNS名称 + config_adapter['maibot_server']['port'] = 8000 + with open('/app/config/adapter/config.toml', 'w', encoding='utf-8') as _f: + _f.write(toml.dumps(config_adapter)) + log(func_name, 'Reconfiguration done.') + + +def reconfigure_core(): + """调整core的配置文件的webui和maim_message字段,使其服务能被正确映射""" + func_name = 'reconfigure_core' + log(func_name, 'Reconfiguring `bot_config.toml` of core...') + with open('/app/config/core/bot_config.toml', 'r', encoding='utf-8') as _f: + config_core = toml.load(_f) + config_core.setdefault('webui', {}) + config_core['webui']['enabled'] = is_webui_enabled + config_core['webui']['allowed_ips'] = '0.0.0.0/0' # 部署于k8s内网,使用宽松策略 + config_core.setdefault('maim_message', {}) + config_core['maim_message']['enable_api_server'] = is_maim_message_api_server_enabled + config_core['maim_message']['api_server_host'] = '0.0.0.0' + config_core['maim_message']['api_server_port'] = 8090 + with open('/app/config/core/bot_config.toml', 'w', encoding='utf-8') as _f: + _f.write(toml.dumps(config_core)) + log(func_name, 'Reconfiguration done.') + + +def _scale_statefulsets(statefulsets: list[str], replicas: int, wait: bool = False, timeout: int = 300): + """调整指定几个statefulset的副本数,wait参数控制是否等待调整完成再返回""" + statefulsets = set(statefulsets) + for name in statefulsets: + apps_api.patch_namespaced_stateful_set_scale( + name=name, + namespace=namespace, + body={"spec": {"replicas": replicas}} + ) + if not wait: + return + + start_time = time.time() + while True: + remaining_pods = [] + + pods = core_api.list_namespaced_pod(namespace).items + + for pod in pods: + owners = pod.metadata.owner_references or [] + for owner in owners: + if owner.kind == "StatefulSet" and owner.name in statefulsets: + remaining_pods.append(pod.metadata.name) + + if not remaining_pods: + return + + elapsed = time.time() - start_time + if elapsed > timeout: + raise TimeoutError( + f"Timeout waiting for Pods to be deleted. " + f"Remaining Pods: {remaining_pods}" + ) + time.sleep(5) + + +def _restart_statefulset(name: str, ignore_error: bool = False): + """重启指定的statefulset""" + now = datetime.now(timezone.utc).isoformat() + body = { + "spec": { + "template": { + "metadata": { + "annotations": { + "kubectl.kubernetes.io/restartedAt": now + } + } + } + } + } + try: + apps_api.patch_namespaced_stateful_set( + name=name, + namespace=namespace, + body=body + ) + except ApiException as e: + if ignore_error: + pass + else: + raise e + + +if __name__ == '__main__': + log('main', 'Start to process data before install/upgrade...') + log('main', 'Scaling adapter and core to 0...') + _scale_statefulsets([f'{release_name}-maibot-adapter', f'{release_name}-maibot-core'], 0, wait=True) + migrate_old_config() + write_config_files() + reconfigure_adapter() + reconfigure_core() + log('main', 'Scaling adapter and core to 1...') + _scale_statefulsets([f'{release_name}-maibot-adapter', f'{release_name}-maibot-core'], 1) + log('main', 'Process done.') diff --git a/helm-chart/preprocessor/requirements.txt b/helm-chart/preprocessor/requirements.txt new file mode 100644 index 00000000..83e030ca --- /dev/null +++ b/helm-chart/preprocessor/requirements.txt @@ -0,0 +1,2 @@ +toml~=0.10.2 +kubernetes~=34.1.0 \ No newline at end of file diff --git a/helm-chart/templates/NOTES.txt b/helm-chart/templates/NOTES.txt new file mode 100644 index 00000000..ec8223df --- /dev/null +++ b/helm-chart/templates/NOTES.txt @@ -0,0 +1,3 @@ +MaiBot has been successfully deployed. + +MaiBot on GitHub: https://github.com/Mai-with-u/MaiBot diff --git a/helm-chart/templates/adapter/pvc.yaml b/helm-chart/templates/adapter/pvc.yaml new file mode 100644 index 00000000..4bc24506 --- /dev/null +++ b/helm-chart/templates/adapter/pvc.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-maibot-adapter + namespace: {{ .Release.Namespace }} +spec: + {{- if .Values.adapter.persistence.data.accessModes }} + accessModes: + {{ toYaml .Values.adapter.persistence.data.accessModes | nindent 4 }} + {{- end }} + resources: + requests: + storage: {{ .Values.adapter.persistence.data.size }} + {{- if .Values.adapter.persistence.data.storageClass }} + storageClassName: {{ .Values.adapter.persistence.data.storageClass | default nil }} + {{- end }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-maibot-adapter-config + namespace: {{ .Release.Namespace }} +spec: + {{- if .Values.adapter.persistence.config.accessModes }} + accessModes: + {{ toYaml .Values.adapter.persistence.config.accessModes | nindent 4 }} + {{- end }} + resources: + requests: + storage: {{ .Values.adapter.persistence.config.size }} + {{- if .Values.adapter.persistence.config.storageClass }} + storageClassName: {{ .Values.adapter.persistence.config.storageClass | default nil }} + {{- end }} diff --git a/helm-chart/templates/adapter/service.yaml b/helm-chart/templates/adapter/service.yaml new file mode 100644 index 00000000..86c39246 --- /dev/null +++ b/helm-chart/templates/adapter/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-maibot-adapter + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-adapter +spec: + ports: + - name: napcat-ws + port: {{ .Values.adapter.service.port }} + protocol: TCP + targetPort: 8095 + {{- if eq .Values.adapter.service.type "NodePort" }} + nodePort: {{ .Values.adapter.service.nodePort | default nil }} + {{- end }} + selector: + app: {{ .Release.Name }}-maibot-adapter + type: {{ .Values.adapter.service.type }} diff --git a/helm-chart/templates/adapter/statefulset.yaml b/helm-chart/templates/adapter/statefulset.yaml new file mode 100644 index 00000000..ec914b16 --- /dev/null +++ b/helm-chart/templates/adapter/statefulset.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Release.Name }}-maibot-adapter + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-adapter +spec: + serviceName: {{ .Release.Name }}-maibot-adapter + replicas: 0 # post-install任务初始化完毕后自动扩容至1 + selector: + matchLabels: + app: {{ .Release.Name }}-maibot-adapter + template: + metadata: + labels: + app: {{ .Release.Name }}-maibot-adapter + spec: + containers: + - name: adapter + env: + - name: TZ + value: Asia/Shanghai + image: {{ .Values.adapter.image.repository | default "unclas/maimbot-adapter" }}:{{ .Values.adapter.image.tag | default "main-20251211074617" }} + imagePullPolicy: {{ .Values.adapter.image.pullPolicy }} + ports: + - containerPort: 8095 + name: napcat-ws + protocol: TCP + {{- if .Values.adapter.resources }} + resources: + {{ toYaml .Values.adapter.resources | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /adapters/data + name: data + - mountPath: /adapters/config.toml + name: config + subPath: config.toml + {{- if .Values.adapter.image.pullSecrets }} + imagePullSecrets: + {{ toYaml .Values.adapter.image.pullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.adapter.nodeSelector }} + nodeSelector: + {{ toYaml .Values.adapter.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.adapter.tolerations }} + tolerations: + {{ toYaml .Values.adapter.tolerations | nindent 8 }} + {{- end }} + volumes: + - name: data + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-adapter + - name: config + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-adapter-config diff --git a/helm-chart/templates/core/ingress.yaml b/helm-chart/templates/core/ingress.yaml new file mode 100644 index 00000000..203626d6 --- /dev/null +++ b/helm-chart/templates/core/ingress.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.core.webui.enabled .Values.core.webui.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-maibot-webui + namespace: {{ .Release.Namespace }} + {{- if .Values.core.webui.ingress.annotations }} + annotations: + {{ toYaml .Values.core.webui.ingress.annotations | nindent 4 }} + {{- end }} + labels: + app: {{ .Release.Name }}-maibot-core +spec: + ingressClassName: {{ .Values.core.webui.ingress.className }} + rules: + - host: {{ .Values.core.webui.ingress.host }} + http: + paths: + - backend: + service: + name: {{ .Release.Name }}-maibot-core + port: + number: {{ .Values.core.webui.service.port }} + path: {{ .Values.core.webui.ingress.path }} + pathType: {{ .Values.core.webui.ingress.pathType }} +{{- end }} diff --git a/helm-chart/templates/core/pvc.yaml b/helm-chart/templates/core/pvc.yaml new file mode 100644 index 00000000..66c6ac12 --- /dev/null +++ b/helm-chart/templates/core/pvc.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-maibot-core + namespace: {{ .Release.Namespace }} +spec: + {{- if .Values.core.persistence.data.accessModes }} + accessModes: + {{ toYaml .Values.core.persistence.data.accessModes | nindent 4 }} + {{- end }} + resources: + requests: + storage: {{ .Values.core.persistence.data.size }} + {{- if .Values.core.persistence.data.storageClass }} + storageClassName: {{ .Values.core.persistence.data.storageClass | default nil }} + {{- end }} +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-maibot-core-config + namespace: {{ .Release.Namespace }} +spec: + {{- if .Values.core.persistence.config.accessModes }} + accessModes: + {{ toYaml .Values.core.persistence.config.accessModes | nindent 4 }} + {{- end }} + resources: + requests: + storage: {{ .Values.core.persistence.config.size }} + {{- if .Values.core.persistence.config.storageClass }} + storageClassName: {{ .Values.core.persistence.config.storageClass | default nil }} + {{- end }} diff --git a/helm-chart/templates/core/service.yaml b/helm-chart/templates/core/service.yaml new file mode 100644 index 00000000..2a049eeb --- /dev/null +++ b/helm-chart/templates/core/service.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-maibot-core + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-core +spec: + ports: + - name: adapter-ws + port: 8000 + protocol: TCP + targetPort: 8000 + {{- if .Values.core.webui.enabled }} + - name: webui + port: {{ .Values.core.webui.service.port }} + protocol: TCP + targetPort: 8001 + {{- if eq .Values.core.webui.service.type "NodePort" }} + nodePort: {{ .Values.core.webui.service.nodePort | default nil }} + {{- end }} + {{- end }} + {{- if .Values.core.maim_message_api_server.enabled }} + - name: maim-message + port: {{ .Values.core.maim_message_api_server.service.port }} + protocol: TCP + targetPort: 8090 + {{- if eq .Values.core.maim_message_api_server.service.type "NodePort" }} + nodePort: {{ .Values.core.maim_message_api_server.service.nodePort | default nil }} + {{- end }} + {{- end }} + selector: + app: {{ .Release.Name }}-maibot-core + type: ClusterIP diff --git a/helm-chart/templates/core/statefulset.yaml b/helm-chart/templates/core/statefulset.yaml new file mode 100644 index 00000000..50fed52d --- /dev/null +++ b/helm-chart/templates/core/statefulset.yaml @@ -0,0 +1,103 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Release.Name }}-maibot-core + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-core +spec: + serviceName: {{ .Release.Name }}-maibot-core + replicas: 0 # post-install任务初始化完毕后自动扩容至1 + selector: + matchLabels: + app: {{ .Release.Name }}-maibot-core + template: + metadata: + labels: + app: {{ .Release.Name }}-maibot-core + spec: + containers: + - name: core + command: # 为了在k8s中初始化,这里替换启动命令为指定脚本 + - sh + args: + - /MaiMBot/k8s-init.sh + env: + - name: TZ + value: "Asia/Shanghai" + - name: EULA_AGREE + value: "1b662741904d7155d1ce1c00b3530d0d" + - name: PRIVACY_AGREE + value: "9943b855e72199d0f5016ea39052f1b6" + image: {{ .Values.core.image.repository | default "sengokucola/maibot" }}:{{ .Values.core.image.tag | default "0.12.0" }} + imagePullPolicy: {{ .Values.core.image.pullPolicy }} + ports: + - containerPort: 8000 + name: adapter-ws + protocol: TCP + {{- if .Values.core.webui.enabled }} + - containerPort: 8001 + name: webui + protocol: TCP + {{- end }} + {{- if .Values.core.resources }} + resources: + {{ toYaml .Values.core.resources | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /MaiMBot/data + name: data + - mountPath: /MaiMBot/k8s-init.sh + name: scripts + readOnly: true + subPath: k8s-init.sh + - mountPath: /MaiMBot/.env + name: config + subPath: .env + - mountPath: /MaiMBot/config/model_config.toml + name: config + subPath: model_config.toml + - mountPath: /MaiMBot/config/bot_config.toml + name: config + subPath: bot_config.toml + - mountPath: /MaiMBot/adapters-config/config.toml # WebUI修改adapter配置所用 + name: adapter-config + subPath: config.toml + {{- if .Values.statistics_dashboard.enabled }} + - mountPath: /MaiMBot/statistics + name: statistics + {{- end }} + serviceAccountName: {{ .Release.Name }}-maibot-sa + {{- if .Values.core.image.pullSecrets }} + imagePullSecrets: + {{ toYaml .Values.core.image.pullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.core.nodeSelector }} + nodeSelector: + {{ toYaml .Values.core.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.core.tolerations }} + tolerations: + {{ toYaml .Values.core.tolerations | nindent 8 }} + {{- end }} + volumes: + - name: data + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-core + - configMap: + items: + - key: k8s-init.sh + path: k8s-init.sh + name: {{ .Release.Name }}-maibot-scripts + name: scripts + - name: config + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-core-config + - name: adapter-config + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-adapter-config + {{- if .Values.statistics_dashboard.enabled }} + - name: statistics + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-statistics-dashboard + {{- end }} diff --git a/helm-chart/templates/napcat/ingress.yaml b/helm-chart/templates/napcat/ingress.yaml new file mode 100644 index 00000000..e46243a2 --- /dev/null +++ b/helm-chart/templates/napcat/ingress.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.napcat.enabled .Values.napcat.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-maibot-napcat + namespace: {{ .Release.Namespace }} + {{- if .Values.napcat.ingress.annotations }} + annotations: + {{ toYaml .Values.napcat.ingress.annotations | nindent 4 }} + {{- end }} + labels: + app: {{ .Release.Name }}-maibot-napcat +spec: + ingressClassName: {{ .Values.napcat.ingress.className }} + rules: + - host: {{ .Values.napcat.ingress.host }} + http: + paths: + - backend: + service: + name: {{ .Release.Name }}-maibot-napcat + port: + number: {{ .Values.napcat.service.port }} + path: {{ .Values.napcat.ingress.path }} + pathType: {{ .Values.napcat.ingress.pathType }} +{{- end }} diff --git a/helm-chart/templates/napcat/pvc.yaml b/helm-chart/templates/napcat/pvc.yaml new file mode 100644 index 00000000..530eca72 --- /dev/null +++ b/helm-chart/templates/napcat/pvc.yaml @@ -0,0 +1,18 @@ +{{- if .Values.napcat.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-maibot-napcat + namespace: {{ .Release.Namespace }} +spec: + {{- if .Values.napcat.persistence.accessModes }} + accessModes: + {{ toYaml .Values.napcat.persistence.accessModes | nindent 4 }} + {{- end }} + resources: + requests: + storage: {{ .Values.napcat.persistence.size }} + {{- if .Values.napcat.persistence.storageClass }} + storageClassName: {{ .Values.napcat.persistence.storageClass | default nil }} + {{- end }} +{{- end }} diff --git a/helm-chart/templates/napcat/service.yaml b/helm-chart/templates/napcat/service.yaml new file mode 100644 index 00000000..ec06b231 --- /dev/null +++ b/helm-chart/templates/napcat/service.yaml @@ -0,0 +1,21 @@ +{{- if .Values.napcat.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-maibot-napcat + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-napcat +spec: + ports: + - name: webui + port: {{ .Values.napcat.service.port }} + protocol: TCP + targetPort: 6099 + {{- if eq .Values.napcat.service.type "NodePort" }} + nodePort: {{ .Values.napcat.service.nodePort | default nil }} + {{- end }} + selector: + app: {{ .Release.Name }}-maibot-napcat + type: {{ .Values.napcat.service.type }} +{{- end }} diff --git a/helm-chart/templates/napcat/statefulset.yaml b/helm-chart/templates/napcat/statefulset.yaml new file mode 100644 index 00000000..dc022b21 --- /dev/null +++ b/helm-chart/templates/napcat/statefulset.yaml @@ -0,0 +1,72 @@ +{{- if .Values.napcat.enabled }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Release.Name }}-maibot-napcat + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-napcat +spec: + serviceName: {{ .Release.Name }}-maibot-napcat + replicas: 1 + selector: + matchLabels: + app: {{ .Release.Name }}-maibot-napcat + template: + metadata: + labels: + app: {{ .Release.Name }}-maibot-napcat + spec: + containers: + - name: napcat + env: + - name: NAPCAT_GID + value: "{{ .Values.napcat.permission.gid }}" + - name: NAPCAT_UID + value: "{{ .Values.napcat.permission.uid }}" + - name: TZ + value: Asia/Shanghai + image: {{ .Values.napcat.image.repository | default "mlikiowa/napcat-docker" }}:{{ .Values.napcat.image.tag | default "v4.9.80" }} + imagePullPolicy: {{ .Values.napcat.image.pullPolicy }} + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 6099 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 60 + successThreshold: 1 + timeoutSeconds: 10 + ports: + - containerPort: 6099 + name: webui + protocol: TCP + {{- if .Values.napcat.resources }} + resources: + {{ toYaml .Values.napcat.resources | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /app/napcat/config + name: napcat + subPath: config + - mountPath: /app/.config/QQ + name: napcat + subPath: data + {{- if .Values.napcat.image.pullSecrets }} + imagePullSecrets: + {{ toYaml .Values.napcat.image.pullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.napcat.nodeSelector }} + nodeSelector: + {{ toYaml .Values.napcat.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.napcat.tolerations }} + tolerations: + {{ toYaml .Values.napcat.tolerations | nindent 8 }} + {{- end }} + volumes: + - name: napcat + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-napcat +{{- end }} diff --git a/helm-chart/templates/other/check-eula-privacy.yaml b/helm-chart/templates/other/check-eula-privacy.yaml new file mode 100644 index 00000000..db997a60 --- /dev/null +++ b/helm-chart/templates/other/check-eula-privacy.yaml @@ -0,0 +1,8 @@ +# 检查EULA和PRIVACY +{{- if not .Values.EULA_AGREE }} +{{ fail "You must accept the EULA by setting 'EULA_AGREE: true'. EULA: https://github.com/Mai-with-u/MaiBot/blob/main/EULA.md" }} +{{- end }} + +{{- if not .Values.PRIVACY_AGREE }} +{{ fail "You must accept the Privacy Policy by setting 'PRIVACY_AGREE: true'. Privacy Policy: https://github.com/Mai-with-u/MaiBot/blob/main/PRIVACY.md" }} +{{- end }} diff --git a/helm-chart/templates/other/configmap-scripts.yaml b/helm-chart/templates/other/configmap-scripts.yaml new file mode 100644 index 00000000..3fe96794 --- /dev/null +++ b/helm-chart/templates/other/configmap-scripts.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-maibot-scripts + namespace: {{ .Release.Namespace }} +data: + # core + k8s-init.sh: | + {{ .Files.Get "files/k8s-init.sh" | nindent 4 }} diff --git a/helm-chart/templates/other/job-preprocessor.yaml b/helm-chart/templates/other/job-preprocessor.yaml new file mode 100644 index 00000000..8545f5af --- /dev/null +++ b/helm-chart/templates/other/job-preprocessor.yaml @@ -0,0 +1,62 @@ +# 预处理脚本,仅会在部署前运行一次 +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Release.Name }}-maibot-preprocessor + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + backoffLimit: 2 + template: + spec: + serviceAccountName: {{ .Release.Name }}-maibot-sa + restartPolicy: Never + containers: + - name: preprocessor + image: {{ .Values.pre_processor.image.repository | default "reg.mikumikumi.xyz/maibot/preprocessor" }}:{{ .Values.pre_processor.image.tag | default "0.12.0" }} + imagePullPolicy: {{ .Values.pre_processor.image.pullPolicy }} + env: + - name: RELEASE_NAME + value: {{ .Release.Name }} + - name: IS_WEBUI_ENABLED + value: {{ .Values.core.webui.enabled | quote }} + - name: IS_MMSG_ENABLED + value: {{ .Values.core.maim_message_api_server.enabled | quote }} + {{- if or .Values.config.override_adapter_config .Release.IsInstall }} + - name: CONFIG_ADAPTER_B64 + value: {{ .Values.config.adapter_config | b64enc | quote }} + {{- end }} + - name: CONFIG_CORE_ENV_B64 + value: {{ tpl (.Files.Get "files/.env") . | b64enc | quote }} + {{- if or .Values.config.override_core_bot_config .Release.IsInstall }} + - name: CONFIG_CORE_BOT_B64 + value: {{ .Values.config.core_bot_config | b64enc | quote }} + {{- end }} + {{- if or .Values.config.override_core_model_config .Release.IsInstall }} + - name: CONFIG_CORE_MODEL_B64 + value: {{ .Values.config.core_model_config | b64enc | quote }} + {{- end }} + volumeMounts: + - mountPath: /app/config/adapter + name: adapter-config + - mountPath: /app/config/core + name: core-config + imagePullSecrets: + {{ toYaml .Values.pre_processor.image.pullSecrets | nindent 8 }} + {{- if .Values.pre_processor.nodeSelector }} + nodeSelector: + {{ toYaml .Values.pre_processor.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.pre_processor.tolerations }} + tolerations: + {{ toYaml .Values.pre_processor.tolerations | nindent 8 }} + {{- end }} + volumes: + - name: adapter-config + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-adapter-config + - name: core-config + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-core-config diff --git a/helm-chart/templates/other/rbac.yaml b/helm-chart/templates/other/rbac.yaml new file mode 100644 index 00000000..2edb11b4 --- /dev/null +++ b/helm-chart/templates/other/rbac.yaml @@ -0,0 +1,36 @@ +# 初始化及反向修改ConfigMap所需要的rbac授权 +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Release.Name }}-maibot-sa + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ .Release.Name }}-maibot-role + namespace: {{ .Release.Namespace }} +rules: + - apiGroups: [""] + resources: ["configmaps", "pods"] + verbs: ["get", "list", "delete"] + - apiGroups: ["apps"] + resources: ["statefulsets"] + verbs: ["get", "list", "update", "patch"] + - apiGroups: ["apps"] + resources: ["statefulsets/scale"] + verbs: ["get", "patch", "update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ .Release.Name }}-maibot-rolebinding + namespace: {{ .Release.Namespace }} +subjects: + - kind: ServiceAccount + name: {{ .Release.Name }}-maibot-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: {{ .Release.Name }}-maibot-role + apiGroup: rbac.authorization.k8s.io diff --git a/helm-chart/templates/sqlite-web/ingress.yaml b/helm-chart/templates/sqlite-web/ingress.yaml new file mode 100644 index 00000000..fe14e744 --- /dev/null +++ b/helm-chart/templates/sqlite-web/ingress.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.sqlite_web.enabled .Values.sqlite_web.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-maibot-sqlite-web + namespace: {{ .Release.Namespace }} + {{- if .Values.sqlite_web.ingress.annotations }} + annotations: + {{ toYaml .Values.sqlite_web.ingress.annotations | nindent 4 }} + {{- end }} + labels: + app: {{ .Release.Name }}-maibot-sqlite-web +spec: + ingressClassName: {{ .Values.sqlite_web.ingress.className }} + rules: + - host: {{ .Values.sqlite_web.ingress.host }} + http: + paths: + - backend: + service: + name: {{ .Release.Name }}-maibot-sqlite-web + port: + number: {{ .Values.sqlite_web.service.port }} + path: {{ .Values.sqlite_web.ingress.path }} + pathType: {{ .Values.sqlite_web.ingress.pathType }} +{{- end }} diff --git a/helm-chart/templates/sqlite-web/service.yaml b/helm-chart/templates/sqlite-web/service.yaml new file mode 100644 index 00000000..9c9559a9 --- /dev/null +++ b/helm-chart/templates/sqlite-web/service.yaml @@ -0,0 +1,21 @@ +{{- if .Values.sqlite_web.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-maibot-sqlite-web + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-sqlite-web +spec: + ports: + - name: webui + port: {{ .Values.sqlite_web.service.port }} + protocol: TCP + targetPort: 8080 + {{- if eq .Values.sqlite_web.service.type "NodePort" }} + nodePort: {{ .Values.sqlite_web.service.nodePort | default nil }} + {{- end }} + selector: + app: {{ .Release.Name }}-maibot-sqlite-web + type: {{ .Values.sqlite_web.service.type }} +{{- end }} diff --git a/helm-chart/templates/sqlite-web/statefulset.yaml b/helm-chart/templates/sqlite-web/statefulset.yaml new file mode 100644 index 00000000..9fb0010b --- /dev/null +++ b/helm-chart/templates/sqlite-web/statefulset.yaml @@ -0,0 +1,64 @@ +{{- if .Values.sqlite_web.enabled }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Release.Name }}-maibot-sqlite-web + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-sqlite-web +spec: + serviceName: {{ .Release.Name }}-maibot-sqlite-web + replicas: 1 + selector: + matchLabels: + app: {{ .Release.Name }}-maibot-sqlite-web + template: + metadata: + labels: + app: {{ .Release.Name }}-maibot-sqlite-web + spec: + containers: + - name: sqlite-web + env: + - name: SQLITE_DATABASE + value: /data/MaiMBot/MaiBot.db + image: {{ .Values.sqlite_web.image.repository | default "coleifer/sqlite-web" }}:{{ .Values.sqlite_web.image.tag | default "latest" }} + imagePullPolicy: {{ .Values.sqlite_web.image.pullPolicy }} + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 8080 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 60 + successThreshold: 1 + timeoutSeconds: 10 + ports: + - containerPort: 8080 + name: webui + protocol: TCP + {{- if .Values.sqlite_web.resources }} + resources: + {{ toYaml .Values.sqlite_web.resources | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /data/MaiMBot + name: data + {{- if .Values.sqlite_web.image.pullSecrets }} + imagePullSecrets: + {{ toYaml .Values.sqlite_web.image.pullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.sqlite_web.nodeSelector }} + nodeSelector: + {{ toYaml .Values.sqlite_web.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.sqlite_web.tolerations }} + tolerations: + {{ toYaml .Values.sqlite_web.tolerations | nindent 8 }} + {{- end }} + volumes: + - name: data + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-core +{{- end }} diff --git a/helm-chart/templates/statistics/deployment.yaml b/helm-chart/templates/statistics/deployment.yaml new file mode 100644 index 00000000..c5e951e1 --- /dev/null +++ b/helm-chart/templates/statistics/deployment.yaml @@ -0,0 +1,61 @@ +{{- if .Values.statistics_dashboard.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-maibot-statistics-dashboard + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-statistics-dashboard +spec: + replicas: {{ .Values.statistics_dashboard.replicaCount }} + selector: + matchLabels: + app: {{ .Release.Name }}-maibot-statistics-dashboard + template: + metadata: + labels: + app: {{ .Release.Name }}-maibot-statistics-dashboard + spec: + containers: + - name: nginx + image: {{ .Values.statistics_dashboard.image.repository | default "nginx" }}:{{ .Values.statistics_dashboard.image.tag | default "latest" }} + imagePullPolicy: {{ .Values.statistics_dashboard.image.pullPolicy }} + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 80 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + ports: + - containerPort: 80 + name: dashboard + protocol: TCP + {{- if .Values.statistics_dashboard.resources }} + resources: + {{ toYaml .Values.statistics_dashboard.resources | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /usr/share/nginx/html + name: statistics + readOnly: true + {{- if .Values.statistics_dashboard.image.pullSecrets }} + imagePullSecrets: + {{ toYaml .Values.statistics_dashboard.image.pullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.statistics_dashboard.nodeSelector }} + nodeSelector: + {{ toYaml .Values.statistics_dashboard.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.statistics_dashboard.tolerations }} + tolerations: + {{ toYaml .Values.statistics_dashboard.tolerations | nindent 8 }} + {{- end }} + volumes: + - name: statistics + persistentVolumeClaim: + claimName: {{ .Release.Name }}-maibot-statistics-dashboard +{{- end }} diff --git a/helm-chart/templates/statistics/ingress.yaml b/helm-chart/templates/statistics/ingress.yaml new file mode 100644 index 00000000..70c18353 --- /dev/null +++ b/helm-chart/templates/statistics/ingress.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.statistics_dashboard.enabled .Values.statistics_dashboard.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-maibot-statistics-dashboard + namespace: {{ .Release.Namespace }} + {{- if .Values.statistics_dashboard.ingress.annotations }} + annotations: + {{ toYaml .Values.statistics_dashboard.ingress.annotations | nindent 4 }} + {{- end }} + labels: + app: {{ .Release.Name }}-maibot-statistics-dashboard +spec: + ingressClassName: {{ .Values.statistics_dashboard.ingress.className }} + rules: + - host: {{ .Values.statistics_dashboard.ingress.host }} + http: + paths: + - backend: + service: + name: {{ .Release.Name }}-maibot-statistics-dashboard + port: + number: {{ .Values.statistics_dashboard.service.port }} + path: {{ .Values.statistics_dashboard.ingress.path }} + pathType: {{ .Values.statistics_dashboard.ingress.pathType }} +{{- end }} diff --git a/helm-chart/templates/statistics/pvc.yaml b/helm-chart/templates/statistics/pvc.yaml new file mode 100644 index 00000000..74b698ce --- /dev/null +++ b/helm-chart/templates/statistics/pvc.yaml @@ -0,0 +1,18 @@ +{{- if .Values.statistics_dashboard.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-maibot-statistics-dashboard + namespace: {{ .Release.Namespace }} +spec: + {{- if .Values.statistics_dashboard.persistence.accessModes }} + accessModes: + {{ toYaml .Values.statistics_dashboard.persistence.accessModes | nindent 4 }} + {{- end }} + resources: + requests: + storage: {{ .Values.statistics_dashboard.persistence.size }} + {{- if .Values.statistics_dashboard.persistence.storageClass }} + storageClassName: {{ .Values.statistics_dashboard.persistence.storageClass | default nil }} + {{- end }} +{{- end }} diff --git a/helm-chart/templates/statistics/service.yaml b/helm-chart/templates/statistics/service.yaml new file mode 100644 index 00000000..c1750894 --- /dev/null +++ b/helm-chart/templates/statistics/service.yaml @@ -0,0 +1,21 @@ +{{- if .Values.statistics_dashboard.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-maibot-statistics-dashboard + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }}-maibot-statistics-dashboard +spec: + ports: + - name: dashboard + port: {{ .Values.statistics_dashboard.service.port }} + protocol: TCP + targetPort: 80 + {{- if eq .Values.statistics_dashboard.service.type "NodePort" }} + nodePort: {{ .Values.statistics_dashboard.service.nodePort | default nil }} + {{- end }} + selector: + app: {{ .Release.Name }}-maibot-statistics-dashboard + type: {{ .Values.statistics_dashboard.service.type }} +{{- end }} diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml new file mode 100644 index 00000000..92e84a6e --- /dev/null +++ b/helm-chart/values.yaml @@ -0,0 +1,772 @@ +# 只有同意了EULA和PRIVACY协议才可以部署麦麦 +# 配置以下的选项为true表示你同意了EULA和PRIVACY条款 +# https://github.com/MaiM-with-u/MaiBot/blob/main/EULA.md +# https://github.com/MaiM-with-u/MaiBot/blob/main/PRIVACY.md +EULA_AGREE: false +PRIVACY_AGREE: false + +# 预处理Job的配置 +pre_processor: + image: + repository: # 默认 reg.mikumikumi.xyz/maibot/preprocessor + tag: # 默认 0.12.0 + pullPolicy: IfNotPresent + pullSecrets: [ ] + + nodeSelector: { } + tolerations: [ ] + +# 麦麦Adapter的部署配置 +adapter: + + image: + repository: # 默认 unclas/maimbot-adapter + tag: # 默认 main-20251211074617 + pullPolicy: IfNotPresent + pullSecrets: [ ] + + resources: { } + + nodeSelector: { } + tolerations: [ ] + + # 配置adapter的napcat websocket service + # adapter会启动一个websocket服务端,用于与napcat通信 + # 这里的选项可以帮助你自定义服务端口 + # !!!默认不使用NodePort。如果通过NodePort将服务端口映射到公网可能会被恶意客户端连接,请自行使用中间件鉴权!!! + service: + type: ClusterIP # ClusterIP / NodePort 指定NodePort可以将内网的websocket端口映射到物理节点的端口 + port: 8095 # websocket监听端口ClusterIP的端口 + nodePort: # 仅在设置NodePort类型时有效,不指定则会随机分配端口 + + persistence: + config: # 配置文件的存储卷 + storageClass: + accessModes: + - ReadWriteOnce + size: 10Mi + data: # 数据的存储卷 + storageClass: + accessModes: + - ReadWriteOnce + size: 1Gi + +# 麦麦本体的部署配置 +core: + + image: + repository: # 默认 sengokucola/maibot + tag: # 默认 0.12.0 + pullPolicy: IfNotPresent + pullSecrets: [ ] + + resources: { } + + nodeSelector: { } + tolerations: [ ] + + persistence: + config: # 配置文件的存储卷 + storageClass: + accessModes: + - ReadWriteOnce + size: 10Mi + data: # 数据的存储卷 + storageClass: + accessModes: + - ReadWriteOnce + size: 10Gi + + webui: # WebUI相关配置 + enabled: true # 默认启用 + service: + type: ClusterIP # ClusterIP / NodePort 指定NodePort可以将内网的服务端口映射到物理节点的端口 + port: 8001 # 服务端口 + nodePort: # 仅在设置NodePort类型时有效,不指定则会随机分配端口 + ingress: + enabled: false + className: nginx + annotations: { } + host: maim.example.com # 访问麦麦WebUI的域名 + path: / + pathType: Prefix + + maim_message_api_server: + enabled: false + service: + type: ClusterIP # ClusterIP / NodePort 指定NodePort可以将内网的服务端口映射到物理节点的端口 + port: 8090 # 服务端口 + nodePort: # 仅在设置NodePort类型时有效,不指定则会随机分配端口 + + +# 麦麦的运行统计看板配置 +# 麦麦每隔一段时间会自动输出html格式的运行统计报告,此统计报告可以作为静态网页访问 +# 此功能默认禁用。如果你认为报告可以被公开访问(报告包含联系人/群组名称、模型token花费信息等),则可以启用此功能 +# 如果启用此功能,你也可以考虑使用中间件进行鉴权,保护隐私信息 +statistics_dashboard: + + enabled: false # 是否启用运行统计看板 + + replicaCount: 1 + + image: + repository: # 默认 nginx + tag: # 默认 latest + pullPolicy: IfNotPresent + pullSecrets: [ ] + + resources: { } + + nodeSelector: { } + tolerations: [ ] + + service: + type: ClusterIP # ClusterIP / NodePort 指定NodePort可以将内网的服务端口映射到物理节点的端口 + port: 80 # 服务端口 + nodePort: # 仅在设置NodePort类型时有效,不指定则会随机分配端口 + ingress: + enabled: false + className: nginx + annotations: { } + host: maim-statistics.example.com # 访问运行统计看板的域名 + path: / + pathType: Prefix + + persistence: + storageClass: + # 如果你希望运行统计看板服务与麦麦本体运行在不同的节点(多活部署),那么需要ReadWriteMany访问模式 + # 注意:ReadWriteMany特性需要存储类底层支持 + accessModes: + - ReadWriteOnce + size: 100Mi + +# napcat的部署配置 +# !!!napcat部署完毕后,务必修改默认密码!!! +napcat: + + # 考虑到复用外部napcat实例的情况,napcat部署已被解耦 + # 如果你有外部部署的napcat,则可以修改下面的enabled为false,本次不会重复部署napcat + # 如果没有外部部署的napcat,默认会捆绑部署napcat,不需要修改此项 + enabled: true + + image: + repository: # 默认 mlikiowa/napcat-docker + tag: # 默认 v4.9.91 + pullPolicy: IfNotPresent + pullSecrets: [ ] + + resources: { } + + nodeSelector: { } + tolerations: [ ] + + # napcat进程的权限,默认不是特权用户 + permission: + uid: 1000 + gid: 1000 + + # 配置napcat web面板的service + service: + type: ClusterIP # ClusterIP / NodePort 指定NodePort可以将内网的服务端口映射到物理节点的端口 + port: 6099 # 服务端口 + nodePort: # 仅在设置NodePort类型时有效,不指定则会随机分配端口 + + # 配置napcat web面板的ingress + ingress: + enabled: false # 是否启用 + className: nginx + annotations: { } + host: napcat.example.com # 暴露napcat web面板使用的域名 + path: / + pathType: Prefix + + persistence: + storageClass: + accessModes: + - ReadWriteOnce + size: 5Gi + +# sqlite-web的部署配置 +sqlite_web: + + # 通过sqlite-web可以在网页上操作麦麦的数据库,方便调试。不部署对麦麦的运行无影响 + # 默认不会捆绑部署sqlite-web,如果你需要部署,请修改下面的enabled为true + # !!!sqlite-web服务无鉴权,暴露在公网上十分危险,推荐使用集群ClusterIP内网访问!!! + # !!!如果一定要暴露在公网,请自行使用中间件鉴权!!! + enabled: false + + image: + repository: # 默认 coleifer/sqlite-web + tag: # 默认 latest + pullPolicy: IfNotPresent + pullSecrets: [ ] + + resources: { } + + nodeSelector: { } + tolerations: [ ] + + # 配置sqlite-web面板的service + # !!!默认不使用NodePort。如果使用NodePort暴露到公网,请自行使用中间件鉴权!!! + service: + type: ClusterIP # ClusterIP / NodePort 指定NodePort可以将内网的服务端口映射到物理节点的端口 + port: 8080 # 服务端口 + nodePort: # 仅在设置NodePort类型时有效,不指定则会随机分配端口 + + # 配置sqlite-web面板的ingress + # !!!默认不使用ingress。如果使用ingress暴露到公网,请自行使用中间件鉴权!!! + ingress: + enabled: false # 是否启用 + className: nginx + annotations: { } + host: maim-sqlite.example.com # 暴露websocket使用的域名 + path: / + pathType: Prefix + +# 设置麦麦各部分组件的初始运行配置 +# 考虑到配置文件的操作复杂性增加,k8s的适配复杂度也同步增加,且WebUI可以直接修改配置文件 +# 自0.11.6-beta版本开始,各组件的配置不再存储于k8s的configmap中,而是直接存储于存储卷的实际文件中 +# 从旧版本升级的用户,旧的configmap的配置会自动迁移到新的存储卷的配置文件中 +# 此处的配置只在初次部署时或者指定覆盖时注入到MaiBot中 +config: + + # 指定是否用下面的配置覆盖MaiBot现有的配置文件 + override_adapter_config: false + override_core_bot_config: false + override_core_model_config: false + + # adapter的config.toml + adapter_config: | + [inner] + version = "0.1.2" # 版本号 + # 请勿修改版本号,除非你知道自己在做什么 + + [nickname] # 现在没用 + nickname = "" + + [napcat_server] # Napcat连接的ws服务设置 + token = "" # Napcat设定的访问令牌,若无则留空 + heartbeat_interval = 30 # 与Napcat设置的心跳相同(按秒计) + + [chat] # 黑白名单功能 + group_list_type = "whitelist" # 群组名单类型,可选为:whitelist, blacklist + group_list = [] # 群组名单 + # 当group_list_type为whitelist时,只有群组名单中的群组可以聊天 + # 当group_list_type为blacklist时,群组名单中的任何群组无法聊天 + private_list_type = "whitelist" # 私聊名单类型,可选为:whitelist, blacklist + private_list = [] # 私聊名单 + # 当private_list_type为whitelist时,只有私聊名单中的用户可以聊天 + # 当private_list_type为blacklist时,私聊名单中的任何用户无法聊天 + ban_user_id = [] # 全局禁止名单(全局禁止名单中的用户无法进行任何聊天) + ban_qq_bot = false # 是否屏蔽QQ官方机器人 + enable_poke = true # 是否启用戳一戳功能 + + [voice] # 发送语音设置 + use_tts = false # 是否使用tts语音(请确保你配置了tts并有对应的adapter) + + [debug] + level = "INFO" # 日志等级(DEBUG, INFO, WARNING, ERROR, CRITICAL) + + # core的model_config.toml + core_model_config: | + [inner] + version = "1.9.1" + + # 配置文件版本号迭代规则同bot_config.toml + + [[api_providers]] # API服务提供商(可以配置多个) + name = "DeepSeek" # API服务商名称(可随意命名,在models的api-provider中需使用这个命名) + base_url = "https://api.deepseek.com/v1" # API服务商的BaseURL + api_key = "your-api-key-here" # API密钥(请替换为实际的API密钥) + client_type = "openai" # 请求客户端(可选,默认值为"openai",使用gimini等Google系模型时请配置为"gemini") + max_retry = 2 # 最大重试次数(单个模型API调用失败,最多重试的次数) + timeout = 120 # API请求超时时间(单位:秒) + retry_interval = 10 # 重试间隔时间(单位:秒) + + [[api_providers]] # 阿里 百炼 API服务商配置 + name = "BaiLian" + base_url = "https://dashscope.aliyuncs.com/compatible-mode/v1" + api_key = "your-bailian-key" + client_type = "openai" + max_retry = 2 + timeout = 120 + retry_interval = 5 + + [[api_providers]] # 特殊:Google的Gimini使用特殊API,与OpenAI格式不兼容,需要配置client为"gemini" + name = "Google" + base_url = "https://generativelanguage.googleapis.com/v1beta" + api_key = "your-google-api-key-1" + client_type = "gemini" + max_retry = 2 + timeout = 120 + retry_interval = 10 + + [[api_providers]] # SiliconFlow的API服务商配置 + name = "SiliconFlow" + base_url = "https://api.siliconflow.cn/v1" + api_key = "your-siliconflow-api-key" + client_type = "openai" + max_retry = 3 + timeout = 120 + retry_interval = 5 + + + [[models]] # 模型(可以配置多个) + model_identifier = "deepseek-chat" # 模型标识符(API服务商提供的模型标识符) + name = "deepseek-v3" # 模型名称(可随意命名,在后面中需使用这个命名) + api_provider = "DeepSeek" # API服务商名称(对应在api_providers中配置的服务商名称) + price_in = 2.0 # 输入价格(用于API调用统计,单位:元/ M token)(可选,若无该字段,默认值为0) + price_out = 8.0 # 输出价格(用于API调用统计,单位:元/ M token)(可选,若无该字段,默认值为0) + # force_stream_mode = true # 强制流式输出模式(若模型不支持非流式输出,请取消该注释,启用强制流式输出,若无该字段,默认值为false) + + [[models]] + model_identifier = "deepseek-ai/DeepSeek-V3.2-Exp" + name = "siliconflow-deepseek-v3.2" + api_provider = "SiliconFlow" + price_in = 2.0 + price_out = 3.0 + # temperature = 0.5 # 可选:为该模型单独指定温度,会覆盖任务配置中的温度 + # max_tokens = 4096 # 可选:为该模型单独指定最大token数,会覆盖任务配置中的max_tokens + [models.extra_params] # 可选的额外参数配置 + enable_thinking = false # 不启用思考 + + + [[models]] + model_identifier = "deepseek-ai/DeepSeek-V3.2-Exp" + name = "siliconflow-deepseek-v3.2-think" + api_provider = "SiliconFlow" + price_in = 2.0 + price_out = 3.0 + # temperature = 0.7 # 可选:为该模型单独指定温度,会覆盖任务配置中的温度 + # max_tokens = 4096 # 可选:为该模型单独指定最大token数,会覆盖任务配置中的max_tokens + [models.extra_params] # 可选的额外参数配置 + enable_thinking = true # 启用思考 + + + [[models]] + model_identifier = "Qwen/Qwen3-Next-80B-A3B-Instruct" + name = "qwen3-next-80b" + api_provider = "SiliconFlow" + price_in = 1.0 + price_out = 4.0 + + [[models]] + model_identifier = "zai-org/GLM-4.6" + name = "siliconflow-glm-4.6" + api_provider = "SiliconFlow" + price_in = 3.5 + price_out = 14.0 + [models.extra_params] # 可选的额外参数配置 + enable_thinking = false # 不启用思考 + + [[models]] + model_identifier = "zai-org/GLM-4.6" + name = "siliconflow-glm-4.6-think" + api_provider = "SiliconFlow" + price_in = 3.5 + price_out = 14.0 + [models.extra_params] # 可选的额外参数配置 + enable_thinking = true # 启用思考 + + [[models]] + model_identifier = "deepseek-ai/DeepSeek-R1" + name = "siliconflow-deepseek-r1" + api_provider = "SiliconFlow" + price_in = 4.0 + price_out = 16.0 + + + [[models]] + model_identifier = "Qwen/Qwen3-30B-A3B-Instruct-2507" + name = "qwen3-30b" + api_provider = "SiliconFlow" + price_in = 0.7 + price_out = 2.8 + + [[models]] + model_identifier = "Qwen/Qwen3-VL-30B-A3B-Instruct" + name = "qwen3-vl-30" + api_provider = "SiliconFlow" + price_in = 4.13 + price_out = 4.13 + + [[models]] + model_identifier = "FunAudioLLM/SenseVoiceSmall" + name = "sensevoice-small" + api_provider = "SiliconFlow" + price_in = 0 + price_out = 0 + + [[models]] + model_identifier = "BAAI/bge-m3" + name = "bge-m3" + api_provider = "SiliconFlow" + price_in = 0 + price_out = 0 + + + + [model_task_config.utils] # 在麦麦的一些组件中使用的模型,例如表情包模块,取名模块,关系模块,麦麦的情绪变化等,是麦麦必须的模型 + model_list = ["siliconflow-deepseek-v3.2"] # 使用的模型列表,每个子项对应上面的模型名称(name) + temperature = 0.2 # 模型温度,新V3建议0.1-0.3 + max_tokens = 4096 # 最大输出token数 + slow_threshold = 15.0 # 慢请求阈值(秒),模型等待回复时间超过此值会输出警告日志 + + [model_task_config.utils_small] # 在麦麦的一些组件中使用的小模型,消耗量较大,建议使用速度较快的小模型 + model_list = ["qwen3-30b","qwen3-next-80b"] + temperature = 0.7 + max_tokens = 2048 + slow_threshold = 10.0 + + [model_task_config.tool_use] #工具调用模型,需要使用支持工具调用的模型 + model_list = ["qwen3-30b","qwen3-next-80b"] + temperature = 0.7 + max_tokens = 800 + slow_threshold = 10.0 + + [model_task_config.replyer] # 首要回复模型,还用于表达器和表达方式学习 + model_list = ["siliconflow-deepseek-v3.2","siliconflow-deepseek-v3.2-think","siliconflow-glm-4.6","siliconflow-glm-4.6-think"] + temperature = 0.3 # 模型温度,新V3建议0.1-0.3 + max_tokens = 2048 + slow_threshold = 25.0 + + [model_task_config.planner] #决策:负责决定麦麦该什么时候回复的模型 + model_list = ["siliconflow-deepseek-v3.2"] + temperature = 0.3 + max_tokens = 800 + slow_threshold = 12.0 + + [model_task_config.vlm] # 图像识别模型 + model_list = ["qwen3-vl-30"] + max_tokens = 256 + slow_threshold = 15.0 + + [model_task_config.voice] # 语音识别模型 + model_list = ["sensevoice-small"] + slow_threshold = 12.0 + + # 嵌入模型 + [model_task_config.embedding] + model_list = ["bge-m3"] + slow_threshold = 5.0 + + # ------------LPMM知识库模型------------ + + [model_task_config.lpmm_entity_extract] # 实体提取模型 + model_list = ["siliconflow-deepseek-v3.2"] + temperature = 0.2 + max_tokens = 800 + slow_threshold = 20.0 + + [model_task_config.lpmm_rdf_build] # RDF构建模型 + model_list = ["siliconflow-deepseek-v3.2"] + temperature = 0.2 + max_tokens = 800 + slow_threshold = 20.0 + + [model_task_config.lpmm_qa] # 问答模型 + model_list = ["siliconflow-deepseek-v3.2"] + temperature = 0.7 + max_tokens = 800 + slow_threshold = 20.0 + + # core的bot_config.toml + core_bot_config: | + [inner] + version = "7.2.5" + + #----以下是给开发人员阅读的,如果你只是部署了麦麦,不需要阅读---- + # 如果你想要修改配置文件,请递增version的值 + # 如果新增项目,请阅读src/config/official_configs.py中的说明 + # + # 版本格式:主版本号.次版本号.修订号,版本号递增规则如下: + # 主版本号:MMC版本更新 + # 次版本号:配置文件内容大更新 + # 修订号:配置文件内容小更新 + #----以上是给开发人员阅读的,如果你只是部署了麦麦,不需要阅读---- + + [bot] + platform = "qq" + qq_account = "1145141919810" # 麦麦的QQ账号 + + platforms = ["wx:114514","xx:1919810"] # 麦麦的其他平台账号 + + nickname = "麦麦" # 麦麦的昵称 + alias_names = ["麦叠", "牢麦"] # 麦麦的别名 + + [personality] + # 建议120字以内,描述人格特质 和 身份特征 + personality = "是一个大二在读女大学生,现在正在上网和群友聊天,有时有点攻击性,有时比较温柔" + # アイデンティティがない 生まれないらららら + # 描述麦麦说话的表达风格,表达习惯,如要修改,可以酌情新增内容,建议1-2行 + reply_style = "请不要刻意突出自身学科背景。可以参考贴吧,知乎和微博的回复风格。" + + # 多种回复风格列表,可选配置:当 non-empty 且 multiple_probability>0 时,会按概率随机从中选择一个替换 reply_style + multiple_reply_style = [ + # "你的风格平淡但不失讽刺,很简短,很白话。可以参考贴吧,微博的回复风格。", + # "用1-2个字进行回复", + # "用1-2个符号进行回复", + # "言辭凝練古雅,穿插《論語》經句卻不晦澀,以文言短句為基,輔以淺白語意,持長者溫和風範,全用繁體字表達,具先秦儒者談吐韻致。", + # "带点翻译腔,但不要太长", + ] + + # 替换概率:每次构建回复时,以该概率从 multiple_reply_style 中随机选择一个替换 reply_style(0.0-1.0) + multiple_probability = 0.3 + + # 麦麦的说话规则,行为风格: + plan_style = """ + 1.思考**所有**的可用的action中的**每个动作**是否符合当下条件,如果动作使用条件符合聊天内容就使用 + 2.如果相同的内容已经被执行,请不要重复执行 + 3.你对技术相关话题,游戏和动漫相关话题感兴趣,也对日常话题感兴趣,不喜欢太过沉重严肃的话题 + 4.请控制你的发言频率,不要太过频繁的发言 + 5.如果有人对你感到厌烦,请减少回复 + 6.如果有人在追问你,或者话题没有说完,请你继续回复""" + + # 麦麦识图规则,不建议修改 + visual_style = "请用中文描述这张图片的内容。如果有文字,请把文字描述概括出来,请留意其主题,直观感受,输出为一段平文本,最多30字,请注意不要分点,就输出一段文本" + + # 麦麦私聊的说话规则,行为风格: + private_plan_style = """ + 1.思考**所有**的可用的action中的**每个动作**是否符合当下条件,如果动作使用条件符合聊天内容就使用 + 2.如果相同的内容已经被执行,请不要重复执行 + 3.某句话如果已经被回复过,不要重复回复""" + + # 状态,可以理解为人格多样性,会随机替换人格 + states = [ + "是一个女大学生,喜欢上网聊天,会刷小红书。" , + "是一个大二心理学生,会刷贴吧和中国知网。" , + "是一个赛博网友,最近很想吐槽人。" + ] + + # 替换概率,每次构建人格时替换personality的概率(0.0-1.0) + state_probability = 0.3 + + + + [expression] + # 表达学习配置 + learning_list = [ # 表达学习配置列表,支持按聊天流配置 + ["", "enable", "enable", "enable"], # 全局配置:使用表达,启用学习,启用jargon学习 + ["qq:1919810:group", "enable", "enable", "enable"], # 特定群聊配置:使用表达,启用学习,启用jargon学习 + ["qq:114514:private", "enable", "disable", "disable"], # 特定私聊配置:使用表达,禁用学习,禁用jargon学习 + # 格式说明: + # 第一位: chat_stream_id,空字符串表示全局配置 + # 第二位: 是否使用学到的表达 ("enable"/"disable") + # 第三位: 是否学习表达 ("enable"/"disable") + # 第四位: 是否启用jargon学习 ("enable"/"disable") + ] + + expression_groups = [ + # ["*"], # 全局共享组:所有chat_id共享学习到的表达方式(取消注释以启用全局共享) + ["qq:1919810:private","qq:114514:private","qq:1111111:group"], # 特定互通组,相同组的chat_id会共享学习到的表达方式 + # 格式说明: + # ["*"] - 启用全局共享,所有聊天流共享表达方式 + # ["qq:123456:private","qq:654321:group"] - 特定互通组,组内chat_id共享表达方式 + # 注意:如果为群聊,则需要设置为group,如果设置为私聊,则需要设置为private + ] + + reflect = false # 是否启用表达反思(Bot主动向管理员询问表达方式是否合适) + reflect_operator_id = "" # 表达反思操作员ID,格式:platform:id:type (例如 "qq:123456:private" 或 "qq:654321:group") + allow_reflect = [] # 允许进行表达反思的聊天流ID列表,格式:["qq:123456:private", "qq:654321:group", ...],只有在此列表中的聊天流才会提出问题并跟踪。如果列表为空,则所有聊天流都可以进行表达反思(前提是 reflect = true) + + all_global_jargon = true # 是否开启全局黑话模式,注意,此功能关闭后,已经记录的全局黑话不会改变,需要手动删除 + enable_jargon_explanation = true # 是否在回复前尝试对上下文中的黑话进行解释(关闭可减少一次LLM调用,仅影响回复前的黑话匹配与解释,不影响黑话学习) + jargon_mode = "planner" # 黑话解释来源模式,可选: "context"(使用上下文自动匹配黑话) 或 "planner"(仅使用Planner在reply动作中给出的unknown_words列表) + + + [chat] # 麦麦的聊天设置 + talk_value = 1 # 聊天频率,越小越沉默,范围0-1 + mentioned_bot_reply = true # 是否启用提及必回复 + max_context_size = 30 # 上下文长度 + planner_smooth = 3 # 规划器平滑,增大数值会减小planner负荷,略微降低反应速度,推荐1-5,0为关闭,必须大于等于0 + think_mode = "dynamic" # 思考模式,可选:classic(默认浅度思考和回复)、deep(会进行比较长的,深度回复)、dynamic(动态选择两种模式) + + enable_talk_value_rules = true # 是否启用动态发言频率规则 + + # 动态发言频率规则:按时段/按chat_id调整 talk_value(优先匹配具体chat,再匹配全局) + # 推荐格式(对象数组):{ target="platform:id:type" 或 "", time="HH:MM-HH:MM", value=0.5 } + # 说明: + # - target 为空字符串表示全局;type 为 group/private,例如:"qq:1919810:group" 或 "qq:114514:private"; + # - 支持跨夜区间,例如 "23:00-02:00";数值范围建议 0-1,如果 value 设置为0会自动转换为0.0001以避免除以零错误。 + talk_value_rules = [ + { target = "", time = "00:00-08:59", value = 0.8 }, + { target = "", time = "09:00-22:59", value = 1.0 }, + { target = "qq:1919810:group", time = "20:00-23:59", value = 0.6 }, + { target = "qq:114514:private", time = "00:00-23:59", value = 0.3 }, + ] + + [memory] + max_agent_iterations = 3 # 记忆思考深度(最低为1) + agent_timeout_seconds = 45.0 # 最长回忆时间(秒) + enable_jargon_detection = true # 记忆检索过程中是否启用黑话识别 + global_memory = false # 是否允许记忆检索进行全局查询 + + [dream] + interval_minutes = 60 # 做梦时间间隔(分钟),默认30分钟 + max_iterations = 20 # 做梦最大轮次,默认20轮 + first_delay_seconds = 1800 # 程序启动后首次做梦前的延迟时间(秒),默认60秒 + + # 做梦结果推送目标,格式为 "platform:user_id" + # 例如: "qq:123456" 表示在做梦结束后,将梦境文本额外发送给该QQ私聊用户。 + # 为空字符串时不推送。 + dream_send = "" + + # 做梦时间段配置,格式:["HH:MM-HH:MM", ...] + # 如果列表为空,则表示全天允许做梦。 + # 如果配置了时间段,则只有在这些时间段内才会实际执行做梦流程。 + # 时间段外,调度器仍会按间隔检查,但不会进入做梦流程。 + # 支持跨夜区间,例如 "23:00-02:00" 表示从23:00到次日02:00。 + # 示例: + dream_time_ranges = [ + # "09:00-22:00", # 白天允许做梦 + "23:00-10:00", # 跨夜时间段(23:00到次日10:00) + ] + # dream_time_ranges = [] + + [tool] + enable_tool = true # 是否启用工具 + + + [emoji] + emoji_chance = 0.4 # 麦麦激活表情包动作的概率 + max_reg_num = 100 # 表情包最大注册数量 + do_replace = true # 开启则在达到最大数量时删除(替换)表情包,关闭则达到最大数量时不会继续收集表情包 + check_interval = 10 # 检查表情包(注册,破损,删除)的时间间隔(分钟) + steal_emoji = true # 是否偷取表情包,让麦麦可以将一些表情包据为己有 + content_filtration = false # 是否启用表情包过滤,只有符合该要求的表情包才会被保存 + filtration_prompt = "符合公序良俗" # 表情包过滤要求,只有符合该要求的表情包才会被保存 + + [voice] + enable_asr = false # 是否启用语音识别,启用后麦麦可以识别语音消息,启用该功能需要配置语音识别模型[model_task_config.voice] + + [message_receive] + # 以下是消息过滤,可以根据规则过滤特定消息,将不会读取这些消息 + ban_words = [ + # "403","张三" + ] + + ban_msgs_regex = [ + # 需要过滤的消息(原始消息)匹配的正则表达式,匹配到的消息将被过滤,若不了解正则表达式请勿修改 + # "https?://[^\\s]+", # 匹配https链接 + # "\\d{4}-\\d{2}-\\d{2}", # 匹配日期 + ] + + + [lpmm_knowledge] # lpmm知识库配置 + enable = false # 是否启用lpmm知识库 + lpmm_mode = "agent" + # 可选择classic传统模式/agent 模式,结合新的记忆一同使用 + rag_synonym_search_top_k = 10 # 同义检索TopK + rag_synonym_threshold = 0.8 # 同义阈值,相似度高于该值的关系会被当作同义词 + info_extraction_workers = 3 # 实体抽取同时执行线程数,非Pro模型不要设置超过5 + qa_relation_search_top_k = 10 # 关系检索TopK + qa_relation_threshold = 0.5 # 关系阈值,相似度高于该值的关系会被认为是相关关系 + qa_paragraph_search_top_k = 1000 # 段落检索TopK(不能过小,可能影响搜索结果) + qa_paragraph_node_weight = 0.05 # 段落节点权重(在图搜索&PPR计算中的权重,当搜索仅使用DPR时,此参数不起作用) + qa_ent_filter_top_k = 10 # 实体过滤TopK + qa_ppr_damping = 0.8 # PPR阻尼系数 + qa_res_top_k = 3 # 最终提供段落TopK + embedding_dimension = 1024 # 嵌入向量维度,输出维度一致 + # 性能与降级参数(低配机器可下调) + # 低配机器参考:单/双核或内存≤4GB(如轻量云主机/云函数/开发板),建议先关闭PPR并降低并发 + max_embedding_workers = 3 # 嵌入/抽取并发线程数 + embedding_chunk_size = 4 # 每批嵌入的条数 + max_synonym_entities = 2000 # 同义边参与的实体数上限,超限则跳过 + enable_ppr = true # 是否启用PPR,低配机器可关闭 + + [keyword_reaction] + keyword_rules = [ + { keywords = ["人机", "bot", "机器", "入机", "robot", "机器人", "ai", "AI"], reaction = "有人说你是人机或者机器人,否定这一事实,攻击或反问他。注意,只有认为你是机器人才回复,否则不要否认" }, + { keywords = ["测试关键词回复", "test"], reaction = "回答测试成功" }, + # { keywords = ["你好", "hello"], reaction = "你好,有什么可以帮你?" } + # 在此处添加更多规则,格式同上 + ] + + regex_rules = [ + { regex = ["^(?P\\S{1,20})是这样的$"], reaction = "请按照以下模板造句:[n]是这样的,xx只要xx就可以,可是[n]要考虑的事情就很多了,比如什么时候xx,什么时候xx,什么时候xx。(请自由发挥替换xx部分,只需保持句式结构,同时表达一种将[n]过度重视的反讽意味)" }, + { regex = ["(?:[^,。.\\s]+,\\s*)?我(?:也)?[没沒]要求你\\s*(?P.+?)[.。,,]?$"],reaction = "进行一次“八岐大蛇定型文”补完。暂时忽略回复风格,进入“粉絲吐槽”模式。请严格按照以下“填空模板”,围绕“[action]”进行创作,使其充满滑稽的夸张感和天马行空的联想:我没要求你[action],我不是(与action关联的、宽容的角色)。可是,(与action相关的具体负面行为)是什么意思?你的(与action相关的某种观念)怎么了?你才(与action相关的某个状态或时间点)吧?再这样下去,你(一个中期的、等比级数式的滑稽推演),(一个后期的、等比级数式的滑稽推演),最后就变成(一个与主题相关的、夸张的最终形态)了。作为(与最终形态相关的、克星或权威身份),我可能得(对你执行一个天罚般的行动)。真的。"} + ] + + [response_post_process] + enable_response_post_process = true # 是否启用回复后处理,包括错别字生成器,回复分割器 + + [chinese_typo] + enable = true # 是否启用中文错别字生成器 + error_rate=0.01 # 单字替换概率 + min_freq=9 # 最小字频阈值 + tone_error_rate=0.1 # 声调错误概率 + word_replace_rate=0.006 # 整词替换概率 + + [response_splitter] + enable = true # 是否启用回复分割器 + max_length = 512 # 回复允许的最大长度 + max_sentence_num = 8 # 回复允许的最大句子数 + enable_kaomoji_protection = false # 是否启用颜文字保护 + enable_overflow_return_all = false # 是否在句子数量超出回复允许的最大句子数时一次性返回全部内容 + + [log] + date_style = "m-d H:i:s" # 日期格式 + log_level_style = "lite" # 日志级别样式,可选FULL,compact,lite + color_text = "full" # 日志文本颜色,可选none,title,full + log_level = "INFO" # 全局日志级别(向下兼容,优先级低于下面的分别设置) + console_log_level = "INFO" # 控制台日志级别,可选: DEBUG, INFO, WARNING, ERROR, CRITICAL + file_log_level = "DEBUG" # 文件日志级别,可选: DEBUG, INFO, WARNING, ERROR, CRITICAL + + # 第三方库日志控制 + suppress_libraries = ["faiss","httpx", "urllib3", "asyncio", "websockets", "httpcore", "requests", "peewee", "openai","uvicorn","jieba"] # 完全屏蔽的库 + library_log_levels = { aiohttp = "WARNING"} # 设置特定库的日志级别 + + [debug] + show_prompt = false # 是否显示prompt + show_replyer_prompt = false # 是否显示回复器prompt + show_replyer_reasoning = false # 是否显示回复器推理 + show_jargon_prompt = false # 是否显示jargon相关提示词 + show_memory_prompt = false # 是否显示记忆检索相关提示词 + show_planner_prompt = false # 是否显示planner的prompt和原始返回结果 + show_lpmm_paragraph = false # 是否显示lpmm找到的相关文段日志 + + [maim_message] + auth_token = [] # 认证令牌,用于旧版API验证,为空则不启用验证 + + # 新版API Server配置(额外监听端口) + enable_api_server = false # 是否启用额外的新版API Server + api_server_host = "0.0.0.0" # 新版API Server主机地址 + api_server_port = 8090 # 新版API Server端口号 + api_server_use_wss = false # 新版API Server是否启用WSS + api_server_cert_file = "" # 新版API Server SSL证书文件路径 + api_server_key_file = "" # 新版API Server SSL密钥文件路径 + api_server_allowed_api_keys = [] # 新版API Server允许的API Key列表,为空则允许所有连接 + + [telemetry] #发送统计信息,主要是看全球有多少只麦麦 + enable = true + + [webui] # WebUI 独立服务器配置 + # 注意: WebUI 的监听地址(host)和端口(port)已移至 .env 文件中的 WEBUI_HOST 和 WEBUI_PORT + enabled = true # 是否启用WebUI + mode = "production" # 模式: development(开发) 或 production(生产) + + # 防爬虫配置 + anti_crawler_mode = "basic" # 防爬虫模式: false(禁用) / strict(严格) / loose(宽松) / basic(基础-只记录不阻止) + allowed_ips = "127.0.0.1" # IP白名单(逗号分隔,支持精确IP、CIDR格式和通配符) + # 示例: 127.0.0.1,192.168.1.0/24,172.17.0.0/16 + trusted_proxies = "" # 信任的代理IP列表(逗号分隔),只有来自这些IP的X-Forwarded-For才被信任 + # 示例: 127.0.0.1,192.168.1.1,172.17.0.1 + trust_xff = false # 是否启用X-Forwarded-For代理解析(默认false) + # 启用后,仍要求直连IP在trusted_proxies中才会信任XFF头 + secure_cookie = false # 是否启用安全Cookie(仅通过HTTPS传输,默认false) + + [experimental] #实验性功能 + # 为指定聊天添加额外的prompt配置 + # 格式: ["platform:id:type:prompt内容", ...] + # 示例: + # chat_prompts = [ + # "qq:114514:group:这是一个摄影群,你精通摄影知识", + # "qq:19198:group:这是一个二次元交流群", + # "qq:114514:private:这是你与好朋友的私聊" + # ] + chat_prompts = [] + + + # 此系统暂时移除,无效配置 + [relationship] + enable_relationship = true # 是否启用关系系统