chore(release): v0.8.53 — Arcee support, telegram bridge, provider fixes

- Fix Rust syntax/clippy fallout in client.rs, cli/src/lib.rs, web_search.rs - Fix 0.8.53 release metadata: changelog links, TUI changelog, npm wrapper - Update visible help copy for multi-provider support - Add telegram-bridge integration with deploy configs - Add US remote VM quickstart doc - Update Tencent Cloud deploy scripts and docs - Bump npm wrapper to 0.8.53
2026-06-03 16:12:38 -07:00
parent f884ceb6af
commit 772ec46c98
30 changed files with 2561 additions and 186 deletions
@@ -30,22 +30,22 @@ Configure these as protected CNB environment variables or secrets:
 - `LIGHTHOUSE_HOST`: public IP or DNS name of the Lighthouse instance
 - `LIGHTHOUSE_SSH_TARGET`: SSH target, for example `ubuntu@203.0.113.10`
 - `LIGHTHOUSE_SSH_PRIVATE_KEY`: private deploy key allowed to update the server
- `DEEPSEEK_REPO_BRANCH`: branch or tag to deploy, for example `main`
+- `CODEWHALE_REPO_BRANCH`: branch or tag to deploy, for example `main`

 Optional:

- `DEEPSEEK_REPO_URL`: defaults to the CNB mirror URL
+- `CODEWHALE_REPO_URL`: defaults to the CNB mirror URL
 - `LIGHTHOUSE_SSH_PORT`: defaults to `22`

 The server side should already have `/opt/whalebro/codewhale`,
-`/etc/deepseek/runtime.env`, `/etc/deepseek/feishu-bridge.env`, and the
+`/etc/codewhale/runtime.env`, `/etc/codewhale/feishu-bridge.env`, and the
 `codewhale-runtime` / `codewhale-feishu-bridge` systemd services from
 `docs/TENCENT_LIGHTHOUSE_HK.md`.

 ## Safety Notes

- Do not store Feishu App Secret or DeepSeek API keys in CNB. They belong in
-  `/etc/deepseek/*.env` on Lighthouse.
+- Do not store Feishu App Secret or provider API keys in CNB. They belong in
+  `/etc/codewhale/*.env` on Lighthouse.
 - Do not expose `127.0.0.1:7878` through EdgeOne, a security group, or a public
  reverse proxy.
 - Start with a manual deploy button. Automatic deploy on every `main` push is
@@ -39,8 +39,8 @@ main:
            fi

            LIGHTHOUSE_SSH_PORT="${LIGHTHOUSE_SSH_PORT:-22}"
-            DEEPSEEK_REPO_BRANCH="${DEEPSEEK_REPO_BRANCH:-main}"
-            DEEPSEEK_REPO_URL="${DEEPSEEK_REPO_URL:-https://cnb.cool/codewhale.net/codewhale.git}"
+            CODEWHALE_REPO_BRANCH="${CODEWHALE_REPO_BRANCH:-main}"
+            CODEWHALE_REPO_URL="${CODEWHALE_REPO_URL:-https://cnb.cool/codewhale.net/codewhale.git}"

            install -m 700 -d ~/.ssh
            printf '%s\n' "$LIGHTHOUSE_SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
@@ -48,11 +48,11 @@ main:
            ssh-keyscan -p "$LIGHTHOUSE_SSH_PORT" -H "$LIGHTHOUSE_HOST" >> ~/.ssh/known_hosts

            ssh -p "$LIGHTHOUSE_SSH_PORT" "$LIGHTHOUSE_SSH_TARGET" \
-              "DEEPSEEK_REPO_BRANCH='$DEEPSEEK_REPO_BRANCH' DEEPSEEK_REPO_URL='$DEEPSEEK_REPO_URL' bash -s" <<'REMOTE'
+              "CODEWHALE_REPO_BRANCH='$CODEWHALE_REPO_BRANCH' CODEWHALE_REPO_URL='$CODEWHALE_REPO_URL' bash -s" <<'REMOTE'
            set -euo pipefail

            if [ ! -d /opt/whalebro/codewhale/.git ]; then
-              sudo -u codewhale git clone --branch "$DEEPSEEK_REPO_BRANCH" "$DEEPSEEK_REPO_URL" /opt/whalebro/codewhale
+              sudo -u codewhale git clone --branch "$CODEWHALE_REPO_BRANCH" "$CODEWHALE_REPO_URL" /opt/whalebro/codewhale
            fi

            cd /opt/whalebro/codewhale
@@ -63,12 +63,12 @@ main:
            fi

            sudo -u codewhale git fetch --all --tags
-            if sudo -u codewhale git rev-parse --verify --quiet "refs/remotes/origin/$DEEPSEEK_REPO_BRANCH" >/dev/null; then
-              sudo -u codewhale git checkout -B "$DEEPSEEK_REPO_BRANCH" "origin/$DEEPSEEK_REPO_BRANCH"
-            elif sudo -u codewhale git rev-parse --verify --quiet "refs/tags/$DEEPSEEK_REPO_BRANCH" >/dev/null; then
-              sudo -u codewhale git checkout --detach "$DEEPSEEK_REPO_BRANCH"
+            if sudo -u codewhale git rev-parse --verify --quiet "refs/remotes/origin/$CODEWHALE_REPO_BRANCH" >/dev/null; then
+              sudo -u codewhale git checkout -B "$CODEWHALE_REPO_BRANCH" "origin/$CODEWHALE_REPO_BRANCH"
+            elif sudo -u codewhale git rev-parse --verify --quiet "refs/tags/$CODEWHALE_REPO_BRANCH" >/dev/null; then
+              sudo -u codewhale git checkout --detach "$CODEWHALE_REPO_BRANCH"
            else
-              sudo -u codewhale git checkout "$DEEPSEEK_REPO_BRANCH"
+              sudo -u codewhale git checkout "$CODEWHALE_REPO_BRANCH"
              sudo -u codewhale git pull --ff-only
            fi

@@ -2,20 +2,20 @@ FEISHU_APP_ID=cli_xxxxxxxxxxxxxxxx
 FEISHU_APP_SECRET=replace-with-app-secret
 FEISHU_DOMAIN=feishu

-DEEPSEEK_RUNTIME_URL=http://127.0.0.1:7878
-DEEPSEEK_RUNTIME_TOKEN=replace-with-same-token-as-runtime-env
-DEEPSEEK_WORKSPACE=/opt/whalebro
-DEEPSEEK_MODEL=auto
-DEEPSEEK_MODE=agent
-DEEPSEEK_ALLOW_SHELL=true
-DEEPSEEK_TRUST_MODE=false
-DEEPSEEK_AUTO_APPROVE=false
-DEEPSEEK_CHAT_ALLOWLIST=
-DEEPSEEK_ALLOW_UNLISTED=false
+CODEWHALE_RUNTIME_URL=http://127.0.0.1:7878
+CODEWHALE_RUNTIME_TOKEN=replace-with-same-token-as-runtime-env
+CODEWHALE_WORKSPACE=/opt/whalebro
+CODEWHALE_MODEL=auto
+CODEWHALE_MODE=agent
+CODEWHALE_ALLOW_SHELL=true
+CODEWHALE_TRUST_MODE=false
+CODEWHALE_AUTO_APPROVE=false
+CODEWHALE_CHAT_ALLOWLIST=
+CODEWHALE_ALLOW_UNLISTED=false

 FEISHU_THREAD_MAP_PATH=/var/lib/codewhale-feishu-bridge/thread-map.json
 FEISHU_ALLOW_GROUPS=false
 FEISHU_REQUIRE_PREFIX_IN_GROUP=true
-FEISHU_GROUP_PREFIX=/ds
+FEISHU_GROUP_PREFIX=/cw
 FEISHU_MAX_REPLY_CHARS=3500
-DEEPSEEK_TURN_TIMEOUT_MS=900000
+CODEWHALE_TURN_TIMEOUT_MS=900000
@@ -1,5 +1,6 @@
-DEEPSEEK_RUNTIME_TOKEN=replace-with-long-random-token
-DEEPSEEK_RUNTIME_PORT=7878
-DEEPSEEK_RUNTIME_WORKERS=2
-DEEPSEEK_API_KEY=replace-with-deepseek-platform-key
+CODEWHALE_RUNTIME_TOKEN=replace-with-long-random-token
+CODEWHALE_RUNTIME_PORT=7878
+CODEWHALE_RUNTIME_WORKERS=2
+CODEWHALE_PROVIDER=deepseek
+DEEPSEEK_API_KEY=replace-with-provider-key
 RUST_LOG=info
@@ -0,0 +1,21 @@
+TELEGRAM_BOT_TOKEN=replace-with-botfather-token
+
+CODEWHALE_RUNTIME_URL=http://127.0.0.1:7878
+CODEWHALE_RUNTIME_TOKEN=replace-with-same-token-as-runtime-env
+CODEWHALE_WORKSPACE=/opt/whalebro
+CODEWHALE_MODEL=auto
+CODEWHALE_MODE=agent
+CODEWHALE_ALLOW_SHELL=true
+CODEWHALE_TRUST_MODE=false
+CODEWHALE_AUTO_APPROVE=false
+
+TELEGRAM_CHAT_ALLOWLIST=
+TELEGRAM_ALLOW_UNLISTED=false
+
+TELEGRAM_THREAD_MAP_PATH=/var/lib/codewhale-telegram-bridge/thread-map.json
+TELEGRAM_ALLOW_GROUPS=false
+TELEGRAM_REQUIRE_PREFIX_IN_GROUP=true
+TELEGRAM_GROUP_PREFIX=/cw
+TELEGRAM_MAX_REPLY_CHARS=3500
+TELEGRAM_POLL_TIMEOUT_SECONDS=50
+CODEWHALE_TURN_TIMEOUT_MS=900000
@@ -8,7 +8,9 @@ Type=simple
 User=codewhale
 Group=codewhale
 WorkingDirectory=/opt/codewhale/bridge
-EnvironmentFile=/etc/deepseek/feishu-bridge.env
+# Legacy /etc/deepseek is loaded first for old installs; /etc/codewhale wins.
+EnvironmentFile=-/etc/deepseek/feishu-bridge.env
+EnvironmentFile=-/etc/codewhale/feishu-bridge.env
 ExecStart=/usr/bin/node /opt/codewhale/bridge/src/index.mjs
 Restart=on-failure
 RestartSec=5
@@ -8,14 +8,16 @@ Type=simple
 User=codewhale
 Group=codewhale
 WorkingDirectory=/opt/whalebro
-EnvironmentFile=/etc/deepseek/runtime.env
-ExecStart=/home/codewhale/.cargo/bin/codewhale serve --http --host 127.0.0.1 --port ${DEEPSEEK_RUNTIME_PORT} --workers ${DEEPSEEK_RUNTIME_WORKERS} --auth-token ${DEEPSEEK_RUNTIME_TOKEN}
+# Legacy /etc/deepseek is loaded first for old installs; /etc/codewhale wins.
+EnvironmentFile=-/etc/deepseek/runtime.env
+EnvironmentFile=-/etc/codewhale/runtime.env
+ExecStart=/bin/sh -lc 'exec /home/codewhale/.cargo/bin/codewhale serve --http --host 127.0.0.1 --port "${CODEWHALE_RUNTIME_PORT:-${DEEPSEEK_RUNTIME_PORT:-7878}}" --workers "${CODEWHALE_RUNTIME_WORKERS:-${DEEPSEEK_RUNTIME_WORKERS:-2}}" --auth-token "${CODEWHALE_RUNTIME_TOKEN:-${DEEPSEEK_RUNTIME_TOKEN}}"'
 Restart=on-failure
 RestartSec=5
 NoNewPrivileges=true
 PrivateTmp=true
 ProtectSystem=full
-ReadWritePaths=/home/codewhale/.deepseek /opt/whalebro
+ReadWritePaths=/home/codewhale/.codewhale /home/codewhale/.deepseek /opt/whalebro

 [Install]
 WantedBy=multi-user.target
@@ -0,0 +1,23 @@
+[Unit]
+Description=CodeWhale Telegram Phone Bridge
+Wants=network-online.target codewhale-runtime.service
+After=network-online.target codewhale-runtime.service
+
+[Service]
+Type=simple
+User=codewhale
+Group=codewhale
+WorkingDirectory=/opt/codewhale/telegram-bridge
+# Legacy /etc/deepseek is loaded first for old installs; /etc/codewhale wins.
+EnvironmentFile=-/etc/deepseek/telegram-bridge.env
+EnvironmentFile=-/etc/codewhale/telegram-bridge.env
+ExecStart=/usr/bin/node /opt/codewhale/telegram-bridge/src/index.mjs
+Restart=on-failure
+RestartSec=5
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=full
+ReadWritePaths=/var/lib/codewhale-telegram-bridge
+
+[Install]
+WantedBy=multi-user.target