dgf1988/codewhale
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(feishu): carry Lighthouse bridge into v0.8.37

Browse Source 
Add the Feishu/Lark long-connection bridge, Tencent Lighthouse runbooks, CNB mirror guidance, CNB tag release pipeline, and China-friendly update fallback documentation for the v0.8.37 line.
This commit is contained in:
Hunter Bown
2026-05-14 03:56:03 -05:00
committed by GitHub
parent 019d55694a
commit 9483248a9f
32 changed files with 3795 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/tencent-lighthouse/cnb/README.md
+52
View File
@@ -0,0 +1,52 @@
# CNB Deploy Templates
The root `.cnb.yml` is intentionally source-controlled in GitHub because CNB is
a one-way mirror from GitHub. Do not add or edit `.cnb.yml` only on the CNB
side; the next GitHub sync will overwrite it.
The active root `.cnb.yml` does two things:
- runs Feishu bridge and version-drift checks when CNB receives `main`;
- builds Linux x64 release assets from `v*` tags, creates the CNB release, and
uploads `deepseek-linux-x64`, `deepseek-tui-linux-x64`, and
`deepseek-artifacts-sha256.txt`.
The files in this directory are retained as deploy-button templates for Tencent
Lighthouse. Copy only the deploy environment file after the Lighthouse instance
is already working manually:
```bash
mkdir -p .cnb
cp deploy/tencent-lighthouse/cnb/tag_deploy.yml.example .cnb/tag_deploy.yml
```
If you also need to customize `.cnb.yml`, edit the root file in GitHub and let
the one-way mirror carry it to CNB.
## Required CNB Secrets
Configure these as protected CNB environment variables or secrets:
- `LIGHTHOUSE_HOST`: public IP or DNS name of the Lighthouse instance
- `LIGHTHOUSE_SSH_TARGET`: SSH target, for example `ubuntu@203.0.113.10`
- `LIGHTHOUSE_SSH_PRIVATE_KEY`: private deploy key allowed to update the server
- `DEEPSEEK_REPO_BRANCH`: branch or tag to deploy, for example `main`
Optional:
- `DEEPSEEK_REPO_URL`: defaults to the CNB mirror URL
- `LIGHTHOUSE_SSH_PORT`: defaults to `22`
The server side should already have `/opt/whalebro/deepseek-tui`,
`/etc/deepseek/runtime.env`, `/etc/deepseek/feishu-bridge.env`, and the
systemd services from `docs/TENCENT_LIGHTHOUSE_HK.md`.
## Safety Notes
- Do not store Feishu App Secret or DeepSeek API keys in CNB. They belong in
`/etc/deepseek/*.env` on Lighthouse.
- Do not expose `127.0.0.1:7878` through EdgeOne, a security group, or a public
reverse proxy.
- Start with a manual deploy button. Automatic deploy on every `main` push is
convenient later, but it can consume CNB quota and restart the phone bridge
while a turn is active.
deploy/tencent-lighthouse/cnb/cnb.yml.example
+87
View File
@@ -0,0 +1,87 @@
# Historical CNB config template for the Tencent Lighthouse remote-first path.
# The active pipeline now lives in the repository-root .cnb.yml so the GitHub
# -> CNB one-way mirror cannot overwrite CNB-only pipeline edits.
main:
push:
- docker:
image: node:22-bookworm
stages:
- name: feishu bridge tests
script: |
cd integrations/feishu-bridge
npm install
npm run check
npm test
- docker:
image: rust:1.88-bookworm
stages:
- name: release version check
script: |
./scripts/release/check-versions.sh
web_trigger_lighthouse:
- docker:
image: cnbcool/default-build-env:latest
stages:
- name: deploy to lighthouse
script: |
set -euo pipefail
: "${LIGHTHOUSE_HOST:?Set LIGHTHOUSE_HOST in CNB secrets}"
: "${LIGHTHOUSE_SSH_TARGET:?Set LIGHTHOUSE_SSH_TARGET in CNB secrets}"
: "${LIGHTHOUSE_SSH_PRIVATE_KEY:?Set LIGHTHOUSE_SSH_PRIVATE_KEY in CNB secrets}"
if ! command -v ssh >/dev/null 2>&1 || ! command -v ssh-keyscan >/dev/null 2>&1; then
apt-get update
apt-get install -y openssh-client
fi
LIGHTHOUSE_SSH_PORT="${LIGHTHOUSE_SSH_PORT:-22}"
DEEPSEEK_REPO_BRANCH="${DEEPSEEK_REPO_BRANCH:-main}"
DEEPSEEK_REPO_URL="${DEEPSEEK_REPO_URL:-https://cnb.cool/deepseek-tui.com/DeepSeek-TUI.git}"
install -m 700 -d ~/.ssh
printf '%s\n' "$LIGHTHOUSE_SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
ssh-keyscan -p "$LIGHTHOUSE_SSH_PORT" -H "$LIGHTHOUSE_HOST" >> ~/.ssh/known_hosts
ssh -p "$LIGHTHOUSE_SSH_PORT" "$LIGHTHOUSE_SSH_TARGET" \
"DEEPSEEK_REPO_BRANCH='$DEEPSEEK_REPO_BRANCH' DEEPSEEK_REPO_URL='$DEEPSEEK_REPO_URL' bash -s" <<'REMOTE'
set -euo pipefail
if [ ! -d /opt/whalebro/deepseek-tui/.git ]; then
sudo -u deepseek git clone --branch "$DEEPSEEK_REPO_BRANCH" "$DEEPSEEK_REPO_URL" /opt/whalebro/deepseek-tui
fi
cd /opt/whalebro/deepseek-tui
if [ -n "$(sudo -u deepseek git status --porcelain)" ]; then
echo "Refusing to deploy over a dirty /opt/whalebro/deepseek-tui checkout." >&2
sudo -u deepseek git status --short
exit 1
fi
sudo -u deepseek git fetch --all --tags
if sudo -u deepseek git rev-parse --verify --quiet "refs/remotes/origin/$DEEPSEEK_REPO_BRANCH" >/dev/null; then
sudo -u deepseek git checkout -B "$DEEPSEEK_REPO_BRANCH" "origin/$DEEPSEEK_REPO_BRANCH"
elif sudo -u deepseek git rev-parse --verify --quiet "refs/tags/$DEEPSEEK_REPO_BRANCH" >/dev/null; then
sudo -u deepseek git checkout --detach "$DEEPSEEK_REPO_BRANCH"
else
sudo -u deepseek git checkout "$DEEPSEEK_REPO_BRANCH"
sudo -u deepseek git pull --ff-only
fi
sudo -iu deepseek bash -lc '
set -euo pipefail
. "$HOME/.cargo/env"
cd /opt/whalebro/deepseek-tui
cargo install --path crates/cli --locked --force
cargo install --path crates/tui --locked --force
'
sudo bash scripts/tencent-lighthouse/install-services.sh
sudo systemctl restart deepseek-runtime
sudo systemctl restart deepseek-feishu-bridge
sudo bash scripts/tencent-lighthouse/doctor.sh
REMOTE
deploy/tencent-lighthouse/cnb/tag_deploy.yml.example
+16
View File
@@ -0,0 +1,16 @@
# Example CNB deployment environment.
# Copy to .cnb/tag_deploy.yml only after the Lighthouse deploy target is ready.
environments:
- name: lighthouse-hk
description: Deploy DeepSeek TUI to Tencent Lighthouse Hong Kong.
env:
name: lighthouse-hk
button:
- name: Deploy Lighthouse
description: Update /opt/whalebro/deepseek-tui, restart services, and run the Lighthouse doctor.
event: web_trigger_lighthouse
isDefault: true
permissions:
roles:
- master