🚀 快速开始

本系统是一套私有化部署的企业知识问答与文档应答工具。管理员把企业资料接入并建立索引后,用户可以在聊天界面用自然语言提问,系统会基于已索引资料回答并标注引用来源。

1登录 /admin,完成品牌、模型、用户等基础配置。
2在「云存储」添加 Google Drive、OneDrive、Dropbox、S3、OSS、COS 或 SFTP,也可以直接使用本地目录。
3在「索引管理」添加目录或网页地址,建立知识索引。
4在「模型配置」配置云端模型或本地 Ollama 模型,并设置默认模型。
5访问首页 / 开始问答;高级用户还可以上传文件做智能应答。

🧭 核心概念

知识库索引

系统会读取文档内容,将文档切成适合检索的片段,生成向量并存入向量库。查询时会先检索相关片段,再交给模型生成回答。

引用来源

回答底部会显示引用来源。用户可以查看文件名、页码或片段内容,用于核对答案依据。

☁️ 云存储与挂载

进入「云存储」页面,选择 provider 并按弹窗说明填写凭据。OAuth 类需要在云服务商开发者后台配置回调地址;AK/SK 类建议创建只读子账号。

  • OAuth:Google Drive、OneDrive、Dropbox。
  • Access Key:AWS S3、阿里云 OSS、腾讯云 COS。
  • 账号密码:SFTP。

添加成功后点击「挂载」,系统会把云存储挂载到 /mnt/<remote名称>。挂载后可设置同步周期和最大索引文件大小。

Google OAuth 如果处于测试模式,refresh token 可能 7 天过期。生产使用建议发布应用,或在云存储页面点击「重新授权」。

📚 建立索引

在「索引管理」添加本地目录、云存储挂载目录或网页地址。图片 OCR 默认关闭,只有确实需要识别图片文字时再勾选。

操作用途
新建索引首次建立知识库,会清空旧索引。
追加索引保留已有索引,加入新目录。
扫描处理新增、修改、删除的文件,适合日常更新。
重建清理指定路径的旧数据并重新索引。

如果索引过程中失败或中断,系统会清理失败批次的数据,避免错误索引影响后续查询。

🗂️ 文档分类、存储与命名建议

合理的目录结构和文件命名可以提升扫描速度、降低重复索引,也能让引用来源更清晰。

推荐目录结构

/mnt/knowledge/
  products/
    drone/
    camera/
  policies/
  training/
  faq/
  archive/

命名建议

  • 文件名包含产品、版本、地区或年份,例如 Matrice_4_Specs_v2026_EN.pdf
  • 同一主题文档放在同一目录,避免一个目录混放大量无关资料。
  • 历史版本放入 archive,不要和最新版混在一起。
  • 扫描版 PDF 尽量替换成文字版 PDF,能显著提高索引速度和答案质量。
  • 大文件可按章节拆分,单个文件建议控制在后台设置的最大索引文件大小以内。
建议为每个挂载路径设置合适的最大索引文件大小,避免把视频、压缩包、超大扫描件误送入索引任务。

🌐 网页索引

网页索引用于把公开网页或内部文档站点纳入知识库。建议限制同域名、控制最大页数,避免爬取过深导致耗时过长。

🤖 模型配置

管理员可以配置 DeepSeek、OpenAI、Gemini、Qwen、Doubao 或本地 Ollama。API Key 由管理员统一维护,用户只选择可用模型。

本地 Ollama 适合对数据外发敏感的场景,但需要服务器具备足够 CPU/GPU 和内存。

💬 聊天问答

  • 直接输入问题即可查询知识库。
  • 回答下方的「引用来源」可展开查看依据。
  • 上传附件时,系统会把附件内容作为当前问题的上下文。
  • 管理员可以从聊天页返回后台,高级和普通用户只看到自己需要的功能。

📋 智能应答

高级用户和管理员可以上传标书、需求表、问卷等文件,让系统提取需求项并逐条生成应答。结果可导出为 Excel。

👥 用户与权限

角色权限
管理员后台管理、索引、模型、用户、云存储、系统配置、聊天和智能应答。
高级聊天、上传附件、智能应答。
普通基础聊天问答。

💬 飞书/Lark 与企业微信接入

系统可以把 IM 应用消息接入到同一套知识库问答流程。用户在飞书/Lark 或企业微信里给机器人发送文字消息,系统会自动创建普通用户、保留对话上下文,并把答案发回 IM。

当前 IM 接入主要支持文字问答。上传文件、智能应答、模型偏好等高级操作仍建议使用网页版。

飞书 / Lark 接入步骤

  1. 进入 Lark Open Platform 或飞书开放平台,创建一个企业自建应用。
  2. 在「凭证与基础信息」中记录 App IDApp Secret。URL 验证本身不强制需要这两个值,但系统要主动回复消息、读取用户信息时需要。
  3. 在「事件订阅」中配置请求地址:https://你的域名/api/lark/webhook
  4. 配置 Verification Token;如果开启 Encrypt Key,也把 Encrypt Key 填到服务器部署配置中。当前代码中 Verification Token 和 Encrypt Key 都是可选的:没填时不会校验 token,也按明文事件处理。
  5. 在「事件订阅」中订阅消息接收事件:im.message.receive_v1
  6. 在「权限管理」中开通并发布以下权限,然后重新发布应用版本。
权限用途
接收用户发送给机器人的消息让系统收到用户问题。
向用户发送消息让系统把答案发回给用户。
读取用户基本信息用于自动创建用户名称。
读取用户邮箱用于把 IM 用户和企业邮箱关联,便于后台识别。

Lark 的 callback 链接是 https://你的域名/api/lark/webhook。首次 URL 验证只需要这个接口能访问;如果要机器人正常回复用户,仍需要把 LARK_APP_IDLARK_APP_SECRET 写到服务器部署配置里,例如 /opt/consultant-linux/.envdocker-compose.yml 的 app 环境变量。修改后重启 app 容器生效。LARK_VERIFY_TOKENLARK_ENCRYPT_KEY 只有在飞书/Lark 侧启用对应校验/加密时才需要填写。

LARK_APP_ID=
LARK_APP_SECRET=
LARK_VERIFY_TOKEN=
LARK_ENCRYPT_KEY=

企业微信接入步骤

  1. 进入企业微信管理后台,打开「应用管理」,创建一个自建应用。
  2. 记录企业 ID CorpID、应用 AgentId 和应用 Secret
  3. 进入该应用的「接收消息」或「API 接收消息」配置。
  4. URL 填:https://你的域名/api/wecom/webhook
  5. 设置 TokenEncodingAESKey,并填入服务器部署配置。
  6. 保存时企业微信会发起 URL 验证,系统会自动解密并返回 echostr。
  7. 确认应用可见范围包含需要使用问答的成员或部门。
权限 / 配置用途
接收消息让系统收到员工发给应用的文字问题。
发送应用消息让系统通过企业微信应用把答案发回用户。
读取通讯录成员基础信息用于获取用户姓名、邮箱并自动创建账号。
应用可见范围控制哪些员工能看到并使用该应用。

这些参数同样写到服务器部署配置里,例如 /opt/consultant-linux/.envdocker-compose.yml 的 app 环境变量。修改后重启 app 容器生效。

WECOM_CORP_ID=
WECOM_AGENT_ID=
WECOM_SECRET=
WECOM_TOKEN=
WECOM_ENCODING_AES_KEY=
IM 用户首次提问时会自动创建为「普通」角色。需要智能应答或更多权限时,管理员可在用户管理中升级为「高级」或「管理员」。

🎨 品牌与通知

在「品牌定制」中可设置工具名称、企业名称、Logo、机器人头像和 favicon。工具名称是用户自定义内容,不会被语言切换自动翻译。

在「系统设置」中可配置 SMTP 邮件和阿里云短信,用于验证码发送。

💾 备份

建议定期备份 PostgreSQL 数据、ChromaDB 数据、rclone 配置、上传资源和 /data/rag_config.json。迁移服务器时先恢复数据,再启动容器。

🚀 Quick Start

This system is a privately deployed enterprise knowledge assistant. After administrators connect documents and build an index, users can ask questions in natural language. Answers are generated from indexed content and include cited sources.

1Open /admin and complete basic setup for branding, models, and users.
2Add Google Drive, OneDrive, Dropbox, S3, OSS, COS, SFTP, or use a local directory.
3Add document folders or website URLs in Index Management and build the knowledge index.
4Configure cloud models or local Ollama models, then set the default model.
5Open / to start chatting. Advanced users can upload files for smart response workflows.

🧭 Concepts

Knowledge Index

The system reads documents, splits them into searchable chunks, embeds them, and stores vectors in ChromaDB. At query time it retrieves relevant chunks before asking the model to answer.

Cited Sources

Answers show cited files, pages, or snippets so users can verify the basis of the response.

☁️ Cloud Storage

Open Cloud Storage, select a provider, and follow the setup guide in the dialog. OAuth providers require a callback URL in the provider developer console. Access Key providers should use a read-only sub-account.

  • OAuth: Google Drive, OneDrive, Dropbox.
  • Access Key: AWS S3, Alibaba Cloud OSS, Tencent Cloud COS.
  • Password: SFTP.

After adding a remote, click Mount. The mount path is /mnt/<remote-name>. You can then configure sync interval and maximum index file size.

If Google OAuth is in testing mode, refresh tokens may expire after 7 days. For production use, publish the app or use Reconnect in Cloud Storage.

📚 Indexing

Add local directories, mounted cloud directories, or website URLs in Index Management. Image OCR is off by default; enable it only when you really need text extraction from images.

ActionUse
Build New IndexFirst build. Clears existing index data.
Append IndexAdds a new directory while keeping current index data.
ScanProcesses added, modified, and deleted files for routine updates.
RebuildCleans old data for one path and indexes it again.

If indexing fails or is interrupted, failed batch data is cleaned up to avoid broken index records affecting queries.

🗂️ Document Organization and Naming

Good folder structure and file naming improves scan speed, reduces duplicate indexing, and makes source citations clearer.

/mnt/knowledge/
  products/
    drone/
    camera/
  policies/
  training/
  faq/
  archive/
  • Include product, version, region, or year in file names, such as Matrice_4_Specs_v2026_EN.pdf.
  • Keep one topic per folder. Avoid mixing unrelated files in one large directory.
  • Put historical versions into archive instead of mixing them with the latest documents.
  • Prefer text-based PDFs over scanned PDFs to improve indexing speed and answer quality.
  • Split very large files by chapter and keep files under the maximum index size configured in Cloud Storage.

🌐 Website Index

Website indexing brings public pages or internal documentation sites into the knowledge base. Keep same-domain crawling enabled and limit maximum pages for predictable runtime.

🤖 Models

Administrators can configure DeepSeek, OpenAI, Gemini, Qwen, Doubao, or local Ollama. API keys are centrally managed by administrators. Users only select from available models.

💬 Chat

  • Ask a question directly to search the knowledge base.
  • Expand Sources under an answer to verify the basis.
  • Uploaded files are used as context for the current question.
  • Administrators can return to the admin console from chat. Advanced and Standard users only see the features they need.

📋 Smart Response

Advanced users and administrators can upload bids, requirement sheets, and questionnaires. The system extracts requirements, answers them item by item, and exports results to Excel.

👥 Users and Roles

RoleAccess
AdminAdmin console, indexing, models, users, cloud storage, system settings, chat, and smart response.
AdvancedChat, file upload, and smart response.
StandardBasic chat Q&A.

💬 Lark and WeCom Integration

The system can connect IM app messages to the same knowledge-base Q&A flow. Users send text messages to the bot in Lark or WeCom, and the system creates a Standard user automatically, keeps conversation context, and replies in the IM app.

The IM integration currently focuses on text Q&A. File upload, smart response, and model preference workflows should still use the web app.

Lark / Feishu Setup

  1. Open Lark Open Platform or Feishu Open Platform and create an internal enterprise app.
  2. In Credentials & Basic Info, record App ID and App Secret. URL verification itself does not require them, but the system needs them to send replies and fetch user information.
  3. In Event Subscription, set the request URL to https://your-domain/api/lark/webhook.
  4. Configure the Verification Token. If Encrypt Key is enabled, also set it in the server deployment configuration. In the current code, Verification Token and Encrypt Key are optional: if empty, token validation is skipped and events are treated as plain JSON.
  5. Subscribe to the message receive event: im.message.receive_v1.
  6. Enable the required permissions, then publish a new app version.
PermissionPurpose
Receive messages sent to the botAllows the system to receive user questions.
Send messages to usersAllows the system to reply with answers.
Read basic user informationUsed to create readable user names automatically.
Read user emailUsed to associate IM users with company email accounts.

The Lark callback URL is https://your-domain/api/lark/webhook. Initial URL verification only needs this endpoint to be reachable. To let the bot reply to users, add LARK_APP_ID and LARK_APP_SECRET to the server deployment configuration, such as /opt/consultant-linux/.env or the app environment section in docker-compose.yml. Restart the app container after changes. LARK_VERIFY_TOKEN and LARK_ENCRYPT_KEY are only needed if the corresponding validation/encryption is enabled in Lark.

LARK_APP_ID=
LARK_APP_SECRET=
LARK_VERIFY_TOKEN=
LARK_ENCRYPT_KEY=

WeCom Setup

  1. Open the WeCom admin console, go to App Management, and create a custom app.
  2. Record CorpID, AgentId, and app Secret.
  3. Open the app's message receiving / API message receiving settings.
  4. Set URL to https://your-domain/api/wecom/webhook.
  5. Set Token and EncodingAESKey, and use the same values in the server deployment configuration.
  6. When saving, WeCom sends a URL verification request. The system decrypts and returns echostr automatically.
  7. Set the app visible scope to the departments or members who should use Q&A.
Permission / SettingPurpose
Receive messagesAllows the system to receive text questions sent to the app.
Send app messagesAllows the system to send answers back through the WeCom app.
Read basic member informationUsed to fetch user name and email and create accounts automatically.
Visible scopeControls which employees can see and use the app.

These settings are also deployment-level settings, not admin UI fields. Add them to /opt/consultant-linux/.env or the app environment section in docker-compose.yml, then restart the app container.

WECOM_CORP_ID=
WECOM_AGENT_ID=
WECOM_SECRET=
WECOM_TOKEN=
WECOM_ENCODING_AES_KEY=
IM users are created as Standard users on first question. Administrators can upgrade them to Advanced or Admin in User Management.

🎨 Branding and Notices

Branding lets you set the tool name, company name, logo, bot avatar, and favicon. The tool name is user-defined content and is not translated by language switching.

System Settings can configure SMTP email and Aliyun SMS for verification codes.

💾 Backup

Back up PostgreSQL data, ChromaDB data, rclone configuration, uploaded assets, and /data/rag_config.json. Restore data before starting containers on a new server.