admin / Syanpse-Vanguard
public
Syanpse-Vanguard / synapse-vanguard-v3 / .env.example
1520 B · main
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | # Copy to .env and fill in. Generate secrets with: openssl rand -hex 32 SV_LOG_LEVEL=INFO # --- Secrets ----------------------------------------------------------------- # 64 hex chars (32 bytes). Encrypts integration/AI secrets at rest (AES-256-GCM). SV_VAULT_KEY=CHANGE_ME_openssl_rand_hex_32 # Signs session JWTs. Any long random string. SV_JWT_SECRET=CHANGE_ME_long_random_string # --- Storage ----------------------------------------------------------------- SV_STORAGE_BACKEND=duckdb # duckdb | clickhouse SV_DUCKDB_PATH=/var/lib/synapse-vanguard/vanguard.duckdb SV_COLD_DIR=/var/lib/synapse-vanguard/cold # SV_CLICKHOUSE_DSN=clickhouse://sv:pass@clickhouse:9000/synapse_vanguard # --- Broker ------------------------------------------------------------------ SV_BROKER=redis # redis | memory (memory = single-process dev) SV_REDIS_URL=redis://redis:6379/0 # --- Agent ingest / mTLS ----------------------------------------------------- # When true, the agent-ingest port requires a CA-signed client certificate. # Turn OFF only for local dev without certs (agents then auth by enrollment token). SV_MTLS_ENABLED=true SV_CERT_DIR=/etc/synapse-vanguard/certs # Short-lived token an admin hands to a new agent for its one-time enrollment. SV_ENROLLMENT_TOKEN=CHANGE_ME_rotate_after_enrollment # --- Bootstrap admin (seeded on first run if the users table is empty) ------- SV_BOOTSTRAP_ADMIN_USER=admin SV_BOOTSTRAP_ADMIN_PASSWORD=CHANGE_ME_admin_password |