admin / Synapse-Cortex
publicSelf Hosted ITSM Tool with RBAC/Tenanting and MFA
Synapse-Cortex / Synapse-Cortexv2 / .env.example
2978 B · main
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 | POSTGRES_USER=cortex POSTGRES_PASSWORD=change-me POSTGRES_DB=synapse_cortex # Also wraps the credential vault key at rest once created via Admin -> # Vault (see below) - keep this at least as protected as a database # credential. SECRET_KEY=replace-with-a-long-random-value # AI Remediation Module # The credential vault (a Fernet key protecting vaulted host credentials # and the saved Claude API key) is no longer configured via environment # variable - a global_admin creates it exactly once from Admin -> Vault in # the running app. There is no env var equivalent and no rotate/recreate # path anywhere in the app. # # Claude API key for the AI investigator: preferably saved from Admin -> AI # Settings (encrypted with the tenant's vault key) once a vault exists. # ANTHROPIC_API_KEY below is only a fallback for deployments that want to # configure it via environment instead - the UI-saved key takes priority # when both are set. Leave both unset until then - the investigate endpoint # fails with a clear error rather than crashing. ANTHROPIC_API_KEY= # "Execute Live on Client" is available on EVERY deployment and for every # playbook, and always opens a REAL SSH connection to fix the client using the # vaulted credential linked to the ticket. It is gated by an explicit human # confirmation AND a prior simulation of the same run (the Simulate button is # the separate safe rehearsal). Real-SSH tuning: # SSH_AUTO_ADD_HOST_KEYS - true (default) trusts a host's key on first contact # so a new host just connects; false rejects hosts absent from known_hosts. # SSH_CONNECT_TIMEOUT / SSH_COMMAND_TIMEOUT - seconds; bound connect + per-command. SSH_AUTO_ADD_HOST_KEYS=true SSH_CONNECT_TIMEOUT=10 SSH_COMMAND_TIMEOUT=60 # Privilege elevation is AUTO-DETECTED per host: on first contact Cortex checks # `id -u`, then runs commands directly on a root account or via sudo (whole # command in a shell under `sudo -S`, password on stdin, never in the command # text) on a non-root account - so a fleet mixing root and non-root hosts just # works with no per-host config. # SSH_USE_SUDO - true (default) auto-detect (root -> direct, non-root -> # sudo); false to never use sudo (run exactly as given). # SSH_SUDO_PASSWORD - password for sudo. Defaults to the ticket's vaulted # credential secret (the account's own password); set this # only if the sudo password differs from the login one. # SSH_SUDO_SHELL - shell used to run the command under sudo (default bash). # Requires the sudoers entry to allow the command (ideally NOPASSWD or the # account's password) and `requiretty` to be OFF (the modern default). SSH_USE_SUDO=true SSH_SUDO_SHELL=bash # Playbooks may only be set to AUTO_APPROVE (skips the human Approve click) # when this is true, and only by a global_admin. Defaults to false so # out-of-the-box behavior always requires an explicit approval. ALLOW_AUTO_APPROVE=false |