-
Notifications
You must be signed in to change notification settings - Fork 143
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
70ae378
commit c6f98c0
Showing
1 changed file
with
53 additions
and
35 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,51 +1,69 @@ | ||
| # Shared env vars | ||
| # --- Shared env vars --- | ||
| LOG_LEVEL=INFO | ||
| # RabbitMQ | ||
|
|
||
| # --- App and DB env vars --- | ||
| # One of `dev`, `staging`, or `production` | ||
| TRACECAT__APP_ENV=dev | ||
| # Used to encrypt/decrypt sensitive keys in the database | ||
| # Can be generated using `python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"` | ||
| TRACECAT__DB_ENCRYPTION_KEY=your-tracecat-db-fernet-key | ||
| # Used to authenticate with Tracecat services | ||
| # Can be generated using `openssl rand -hex 32` | ||
| TRACECAT__SERVICE_KEY=your-tracecat-service-key | ||
| # Used to generate private webhook URLs | ||
| # Can be generated using `openssl rand -hex 32` | ||
| TRACECAT__SIGNING_SECRET=your-tracecat-signing-secret | ||
| # API Service URL | ||
| TRACECAT__API_URL=http://api:8000 | ||
| # Runner Service URL | ||
| # We recommend using ngrok here, but feel free to use any other service | ||
| # Run `ngrok http --domain=INSERT_STATIC_NGROK_DOMAIN_HERE 8001` to start ngrok and get the forwarding URL | ||
| TRACECAT__RUNNER_URL=https://your-ngrok-runner-url | ||
|
|
||
| # --- RabbitMQ --- | ||
| RABBITMQ_DEFAULT_PASS=guest | ||
| RABBITMQ_DEFAULT_USER=guest | ||
| RABBITMQ_URI=amqp://${RABBITMQ_DEFAULT_USER}:${RABBITMQ_DEFAULT_PASS}@host.docker.internal/ | ||
| # App and DB env vars | ||
| TRACECAT__APP_ENV=dev | ||
| TRACECAT__DB_ENCRYPTION_KEY=your-fernet-key | ||
|
|
||
| # --- Postgres --- | ||
| POSTGRES_USER=postgres | ||
| POSTGRES_PASSWORD=postgres | ||
| TRACECAT__DB_URI=postgresql+psycopg://${POSTGRES_USER}:${POSTGRES_PASSWORD}@host.docker.internal:5432/postgres | ||
| # Used to authenticate with Tracecat services | ||
| TRACECAT__SERVICE_KEY=${ openssl rand -hex 32 } | ||
| # Used to generate private webhook URLs | ||
| TRACECAT__SIGNING_SECRET=${ openssl rand -hex 32 } | ||
| # Service URLs | ||
| TRACECAT__API_URL=http://api:8000 | ||
| TRACECAT__RUNNER_URL=https://your-ngrok-runner-url | ||
|
|
||
| # API env vars | ||
| ## Used for Clerk JWKS endpoint and to verify JWT iss | ||
| CLERK_FRONTEND_API_URL=your-clerk-frontend-api-url | ||
| # --- Shared frontend env vars --- | ||
| # Important: environment variables prefixed with `NEXT_PUBLIC_` are exposed to the browser client | ||
| # You may need to adjust the domain (default `localhost`) based on your setup | ||
| # Containers in the same network can communicate with each other using the service name | ||
| # Or you can use the host.docker.internal to communicate with the host machine | ||
| NODE_ENV=development | ||
| NEXT_PUBLIC_APP_ENV=development | ||
| # The frontend app URL | ||
| NEXT_PUBLIC_APP_URL=http://localhost:3000 | ||
| # Allows the browser to communicate with the backend | ||
| NEXT_PUBLIC_API_URL=http://localhost:8000 | ||
|
|
||
| # --- Authentication + Clerk --- | ||
| # Controls auth for both the API and the frontend server + client | ||
| # Setting this to '1' or 'true' will DISABLE authentication | ||
| # Any other value will ENABLE authentication | ||
| # We recommend disabling auth for local usage | ||
| TRACECAT__DISABLE_AUTH=1 | ||
| # Used for Clerk JWKS endpoint and to verify JWT `iss` | ||
| CLERK_FRONTEND_API_URL=your-clerk-frontend-api-url | ||
| # If using Clerk, the secret key and publishable key are required | ||
| CLERK_SECRET_KEY=your-clerk-secret-key | ||
| NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=your-clerk-publishable-key | ||
| # This must be set to use `auth().redirectToSignIn` API. | ||
| NEXT_PUBLIC_CLERK_SIGN_IN_URL=/sign-in | ||
| NEXT_PUBLIC_CLERK_SIGN_UP_URL=/sign-up | ||
|
|
||
| # Frontend env vars | ||
| NODE_ENV="development" | ||
| # The API URL is set to the host.docker.internal | ||
| # to allow the browser (client side next.js) to communicate with the API | ||
| NEXT_PUBLIC_API_URL="http://localhost:8000" | ||
| NEXT_PUBLIC_APP_ENV="development" | ||
| NEXT_PUBLIC_APP_URL="http://localhost:3000" | ||
| NEXT_PUBLIC_SUPABASE_ANON_KEY= | ||
| NEXT_PUBLIC_SUPABASE_URL="http://host.docker.internal:54321" | ||
| # Tracecat self-hosted only, please ignore if Cloud: | ||
| NEXT_PUBLIC_SELF_HOSTED=true | ||
| # --- Cloud only --- | ||
| # Tracecat Cloud only, please ignore if self-hosted: | ||
| NEXT_PUBLIC_POSTHOG_KEY= | ||
| NEXT_PUBLIC_POSTHOG_INGEST_HOST="https://www.your-domain.com/ingest" | ||
| NEXT_PUBLIC_POSTHOG_HOST="https://app.posthog.com" | ||
| NEXT_PUBLIC_POSTHOG_INGEST_HOST=https://www.your-domain.com/ingest | ||
| NEXT_PUBLIC_POSTHOG_HOST=https://app.posthog.com | ||
| NEXT_PUBLIC_DISABLE_SESSION_RECORDING=true | ||
| # If using Clerk, you need these: | ||
| CLERK_SECRET_KEY=your-clerk-secret-key | ||
| NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=your-clerk-pub-key | ||
| ## NOTE: This must be set to use `auth().redirectToSignIn` API. | ||
| NEXT_PUBLIC_CLERK_SIGN_IN_URL=/sign-in | ||
| NEXT_PUBLIC_CLERK_SIGN_UP_URL=/sign-up | ||
|
|
||
| # Integrations env vars (optional) | ||
| # --- Integrations env vars (optional) --- | ||
| OPENAI_API_KEY=your-openai-api-key | ||
| RESEND_API_KEY=your-resend-api-key |