docs: audit retention/immutability, admin audit queries, alert sink, CC admin exclusion, identity linking (tmi#453 #400 #398 #395 #399 #383)
docs(config): revamp configuration documentation for the two-category model
Rewrites the configuration docs around the post-#415 model (Bootstrap vs
Operational categories, plus the still-live env > file > db precedence):
- Configuration-Model (new): the concept hub — the two categories, how values
are resolved (categories decide WHERE a value may live; precedence decides
WHICH wins), vault://env://file:// secret references, the secret-vs-bootstrap
orthogonality with Timmy as the worked example, hot vs static, visibility,
the three bootstrap-only config files, required settings.
- Configuring-Local-Development (new): dev setup, config-example -> -development,
TMI_* overrides, the OAuth stub + login_hint, operational settings in dev.
- Bootstrapping-Production (new): the bootstrap-only skeleton, secret wiring +
three-phase resolution, first-run DB seeding, --import-legacy migration,
platform notes (OCI/ADB, Heroku, Kubernetes), worker bootstrap, a checklist.
- Managing-Operational-Settings (new, replaces Configuration-Management):
/admin/settings CRUD + reencrypt, the source field + 409-on-config-controlled,
runtime reconfiguration of Timmy/content sources, dbtool import flags.
- Configuration-Reference (rewritten): generated from the classification
registry via 'make generate-config-docs' — drift-guarded, never hand-edited.
- Configuration-Management and Config-Migration-Guide retired to redirect stubs.
- Sidebar updated; Content-Extractors page cross-linked.
Pairs with the dev/1.4.0 generator (EnvVar field + cmd/genconfigdocs).
docs(timmy): document dev-mode dump_extracted_text_to_note flag (#337)
docs: add query decomposition and reranking config, pipeline diagram
- Configuration-Reference: add query decomposition and cross-encoder
reranking sections with env vars and YAML config
- Timmy-AI-Assistant: update implementation status for #241, add
architecture decision #7, add Mermaid query pipeline diagram
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
docs: add Timmy configuration reference and update implementation status
Add comprehensive Timmy AI assistant configuration section to
Configuration-Reference with all environment variables (LLM, dual
text/code embedding, rate limits, chunking) and YAML example.
Update Timmy-AI-Assistant implementation status to reflect completed
backend: chat API endpoints, LLM integration, vector pipeline, content
providers, and dual-index architecture.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
docs: add trusted proxy and configurable rate limit documentation
Add TMI_TRUSTED_PROXIES and TMI_RATELIMIT_PUBLIC_RPM to Configuration Reference.
Update Tier 1 to configurable=true in API Rate Limiting.
Add Trusted Proxy Configuration section with deployment examples.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
docs: update remaining wiki pages and remove MIGRATION-INSTRUCTIONS
Revise all wiki pages for accuracy, readability, and consistency with
current codebase. Remove MIGRATION-INSTRUCTIONS.md (no longer needed).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
docs: document suppressAboutLink and suppressPrivacyTosLinks settings
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
docs: add SAML configuration section with IDP_METADATA_URL and IDP_METADATA_B64XML
- Add comprehensive SAML configuration section
- Document dynamic provider discovery pattern (SAML_PROVIDERS_{ID}_{FIELD})
- Explain IdP metadata options: URL (preferred) vs base64-encoded XML
- Include shell commands for base64 encoding on Linux/macOS
- Note that URL takes precedence when both are configured
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: sync Configuration-Reference with current code
- Remove legacy env var columns (backward compatibility removed)
- Remove individual database fields (DATABASE_URL only now)
- Fix JWT env var: TMI_JWT_EXPIRES_IN → TMI_JWT_EXPIRATION_SECONDS
- Fix TLS env vars: TMI_TLS_* → TMI_SERVER_TLS_*
- Fix logging env var: TMI_LOG_WEBSOCKET_MSG → TMI_LOG_WEBSOCKET_MESSAGES
- Fix WebSocket env var: add _SECONDS suffix
- Update YAML example to show DATABASE_URL-only config
- Add connection pool settings documentation
- Add administrator configuration section
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: add component-specific debug logging reference
Add comprehensive list of available debug component names for
the debugComponents environment configuration option. Migrated
from tmi-ux docs/developer/setup/core-services.md.
Includes:
- DFD application, infrastructure, and presentation layer components
- Core services, collaboration, and threat modeling components
- Authentication and utility components
- Configuration examples for debugging collaboration issues
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: update environment configuration with verified source code details
Migrate content from tmi-ux docs/developer/setup/environment-configuration.md
with corrections and additions based on source code verification:
- Add missing environment files (dev, local, hosted-container, interface)
- Add debugComponents for component-specific debug logging
- Add operatorJurisdiction field
- Add defaultAuthProvider field
- Add comprehensive securityConfig section with HSTS, CSP, frame options
- Update authTokenExpiryMinutes description
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Complete TMI wiki with comprehensive documentation
Created comprehensive wiki organized by task area and audience:
- Home page with ecosystem overview and role-based navigation
- Getting Started (9 pages): End user guides for threat modeling
- Deployment (7 pages): Operator guides for deploying TMI
- Operation (5 pages): SRE/DevOps guides for running TMI
- Troubleshooting (4 pages): Common issues and debugging
- Development (6 pages): Contributor guides and architecture
- Integrations (4 pages): Issue trackers, webhooks, addons
- Tools (3 pages): API clients, Terraform analyzer, Promtail
- API Reference (4 pages): REST, WebSocket, workflows
- Reference (6 pages): Configuration, schema, specs, glossary, FAQ
Total: 48 pages (~27,000 lines, 1.0 MB)
Documentation migrated from:
- tmi/docs/developer/, tmi/docs/operator/
- tmi/docs/reference/architecture/
- tmi-ux/docs/developer/
- tmi-clients, tmi-tf, tmi-promtail README files
Preserved in tmi repo (used in builds):
- docs/reference/apis/tmi-openapi.json
- docs/reference/apis/tmi-asyncapi.yml
- docs/reference/apis/api-workflows.json
🤖 Generated with Claude Code (https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>