-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
76 lines (63 loc) · 3.13 KB
/
Copy path.env.example
File metadata and controls
76 lines (63 loc) · 3.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# Primary connection string (canonical — used by Prisma at runtime)
DATABASE_URL="postgresql://dispatch:dispatch@localhost:5432/dispatch"
# GitHub integration
GITHUB_TOKEN="your_github_token_here"
GITHUB_REPOSITORIES="myorg/myrepo1,myorg/myrepo2"
# GitHub App authentication (optional — provides separate timeline identity)
#
# When all three vars below are set, Dispatch authenticates as a GitHub App
# installation instead of using the shared GITHUB_TOKEN PAT. This gives clear
# attribution in GitHub issue timelines.
#
# If any of these are missing, Dispatch falls back to GITHUB_TOKEN.
# Partial configuration is silently ignored (falls back to PAT).
#
# Private key supports both real PEM newlines and escaped \n form
# (Kubernetes / ExternalSecrets-style env injection).
#
# GITHUB_APP_ID="123456"
# GITHUB_APP_INSTALLATION_ID="1234567890abcdef"
# GITHUB_APP_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----"
# Agent API authentication
DISPATCH_AGENT_TOKEN="your_agent_token_here"
# Operator / UI authentication (optional)
#
# Auth modes: "basic", "oidc", or "disabled"
#
# "basic" — HTTP Basic Auth (browser prompts for username/password)
# "oidc" — OIDC provider authentication (SSO login page)
# "disabled" — No auth enforcement (local development only)
#
# When DISPATCH_AUTH_MODE is not set, legacy mode is used:
# Bearer token auth via DISPATCH_AGENT_TOKEN for API calls.
# --- Basic Auth mode ---
# DISPATCH_AUTH_MODE="basic"
# DISPATCH_AUTH_USERNAME="admin"
# DISPATCH_AUTH_PASSWORD="change-me-in-production"
# --- OIDC mode ---
# Set DISPATCH_AUTH_MODE="oidc" and configure your OIDC provider:
# DISPATCH_AUTH_MODE="oidc"
# DISPATCH_OIDC_ISSUER="https://your-issuer.example.com"
# DISPATCH_OIDC_CLIENT_ID="your-oidc-client-id"
# DISPATCH_OIDC_CLIENT_SECRET="your-oidc-client-secret"
# NEXTAUTH_SECRET="a-long-random-string-for-session-signing"
# NEXTAUTH_URL="http://your-dispatch-url.example.com"
# Set to "disabled" to allow full open access (no auth enforcement).
# Useful for local development only.
# DISPATCH_AUTH_MODE="disabled"
# Default agent identity for MCP clients (optional but recommended)
# Set this to a stable operator identity such as "jory-opencode".
# Prevents models from inventing poor identities like "Dispatch MCP" when claiming work.
# DISPATCH_AGENT_NAME="jory-opencode"
# Dispatch instance URL (used by outbound clients and MCP bridge)
# DISPATCH_URL="http://localhost:3000"
# Alternative database URL alias — used if DATABASE_URL is not set
# DISPATCH_DATABASE_URL="postgresql://..."
# Closed issue cache retention (days) — closed issues older than this are pruned via POST /api/issues/prune-closed
# DISPATCH_CLOSED_ISSUE_RETENTION_DAYS=30
# Done issue visibility retention (days) — recently closed Done issues appear in Board/Projects/API for this window; old Done issues are hidden by default (default: 7)
# DISPATCH_DONE_RETENTION_DAYS=7
# NextAuth.js secret — required for OIDC mode (JWT signing).
# Generate a secure random string: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
# NEXTAUTH_SECRET="your_nextauth_secret_here"
# NEXTAUTH_URL="http://localhost:3000"