tksadik92/wrenn-releases
1
0
Fork 0
forked from wrenn/wrenn
Code Pull Requests Activity
Files
26917d432d497fb4a1d4823ef4e3dd05ce788e05
wrenn-releases/.env.example
pptx704 84dd15d22b feat: add notification channels with provider integrations and retry 
Implement a channels system for notifying teams via external providers
(Discord, Slack, Teams, Google Chat, Telegram, Matrix, webhook) when
lifecycle events occur (capsule/template/host state changes).

- Channel CRUD API under /v1/channels (JWT-only auth)
- Test endpoint to verify config before saving (POST /v1/channels/test)
- Secret rotation endpoint (PUT /v1/channels/{id}/config)
- AES-256-GCM encryption for provider secrets (WRENN_ENCRYPTION_KEY)
- Redis stream event publishing from audit logger
- Background dispatcher with consumer group and retry (10s, 30s)
- Webhook delivery with HMAC-SHA256 signing (X-WRENN-SIGNATURE)
- shoutrrr integration for chat providers
- Secrets never exposed in API responses
2026-04-09 17:06:06 +06:00

47 lines
1.2 KiB
Plaintext
Raw Blame History

# Database
DATABASE_URL=postgres://wrenn:wrenn@localhost:5432/wrenn?sslmode=disable
# Redis
REDIS_URL=redis://localhost:6379/0
# Control Plane
WRENN_CP_LISTEN_ADDR=:8080
# Host Agent
WRENN_HOST_LISTEN_ADDR=:50051
WRENN_DIR=/var/lib/wrenn
WRENN_HOST_INTERFACE=eth0
WRENN_CP_URL=http://localhost:8080
# Lago (billing — external service)
LAGO_API_URL=http://localhost:3000
LAGO_API_KEY=
# Object Storage (hibernate snapshots — Hetzner Object Storage, S3-compatible)
S3_BUCKET=wrenn-snapshots
S3_REGION=fsn1
S3_ENDPOINT=https://fsn1.your-objectstorage.com
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
# Auth
JWT_SECRET=
# mTLS — CP→Agent channel
# Generate a self-signed CA with:
# openssl ecparam -genkey -name P-256 -noout -out ca.key
# openssl req -new -x509 -key ca.key -days 3650 -out ca.crt -subj "/CN=wrenn-internal-ca"
# Then set these to the file contents (newlines replaced with \n or use multiline env).
WRENN_CA_CERT=
WRENN_CA_KEY=
# Channels (notification destinations)
# AES-256-GCM key for encrypting channel secrets. Generate with: openssl rand -hex 32
WRENN_ENCRYPTION_KEY=
# OAuth
OAUTH_GITHUB_CLIENT_ID=
OAUTH_GITHUB_CLIENT_SECRET=
OAUTH_REDIRECT_URL=https://app.wrenn.dev
CP_PUBLIC_URL=https://api.wrenn.dev
View Git Blame Copy Permalink