tony/WHOOSH
1
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
WHOOSH/.env.example
Claude Code 131868bdca feat: Production readiness improvements for WHOOSH council formation 
Major security, observability, and configuration improvements:

## Security Hardening
- Implemented configurable CORS (no more wildcards)
- Added comprehensive auth middleware for admin endpoints
- Enhanced webhook HMAC validation
- Added input validation and rate limiting
- Security headers and CSP policies

## Configuration Management
- Made N8N webhook URL configurable (WHOOSH_N8N_BASE_URL)
- Replaced all hardcoded endpoints with environment variables
- Added feature flags for LLM vs heuristic composition
- Gitea fetch hardening with EAGER_FILTER and FULL_RESCAN options

## API Completeness
- Implemented GetCouncilComposition function
- Added GET /api/v1/councils/{id} endpoint
- Council artifacts API (POST/GET /api/v1/councils/{id}/artifacts)
- /admin/health/details endpoint with component status
- Database lookup for repository URLs (no hardcoded fallbacks)

## Observability & Performance
- Added OpenTelemetry distributed tracing with goal/pulse correlation
- Performance optimization database indexes
- Comprehensive health monitoring
- Enhanced logging and error handling

## Infrastructure
- Production-ready P2P discovery (replaces mock implementation)
- Removed unused Redis configuration
- Enhanced Docker Swarm integration
- Added migration files for performance indexes

## Code Quality
- Comprehensive input validation
- Graceful error handling and failsafe fallbacks
- Backwards compatibility maintained
- Following security best practices

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-12 20:34:17 +10:00

73 lines
3.2 KiB
Plaintext
Raw Permalink Blame History

# WHOOSH Configuration Example
# Copy to .env and configure for local development
# Database Configuration
WHOOSH_DATABASE_HOST=localhost
WHOOSH_DATABASE_PORT=5432
WHOOSH_DATABASE_DB_NAME=whoosh
WHOOSH_DATABASE_USERNAME=whoosh
WHOOSH_DATABASE_PASSWORD=your_database_password_here
WHOOSH_DATABASE_SSL_MODE=disable
WHOOSH_DATABASE_AUTO_MIGRATE=true
# Server Configuration
WHOOSH_SERVER_LISTEN_ADDR=:8080
WHOOSH_SERVER_READ_TIMEOUT=30s
WHOOSH_SERVER_WRITE_TIMEOUT=30s
WHOOSH_SERVER_SHUTDOWN_TIMEOUT=30s
# Security: Restrict CORS origins to specific domains (comma-separated)
WHOOSH_SERVER_ALLOWED_ORIGINS=https://your-frontend-domain.com,http://localhost:3000
# Or use file for origins: WHOOSH_SERVER_ALLOWED_ORIGINS_FILE=/secrets/allowed_origins
# GITEA Configuration
WHOOSH_GITEA_BASE_URL=http://ironwood:3000
WHOOSH_GITEA_TOKEN=your_gitea_token_here
WHOOSH_GITEA_WEBHOOK_PATH=/webhooks/gitea
WHOOSH_GITEA_WEBHOOK_TOKEN=your_webhook_secret_here
# GITEA Fetch Hardening Options
WHOOSH_GITEA_EAGER_FILTER=true # Pre-filter by labels at API level (default: true)
WHOOSH_GITEA_FULL_RESCAN=false # Ignore since parameter for complete rescan (default: false)
WHOOSH_GITEA_DEBUG_URLS=false # Log exact URLs being used (default: false)
WHOOSH_GITEA_MAX_RETRIES=3 # Maximum retry attempts (default: 3)
WHOOSH_GITEA_RETRY_DELAY=2s # Delay between retries (default: 2s)
# Authentication Configuration
# SECURITY: Use strong secrets (min 32 chars) and store in files for production
WHOOSH_AUTH_JWT_SECRET=your_jwt_secret_here_minimum_32_characters
WHOOSH_AUTH_SERVICE_TOKENS=token1,token2,token3
WHOOSH_AUTH_JWT_EXPIRY=24h
# Production: Use files instead of environment variables
# WHOOSH_AUTH_JWT_SECRET_FILE=/secrets/jwt_secret
# WHOOSH_AUTH_SERVICE_TOKENS_FILE=/secrets/service_tokens
# Logging Configuration
WHOOSH_LOGGING_LEVEL=debug
WHOOSH_LOGGING_ENVIRONMENT=development
# Team Composer Configuration
# Feature flags for experimental LLM-based analysis (default: false for reliability)
WHOOSH_COMPOSER_ENABLE_LLM_CLASSIFICATION=false # Use LLM for task classification
WHOOSH_COMPOSER_ENABLE_LLM_SKILL_ANALYSIS=false # Use LLM for skill analysis
WHOOSH_COMPOSER_ENABLE_LLM_TEAM_MATCHING=false # Use LLM for team matching
# Analysis features
WHOOSH_COMPOSER_ENABLE_COMPLEXITY_ANALYSIS=true # Enable complexity scoring
WHOOSH_COMPOSER_ENABLE_RISK_ASSESSMENT=true # Enable risk level assessment
WHOOSH_COMPOSER_ENABLE_ALTERNATIVE_OPTIONS=false # Generate alternative team options
# Debug and monitoring
WHOOSH_COMPOSER_ENABLE_ANALYSIS_LOGGING=true # Enable detailed analysis logging
WHOOSH_COMPOSER_ENABLE_PERFORMANCE_METRICS=true # Enable performance tracking
WHOOSH_COMPOSER_ENABLE_FAILSAFE_FALLBACK=true # Fallback to heuristics on LLM failure
# LLM model configuration
WHOOSH_COMPOSER_CLASSIFICATION_MODEL=llama3.1:8b # Model for task classification
WHOOSH_COMPOSER_SKILL_ANALYSIS_MODEL=llama3.1:8b # Model for skill analysis
WHOOSH_COMPOSER_MATCHING_MODEL=llama3.1:8b # Model for team matching
# Performance settings
WHOOSH_COMPOSER_ANALYSIS_TIMEOUT_SECS=60 # Analysis timeout in seconds
WHOOSH_COMPOSER_SKILL_MATCH_THRESHOLD=0.6 # Minimum skill match score
Reference in New Issue View Git Blame Copy Permalink