# Disinto — Environment Configuration # Copy to .env and fill in your values. # NEVER commit .env to the repo. # # With SOPS + age installed, `disinto init` encrypts secrets into .env.enc # and removes plaintext .env. To migrate an existing .env: `disinto secrets migrate` # # Variables marked [SECRET] are credentials that grant access if leaked. # Variables marked [CONFIG] are non-sensitive and safe in plaintext. # ── Per-project config ──────────────────────────────────────────────────── # Project-specific settings (FORGE_REPO, PROJECT_REPO_ROOT, PRIMARY_BRANCH, # WOODPECKER_REPO_ID) now live in projects/*.toml — see projects/harb.toml # for an example. Do NOT set them here; they leak into every session. # ── Forge (Forgejo) ───────────────────────────────────────────────────── FORGE_URL=http://localhost:3000 # [CONFIG] local Forgejo instance # ── Auth tokens ─────────────────────────────────────────────────────────── # Each agent has its own Forgejo account and API token (#747). # Per-agent tokens fall back to FORGE_TOKEN if not set. FORGE_TOKEN= # [SECRET] dev-bot API token (default for all agents) FORGE_REVIEW_TOKEN= # [SECRET] review-bot API token FORGE_PLANNER_TOKEN= # [SECRET] planner-bot API token FORGE_GARDENER_TOKEN= # [SECRET] gardener-bot API token FORGE_VAULT_TOKEN= # [SECRET] vault-bot API token FORGE_SUPERVISOR_TOKEN= # [SECRET] supervisor-bot API token FORGE_PREDICTOR_TOKEN= # [SECRET] predictor-bot API token FORGE_BOT_USERNAMES=dev-bot,review-bot,planner-bot,gardener-bot,vault-bot,supervisor-bot,predictor-bot # ── Backwards compatibility ─────────────────────────────────────────────── # If CODEBERG_TOKEN is set but FORGE_TOKEN is not, env.sh falls back to # CODEBERG_TOKEN automatically (same for REVIEW_BOT_TOKEN, CODEBERG_REPO, # CODEBERG_BOT_USERNAMES). No action needed for existing deployments. # Per-agent tokens default to FORGE_TOKEN when unset (single-token setups). # ── Woodpecker CI ───────────────────────────────────────────────────────── WOODPECKER_TOKEN= # [SECRET] Woodpecker API token WOODPECKER_SERVER=http://localhost:8000 # [CONFIG] Woodpecker server URL WOODPECKER_AGENT_SECRET= # [SECRET] shared secret for server↔agent auth (auto-generated) # WOODPECKER_REPO_ID — now per-project, set in projects/*.toml [ci] section # Woodpecker Postgres (for direct DB queries) WOODPECKER_DB_PASSWORD= # [SECRET] Postgres password WOODPECKER_DB_USER=woodpecker # [CONFIG] Postgres user WOODPECKER_DB_HOST=127.0.0.1 # [CONFIG] Postgres host WOODPECKER_DB_NAME=woodpecker # [CONFIG] Postgres database name # ── Vault-only secrets (DO NOT put these in .env) ──────────────────────── # These tokens grant access to external systems (GitHub, ClawHub, deploy targets). # They live ONLY in .env.vault.enc and are injected into the ephemeral runner # container at fire time (#745). lib/env.sh explicitly unsets them so agents # can never hold them directly — all external actions go through vault dispatch. # # GITHUB_TOKEN — GitHub API access (publish, deploy, post) # CLAWHUB_TOKEN — ClawHub registry credentials (publish) # (deploy keys) — SSH keys for deployment targets # # To manage vault secrets: disinto secrets edit-vault # See also: vault/run-action.sh, vault/vault-fire.sh # ── Project-specific secrets ────────────────────────────────────────────── # Store all project secrets here so formulas reference env vars, never hardcode. BASE_RPC_URL= # [SECRET] on-chain RPC endpoint # ── Tuning ──────────────────────────────────────────────────────────────── CLAUDE_TIMEOUT=7200 # [CONFIG] max seconds per Claude invocation # ── Factory safety ──────────────────────────────────────────────────────── # Disables Claude Code auto-updater, telemetry, error reporting, and bug # command. Factory sessions are production processes — they must never phone # home or auto-update mid-session. Added after #725 (crash during red-team run). CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1 # [CONFIG] suppress all non-essential traffic