Environment Variables Reference

Complete reference of all environment variables for Triage Warden.

Required Variables

These must be set for Triage Warden to start.

Database

VariableDescriptionExample
DATABASE_URLPostgreSQL connection stringpostgres://user:pass@localhost:5432/triage_warden

Connection String Format:

postgres://username:password@hostname:port/database?sslmode=require

SSL Modes:

  • disable - No SSL (development only)
  • require - SSL required, no certificate verification
  • verify-ca - Verify server certificate against CA
  • verify-full - Verify server certificate and hostname

Security

VariableDescriptionExample
TW_ENCRYPTION_KEYCredential encryption key (32 bytes, base64)K7gNU3sdo+OL0wNhqoVW...
TW_JWT_SECRETJWT signing secret (min 32 characters)your-very-long-jwt-secret-here
TW_SESSION_SECRETSession encryption secretyour-session-secret-here

Generating Keys:

# Encryption key (32 bytes, base64)
openssl rand -base64 32

# JWT/Session secret (hex)
openssl rand -hex 32

Server Configuration

VariableDescriptionDefault
TW_BIND_ADDRESSServer bind address0.0.0.0:8080
TW_BASE_URLPublic URL for the applicationhttp://localhost:8080
TW_TRUSTED_PROXIESComma-separated trusted proxy IPsNone
TW_MAX_REQUEST_SIZEMaximum request body size10MB
TW_REQUEST_TIMEOUTRequest timeout in seconds30

Example:

TW_BIND_ADDRESS=0.0.0.0:8080
TW_BASE_URL=https://triage.company.com
TW_TRUSTED_PROXIES=10.0.0.0/8,172.16.0.0/12

Database Configuration

VariableDescriptionDefault
DATABASE_URLConnection stringRequired
DATABASE_MAX_CONNECTIONSMaximum pool connections10
DATABASE_MIN_CONNECTIONSMinimum pool connections1
DATABASE_CONNECT_TIMEOUTConnection timeout (seconds)30
DATABASE_IDLE_TIMEOUTIdle connection timeout (seconds)600
DATABASE_MAX_LIFETIMEMax connection lifetime (seconds)1800

High-Traffic Configuration:

DATABASE_MAX_CONNECTIONS=50
DATABASE_MIN_CONNECTIONS=5
DATABASE_IDLE_TIMEOUT=300

Authentication

VariableDescriptionDefault
TW_JWT_SECRETJWT signing secretRequired
TW_JWT_EXPIRYJWT token expiry24h
TW_SESSION_SECRETSession encryption keyRequired
TW_SESSION_EXPIRYSession duration7d
TW_CSRF_ENABLEDEnable CSRF protectiontrue
TW_COOKIE_SECURERequire HTTPS for cookiesfalse
TW_COOKIE_SAME_SITESameSite cookie policylax

Production Settings:

TW_COOKIE_SECURE=true
TW_COOKIE_SAME_SITE=strict
TW_SESSION_EXPIRY=1d

LLM Configuration

Provider Selection

VariableDescriptionDefault
TW_LLM_PROVIDERLLM provideropenai
TW_LLM_MODELModel namegpt-4-turbo
TW_LLM_ENABLEDEnable LLM featurestrue

Valid Providers: openai, anthropic, azure, local

API Keys

VariableDescription
OPENAI_API_KEYOpenAI API key
ANTHROPIC_API_KEYAnthropic API key
AZURE_OPENAI_API_KEYAzure OpenAI API key
AZURE_OPENAI_ENDPOINTAzure OpenAI endpoint URL

Model Parameters

VariableDescriptionDefault
TW_LLM_TEMPERATUREResponse randomness (0.0-2.0)0.2
TW_LLM_MAX_TOKENSMaximum response tokens4096
TW_LLM_TIMEOUTRequest timeout (seconds)60

Example Configuration:

# Using Anthropic
TW_LLM_PROVIDER=anthropic
TW_LLM_MODEL=claude-3-sonnet-20240229
ANTHROPIC_API_KEY=sk-ant-api03-...
TW_LLM_TEMPERATURE=0.1
TW_LLM_MAX_TOKENS=8192

# Using Azure OpenAI
TW_LLM_PROVIDER=azure
AZURE_OPENAI_API_KEY=your-azure-key
AZURE_OPENAI_ENDPOINT=https://your-resource.openai.azure.com
TW_LLM_MODEL=gpt-4-deployment-name

Logging & Observability

VariableDescriptionDefault
RUST_LOGLog level filterinfo
TW_LOG_FORMATLog format (json or pretty)json
TW_LOG_FILELog file path (optional)None

Log Levels

# Basic levels
RUST_LOG=info          # Info and above
RUST_LOG=debug         # Debug and above
RUST_LOG=warn          # Warnings and errors only

# Granular control
RUST_LOG=info,triage_warden=debug                    # Debug for app, info for deps
RUST_LOG=warn,triage_warden::api=debug               # Debug specific module
RUST_LOG=info,sqlx=warn,hyper=warn                   # Quiet noisy dependencies

Metrics & Tracing

VariableDescriptionDefault
TW_METRICS_ENABLEDEnable Prometheus metricstrue
TW_METRICS_PATHMetrics endpoint path/metrics
TW_TRACING_ENABLEDEnable distributed tracingfalse
OTEL_EXPORTER_OTLP_ENDPOINTOpenTelemetry endpointNone
OTEL_SERVICE_NAMEService name for tracestriage-warden

Tracing Setup:

TW_TRACING_ENABLED=true
OTEL_EXPORTER_OTLP_ENDPOINT=http://jaeger:4317
OTEL_SERVICE_NAME=triage-warden-prod

Rate Limiting

VariableDescriptionDefault
TW_RATE_LIMIT_ENABLEDEnable rate limitingtrue
TW_RATE_LIMIT_REQUESTSRequests per window100
TW_RATE_LIMIT_WINDOWRate limit window1m
TW_RATE_LIMIT_BURSTBurst allowance20

Webhooks

VariableDescriptionDefault
TW_WEBHOOK_SECRETDefault webhook signature secretNone
TW_WEBHOOK_SPLUNK_SECRETSplunk-specific secretNone
TW_WEBHOOK_CROWDSTRIKE_SECRETCrowdStrike-specific secretNone
TW_WEBHOOK_DEFENDER_SECRETDefender-specific secretNone
TW_WEBHOOK_SENTINEL_SECRETSentinel-specific secretNone

CORS Configuration

VariableDescriptionDefault
TW_CORS_ENABLEDEnable CORStrue
TW_CORS_ORIGINSAllowed origins (comma-separated)*
TW_CORS_METHODSAllowed methodsGET,POST,PUT,DELETE,OPTIONS
TW_CORS_HEADERSAllowed headers*
TW_CORS_MAX_AGEPreflight cache duration (seconds)86400

Production CORS:

TW_CORS_ORIGINS=https://triage.company.com,https://admin.company.com

Feature Flags

VariableDescriptionDefault
TW_FEATURE_PLAYBOOKSEnable playbook executiontrue
TW_FEATURE_AUTO_ENRICHEnable automatic enrichmenttrue
TW_FEATURE_API_KEYSEnable API key managementtrue

Development Variables

Not recommended for production:

VariableDescriptionDefault
TW_DEV_MODEEnable development modefalse
TW_SEED_DATASeed database with test datafalse
TW_DISABLE_AUTHDisable authenticationfalse

Example Configurations

Development

DATABASE_URL=sqlite:./dev.db
TW_ENCRYPTION_KEY=$(openssl rand -base64 32)
TW_JWT_SECRET=dev-jwt-secret-not-for-production
TW_SESSION_SECRET=dev-session-secret
RUST_LOG=debug
TW_LOG_FORMAT=pretty
TW_DEV_MODE=true

Production

# Database
DATABASE_URL=postgres://tw:[email protected]:5432/triage_warden?sslmode=verify-full
DATABASE_MAX_CONNECTIONS=25

# Security
TW_ENCRYPTION_KEY=your-production-encryption-key
TW_JWT_SECRET=your-production-jwt-secret-minimum-32-chars
TW_SESSION_SECRET=your-production-session-secret
TW_COOKIE_SECURE=true
TW_COOKIE_SAME_SITE=strict

# Server
TW_BASE_URL=https://triage.company.com
TW_TRUSTED_PROXIES=10.0.0.0/8

# LLM
TW_LLM_PROVIDER=anthropic
ANTHROPIC_API_KEY=sk-ant-api03-...
TW_LLM_MODEL=claude-3-sonnet-20240229

# Logging
RUST_LOG=info
TW_LOG_FORMAT=json
TW_METRICS_ENABLED=true

# Rate limiting
TW_RATE_LIMIT_ENABLED=true
TW_RATE_LIMIT_REQUESTS=200
TW_RATE_LIMIT_WINDOW=1m

Kubernetes

apiVersion: v1
kind: Secret
metadata:
  name: triage-warden-secrets
type: Opaque
stringData:
  DATABASE_URL: "postgres://user:pass@postgres:5432/triage_warden"
  TW_ENCRYPTION_KEY: "base64-encoded-32-byte-key"
  TW_JWT_SECRET: "jwt-signing-secret"
  TW_SESSION_SECRET: "session-secret"
  ANTHROPIC_API_KEY: "sk-ant-..."
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: triage-warden-config
data:
  TW_BASE_URL: "https://triage.company.com"
  TW_LLM_PROVIDER: "anthropic"
  TW_LLM_MODEL: "claude-3-sonnet-20240229"
  RUST_LOG: "info"
  TW_METRICS_ENABLED: "true"