alezmad/claudemesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d0fbc64e7edea562626d6f78c26eb050aca772d1
claudemesh/apps/broker/src/env.ts
Alejandro Gutiérrez a7d9ecab15
Some checks failed
CI / Typecheck (push) Has been cancelled
Details
CI / Lint (push) Has been cancelled
Details
CI / Broker tests (Postgres) (push) Has been cancelled
Details
CI / Docker build (linux/amd64) (push) Has been cancelled
Details
feat(broker): add cli-sync, member-api, jwt modules + DB schema updates 
New broker endpoints for CLI auth sync flow (POST /cli-sync),
member profile management, and mesh settings. Includes JWT
verification for dashboard-issued sync tokens. DB schema adds
member profile fields and mesh policy columns.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 01:54:50 +01:00

56 lines
2.3 KiB
TypeScript
Raw Blame History

import { z } from "zod";
/**
* Broker environment config.
*
* Validated at startup with Zod. Fails fast with a useful error if any
* required var is missing or malformed.
*/
const envSchema = z.object({
BROKER_PORT: z.coerce.number().int().positive().default(7900),
DATABASE_URL: z
.string()
.min(1, "DATABASE_URL is required")
.refine(
(u) => /^postgres(ql)?:\/\//.test(u),
"DATABASE_URL must be a postgres:// or postgresql:// connection string",
),
STATUS_TTL_SECONDS: z.coerce.number().int().positive().default(60),
HOOK_FRESH_WINDOW_SECONDS: z.coerce.number().int().positive().default(30),
MAX_CONNECTIONS_PER_MESH: z.coerce.number().int().positive().default(100),
MAX_MESSAGE_BYTES: z.coerce.number().int().positive().default(65_536),
HOOK_RATE_LIMIT_PER_MIN: z.coerce.number().int().positive().default(30),
MINIO_ENDPOINT: z.string().default("minio:9000"),
MINIO_ACCESS_KEY: z.string().default("claudemesh"),
MINIO_SECRET_KEY: z.string().default("changeme"),
MINIO_USE_SSL: z.enum(["true", "false", ""]).transform(v => v === "true").default("false"),
QDRANT_URL: z.string().default("http://qdrant:6333"),
NEO4J_URL: z.string().default("bolt://neo4j:7687"),
NEO4J_USER: z.string().default("neo4j"),
NEO4J_PASSWORD: z.string().default("changeme"),
RUNNER_URL: z.string().default("http://runner:7901"),
CLAUDEMESH_SERVICES_DIR: z.string().default("/var/claudemesh/services"),
BROKER_ENCRYPTION_KEY: z.string().default(""), // 64 hex chars (32 bytes). Auto-generated if empty.
CLI_SYNC_SECRET: z.string().default(""), // HS256 shared secret for dashboard→broker sync JWTs. Required for /cli-sync.
MAX_SERVICES_PER_MESH: z.coerce.number().int().positive().default(20),
MAX_SERVICE_ZIP_BYTES: z.coerce.number().int().positive().default(50 * 1024 * 1024),
NODE_ENV: z
.enum(["development", "production", "test"])
.default("development"),
GIT_SHA: z.string().optional(),
});
export type BrokerEnv = z.infer<typeof envSchema>;
export function loadEnv(): BrokerEnv {
const parsed = envSchema.safeParse(process.env);
if (!parsed.success) {
console.error("[broker] invalid environment:");
console.error(z.treeifyError(parsed.error));
process.exit(1);
}
return parsed.data;
}
export const env = loadEnv();
Reference in New Issue View Git Blame Copy Permalink