forked from SpecterOps/Nemesis
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathenv.example
More file actions
99 lines (75 loc) · 3.49 KB
/
env.example
File metadata and controls
99 lines (75 loc) · 3.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
MINIO_ROOT_PASSWORD="Qwerty12345"
MINIO_ROOT_USER="nemesis"
RABBITMQ_PASSWORD="Qwerty12345"
RABBITMQ_USER="nemesis"
POSTGRES_PASSWORD="Qwerty12345"
POSTGRES_USER="nemesis"
POSTGRES_HOST="postgres"
POSTGRES_PORT=5432
POSTGRES_DB="enrichment"
POSTGRES_PARAMETERS="sslmode=disable"
# You can change the password used by HASURA. If not defined a default password will be used (pass456)
# Example:
# HASURA_ADMIN_SECRET="Qwerty12345"
# NEMESIS_URL is used when building hyperlinks for findings and Apprise alerts.
# If you change the port Nemesis listens on using NEMESIS_PORT (below), ensure this URL's port matches.
# If using a host/domain name, a FQDN (with a top level domain) is recommended.
NEMESIS_URL="https://localhost:7443/"
####################
# Optional Settings
####################
# Setup users using BASIC_AUTH_USERS (default is 'n:n'). Define multiple users by separating them with a comma.
# You can generate hashes for the users using various methods:
# - OpenSSL: printf "myusername:$(openssl passwd -apr1 'asdf')\n"
# - Via the CLI using the "htpasswd" command from the"apache2-utils" package:
# - echo asdf | htpasswd -nmi myusername
# - Online generator: https://htpasswd.utils.com/
#
# Example: Defining the users 'alice' and 'bob':
# BASIC_AUTH_USERS='alice:$apr1$dVGX3WZH$r2b86WcF/F0oSxVivfLMg.,bob:$apr1$ZJIjt2ti$nbXWdeIQfQzKmWSMTsrW9/'
# Change the port Nemesis listens using NEMESIS_PORT (default is 7443).
# - Ensure the NEMESIS_URL value also uses this port.
# Example:
# NEMESIS_PORT=7443
# Configure Apprise alerting using APPRISE_URLS.
# - See Apprise's docs for how to format each provider: https://github.com/caronc/apprise/wiki#notification-services
# - To route user feedback to a specific channel use "?tag=feedback" as shown in the example below.
# Otherwise, only alerts listed.
# - See the Alerting docs for more details: https://specterops.github.io/Nemesis/usage_guide/#alerting
# Example:
# APPRISE_URLS=slack://Nemesis@T...6x/#nemesis-testing,slack://Nemesis@T...k/#nemesis-feedback?tag=feedback
# (Optional) Set Jupyter credentials using JUPYTER_PASSWORD.
# If not defined, a random password will be generated and printed in the jupyter container's logs.
# Example:
# JUPYTER_PASSWORD="Qwerty12345"
# (Optional) Enable Phoenix LLM tracing for Pydantic AI agents.
# Requires starting Nemesis with monitoring profile: ./tools/nemesis-ctl.sh start dev --monitoring
# Phoenix UI will be available at http://localhost:6006
# Example:
# PHOENIX_ENABLED=true
# (Optional) Chatbot database configuration.
# Password for the read-only database user used by the chatbot.
# Example:
# CHATBOT_DB_PASSWORD="chatbot_secure_password"
CHATBOT_DB_PASSWORD="chatbot_pass_change_me"
# (Optional) Maximum number of results returned by chatbot tools
# Helps prevent expensive queries and context window issues.
# Example:
# MCP_MAX_RESULTS=500
MCP_MAX_RESULTS=1000
######################
# (Optional) Enrichment Settings
#
# https://specterops.github.io/Nemesis/enrichment_configuration/
#
######################
# Enable PII Detection
# ENABLE_PII_DETECTION=true
# PII_DETECTION_THRESHOLD=0.7
# Enable OCR text extraction from images/documents
# Note: Enabling OCR significantly increases CPU usage anytime Nemesis processes an image.
# When enabled, the default language is 'eng' for English.
# - See https://github.com/tesseract-ocr/tessdata for a full list of available language packs.
# Example: Multiple languages
# TIKA_USE_OCR=true
# TIKA_OCR_LANGUAGES="eng chi_sim chi_tra jpn rus deu spa"