shelldeck/.env.example at master · spot-techno/shelldeck · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# ShellDeck configuration — copy to a .env / EnvironmentFile and adjust.
# Only DASHBOARD_PASSWORD is strictly required.
#
# To create/update a real private env file without printing secrets:
#   scripts/shelldeck-secret --dir ~/.config/shelldeck DASHBOARD_SECRET --generate
#   scripts/shelldeck-secret --dir ~/.config/shelldeck DASHBOARD_PASSWORD --prompt

# --- Core ---
DASHBOARD_HOST=127.0.0.1
DASHBOARD_PORT=8787
DASHBOARD_USER=admin
DASHBOARD_HOSTNAME=                  # display name override for the local host/container
DASHBOARD_PASSWORD=                 # REQUIRED — primary login password
DASHBOARD_UNLOCK_PASSWORD=change-me # second password that gates shell input/previews
DASHBOARD_SECRET=                   # 32+ random bytes for signing cookies (auto-random if unset)
DASHBOARD_ROOT_DIR=                 # dir containing public/ (defaults to the working directory)

# How the "copy attach command" / shell hints are rendered. {name} = session name.
DASHBOARD_ATTACH_TEMPLATE=tmux attach -t {name}
# Optional per-tenant tmux server name. When set, ShellDeck runs tmux as `tmux -L <name> ...`.
DASHBOARD_TMUX_SOCKET=
# Number of default numbered shell slots (0-12, default 7): tmux sessions 1, 2, 3...
DASHBOARD_DEFAULT_SLOTS=7

# Optional "SSH into this tmux session" command, copied by the per-session SSH button so you
# can attach from another machine. {name} = session name. Empty = button hidden. Copy-only;
# ShellDeck never runs it. Example: DASHBOARD_SSH_ATTACH_TEMPLATE=ssh logan-laptop -t 'tmux attach -t {name}'
DASHBOARD_SSH_ATTACH_TEMPLATE=

# Add Start/Restart buttons for named AI-agent tmux sessions.
# Presets: flow/iflow, gemini, qwen, goose, aider, opencode, codex, grok, claude
DASHBOARD_AGENT_WORKDIR=~           # directory where preset/custom agents start
DASHBOARD_AGENT_PRESETS=            # e.g. flow,gemini,qwen,goose,aider,opencode,cursor

# Extra sessions beyond the presets. Format:
# name|Label|badge|command;name2|Label 2|b2|command2
DASHBOARD_CUSTOM_SESSIONS=
# 1 = also show live tmux sessions that are not configured above (off by default)
DASHBOARD_SHOW_UNKNOWN_SESSIONS=0

# Pause (ms) between pasting input and pressing Enter, so agent TUIs (Claude Code,
# Codex) finish ingesting the paste before submit. Raise if sends get dropped; 0 disables.
DASHBOARD_SUBMIT_DELAY_MS=200

# Quick links shown in the sidebar. Seeds links.json on first run/edit.
# Format: "Label|https://url;Label|https://url"
DASHBOARD_LINKS=
DASHBOARD_LINKS_FILE=

# Sidebar panels + tickers can also be edited from Configure and saved as JSON.
DASHBOARD_PANELS=                   # saas build only: enabled panels, e.g. machine,containers,ci-runs,links,tickers
DASHBOARD_UI_CONFIG_FILE=           # defaults to DASHBOARD_ROOT_DIR/dashboard-config.json
DASHBOARD_SHARE_SHOT_FILE=          # defaults to DASHBOARD_ROOT_DIR/share/shelldeck-safe-shot.png

# Remote host widgets use SSH from the ShellDeck server for ping/containers.
# Format: "id|Label|ssh-target;id2|Label 2|user@host"
# Seeds remote-hosts.json on first run; after that, add/edit/remove hosts from the sidebar
# "Remote Hosts → Edit" button (self-service, no restart). Targets are validated; a leading
# "-" is rejected so a target can't be parsed as an ssh/ping option.
# Example for Falk's Logan workstation:
# DASHBOARD_REMOTE_HOSTS=logan502vs|Logan GL502VS|logan-gl502vs
DASHBOARD_REMOTE_HOSTS=
DASHBOARD_REMOTE_HOSTS_FILE=        # defaults to DASHBOARD_ROOT_DIR/remote-hosts.json
# Max containers listed per remote host (default 100). The widget shows the true total and
# "showing N" when a host reports more, so nothing is silently hidden.
DASHBOARD_REMOTE_CONTAINER_CAP=
# Also gather CPU / RAM / load / temperatures for remote hosts over SSH (one extra /proc read
# per poll, in the same SSH round-trip as the container check). Default ON. Set to 0 to keep
# remote host cards to ping + containers only — e.g. if you'd rather run glances/netdata on the
# remote box, or just don't want machine monitoring. 1/true/yes/on enable; 0/false/no/off disable.
DASHBOARD_REMOTE_METRICS=1

# CI Runs panel: latest GitHub Actions workflow run per repo.
# Format: "owner/repo;owner2/repo2" (max 8). The panel is off by default; enable it from
# Configure after setting repos. Unauthenticated GitHub API calls are limited to 60 req/hr,
# so set DASHBOARD_GH_TOKEN for more than ~1-2 repos or frequent dashboard use.
DASHBOARD_GH_REPOS=
DASHBOARD_GH_TOKEN=                # optional GitHub fine-grained/classic token; env-only, never stored

# Live tickers in the top bar — Finnhub symbols, comma-separated. US stocks (NVDA,AAPL,TSLA) and
# crypto (BTC-USD is auto-mapped to COINBASE:BTC-USD; or use BINANCE:BTCUSDT). Seeds dashboard-config.json.
DASHBOARD_TICKERS=
# Finnhub API key for live quotes (free tier: https://finnhub.io/register). Also accepts
# FINNHUB_TOKEN / finnhub_token. Without it the ticker bar shows a link to get one instead of quotes.
FINNHUB_API_KEY=

# --- Access control (all optional) ---
DASHBOARD_ALLOWED_IPS=              # comma-separated IPs allowed without login
DASHBOARD_BYPASS_LOGIN_IPS=         # IPs that skip the login form (behind a trusted proxy)
DASHBOARD_ALLOW_CLOUDFLARE_LOGIN=0  # 1 = accept any request carrying Cloudflare headers
DASHBOARD_TRUST_CF_ACCESS_EMAIL=0   # 1 = trust Cf-Access-Authenticated-User-Email
DASHBOARD_ALLOWED_EMAILS=           # comma-separated emails allowed via Cloudflare Access
# Browser Origins (host or scheme://host) allowed to open the /api/term WebSocket, beyond the
# dashboard's own Host. This defeats cross-site WebSocket hijacking on the shell socket and is
# DEFAULT CLOSED: a browser Origin that matches neither the Host nor this list is refused.
# IMPORTANT: if a reverse proxy REWRITES the Host header (e.g. cloudflared
# `httpHostHeader: 127.0.0.1`), the browser Origin will never match the Host the app sees, so
# you MUST list your public hostname here or "Shell in" cannot connect. X-Forwarded-Host is
# intentionally NOT trusted (clients can spoof it).
# Example: DASHBOARD_ALLOWED_ORIGINS=code.example.org
DASHBOARD_ALLOWED_ORIGINS=
DASHBOARD_SKIP_LOGIN=0              # 1 = skip ShellDeck's own login password and trust the
                                    #     network gate above. Only enable when an external layer
                                    #     (e.g. Cloudflare Access / Zero Trust) already
                                    #     authenticates who can reach the dashboard. The shell
                                    #     unlock (second) password is unaffected.
DASHBOARD_SKIP_UNLOCK=0             # 1 = also drop the second "shell unlock" password and trust
                                    #     the network gate, so shell input + container actions are
                                    #     available immediately. Single-user setups behind Access +
                                    #     an IP allowlist only — anyone who can reach the dashboard
                                    #     can then drive shells/containers.

# --- Optional: AI "Current Work" summary ---
# Either run a shell command (gets the context on $SHELLDECK_CONTEXT, prints the summary)…
DASHBOARD_SUMMARY_COMMAND=
# …or call an OpenAI- or Anthropic-compatible chat API:
XAI_API_KEY=                        # bearer token; or GROK_API_KEY
XAI_BASE_URL=https://api.x.ai/v1
XAI_API_STYLE=openai                # "openai" (/chat/completions) or "anthropic" (/messages)
XAI_MODEL=grok-4.3
# Optional OAuth token file (e.g. opencode) used if XAI_API_KEY is unset:
XAI_AUTH_FILE=
XAI_CLIENT_ID=

# --- Optional: Mic dictation (server-side speech-to-text) ---
# The browser records audio and POSTs it to /api/transcribe; ShellDeck transcribes it locally
# with whisper.cpp (audio never leaves the host). No model ships by default — Mic stays off
# until a model is present (see the Mic section in the README for the setup steps).
# Auto-detected at share/models/ggml-base.en.bin if present; otherwise set the path here:
DASHBOARD_STT_MODEL=                  # e.g. /home/you/models/ggml-base.en.bin (whisper.cpp .bin)
DASHBOARD_STT_CMD=whisper-cli         # whisper.cpp CLI on PATH (or absolute path)
DASHBOARD_FFMPEG_CMD=ffmpeg           # used to transcode the recording to 16 kHz wav
DASHBOARD_STT_LANG=en                 # spoken language, or "auto"
DASHBOARD_MAX_AUDIO_BYTES=26214400    # reject recordings larger than this (default 25 MB)