grant/ten31-database
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
114a94c894d8bb0cdece94cde3b7acb79c1cbff4
ten31-database/.env.example
T
Keysat 2758ac81d3 Add daily-digest Phase A: per-package SMTP send + admin test endpoint (v0.1.0:75) 
Groundwork for the daily activity digest: give the CRM an outbound mail path.
Today nothing leaves the box (Gmail capture + drafts only), so this adds a
dedicated, per-package SMTP account independent of any StartOS system-wide SMTP.

- configureDigestSmtp Start9 action: writes host/port/from/username/password/
  security to /data/secrets/smtp/* (password piped over stdin, never argv/env;
  per-field files, owner-only) — mirrors the setAnthropicApiKey pattern.
- docker_entrypoint.sh reads those at boot and exports SMTP_* (operator env wins).
- backend/smtp_send.py: stdlib smtplib wrapper reading SMTP_* (one code path for
  dev .env and the box); starttls/tls/none modes.
- POST /api/admin/digest/test-email (admin-only): proves the pipe. Recipients are
  restricted to the active-admin set — an arbitrary `to` is rejected, so the
  endpoint is not an open relay; send failures are logged, not echoed (an SMTP
  auth error can carry the credential).
- Tests: test_smtp_send.py (sender), test_smtp_endpoint.py (gating + relay
  restriction + no-leak). 18/18 backend green; s9pk typechecks.

Analysis/summarization for the digest body (Phase B) will run on Spark, never
Claude — the digest is deliberately un-anonymized. Decisions + Phase B plan in
ROADMAP.md.
2026-06-15 18:33:06 -05:00

33 lines
1.3 KiB
Bash
Raw Blame History

# Ten31 agentic system — environment template.
# Copy to .env (gitignored) and fill in. Secret values NEVER go in .env.example.
# ── Claude (frontier reasoning; Agent SDK uses an API key, not claude.ai login) ──
ANTHROPIC_API_KEY=
# ── Spark Control gateway (local model services; reads + dense embeds) ──
# HTTPS with the Start9 self-signed cert -> clients must skip TLS verification.
SPARK_CONTROL_URL=https://<spark-control-host>:<port>
SPARK_CONTROL_VERIFY_TLS=false
# ── Qdrant (direct, for ingest: create collection + upsert points) ──
# Plain HTTP on the trusted LAN, no auth currently.
QDRANT_URL=http://<spark2-host>:6333
# ── X (Twitter) API for Scout/Analyst enrichment (NOT a CRM key) ──
X_API_KEY=
# ── CRM (ingest opens the SQLite file directly, read-only) ──
CRM_DB_PATH=./data/crm.db
CRM_DEV_DB_PATH=./data/crm_dev.db
# ── Daily-digest outbound SMTP (dev override of the per-package mailbox) ──
# On the Start9 box these are set by the "Configure Digest SMTP" action (written
# to /data/secrets/smtp/* and exported by docker_entrypoint.sh). For dev, set them
# here. SMTP_SECURITY is one of: starttls (587) | tls (465) | none.
SMTP_HOST=
SMTP_PORT=587
SMTP_SECURITY=starttls
SMTP_FROM=
SMTP_USERNAME=
SMTP_PASSWORD=
Reference in New Issue View Git Blame Copy Permalink