-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathconfig.example.json
More file actions
115 lines (115 loc) · 3.84 KB
/
config.example.json
File metadata and controls
115 lines (115 loc) · 3.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
{
"workspacePath": "/absolute/path/to/your/project",
"channels": [
{
"type": "console",
"enabled": true
},
{
"type": "whatsapp",
"enabled": false
},
{
"type": "telegram",
"enabled": false,
"options": {
"token": "YOUR_TELEGRAM_BOT_TOKEN_HERE"
}
},
{
"type": "discord",
"enabled": false,
"options": {
"token": "YOUR_DISCORD_BOT_TOKEN_HERE"
}
},
{
"type": "webchat",
"enabled": false,
"options": {
"port": 3000,
"host": "0.0.0.0",
"_password_note": "Optional: set 'password' to enable login-screen auth instead of the default token. Remove this field to use token auth (default).",
"password": "your-secure-webchat-password"
}
}
],
"auth": {
"whitelist": ["+1234567890"],
"prefix": "/ai",
"_defaultRole_note": "Role assigned to whitelisted users when auto-created. Options: owner (full access), admin (manage users), developer (read + write code), viewer (read-only). Defaults to 'owner' so existing setups keep full access.",
"defaultRole": "owner",
"_channelRoles_note": "Per-channel role overrides — takes precedence over defaultRole for the matching channel type. Useful when you want webchat users to have restricted access while WhatsApp remains owner-level.",
"channelRoles": {
"webchat": "developer",
"telegram": "viewer"
}
},
"security": {
"envDenyPatterns": [
"AWS_*",
"GITHUB_*",
"GH_*",
"TOKEN*",
"*_TOKEN",
"SECRET*",
"*_SECRET",
"PASSWORD*",
"*_PASSWORD",
"PRIVATE_*",
"DB_*",
"DATABASE_*",
"SMTP_*",
"OPENAI_*",
"ANTHROPIC_*",
"API*KEY*",
"*_CREDENTIAL",
"REDIS_*",
"MONGO_*",
"MYSQL_*",
"POSTGRES_*"
],
"envAllowPatterns": ["GITHUB_ACTIONS", "GITHUB_WORKSPACE"]
},
"audit": {
"enabled": true
},
"_webchat_auth_note": "WebChat supports three auth modes: (1) Token auth [default] — when no password is set, a 64-char hex token is auto-generated and saved to .openbridge/webchat-token; share the URL with ?token=<VALUE> appended; (2) Password auth — set 'password' in the webchat options above; a login screen replaces the token and sessions last 24 hours; after 5 failed attempts in 15 min the IP is blocked for 30 min; (3) Disabled — set 'enabled: false' in the webchat channel entry to turn off WebChat entirely.",
"_tunnel_note": "Tunnel exposes the local file server to the internet so the Master can send public URLs to mobile users. Auto-detects cloudflared (preferred), ngrok, or localtunnel. Requires the tool to be installed (e.g. `brew install cloudflared`).",
"tunnel": {
"enabled": false,
"provider": "auto",
"_subdomain_note": "Optional: set 'subdomain' to request a specific subdomain (supported by some providers). Remove this field to use a randomly assigned URL.",
"subdomain": "my-openbridge"
},
"_mcp_note": "MCP integration is scaffolded but not yet fully validated. Enable at your own risk.",
"mcp": {
"enabled": false,
"servers": [
{
"name": "filesystem",
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/tmp"]
},
{
"name": "my-service",
"command": "npx",
"args": ["-y", "my-mcp-server"],
"env": {
"MY_SERVICE_API_KEY": "your-api-key-here"
}
},
{
"name": "gmail",
"command": "npx",
"args": ["-y", "@anthropic/mcp-server-gmail"],
"env": {
"GMAIL_OAUTH_CLIENT_ID": "<your-client-id>",
"GMAIL_OAUTH_CLIENT_SECRET": "<your-client-secret>",
"GMAIL_OAUTH_REFRESH_TOKEN": "<your-refresh-token>"
}
}
],
"configPath": "~/.claude/claude_desktop_config.json"
}
}