-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathEVT.cryptlz.env
More file actions
executable file
·177 lines (156 loc) · 7.02 KB
/
EVT.cryptlz.env
File metadata and controls
executable file
·177 lines (156 loc) · 7.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
# Test Configuration for Cryptlz
CRYPTLZ_WORKSPACE_ROOT="/mnt/cryptlz"
CRYPTLZ_BUILD_DIR="/mnt/Dreamfields/rust-builds"
CRYPTLZ_CACHE_DIR="/mnt/Dreamfields/cache"
DREAMFIELDS_COMPLIANT="true"
DREAMFIELDS_PARTITION="/mnt/Dreamfields"
# Security
JWT_SECRET="TEST_JWT_SECRET_MUST_BE_32_CHARS_LONG_123456"
VAULT_API_BASE_URL="https://192.168.100.1:8443"
TLS_MIN_VERSION="1.3"
TLS_CERT_PATH="certs/vault-ca.crt"
TLS_KEY_PATH="certs/vault-ca.key"
CIPHER_SUITES="TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256"
RSA_BANNED="true"
ED25519_PREFERRED="true"
KYBER768_ENABLED="true"
POST_QUANTUM_READY="true"
# Monitoring
CRYPTLZ_LOG_DIR="/tmp/cryptlz-logs"
METRICS_PORT="9090"
HEALTH_CHECK_INTERVAL="30"
# Child Protection
CHILD_PROTECTION_ENABLED="true"
CHILD_PROTECTION_STRICTNESS="1.0"
CHILD_PROTECTION_LATENCY_TARGET="100"
CHILD_PROTECTION_AVAILABILITY_TARGET="99.9"
PRIVACY_BY_DESIGN="true"
DATA_MINIMIZATION="true"
CONSENT_MANAGEMENT="true"
AUDIT_LOGGING="true"
HIPAA_COMPLIANCE_ENABLED="true"
FERPA_COMPLIANCE_ENABLED="true"
COPPA_COMPLIANCE_ENABLED="true"
GDPR_COMPLIANCE_ENABLED="true"
SOC2_COMPLIANCE_ENABLED="true"
# Infrastructure
API_GATEWAY_PORT="8443"
CMDB_PORT="5000"
DASHBOARD_PORT="8446"
WEBSOCKET_PORT="8888"
HTTP3_ENABLED="true"
HTTP3_CERT_PATH="certs/http3-nuclear.crt"
HTTP3_KEY_PATH="certs/http3-nuclear.key"
HTTP3_PORT="8443"
QUIC_MAX_IDLE_TIMEOUT="30000"
QUIC_INITIAL_MAX_DATA="1048576"
QUIC_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL="1048576"
QUIC_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE="1048576"
QUIC_INITIAL_MAX_STREAM_DATA_UNI="1048576"
QUIC_INITIAL_MAX_STREAMS_BIDI="100"
QUIC_INITIAL_MAX_STREAMS_UNI="100"
# Biometrics
BIOMETRIC_FUSION_MODEL_PATH="models/biometric-fusion.onnx"
BIOMETRIC_CONFIDENCE_THRESHOLD="0.95"
BIOMETRIC_CACHE_TTL="3600"
VOICE_BIOMETRIC_MODEL_PATH="models/voice-biometric.onnx"
MULTIMODAL_WEIGHTS_PATH="models/multimodal-weights.json"
# Production Grounding (Maturity Track)
CRYPTLZ_AUDIT_LOG_KEY="TEST_AUDIT_KEY_32_BYTES_LONG_!!!!!"
CRYPTLZ_IAM_BOSS_TOKEN="BOSS_ADMIN_TOKEN_SECURE_123456"
CRYPTLZ_FIREWALL_SYN_SECRET="0xDEADBEEF"
FIREWALL_SYN_THRESHOLD="100"
FIREWALL_SCAN_THRESHOLD="50"
CRYPTLZ_CUSTODY_PRIVATE_KEY="0000000000000000000000000000000000000000000000000000000000000000"
CRYPTLZ_CUSTODY_PUBLIC_KEY="0000000000000000000000000000000000000000000000000000000000000000"
CRYPTLZ_DASHBOARD_ADMIN_USER="admin"
CRYPTLZ_DASHBOARD_ADMIN_PASS="AdminSecure123!"
CRYPTLZ_DASHBOARD_VIEWER_USER="viewer"
CRYPTLZ_DASHBOARD_VIEWER_PASS="ViewerSecure123!"
STRIPE_API_KEY="sk_test_placeholder"
STRIPE_WEBHOOK_SECRET="whsec_placeholder"
FCM_SERVER_KEY="fcm_placeholder"
APNS_AUTH_KEY="apns_placeholder"
# Compliance Grounding
COPPA_AGE_LIMIT="13"
COPPA_RETENTION_YEARS="7"
CCPA_DISCLOSURE_TTL_DAYS="365"
HOME_BACKUP_SALT="cryptlz-home-backup-salt-v1"
EVIDENCE_SIGNING_KEY="0000000000000000000000000000000000000000000000000000000000000000"
CRYPTO_ALLOW_XOR_FALLBACK="false"
REVOCATION_CHECK_STRATEGY="secure_db"
CRYPTLZ_ROOT_CA_DIR="certs/ca"
# ========================================
# SOVEREIGN PERSISTENCE ARCHITECTURE
# ========================================
export CRYPTLZ_STORAGE_ROOT="/mnt/cryptlz/cryptlz-db"
# Master encryption key — used by encryption.rs fallback chain
# Dev default: "cryptlzdb-development-key-change-in-production"
export CRYPTLZDB_MASTER_KEY="cryptlzdb-development-key-change-in-production"
# Graph key (separate from master key — used for ecosystem & contacts graph DBs)
# Default dev key: "Rk9SVE9TX1NFQ1VSSVRZX0tFWV8zMl9CWVRFU19PTkw=" (decodes to "FORTOS_SECURITY_KEY_32_BYTES_ONL")
export CRYPTLZ_GRAPH_KEY="Rk9SVE9TX1NFQ1VSSVRZX0tFWV8zMl9CWVRFU19PTkw="
# Core Databases (The Absolute Truth)
export CRYPTLZ_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/data/cryptlz.db"
export GRAPH_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/data/ecosystem_graph.db"
export SECUREDB_PATH="${CRYPTLZ_STORAGE_ROOT}/data/ecosystem_graph.db"
export TIMEMACHINE_DB_URL="sqlite://${CRYPTLZ_STORAGE_ROOT}/data/timemachine.db"
export STORIES_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/data/stories.db"
export TLS_FINGERPRINT_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/data/cryptlz.db"
# Pillar-Specific Storage (Isolated)
export GATEWAY_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/gateway/gateway.db"
export GATEWAY_THREAT_DB="${CRYPTLZ_STORAGE_ROOT}/gateway/threat_intel.db"
export GATEWAY_SANDBOX_DB="${CRYPTLZ_STORAGE_ROOT}/gateway/app_sandbox.db"
export GATEWAY_ULTIMATE_FIREWALL="${CRYPTLZ_STORAGE_ROOT}/gateway/ultimate-firewall.db"
export CRYPTLZ_FIREWALL_SHARED_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/gateway/firewall-shared.db"
export SECURITY_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/security/security.db"
export SECURITY_FIREWALL_DB="${CRYPTLZ_STORAGE_ROOT}/security/firewall.db"
export SECURITY_SANDBOX_DB="${CRYPTLZ_STORAGE_ROOT}/security/app_sandbox/app_sandbox.db"
export SECURITY_TRIPWIRE_DB="${CRYPTLZ_STORAGE_ROOT}/security/stranger_tripwire/contacts_graph.db"
export INTEL_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/intelligence/intelligence.db"
export INTEL_GROOMING_DB="${CRYPTLZ_STORAGE_ROOT}/intelligence/grooming_detection/grooming_detections.db"
export INTEL_CSAM_DB="${CRYPTLZ_STORAGE_ROOT}/intelligence/threat_intel.db"
export OBS_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/observability/observability.db"
export OBS_ANALYTICS_DB="${CRYPTLZ_STORAGE_ROOT}/observability/graph.db"
export PLATFORM_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/platform/platform.db"
export PLATFORM_DESKTOP_DB="${CRYPTLZ_STORAGE_ROOT}/platform/desktop/"
export PLATFORM_WALLET_DB="${CRYPTLZ_STORAGE_ROOT}/platform/wallet/"
export VERTICALS_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/verticals/verticals.db"
export VERTICALS_MANAGER_DB="${CRYPTLZ_STORAGE_ROOT}/verticals/ultimate-firewall.db"
# Tools & Services
export HIERO_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/tools/hieroglyph/hieroglyph.db"
export TASKS_YOKE_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/tools/tasks-yoke/tasks.db"
export TRINITY_DB_PATH="${CRYPTLZ_STORAGE_ROOT}/tools/trinity/trinity.db"
export PM_DATABASE_PATH="${CRYPTLZ_STORAGE_ROOT}/tools/pm/pm.db"
# Logging & Auditing
export AUDIT_LOG_PATH="${CRYPTLZ_STORAGE_ROOT}/pillars/observability/logs/audit.log"
# ========================================
# Avatar
AVATAR_UPDATE_INTERVAL="1"
AVATAR_RENDERER_URL="https://192.168.100.1:3000"
AVATAR_WEBSOCKET_URL="wss://192.168.100.1:8888/avatars"
DASHBOARD_BIND_IP="192.168.100.1"
DASHBOARD_CORE_PORT="8446"
export CRYPTLZ_VLAN_100_IP="192.168.100.1"
export CRYPTLZ_VLAN_10_IP="192.168.10.1"
export CRYPTLZ_VLAN_20_IP="192.168.20.1"
export CRYPTLZ_VLAN_30_IP="192.168.30.1"
export CRYPTLZ_VLAN_40_IP="192.168.40.1"
export CRYPTLZ_VLAN_50_IP="192.168.50.1"
export CRYPTLZ_VLAN_60_IP="192.168.60.1"
export CRYPTLZ_VLAN_70_IP="192.168.70.1"
export CRYPTLZ_VLAN_80_IP="192.168.80.1"
export CRYPTLZ_VLAN_90_IP="192.168.90.1"
export CRYPTLZ_VLAN_200_IP="192.168.200.1"
export ANYCAST_PRIMARY_IP="100.64.0.1"
export ANYCAST_SECONDARY_IP="100.64.0.2"
export ANYCAST_LOOPBACK_IP="10.0.100.1"
export CRYPTLZ_GATEWAY_HOST="192.168.100.1"
export GATEWAY_IP="192.168.100.1"
export DASHBOARD_CORE_HOST="192.168.100.1"
CRYPTLZ_DEV_MODE="true"
CRYPTLZ_ENVIRONMENT="dev"
FIREWALL_URL=https://192.168.100.1:8443
DASHBOARD_DOMAIN=192.168.100.1
# Performance Optimizations
CRYPTLZ_DB_CACHE_SIZE=512