Skip to content

Configuration

Jump to bottom
Tyler Conlee edited this page Apr 1, 2026 · 1 revision

Configuration

TicketPulse uses two layers of configuration: environment variables (set before startup) and database-managed settings (configured through the web UI).

Environment Variables

These are set via a .env file or system environment variables. The application loads .env using godotenv on startup.

Required

Variable Description
GOOGLE_CLIENT_ID Google OAuth 2.0 Client ID for user authentication
GOOGLE_CLIENT_SECRET Google OAuth 2.0 Client Secret
DB_FILEPATH Path to the SQLite database file (e.g., ticketpulse.db). In Docker, use /data/ticketpulse.db with a mounted volume.

Recommended

Variable Default Description
BASE_URL http://localhost:8080 Base URL of the application. Used for OAuth redirect URIs and cookie security. Set to your actual domain in production (e.g., https://ticketpulse.internal.company.com).
SESSION_KEY Random (generated per restart) Secret key for session cookie encryption. Minimum 32 bytes, base64-encoded. Generate with: openssl rand -base64 32. If not set in non-production, a random key is generated on each restart (sessions will not persist). Required in production (GO_ENV=production).

Optional

Variable Default Description
GO_ENV (empty) Set to production to enforce security checks: SESSION_KEY must be set, minimum key length is enforced, and HTTPS warning is emitted if BASE_URL is not HTTPS.
LOG_FORMAT text Set to json for structured JSON log output. Otherwise, plain text.
LOG_FILE (empty) When set, logs are written to both stdout and this file path (append mode). Log rotation should be handled externally (e.g., logrotate).
DEBUG_AREAS (empty) Comma-separated list of debug logging areas. See Logging for available areas. Set to all to enable all debug output.
TRUSTED_PROXY_CIDRS (empty) Comma-separated CIDR ranges for trusted reverse proxies. When set, the rate limiter uses X-Forwarded-For from these sources to determine client IP. Example: 10.0.0.0/8,172.16.0.0/12.
SLACK_DEBUG (empty) Set to true to enable debug logging for the Slack client library.
ZENDESK_RATE_LIMIT_MS (empty) Delay in milliseconds between Zendesk comment fetcher API calls (used in the comment fetcher).

Database-Managed Settings

These settings are stored in the configuration table and managed through the admin UI at /admin/configuration. Sensitive values are encrypted at rest using AES-256-GCM.

Zendesk Settings

Key Description
zendesk_subdomain Your Zendesk subdomain (e.g., mycompany for mycompany.zendesk.com)
zendesk_email Zendesk agent email address used for API authentication
zendesk_api_key Zendesk API token (encrypted at rest)

Slack Settings

Key Description
slack_bot_token Slack Bot User OAuth Token (xoxb-...) (encrypted at rest)
slack_app_token Slack App-Level Token for Socket Mode (xapp-...) (encrypted at rest)

Feature Settings

Key Description
daily_summary_enabled Enables the daily summary feature globally
setup_complete Set to true after the setup wizard is completed. Controls the setup middleware redirect.

Daily Alert Log Settings

Key Description
daily_alert_log_enabled Set to on to enable the daily alert log digest
daily_alert_log_channel_id Slack channel ID where the daily alert log is posted
daily_alert_log_channel_name Display name of the Slack channel (stored for UI display)
daily_alert_log_time Time to send the daily alert log in HH:MM format (e.g., 09:00)
daily_alert_log_timezone Timezone for the daily alert log schedule (e.g., America/New_York). Defaults to UTC.

Sensitive Value Encryption

The following configuration keys are automatically encrypted when stored and decrypted when read:

  • zendesk_api_key
  • slack_bot_token
  • slack_app_token

Encryption uses AES-256-GCM with a key derived from the SESSION_KEY via HKDF. Encrypted values are stored with an enc: prefix followed by base64-encoded ciphertext. If the SESSION_KEY changes, existing encrypted values will no longer be decryptable -- you will need to re-enter them through the admin UI.

Configuration Cache

Database configuration values are cached in memory with a 5-minute TTL to reduce database queries. The cache is automatically invalidated when configuration is saved through the admin UI. The polling service and scheduler use the config cache for Zendesk credential lookups.

TicketPulse -- Zendesk + Slack integration for SLA alerting, tag-based notifications, and daily ticket summaries.

TicketPulse Documentation

Getting Started

Core Concepts

Integrations

Application

Operations

Development

Clone this wiki locally