AJ Isaacs
e3ee9fc193
Config was a Python file baked into the image or bind-mounted, requiring a rebuild or manual file management for any settings change. Now uses env_file in docker-compose with os.environ.get() calls, so config changes only need a container restart. Also filters Gitea traffic from LLM analysis to prevent false positive reconnaissance alerts on normal repository browsing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
40 lines
885 B
Plaintext
40 lines
885 B
Plaintext
# Web Log Monitor Configuration
|
|
# Copy this file to .env and fill in your values.
|
|
|
|
# LLM Configuration
|
|
LLAMA_URL=http://athena.lan:11434/v1/chat/completions
|
|
MODEL=Qwen3-8B-Q6_K
|
|
|
|
# Gotify Configuration
|
|
GOTIFY_URL=https://notify.thecozycat.net/message
|
|
GOTIFY_TOKEN=YOUR_TOKEN_HERE
|
|
|
|
# Log Source Configuration
|
|
# LOG_MODE: "local" for direct file access (Docker), "ssh" for remote access
|
|
LOG_PATH=/logs/access.log
|
|
LOG_MODE=local
|
|
|
|
# SSH settings (only used if LOG_MODE=ssh)
|
|
BARGE_HOST=barge.lan
|
|
|
|
# Abuse log for fail2ban
|
|
ABUSE_LOG=/data/abuse.log
|
|
|
|
# State file directory
|
|
STATE_DIR=/data
|
|
|
|
# Processing Settings
|
|
BATCH_SIZE=100
|
|
MAX_LINES_PER_RUN=1000
|
|
|
|
# Daemon Settings
|
|
LLM_INTERVAL=25
|
|
TAIL_POLL_INTERVAL=1
|
|
|
|
# Threat Database (SQL Server)
|
|
# Set all four values to enable historical threat tracking.
|
|
#DB_SERVER=barge.lan,1433
|
|
#DB_NAME=ThreatDB
|
|
#DB_USER=weblogmonitor
|
|
#DB_PASSWORD=your_password
|