From 78086c7397675d8f4044059eb6c85ec882e9bb68 Mon Sep 17 00:00:00 2001 From: Beda Schmid Date: Sat, 16 May 2026 15:25:48 +0000 Subject: [PATCH] update config --- config/config.yml | 128 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) create mode 100644 config/config.yml diff --git a/config/config.yml b/config/config.yml new file mode 100644 index 0000000..d4b5967 --- /dev/null +++ b/config/config.yml @@ -0,0 +1,128 @@ +app: + name: "DMARC Sentinel" + base_url: "https://dmarc-sentinel.lan" + timezone: "Europe/Zurich" + poll_interval_minutes: 30 + database_url: "sqlite:////app/data/dmarc-sentinel.sqlite3" + log_level: "INFO" + max_attachment_decompressed_mb: 20 + max_attachment_compressed_mb: 10 + max_attachments_per_message: 20 + max_reports_per_message: 20 + max_reports_per_archive: 20 + max_archive_compression_ratio: 100 + max_xml_records_per_report: 10000 + max_record_count: 10000000 + max_report_future_days: 3 + max_report_past_days: 3650 + max_reports_per_poll: 200 + +security: + dashboard_auth_enabled: true + dashboard_username_env: "DASHBOARD_USERNAME" + dashboard_password_env: "DASHBOARD_PASSWORD" + api_token_required: true + homepage_token_env: "HOMEPAGE_API_TOKEN" + +llm: + provider: "openai" + api_key_env: "OPENAI_API_KEY" + model: "gpt-4.1-mini" + temperature: 0.2 + timeout_seconds: 45 + max_retries: 2 + generate_alert_explanations: true + generate_daily_summary: true + generate_weekly_summary: true + store_llm_outputs: true + send_raw_xml_to_llm: false + send_raw_email_to_llm: false + system_prompt_path: "config/prompts/system.md" + alert_prompt_path: "config/prompts/alert_explanation.md" + digest_prompt_path: "config/prompts/posture_digest.md" + weekly_prompt_path: "config/prompts/weekly_summary.md" + +inboxes: + - id: "tukutoi" + label: "TukuToi" + domain: "tukutoi.com" + imap_host: ""mail.dynamicpress.org" + imap_port: 993 + imap_ssl: true + username_env: "DOMAIN_IMAP_USER" + password_env: "DOMAIN_IMAP_PASSWORD" + folder: "DMARC" + recipient: "dmarcreports@tukutoi.com" + processed_folder: null + failed_folder: null + move_after_success: false + move_after_failure: false + mark_seen_after_success: true + enabled: true + - id: "anamaka" + label: "Anamaka" + domain: "anamaka.net" + imap_host: ""mail.dynamicpress.org" + imap_port: 993 + imap_ssl: true + username_env: "DOMAIN_IMAP_USER" + password_env: "DOMAIN_IMAP_PASSWORD" + folder: "DMARC" + recipient: "dmarcreports@anamaka.net" + processed_folder: null + failed_folder: null + move_after_success: false + move_after_failure: false + mark_seen_after_success: true + enabled: true + +known_senders: + tukutoi.com: + - id: "postmark-transactional" + name: "Postmark Transactional" + ip_allowlist: + - "50.31.156.96/27" + - "104.245.209.192/26" + - "50.31.205.204/30" + dkim_domains: + - "tukutoi.com" + spf_domains: + - "tukutoi.com" + + - id: "postmark-broadcast" + name: "Postmark Broadcast" + ip_allowlist: + - "50.31.205.0/24" + dkim_domains: + - "tukutoi.com" + spf_domains: + - "tukutoi.com" + anamaka.net: + - id: "mailcow" + name: "Mailcow" + ip_allowlist: + - "45.148.30.200" + - "2a06:1301:4050:45:148:30:200:0" + dkim_domains: + - "anamaka.net" + spf_domains: + - "anamaka.net" + +alerts: + email: + enabled: true + smtp_host_env: "ALERT_SMTP_HOST" + smtp_port_env: "ALERT_SMTP_PORT" + smtp_user_env: "ALERT_SMTP_USER" + smtp_password_env: "ALERT_SMTP_PASSWORD" + from_env: "ALERT_EMAIL_FROM" + to_env: "ALERT_EMAIL_TO" + thresholds: + unknown_source_fail_count: 10 + unknown_source_fail_rate_percent: 5 + known_source_fail_rate_percent: 2 + total_volume_spike_multiplier: 3 + total_volume_drop_percent: 80 + min_messages_for_rate_alert: 20 + repeated_failure_days: 2 + missing_reporter_days: 3