Skip to content
Oore
This project is under active development. Some features may be incomplete.

Configuration

Oore is configured through environment variables. These can be set in a .env file or passed directly to the process.

Environment File Locations

ContextLocation
Development.env in working directory
Installed Service/etc/oore/oore.env
Custom--env-file flag or OORE_ENV_FILE variable

Configuration Variables

Database

VariableRequiredDefaultDescription
DATABASE_URLYes-SQLite connection string
Terminal window
DATABASE_URL=sqlite:oore.db

Server

VariableRequiredDefaultDescription
OORE_BASE_URLNohttp://localhost:8080Public URL for webhook callbacks
OORE_DEV_MODENofalseEnable development mode (allows HTTP for non-localhost)
Terminal window
OORE_BASE_URL=https://ci.example.com
OORE_DEV_MODE=false

Security

VariableRequiredDefaultDescription
OORE_ADMIN_TOKENNo-Token for admin API authentication
ENCRYPTION_KEYNo-32-byte hex key for encrypting credentials

CORS

VariableRequiredDefaultDescription
OORE_DASHBOARD_ORIGINNo-Allowed origin for CORS (web dashboard)

Logging

VariableRequiredDefaultDescription
RUST_LOGNoinfoLog level filter

Log levels: error, warn, info, debug, trace

Terminal window
RUST_LOG=oore_server=info,oore_core=info

GitHub Integration

Environment variables (legacy/alternative):

These are only needed if you’re manually configuring a pre-existing GitHub App instead of using the CLI setup flow:

VariableRequiredDefaultDescription
GITHUB_APP_IDNo-GitHub App ID
GITHUB_PRIVATE_KEY_PATHNo-Path to GitHub App private key PEM file
GITHUB_WEBHOOK_SECRETNo-Shared secret for webhook verification

GitLab Integration

VariableRequiredDefaultDescription
GITLAB_SERVER_PEPPERNo-Server pepper for HMAC computation of webhook tokens
GITLAB_API_BASE_URLNohttps://gitlab.comBase URL for GitLab API

OAuth Configuration (for gitlab.com):

VariableRequiredDefaultDescription
OORE_GITLAB_CLIENT_IDNo-GitLab OAuth application ID
OORE_GITLAB_CLIENT_SECRETNo-GitLab OAuth application secret

Self-Hosted GitLab Security (optional):

VariableRequiredDefaultDescription
OORE_GITLAB_ALLOWED_HOSTSNo-Comma-separated list of allowed GitLab hostnames
OORE_GITLAB_ALLOWED_CIDRSNo-Comma-separated list of allowed CIDRs
OORE_ALLOW_BROAD_CIDRSNofalseAllow broad CIDR ranges (use with caution)
OORE_GITLAB_CA_BUNDLENo-Path to custom CA bundle for self-signed certificates

GitLab webhook tokens are stored per-repository in the database as HMAC hashes.

Example Configurations

Minimal Development

.env
DATABASE_URL=sqlite:oore.db
RUST_LOG=debug

Production

/etc/oore/oore.env
DATABASE_URL=sqlite:/var/lib/oore/oore.db
OORE_BASE_URL=https://ci.example.com
OORE_ADMIN_TOKEN=secure-random-token-32-chars-min
ENCRYPTION_KEY=64-hex-characters-here
OORE_DASHBOARD_ORIGIN=https://dashboard.example.com
RUST_LOG=oore_server=info,oore_core=info

With GitHub App (CLI Setup - Recommended)

/etc/oore/oore.env
DATABASE_URL=sqlite:/var/lib/oore/oore.db
OORE_BASE_URL=https://ci.example.com
OORE_ADMIN_TOKEN=secure-random-token-here
ENCRYPTION_KEY=64-hex-characters-here
RUST_LOG=oore_server=info

Then run oore github setup to configure the GitHub App. Credentials are stored encrypted in the database.

With GitLab OAuth

/etc/oore/oore.env
DATABASE_URL=sqlite:/var/lib/oore/oore.db
OORE_BASE_URL=https://ci.example.com
OORE_ADMIN_TOKEN=secure-random-token-here
ENCRYPTION_KEY=64-hex-characters-here


GITLAB_SERVER_PEPPER=random-pepper-for-hmac
OORE_GITLAB_CLIENT_ID=your-gitlab-app-id
OORE_GITLAB_CLIENT_SECRET=your-gitlab-app-secret


RUST_LOG=oore_server=info

File Permissions

Terminal window
sudo chmod 600 /etc/oore/oore.env
sudo chown root:wheel /etc/oore/oore.env  # macOS
sudo chown root:root /etc/oore/oore.env   # Linux

This is done automatically by oored install.

Applying Changes

Terminal window
sudo oored restart