Skip to main content

Module config

Module config 

Source
Expand description

Layered, runtime configuration for CorTeX.

This replaces two prototype-era patterns: the compile-time dotenv! baking of the database URL into the binary (so the deployment target could not change without a rebuild), and ad-hoc hard-coded constants for the dispatcher ports.

Values are resolved with the following precedence (lowest to highest):

  1. built-in Default values,
  2. an optional cortex.toml file in the working directory,
  3. CORTEX_-prefixed environment variables (nested with __, e.g. CORTEX_DISPATCHER__SOURCE_PORT),
  4. the legacy DATABASE_URL / TEST_DATABASE_URL variables (also read from a local .env), which take final precedence so existing deployments keep working unchanged.

Access the process-wide configuration through config().

Structs§

AssetsConfig
On-disk asset locations, so the binary is not bound to its working directory.
AuthConfig
Frontend authentication / secrets. The only source is the JSON token file (auth_file_pathconfig.json / CORTEX_AUTH_FILE); this is never read from or written to cortex.toml (the CortexConfig::auth field is #[serde(skip)]).
CortexConfig
Top-level CorTeX runtime configuration.
DatabaseConfig
Database connection settings.
DispatcherConfig
ZeroMQ dispatcher settings.
JobsConfig
Background-job lifecycle settings (W-4 stall handling).
WebauthnConfig
Passkey (WebAuthn) sign-in settings for the human admin UI (docs/archive/WEBAUTHN_DESIGN.md). The relying party is the CorTeX server itself — no external IdP, no per-deploy app registration. The admin token (see AuthConfig) remains the bootstrap / break-glass path; passkeys are the convenient day-to-day human sign-in once enrolled.

Functions§

auth_file_path
The path of the token file — the JSON holding rerun_tokens (admin/agent credentials). It is gitignored and scaffolded by cortex init; the tracked config.example.json is only a template. Defaults to config.json in the working directory, overridable via CORTEX_AUTH_FILE so a deployment keeps its live token outside the repo (e.g. /etc/cortex/config.json, root-owned) and the repo copy stays the demo/test fixture — the live secret is never checked in.
config
Returns the process-wide, lazily-loaded configuration.
config_file_path
The path of the optional cortex.toml configuration file, read and written by both the loader and the Settings write path. Overridable via the CORTEX_CONFIG_FILE environment variable.
to_persisted_toml
Serializes the non-secret configuration sections (everything except the auth secrets) to TOML. Shared by cortex init’s config scaffold and the Settings write path so the on-disk shape is identical.