# ═══════════════════════════════════════════════════════════════════════════ # OSIRIS — Environment Template # Copy this file to `.env` (or `.env.local`) and fill in values as needed. # # IMPORTANT — read before filling anything in: # OSIRIS works fully WITHOUT any third-party API keys. Aviation, maritime, # satellites, fires, earthquakes, weather, news, CVEs, etc. all use public # keyless feeds (adsb.lol, celestrak.org, NASA FIRMS open CSV, USGS, …). # # As of this revision the application code only actually reads SCANNER_URL # and SCANNER_KEY. The other keys below are OPTIONAL and reserved for higher # rate limits / future data sources — set them only if you extend the code or # hit rate limits on the public feeds. # ═══════════════════════════════════════════════════════════════════════════ # ───────────────────────────────────────────────────────────────────────── # RECON SCANNER BACKEND ── the ONLY keys the current code consumes ── # Powers the RECON toolkit (quick/ssl/headers/rdns/subdomains/tech/whois/ # geoloc/vuln scans). Requires running the separate OSIRIS scanner backend. # SCANNER_KEY here MUST equal the backend's OSIRIS_KEY. Generate one with: # openssl rand -hex 32 # Leave both empty to simply disable the RECON features (UI returns 503). # ───────────────────────────────────────────────────────────────────────── SCANNER_URL= SCANNER_KEY= # ───────────────────────────────────────────────────────────────────────── # OPTIONAL DATA-SOURCE KEYS (not read by current code — future / upgrades) # ───────────────────────────────────────────────────────────────────────── # NASA FIRMS — active wildfire hotspots. # Free, instant. Enter an email at the page below and the MAP_KEY is emailed # to you (looks like 'abcdef1234567890abcdef1234567890'). Limit: 5000 req / # 10 min. The app already uses the keyless FIRMS CSV; a key only matters if # you switch to the per-area FIRMS API. # Get it: https://firms.modaps.eosdis.nasa.gov/api/map_key/ FIRMS_API_KEY= # OpenSky Network — aviation (higher rate limits than the keyless feed). # Free account. Since March 2025 OpenSky uses OAuth2 (username/password auth # is dropped). Create an account, open the Account page, create a new API # client, and copy the client_id / client_secret. # Get it: https://opensky-network.org/ (Account → API client) OPENSKY_CLIENT_ID= OPENSKY_CLIENT_SECRET= # N2YO — satellite tracking / pass predictions. # Free. Register, then Profile page → scroll down → "generate API key". # The key cannot be changed once issued. Limit: 1000 req / hour. # Get it: https://www.n2yo.com/login/register/ (then Profile) N2YO_API_KEY= # aisstream.io — live maritime AIS vessel positions via WebSocket. # Free. Register, then create a key on the API Keys page. Used in the # subscription message to wss://stream.aisstream.io/v0/stream. # Get it: https://aisstream.io/ (sign up → API Keys) AIS_API_KEY= # ───────────────────────────────────────────────────────────────────────── # RUNTIME # ───────────────────────────────────────────────────────────────────────── # Host port the web UI is published on (container always listens on 3000). # Change this if 3000 is already taken on your host. OSIRIS_PORT=3000 # Comma-separated list of public Telegram channel usernames (no @) to scrape # for the "Telegram OSINT" map layer. Overrides the curated default set. # Channels must have web preview enabled (most well-known OSINT channels do). # Default if unset: # osintdefender,insiderpaper,aljazeeraenglish,nexta_live,war_monitor # OSIRIS_TELEGRAM_CHANNELS= # Set by the Docker image already — override only if needed. # NODE_ENV=production # PORT=3000 # HOSTNAME=0.0.0.0