Self-hosting

Security

The self-host stack holds maintainer credentials and policy. Keep those boundaries explicit.

Secret handling

Never bake secrets: Images should not contain .env files, private keys, API keys, webhook secrets, REES secrets, or CLI auth files.
Prefer secret files: Use FOO_FILE for multiline values and orchestrator-managed secrets where possible.
Rotate deliberately: Rotate GitHub webhook secrets, API tokens, REES secrets, and provider keys with a restart window and validation PR.

Private policy

Keep sensitive review thresholds, autonomy, maintainer notes, and repo-specific rules inGITTENSORY_REPO_CONFIG_DIR, not in public repo config.

.env

GITTENSORY_REPO_CONFIG_DIR=/config

Network exposure

Expose the webhook endpoint only through TLS.
Keep Prometheus, Grafana, Qdrant, Ollama, and database ports private by default.
Put an auth layer in front of dashboards and internal admin routes.
Use /ready for orchestrators, not as a public status surface.

AI credential boundaries

Subscription CLI credentials

CLI auth files can be readable by the runtime. Do not mount a prompt-readable Claude Code or Codex home into review execution unless you have intentionally isolated it. API-key and local model providers are easier to reason about operationally.

REES boundary

REES receives PR diff and file metadata. Use a private network URL when possible, requireREES_SHARED_SECRET, and remember that the engine treats REES output as untrusted advisory context.

Public output boundary

Public PR comments and checks must not leak secrets, private policy, provider credentials, private scoring context, or maintainer-only notes. For hosted and self-host boundaries, keep Privacy and security nearby.

← PreviousReleases & images Next →Troubleshooting