Constellation Overwatch

Configure Constellation Overwatch using CLI flags or environment variables.

CLI Options

overwatch [options]

Flag	Default	Description
`-port`	`8080`	HTTP server port
`-nats-port`	`4222`	NATS server port
`-api-token`	`reindustrialize-dev-token`	API bearer token
`-nats-token`	`reindustrialize-america`	NATS authentication token
`-db-path`	`./data/constellation.db`	SQLite database path
`-log-level`	`info`	Logging level (debug, info, warn, error)
`--update`	-	Update to the latest version from GitHub releases

Updating

Update to the latest version with a single command:

overwatch --update

This will:

Check GitHub for the latest release
Download the appropriate binary for your platform
Replace the current binary with the new version

Environment Variables

All CLI options can also be set via environment variables:

Variable	CLI Flag	Description
`OVERWATCH_TOKEN`	`-api-token`	Unified token for API and NATS authentication
`PORT`	`-port`	HTTP server port
`DB_PATH`	`-db-path`	libSQL database path
`NATS_PORT`	`-nats-port`	NATS server port
`NATS_DATA_DIR`	-	NATS data directory
`WEB_UI_PASSWORD`	-	Password for Web UI access (leave empty to disable)
`OVERWATCH_LOG_LEVEL`	`-log-level`	Logging level

Example Configurations

Development

overwatch

Uses all default values for local development.

Production

overwatch \
  -port 8080 \
  -api-token $(openssl rand -hex 32) \
  -log-level warn

Update Check

# Check for and install updates
overwatch --update

Docker

docker run -d \
  -p 8080:8080 \
  -p 4222:4222 \
  -e OVERWATCH_TOKEN=your-secure-token \
  -e WEB_UI_PASSWORD=your-web-password \
  -v $(pwd)/data:/data \
  constellation-overwatch

Security Recommendations

Always use strong, randomly generated tokens in production environments.

Generate tokens with at least 32 bytes of entropy
Never commit tokens to version control
Use environment variables or secrets management in production
Rotate tokens periodically

Configuration

On this page