Environment Overview

Live

Central hub for all external integrations, secrets, and runtime connectors. Check status, manage OAuth apps, and monitor custom endpoints.

Status Summary

Discord Bot Unknown

DISCORD_TOKEN · Railway

Perplexity Not Set

PERPLEXITY_API_KEY · CF Secret

ElevenLabs Not Set

ELEVENLABS_API_KEY · Railway

Gemini Not Set

GEMINI_API_KEY · Railway

Cloudflare Worker Ready

Worker · Secrets · DNS

Railway Node Runtime

Bot · DB · Env Vars

Perplexity Setup Full Loop

AI / ML Connectors

Perplexity Not Set

PERPLEXITY_API_KEY · Cloudflare Secret

Setup

Gemini Not Set

GEMINI_API_KEY · Railway .env

ElevenLabs Not Set

ELEVENLABS_API_KEY · Railway .env

Cloud Providers

Cloudflare Worker Ready

Worker · Secrets · DNS · wrangler.toml

Railway Node Runtime

Bot · DB · Env Vars · railway.json

Azure Not Configured

AZURE_CLIENT_ID · AZURE_SECRET · AZURE_TENANT_ID

AWS Not Configured

AWS_ACCESS_KEY_ID · AWS_SECRET_ACCESS_KEY

OAuth & App Configurations

Client IDs, secrets, and redirect URIs for OAuth flows. Isolated from bot runtime secrets.

Provider	Client ID Var	Secret	Redirect URI	Scopes	Status
Discord	`DISCORD_CLIENT_ID`	Masked	`/oauth/callback/discord`	identify · email · guilds	Missing
Azure / Entra	`AZURE_CLIENT_ID`	Masked	`/oauth/callback/azure`	User.Read · Mail.Send	Missing
Outlook	`OUTLOOK_CLIENT_ID`	Masked	`/oauth/callback/outlook`	Mail.Read · Calendars.Read	Missing
Google	`GOOGLE_CLIENT_ID`	Masked	`/oauth/callback/google`	openid · email · profile	Missing
Slack	`SLACK_CLIENT_ID`	Masked	`/oauth/callback/slack`	chat:write · users:read	Missing
Notion	`NOTION_CLIENT_ID`	Masked	`/oauth/callback/notion`	workspace:read · page:write	Missing

Communication & Workspace

Discord Unknown

DISCORD_TOKEN · Bot + Gateway

Outlook Not Configured

OUTLOOK_CLIENT_ID · MS Graph

Workspace Not Configured

Google / Notion / Slack · WORKSPACE_API_KEY

Webhooks 0 Active

Incoming / Outgoing · Custom URLs · WEBHOOK_SECRET

Custom Endpoint Manager

Name	URL	Auth	Status	Action
No custom endpoints configured.

New Endpoint

Secret Manager

Local

Input your API keys and tokens below. Values are masked by default and stored locally in your browser only. Use 1Password or your deployment platform for production secrets.

Service	Variable	Status
Perplexity	`PERPLEXITY_API_KEY`	Empty
Gemini	`GEMINI_API_KEY`	Empty
ElevenLabs	`ELEVENLABS_API_KEY`	Empty
Discord	`DISCORD_TOKEN`	Empty
Database	`DATABASE_URL`	Empty
Azure	`AZURE_CLIENT_ID`	Empty
AWS	`AWS_ACCESS_KEY_ID`	Empty
Outlook	`OUTLOOK_CLIENT_ID`	Empty
Workspace	`WORKSPACE_API_KEY`	Empty
Webhooks	`WEBHOOK_SECRET`	Empty
1Password	`OP_SERVICE_ACCOUNT_TOKEN`	Empty

LLM Chat

Gemini Offline

GEMINI_API_KEY · google.ai

Perplexity Offline

PERPLEXITY_API_KEY · api.perplexity.ai

Ollama Not Configured

localhost:11434 · Local inference

Chat

Select a model and send a message...

System Prompts & Docs

Personality-adapted responses via personalityEngine.js. Shadow archetypes, MBTI, and Enneagram inform tone. Reference docs/AI_ASSISTANT_GUIDE.md.

Request Routing

User message → Personality analysis → Model selector → API call → Response evaluator → Memory store. Fallback: Gemini → Perplexity → Ollama.

GitHub Integration

Repository Not Linked

mmahnke16/nucord

Branch main

Default · Protected

Pull Requests 0 Open

Active PR: #14

Token Not Set

GITHUB_TOKEN · Classic or Fine-Grained

Settings

Webhook Routing

Push → GitHub Action → Railway deploy. PR merge → Auto-sync env. Issues → Bot notification channel.

CI/CD Pipeline

Lint → Test → Build → Deploy. Secrets injected via 1Password CLI in GitHub Actions. Reference .github/workflows/.

Discord Developer Portal

Application ID Unknown

CLIENT_ID · Discord Dev Portal

Public Key Unknown

DISCORD_PUBLIC_KEY · Interactions endpoint

OAuth2 Not Configured

Redirect · Scopes · Bot auth

Intents Default

Guilds · Messages · Members · Reactions

Portal

Gateway Routing

Discord Gateway → Bot.js event router → Prefix handler / Slash command / Game check → Personality analysis → Response.

Setup Reference

See docs/DISCORD_SETUP_GUIDE.md for token, intents, OAuth2, and slash command registration.

1Password Vault

Vault Not Linked

Nucord Ops Vault

Service Account Not Set

OP_SERVICE_ACCOUNT_TOKEN

Rotation Manual

Last rotated: Never

Items 0

API keys · Tokens · Certificates

Vault Architecture

1Password Vault → Service Account → CLI inject → Railway/Cloudflare env. Secrets never hit disk unencrypted. Rotation via op item edit.

Rotation Procedure

1. Generate new secret. 2. Update 1Password item. 3. Update CF/Railway via CLI. 4. Revoke old secret. 5. Log rotation in audit trail.

Calendar Integration

Google Calendar Not Configured

GOOGLE_CLIENT_ID · OAuth2 · Calendars.Read

Outlook Calendar Not Configured

OUTLOOK_CLIENT_ID · MS Graph · Calendars.Read

Bare Metal Not Configured

iCal · CalDAV · Self-hosted

Sync Disabled

Webhook push · Polling · Cron

Calendar Sync Routing

External provider → Webhook/ polling → Nucord API → DB store → Bot reminder → User DM. Bare metal: CalDAV → local parser → same pipeline.

Bare Metal Setup

Host Radicale or Baikal on your server. Point A/AAAA records to bare metal IP. Configure CalDAV URL in bot config. SSL via Cloudflare Origin CA or Let's Encrypt.

Mail Providers

SMTP Not Configured

SMTP_HOST · SMTP_USER · SMTP_PASS

SendGrid Not Configured

SENDGRID_API_KEY

AWS SES Not Configured

AWS_SES_ACCESS_KEY · Verified domain

SPF / DKIM Not Verified

DNS TXT records · Cloudflare

Mail Routing

Bot event → Mail service → Provider API → Queue → Delivered. Fallback: SES → SendGrid → SMTP. Bounces logged to DB.

SPF / DKIM Setup

Add TXT record: v=spf1 include:sendgrid.net ~all. DKIM key from provider dashboard → DNS TXT → verify. Reference provider docs for exact CNAME/TXT values.

Cloudflare Setup

Worker Ready

wrangler.toml · worker.js

Secrets Injected

PERPLEXITY_API_KEY · CF Dashboard

DNS Active

A · CNAME · TXT · Proxied

SSL / TLS Full (Strict)

Origin CA · Let's Encrypt

Cloudflare Architecture

User → CF Edge → Worker → Secret vault → Perplexity API → Response → Edge cache → User. DNS managed in CF. SSL terminated at edge. Origin cert for Railway ↔ CF.

Wrangler Configuration

Run wrangler secret put PERPLEXITY_API_KEY to inject. Deploy with wrangler deploy. Config in wrangler.toml. See docs/RAILWAY_DEPLOYMENT.md for full flow.