Curiosity Workspace Customization

# Configuration

The Curiosity Workspace can be configured using Environment Variables (recommended for Docker/Kubernetes) or Command Line Flags.

The following table lists the most important configuration options available.

# General

Environment Variable	Flag	Description
`MSK_PORT`	`--port`	The port the server listens on (default: 8080).
`MSK_PORT_LOCAL`	`--port-local`	Port for localhost-only access.
`MSK_LOG_LEVEL`	`--log-level`	Logging verbosity (e.g., `Information`, `Debug`, `Error`).
`MSK_LOG_PATH`	`--log-path`	Path to store log files.
`MSK_MAX_BODY_SIZE`	`--max-body-size`	Maximum allowed size for HTTP request bodies.
`MSK_LIMIT_CONCURRENCY`	`--limit-concurrency`	Limits the number of concurrent operations.

# Storage & Paths

Environment Variable	Flag	Description
`MSK_GRAPH_STORAGE`	`--storage`	Path to the directory where graph data is stored.
`MSK_GRAPH_NAME`	`--graph-name`	Name of the graph database.
`MSK_GRAPH_TEMP_FOLDER`	`--temp-folder`	Path for temporary files.
`MSK_GRAPH_JOURNAL_FOLDER`	`--journal-folder`	Path for the graph journal (write-ahead log).
`MSK_GRAPH_BACKUP_FOLDER`	`--backup-folder`	Path for storing backups.
`MSK_WW_FOLDER`	`--www-folder`	Path to static web assets (frontend).

# High Availability & Clustering

Environment Variable	Flag	Description
`MSK_REPLICA`	`--replica`	If `true`, runs the instance as a Read-Only Replica.
`MSK_PRIMARY_ADDRESS`	`--primary-address`	URL of the Primary instance (required for replicas).
`MSK_REPLICA_STORAGE`	`--replica-storage`	Custom storage path for replica (if different from default).

# Authentication (SAML / SSO)

Environment Variable	Flag	Description
`MSK_SAML_CERT`	`--saml-cert`	Path to the SAML certificate.
`MSK_SAML_APPLICATION_ID`	`--saml-app-id`	Application ID for SAML.
`MSK_SAML_PROVIDER_ID`	`--saml-provider-id`	Provider ID for SAML.
`MSK_SAML_PROVIDER_ENDPOINT`	`--saml-endpoint`	SAML Identity Provider endpoint URL.

# OAuth Providers

Environment Variable	Flag	Description
`MSK_GOOGLE_LOGIN_CLIENT_ID`		Client ID for Google Login.
`MSK_GOOGLE_LOGIN_CLIENT_SECRET`		Client Secret for Google Login.
`MSK_AZURE_LOGIN_CLIENT_ID`		Client ID for Microsoft/Azure Login.
`MSK_AZURE_LOGIN_TENANT_ID`		Tenant ID for Microsoft/Azure Login.
`MSK_OKTA_LOGIN_DOMAIN`		Okta Domain.
`MSK_AUTH0_LOGIN_DOMAIN`		Auth0 Domain.

# Email

Environment Variable	Flag	Description
`MSK_MAIL_SERVER`	`--mail-server`	SMTP Server address.
`MSK_MAIL_PORT`	`--mail-port`	SMTP Port.
`MSK_MAIL_USERNAME`	`--mail-user`	SMTP Username.
`MSK_MAIL_PASSWORD`	`--mail-pass`	SMTP Password.
`MSK_MAIL_FROM_EMAIL`	`--mail-from`	Sender email address.

# Security & Encryption

Environment Variable	Flag	Description
`MSK_JWT_KEY`	`--jwt-key`	Key used for signing JWT tokens.
`MSK_GRAPH_MASTER_KEY`	`--master-key`	Master key for graph encryption.
`MSK_CERT_FILE`	`--cert-file`	Path to SSL certificate file (PFX/PEM).
`MSK_CERT_PWD`	`--cert-pwd`	Password for the SSL certificate.
`MSK_USE_HSTS`	`--hsts`	Enable HTTP Strict Transport Security.

# External Services (OCR/STT)

Environment Variable	Flag	Description
`MSK_AZURE_OCR_SUBSCRIPTIONKEY`		Azure Cognitive Services Key for OCR.
`MSK_AZURE_OCR_ENDPOINT`		Azure Cognitive Services Endpoint for OCR.
`MSK_AWS_ACCESS_KEY_ID`		AWS Access Key (for S3/Transcribe).
`MSK_AWS_SECRET_ACCESS_KEY`		AWS Secret Key.
`MSK_BLOB_STORAGE_AWS_S3_BUCKET`		S3 Bucket for Blob Storage.