-
Notifications
You must be signed in to change notification settings - Fork 2
Configuration
This page covers all configuration options for Setup Manager HUD. Follow these steps in order for a new deployment, or jump to a specific section for reference.
Setup Manager HUD stores webhook events in Cloudflare Workers KV. Without this, the Worker returns 500 errors on webhook requests.
No CLI needed - everything in the browser.
1. Create the namespace:
- Log in to the Cloudflare dashboard
- Go to Workers & Pages -> KV in the left sidebar
- Click Create a namespace
- Name it
WEBHOOKS - Click Add
2. Bind it to your Worker:
- Go to Workers & Pages -> click your Worker
- Go to Settings -> Bindings
- Click Add binding -> KV Namespace
- Variable name:
WEBHOOKS(must be exactly this) - Select your namespace from the dropdown
- Click Save and Deploy
Note
Dashboard bindings can be removed if you later redeploy from GitHub with a wrangler.toml KV section that points somewhere else. For persistent GitHub/CLI deploys, use the CLI method and commit your namespace ID to your fork.
Bindings persist across redeploys when configured in wrangler.toml.
# Create the namespace
npx wrangler kv namespace create WEBHOOKS
# Copy the ID from the outputEdit wrangler.toml and uncomment the KV section:
[[kv_namespaces]]
binding = "WEBHOOKS"
id = "paste-your-namespace-id-here"Redeploy:
npm run deploySecrets are encrypted and never exposed in logs or code.
| Secret | Purpose | Required |
|---|---|---|
WEBHOOK_TOKEN |
Shared token for webhook authentication | Yes |
WEBHOOK_SECRET |
Legacy fallback name for existing installs | No |
Set a secret:
npx wrangler secret put WEBHOOK_TOKEN
# Paste your token when promptedList secrets:
npx wrangler secret listDelete a secret:
npx wrangler secret delete WEBHOOK_TOKENSee Security for complete webhook token setup instructions.
Non-sensitive configuration stored in wrangler.toml.
| Variable | Purpose | Default |
|---|---|---|
CF_ACCESS_AUD |
Cloudflare Access audience tag | (not set) |
CF_ACCESS_TEAM_DOMAIN |
Cloudflare Access team domain | (not set) |
[vars]
CF_ACCESS_AUD = "your-audience-tag"
CF_ACCESS_TEAM_DOMAIN = "your-team.cloudflareaccess.com"Important
If CF_ACCESS_AUD and CF_ACCESS_TEAM_DOMAIN are not set, the Worker skips JWT validation. The dashboard works but doesn't verify that requests came through Cloudflare Access.
Set these only after creating a Cloudflare Access application for the dashboard. See Security#optional-verify-cloudflare-access-jwts-in-the-worker for why this is recommended, where to find the values, and how to redeploy from a local clone or GitHub Actions.
For local development with npm run dev:worker, create a .dev.vars file:
WEBHOOK_TOKEN=local-test-token
See .dev.vars.example for a template. This file is gitignored.
The wrangler.toml file configures your Worker deployment. Key sections:
name = "setupmanagerhud"
main = "src/index.ts"
compatibility_date = "2024-12-01"
compatibility_flags = ["nodejs_compat"]-
name: Your Worker name (becomes the subdomain) -
main: Entry point file -
compatibility_date: Cloudflare runtime version -
compatibility_flags: Enable Node.js compatibility
# Uncomment and fill this in for CLI/GitHub deploys.
# [[kv_namespaces]]
# binding = "WEBHOOKS"
# id = "your-namespace-id"[[durable_objects.bindings]]
name = "DASHBOARD_ROOM"
class_name = "DashboardRoom"
[[migrations]]
tag = "v1"
new_sqlite_classes = ["DashboardRoom"]The Durable Object handles WebSocket connections. This is pre-configured and shouldn't need changes.
[assets]
directory = "dist"The React dashboard is built to dist/ and served as static assets.
[vars]
CF_ACCESS_AUD = "your-audience-tag"
CF_ACCESS_TEAM_DOMAIN = "your-team.cloudflareaccess.com"Verify your configuration via the health endpoint:
curl https://your-worker.workers.dev/api/healthResponse:
{
"status": "healthy",
"kv": "connected",
"durableObject": "available"
}| Field | Healthy Value | Problem Value |
|---|---|---|
status |
healthy |
degraded |
kv |
connected |
not configured or error
|
durableObject |
available |
unavailable |
If any field shows a problem value, see Troubleshooting.