Skip to main content

crewship instance

Manage instance-level configuration. Settings live in the singleton app_settings table and are shared across every workspace on this crewshipd binary. Most users do not need this command; it exists for the operator running crewship start.
The settings group accepts the alias setting. Underneath sits a thin wrapper over /api/v1/instance/settings.

Subcommands


crewship instance settings list

Columns: KEY, VALUE, UPDATED. The global --format flag is honoured (table, json, yaml). Sensitive value redaction. Three key-prefix patterns are written through but read as ***:
  • smtp.password
  • oauth.*.client_secret
  • webhook.*.secret
This is server-side redaction — list and get both return *** for these keys. There is no read-the-real-value path; verify the value landed correctly by checking that the dependent service (SMTP send, OAuth callback, webhook delivery) actually works.

crewship instance settings get

Returns 404 if the key has never been set. The compiled-in default (if any) is not surfaced — callers fall back via the same code path the web UI uses.

crewship instance settings set

Upserts. There is no separate createset is idempotent. The echoed response for a sensitive key is ***, not the literal value you sent — this is the redaction layer, not a bug.

crewship instance settings delete

A small set of bootstrap-protected keys are rejected server-side with 403:
  • instance.bootstrap_at
  • instance.first_user_id
  • schema.version
Deleting these would break re-bootstrap on the next restart, so they cannot be removed via this surface. To rotate them, restart the daemon onto a fresh DB and re-bootstrap.

API

All four require OWNER / ADMIN (canRole "manage").

See also

  • crewship system — adjacent admin diagnostics (Keeper status, version, stats).
  • crewship system stats — workspace-scoped aggregate; complements the instance-wide settings here.