Pulsegate

Appearance

Environment-level options and feature flags

PulseGate behaviour is controlled by environment variables and bindings set per Wrangler environment ([vars] and secrets in wrangler.toml / env.development.vars / env.production.vars). The dashboard Settings → Environment & controls section is the place to view (and in future, change) these.

Below is the full set of options that currently affect behaviour, and candidates for future dashboard controls.

Current: set only in Wrangler / secrets

These are read at runtime from env; there is no dashboard UI to change them yet. Values are defined in wrangler.toml or via wrangler secret put.

OptionTypePurposeWhere used
ENVIRONMENTstringdevelopment | production. Affects logging, lead forwarding (e.g. production → Make.com), and log level default.src/index.ts, src/lead.ts
SEND_LEADS_TO_MAKEboolean/string (optional)When false or 'false', leads are never sent to Make.com (still stored in D1). Default true. Master switch for Make.com forwarding.src/lead.ts
SEND_TEST_LEADS_TO_MAKEboolean/string (optional)When false or 'false', whitelisted test leads (from IPs with usage "test" or from content-match) are not sent to Make.com (still stored in TestingLeads). Default true.src/lead.ts
TEST_LEAD_CONTAINS_STRINGSstring (optional)Comma-separated list. If name, email, project, or location contains any (case-insensitive), lead is stored in TestingLeads and optionally sent to Make.com with test_lead yes. Empty = disabled. Overridden by Settings → Test lead by content when set.src/lead.ts, src/tracking/services/settingsService.ts
BOT_LEAD_DETECTIONbooleanWhen true, honeypot submissions (hidden field __pg_hp filled) are treated as bots: not persisted, not sent to Make.com, IP auto-blocked. When false, honeypot-filled leads are processed as normal. In this codebase “bot” = honeypot-filled only.src/lead.ts (lead capture)
STORE_HONEYPOT_LEADSboolean/string (optional)When false or 'false', honeypot (bot) leads are not stored in BlockedIPLeads; only the IP is blocked. Default true.src/lead.ts
LEAD_REENGAGE_HOURSnumber (optional)Hours after which a duplicate lead re-submitting is sent to Make.com again. Default 24; 0 = disable re-engage.src/lead.ts
LOG_LEVELstring (optional)debug | info | warn | error. Production default is warn.src/index.ts
LOG_LEADSstring (optional)true = always log lead events; false = never; unset = use LOG_LEVEL/ENVIRONMENT.src/lead.ts
LOG_TRACKINGstring (optional)true = emit tracking/session/replay logs; otherwise suppressed.src/index.ts, tracking/replay
ANALYTICS_API_KEYsecretAdmin API key for dashboard and analytics.Auth for /analytics/*, /replay/*
ANALYTICS_MARKETING_API_KEYsecret (optional)Marketing API key (restricted, PII masking).Auth; when set, role can be marketing
CRM_CALLBACK_SECRETsecretCRM callback secret (not the lead capture API key). Auth for POST /lead.capture/crm-callback and /lead.capture/make-callback. When set in Settings → CRM & dashboard → CRM callback secret, that value overrides this env.src/lead.ts
CRM_WEBHOOK_SECRETsecret (optional)Auth for POST /webhooks/crm/lead. Falls back to CRM_CALLBACK_SECRET.src/lead.ts
CRM_LEAD_URL_TEMPLATEstring (optional)URL for "View in CRM" link, e.g. https://crm.example.com/lead/. Editable from dashboard Settings; fallback when not set in AppSettings.src/tracking/services/leadAnalyticsService.ts
LEAD_ANALYTICSbindingWorkers Analytics Engine dataset for lead submission analytics. When bound, lead submissions are written and /analytics/engine/* works.src/lead.ts, src/lib/leadAnalyticsEngine.ts, analytics routes
SHOW_LEAD_SUBMISSION_CHARTSboolean/string (optional)When false or 'false', lead submission charts are hidden on the lead analytics page (charts not queried). Default true. Editable from dashboard Settings.Dashboard lead analytics page
MASK_EMAIL_PHONE_FOR_MARKETINGboolean/string (optional)When false or 'false', email and phone are not masked for the marketing role (they see full contact info). Default true. Editable from dashboard Settings.src/tracking/routes/analytics.ts (PII masking)
CLOUDFLARE_ACCOUNT_ID + CLOUDFLARE_ANALYTICS_ENGINE_API_TOKENoptionalEnable SQL API for /analytics/engine/* (lead submission charts in dashboard).Analytics Engine queries

Current: hardcoded (candidates for env)

OptionCurrent behaviourPossible env / dashboard control
R2 retention daysFixed 90 days in src/lib/retention.ts; cron deletes older session data.e.g. R2_RETENTION_DAYS or Settings toggle (90 / 60 / 30).

Summary by area

  • Lead capture / Make.com: ENVIRONMENT, SEND_LEADS_TO_MAKE, SEND_TEST_LEADS_TO_MAKE, BOT_LEAD_DETECTION, STORE_HONEYPOT_LEADS, LEAD_REENGAGE_HOURS, CRM_* secrets, LOG_LEADS.
  • Logging: LOG_LEVEL, LOG_LEADS, LOG_TRACKING, ENVIRONMENT (default log level).
  • Dashboard / analytics: ANALYTICS_API_KEY, ANALYTICS_MARKETING_API_KEY, LEAD_ANALYTICS binding, CLOUDFLARE_ACCOUNT_ID + CLOUDFLARE_ANALYTICS_ENGINE_API_TOKEN.
  • CRM integration: CRM_CALLBACK_SECRET, CRM_WEBHOOK_SECRET, CRM_LEAD_URL_TEMPLATE.
  • Storage: R2 retention (currently 90 days, hardcoded).

Dashboard Settings (editable): The Settings page loads options from the AppSettings table (D1). Admins can toggle Send leads to Make.com, Send whitelist test leads to Make.com, configure Test lead by content (list of strings; if name/email/project/location contains any, lead goes to TestingLeads), Bot lead detection, Store honeypot leads in D1, Show lead submission charts, Mask email and phone for marketing, set Re-engage duplicate leads (hours), set CRM lead URL template, set CRM callback secret (for CRM and Make.com callbacks; overrides CRM_CALLBACK_SECRET env when set), and manage Marketing API keys (generate, regenerate, per-key visible pages); Save changes persists to the database via PATCH /analytics/settings. Marketing keys are stored in MarketingApiKeys (D1). Changes take effect immediately. Missing keys in the table fall back to wrangler env vars.