Get Springtale running and create your first automation in under 5 minutes.
TABLE I. REQUIRED TOOLS
| Tool | Version | Purpose |
|---|---|---|
| Rust | stable 1.85+ | Build the workspace (edition 2024) |
| Git | any | Clone the repo |
TABLE II. OPTIONAL TOOLS
| Tool | Purpose |
|---|---|
| Nix + direnv | Reproducible dev shell via Konductor (includes all tools) |
| Docker | Container deployment |
| cargo-nextest | Faster parallel test runner |
┌───────────┐ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ┌───────────┐
│ git clone │────>│ cargo build │────>│ springtale │────>│ springtale │────>│ curl │
│ │ │ --workspace │ │ init │ │ server start │ │ /health │
└───────────┘ └──────────────┘ └──────────────┘ └──────────────┘ └───────────┘
Fig. 1. Build and init flow.
git clone https://github.com/ScopeCreep-zip/Springtale.git
cd Springtale
cargo build --workspaceThis creates the encrypted vault and SQLite database. You'll be prompted for a passphrase — this protects your stored credentials.
cargo run --bin springtale-cli -- initcargo run --bin springtale-cli -- server startIn another terminal:
curl http://127.0.0.1:8080/health
# {"status": "ok"}
curl http://127.0.0.1:8080/ready
# {"status": "ready"}docker build -t springtale .mkdir -p data
cp springtale.toml.example springtale.toml
# Set your vault passphrase
export SPRINGTALE_PASSPHRASE="your-secure-passphrase"
docker compose up -dThe container runs as a non-root user with read-only root filesystem, all capabilities dropped, and no-new-privileges enforced.
TABLE III. DOCKER ENVIRONMENT VARIABLES
| Variable | Default | Description |
|---|---|---|
SPRINGTALE_PASSPHRASE |
(required) | Vault encryption passphrase |
SPRINGTALE_STORE__PATH |
/data/springtale.db |
Database path inside container |
SPRINGTALE_CRYPTO__VAULT_PATH |
/data/vault.bin |
Vault path inside container |
SPRINGTALE_API__BIND |
0.0.0.0:8080 |
API bind address |
RUST_LOG |
info |
Log level |
curl http://localhost:8080/health
# {"status": "ok"}If you have Nix and direnv installed:
cd Springtale
direnv allowThis loads the Konductor dev shell with Rust, security tooling (cargo-deny, cargo-audit, gitleaks, trivy), WASM tools (wabt), and Node.js 22.
Let's create a rule that watches a directory and runs a shell command when a file appears.
mkdir -p /tmp/springtale-inboxCreate rules/file-alert.toml:
[rule]
name = "file-alert"
[trigger]
type = "FileWatch"
path = "/tmp/springtale-inbox"
event = "create"
[[actions]]
type = "SendMessage"
text = "New file detected: ${trigger.filename}"cargo run --bin springtale-cli -- rule add rules/file-alert.toml
# Added: file-alert (id: ...)cargo run --bin springtale-cli -- rule listWith the daemon running, create a file in the watched directory:
touch /tmp/springtale-inbox/hello.txtCheck the event log:
cargo run --bin springtale-cli -- events --limit 5 What happened:
┌─────────────────┐ ┌──────────────┐ ┌──────────────┐ ┌──────────┐
│ File created in │────>│ FileWatch │────>│ Rule engine │────>│ Action: │
│ /tmp/springtale-│ │ trigger │ │ matches │ │ Send │
│ inbox/ │ │ fires │ │ "file-alert" │ │ Message │
└─────────────────┘ └──────────────┘ └──────────────┘ └──────────┘
Fig. 2. Data flow for the file alert rule.
| I want to... | Read |
|---|---|
| Understand how the pieces fit together | guide/architecture.md |
| Learn about security and privacy | guide/security.md |
| Explore available connectors | guide/connectors.md |
| Write more complex rules | guide/rules.md |
| Look up CLI commands | reference/cli.md |
| Look up API endpoints | reference/api.md |
| Build a new connector | contributing/adding-a-connector.md |
| See what's coming next | ROADMAP.md |
- [1] Configuration reference: reference/configuration.md
- [2] CLI reference: reference/cli.md
- [3] Docker compose file:
docker-compose.yml