Everything to run TaskX
Cloud, self-hosted, AI providers, cron jobs, environment variables — the complete reference for individual cyber pros running TaskX their way.
Getting started
TaskX is a personal daily workspace for cyber professionals — CVE watch, snippets with variables, Markdown runbooks, Mermaid diagrams, a ⌘K palette and a context-aware AI assistant, all on a single page.
Free for personal use. EU-hosted. Zero infra to run.
Run TaskX with Docker Compose. Own your data end-to-end.
Create an account (cloud)
- Open taskx.tech
- Sign up with email + password, Google or Apple
- Confirm your email, sign in — you land on the dashboard
Modules
Everything in TaskX is a module you can access from the sidebar or the ⌘K palette.
Cloud vs Self-hosted
TaskX ships in two flavors. Same codebase, same features — pick where your data lives.
| Aspect | Cloud | Self-hosted |
|---|---|---|
| Infra to manage | None | Docker + Supabase |
| Updates | Automatic | git pull + rebuild |
| Data location | EU-hosted | Yours |
| AI provider | Lovable AI (included) | OpenRouter / Qwen / Z.ai (bring your key) |
| Price | Free personal tier | Free (MIT) |
Self-hosting
Option A — Docker Compose (recommended)
git clone https://github.com/K3E9X/TaskX.git
cd TaskX
cp .env.example .env # fill in Supabase + AI provider
docker compose up -dOpen http://localhost:3000. You still need a Supabase project (Cloud free tier or self-hosted Supabase) for auth + database.
Option B — Bare metal (Bun)
git clone https://github.com/K3E9X/TaskX.git
cd TaskX
bun install
cp .env.example .env
bun run build
bun run startFull guide: SELF_HOSTING.md
AI providers
TaskX talks to any OpenAI-compatible /chat/completions. Pick one via AI_PROVIDER.
| Provider | AI_PROVIDER | Free tier | Default model |
|---|---|---|---|
| OpenRouter | openrouter | Yes (:free models) | qwen/qwen-2.5-72b-instruct:free |
| Qwen (Alibaba) | qwen | Yes (DashScope) | qwen-turbo |
| Z.ai (GLM) | zai | Yes | glm-4-flash |
| Lovable | lovable | Cloud only | google/gemini-3-flash-preview |
Only AI_API_KEY is required. AI_MODEL and AI_BASE_URL are optional overrides.
Data model & security
- All app tables live in
publicwith RLS enabled, scoped toauth.uid(). - Roles are stored in a dedicated
user_rolestable +SECURITY DEFINER has_role()function (never client-side). - Service-role key is used only in
*.server.tsfiles, never leaked to the client bundle. - Public API routes live under
/api/public/*and verify caller signatures inside the handler.
Environment variables
See .env.example in the repo. Summary:
# Supabase (required)
VITE_SUPABASE_URL=
VITE_SUPABASE_PUBLISHABLE_KEY=
SUPABASE_URL=
SUPABASE_PUBLISHABLE_KEY=
SUPABASE_SERVICE_ROLE_KEY=
# AI provider (required — pick one)
AI_PROVIDER=openrouter
AI_API_KEY=
# Optional
AI_MODEL=
AI_BASE_URL=
PORT=3000Cron & background jobs
Scheduled tasks run via pg_cron inside Postgres.
| Job | Schedule | Purpose |
|---|---|---|
refresh-feeds-hourly | every hour | Refresh CVE / CTI feeds |
purge-old-feeds-daily | daily | Enforce 14-day retention |
refresh-nuclei-index-daily | daily @ 04:00 | Refresh Nuclei PoC index |
email-queue-dispatch | frequent | Dispatch transactional emails |
Introspect from the admin console or query cron.job / cron.job_run_details.
Troubleshooting
- "Unauthorized" on protected routes: session missing — sign out/in, or check the
Authorizationmiddleware insrc/start.ts. - AI assistant returns 500: check
AI_PROVIDER+AI_API_KEYserver-side, restart. - Feeds not refreshing: check
cron.job_run_detailsforrefresh-feeds-hourly.
Still stuck? Open an issue.