-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathexample.env
More file actions
93 lines (77 loc) · 3.71 KB
/
example.env
File metadata and controls
93 lines (77 loc) · 3.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# Orion — example environment (no real values). Copy to .env and fill in.
# Optional: enables Ego (cloud) for COMPLEX routing
OPENAI_API_KEY=
# Optional: local LLM server URL (LiteLLM, Ollama, LM Studio, etc.)
# If set, Orion uses this for local inference; if unset, uses in-process stub.
# Example: http://localhost:1234 (LM Studio) or http://localhost:11434 (Ollama)
LOCAL_LLM_BASE_URL=
# Memory backend: sqlite (default) or postgres. When postgres, set DATABASE_URL.
# MEMORY_BACKEND=sqlite
# DATABASE_URL=postgres://orion:orion_dev@localhost:5432/orion
# Birth model: lightweight Ollama model for birth stages. Default: qwen2.5:3b-instruct
# BIRTH_MODEL=qwen2.5:3b-instruct
# Optional: default Id model for non-birth flows (else auto-detect or "local-model")
# ID_MODEL_DEFAULT=
# Optional: path to external public key for signature verification.
# The signing key is created out-of-band; Orion only reads the public key.
# Run scripts/generate-signing-key.ps1 to create keypair and sign templates.
# Example: C:\SecureKeys\orion\pubkey.bin
EXTERNAL_PUBKEY_PATH=
# Optional: MCP (Model Context Protocol) servers — comma-separated URLs for HTTP transport.
# Example: MCP_SERVER_URLS=http://localhost:3000/mcp,http://127.0.0.1:8080/mcp
# Servers are also configured in app config (data_dir/config.json) under mcp_servers.
# MCP_SERVER_URLS=
# Optional: for running IMAP test (cargo test -p orion-skills)
# ORION_IMAP_TEST=1
# ORION_IMAP_HOST=mail.proton.me
# ORION_IMAP_PORT=993
# ORION_IMAP_USER=
# ORION_IMAP_PASS=
# Optional: master key for encrypting secrets on Linux/macOS/Docker.
# Without this, secrets are stored in plaintext (dev only).
# Use a high-entropy value (e.g., openssl rand -base64 32).
# ORION_MASTER_KEY=
# --- Security ---
# Bind address for the API server. Default: 127.0.0.1:8080 (host dev),
# 0.0.0.0:8080 (container). Override for custom setups.
# ORION_BIND_ADDR=127.0.0.1:8080
# Set to "1" inside Docker containers (auto-set in compose).
# Controls default bind address and CORS behavior.
# ORION_CONTAINER=1
# Bearer token for API authentication. When set, all /api/* requests require
# Authorization: Bearer <token>. Health/ready endpoints are exempt.
# Generate: openssl rand -base64 32
# ORION_API_TOKEN=
# Comma-separated CORS allowed origins. Default: all origins in dev mode,
# no cross-origin in container mode. Example: http://localhost:3000,https://myapp.com
# CORS_ALLOW_ORIGINS=
# --- Postgres credentials ---
# Override these for production deployments. Defaults match docker-compose dev values.
# POSTGRES_USER=orion
# POSTGRES_PASSWORD=orion_dev
# POSTGRES_DB=orion
# --- Full stack (docker compose --profile full) ---
# API and frontend use these when running in Compose. Defaults in compose file.
# LOCAL_LLM_BASE_URL=http://ollama:11434
# DATABASE_URL=postgres://orion:orion_dev@postgres:5432/orion
# MEMORY_BACKEND=postgres
# BIRTH_MODEL=qwen2.5:3b-instruct
# Optional: path to agent data dir so API can expose birth_complete/birth_stage (config.json).
# ORION_DATA_DIR=/path/to/data
# --- Dual proxy boundary (included in full profile) ---
# Enable via:
# docker compose -f docker/docker-compose.yml --profile full up -d --build
#
# Proxy mode:
# - allow_all : compatibility-first for provider/API traffic (default)
# - allowlist : only domains listed in docker/proxy/external/allowlist_domains.txt
# PROXY_MODE=allow_all
#
# Allow host service access through egress proxy via host.docker.internal.
# PROXY_ALLOW_HOST_DOCKER_INTERNAL=true
#
# Optional extra outbound safe ports for the external proxy (comma-separated).
# PROXY_EXTRA_SAFE_PORTS=8443,8080
# --- Frontend (when running npm run dev outside Docker) ---
# Base URL for the Orion API. Empty = same origin (use Vite proxy or nginx).
# VITE_API_URL=http://localhost:8080