-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy path.env.example
More file actions
222 lines (180 loc) · 10.9 KB
/
.env.example
File metadata and controls
222 lines (180 loc) · 10.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
# =============================================================================
# Sprout Backend — Local Development Environment
# =============================================================================
# Copy this file to .env and adjust as needed:
# cp .env.example .env
#
# All defaults here work with `docker compose up` out of the box.
#
# Service ports (defaults):
# Postgres → localhost:5432
# Redis → localhost:6379
# Typesense → localhost:8108
# Adminer → localhost:8082 (DB browser UI)
#
# Note: If port 8082 conflicts, change the adminer port in docker-compose.yml
# =============================================================================
# -----------------------------------------------------------------------------
# Database (Postgres 17)
# -----------------------------------------------------------------------------
DATABASE_URL=postgres://sprout:sprout_dev@localhost:5432/sprout
PGHOST=localhost
PGPORT=5432
PGUSER=sprout
PGPASSWORD=sprout_dev
PGDATABASE=sprout
# -----------------------------------------------------------------------------
# Redis 7
# -----------------------------------------------------------------------------
REDIS_URL=redis://localhost:6379
# -----------------------------------------------------------------------------
# Typesense (search)
# -----------------------------------------------------------------------------
TYPESENSE_API_KEY=sprout_dev_key
TYPESENSE_URL=http://localhost:8108
# -----------------------------------------------------------------------------
# Relay (WebSocket server)
# -----------------------------------------------------------------------------
# Bind address for the relay (host:port)
SPROUT_BIND_ADDR=0.0.0.0:3000
# Public WebSocket URL — used in NIP-42 auth challenges
RELAY_URL=ws://localhost:3000
# Stable relay signing key. Set this in dev if you want REST-created forum posts
# to keep resolving to the original author across relay restarts.
# SPROUT_RELAY_PRIVATE_KEY=<32-byte hex private key>
# Set to true in production to require bearer token authentication
SPROUT_REQUIRE_AUTH_TOKEN=false
# -----------------------------------------------------------------------------
# Auth
# -----------------------------------------------------------------------------
# Set to false for dev (accepts NIP-42 without JWT, allows X-Pubkey header).
# Set to true in production to require bearer token authentication.
SPROUT_REQUIRE_AUTH_TOKEN=false
# JWKS endpoint for verifying JWT access tokens.
# Claim that carries the user's Nostr public key (hex, 32 bytes).
OKTA_PUBKEY_CLAIM=nostr_pubkey
# ── Keycloak (local OAuth testing — stands in for Okta in prod) ──────────────
# Keycloak is NOT a production dependency. It lets you test the full OAuth
# flow locally without needing an Okta tenant. Run `docker compose up -d`
# then `./scripts/setup-keycloak.sh` to create the realm, client, and users.
#
# Admin UI: http://localhost:8180 (admin / admin)
# Get a token:
# curl -s -X POST http://localhost:8180/realms/sprout/protocol/openid-connect/token \
# -d 'client_id=sprout-desktop&grant_type=password&username=tyler&password=password123' \
# | jq -r .access_token
OKTA_JWKS_URI=http://localhost:8180/realms/sprout/protocol/openid-connect/certs
OKTA_ISSUER=http://localhost:8180/realms/sprout
OKTA_AUDIENCE=sprout-desktop
# ── Okta (production / staging) ──────────────────────────────────────────────
# Uncomment and fill in when deploying against a real Okta tenant.
# OKTA_JWKS_URI=https://dev-example.okta.com/oauth2/default/v1/keys
# OKTA_ISSUER=https://dev-example.okta.com/oauth2/default
# OKTA_AUDIENCE=sprout-api
# OKTA_PUBKEY_CLAIM=nostr_pubkey
# -----------------------------------------------------------------------------
# Ephemeral Channels (TTL testing)
# -----------------------------------------------------------------------------
# Override the TTL for all ephemeral channels (in seconds). When set, any
# channel created with a TTL tag will use this value instead of the
# client-provided one. Unset to use the client-provided TTL.
# SPROUT_EPHEMERAL_TTL_OVERRIDE=60
# How often the reaper checks for expired ephemeral channels (default: 60s).
# SPROUT_REAPER_INTERVAL_SECS=5
# -----------------------------------------------------------------------------
# Logging / Tracing
# -----------------------------------------------------------------------------
RUST_LOG=sprout_relay=debug,sprout_db=debug,sprout_auth=debug,sprout_pubsub=debug,tower_http=debug
# OTLP tracing endpoint (optional — leave unset to disable)
# OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4317
# -----------------------------------------------------------------------------
# Huddle (LiveKit integration)
# -----------------------------------------------------------------------------
# LIVEKIT_API_KEY=devkey
# LIVEKIT_API_SECRET=devsecret
# LIVEKIT_URL=ws://localhost:7880
# -----------------------------------------------------------------------------
# ACP (Agent Communication Protocol — sprout-acp harness)
# -----------------------------------------------------------------------------
# The ACP harness bridges Sprout events to AI agents. Each env var below maps
# to a CLI flag of the same name (lowercase, hyphens → underscores). All values
# are optional unless noted; defaults are shown in comments.
#
# Quick start:
# SPROUT_PRIVATE_KEY=<hex> SPROUT_RELAY_URL=ws://localhost:3000 sprout-acp
# ── Identity & auth ──────────────────────────────────────────────────────────
# Nostr private key (hex or bech32). REQUIRED — identifies the agent on the relay.
# SPROUT_PRIVATE_KEY=<32-byte hex or nsec1… private key>
# Bearer token for relay authentication (when SPROUT_REQUIRE_AUTH_TOKEN=true).
# SPROUT_API_TOKEN=
# Relay WebSocket URL the harness connects to.
# Note: the relay itself uses RELAY_URL (above); this is the ACP harness's
# connection target — they happen to point at the same place in local dev.
# SPROUT_RELAY_URL=ws://localhost:3000
# ── Agent subprocess ─────────────────────────────────────────────────────────
# Binary to spawn as the AI agent (e.g. "goose", "codex-acp", "claude-code").
# SPROUT_ACP_AGENT_COMMAND=goose
# Comma-separated arguments passed to the agent binary.
# Goose default: "acp". Codex/Claude default: "" (empty).
# SPROUT_ACP_AGENT_ARGS=acp
# Binary for the Sprout MCP server sidecar (provides channel tools to the agent).
# SPROUT_ACP_MCP_COMMAND=sprout-mcp-server
# Number of parallel agent subprocesses (1–32).
# SPROUT_ACP_AGENTS=1
# Desired LLM model ID. Applied to every new ACP session.
# Use `sprout-acp models` to discover available model IDs.
# SPROUT_ACP_MODEL=
# ── Timeouts & sessions ──────────────────────────────────────────────────────
# Max seconds per agent turn before timeout (default 320 = ~5 min).
# SPROUT_ACP_TURN_TIMEOUT=320
# Max turns per session before proactive rotation. 0 = disabled (rotate only
# on MaxTokens / MaxTurnRequests). Recommended: 50 for long-running agents.
# SPROUT_ACP_MAX_TURNS_PER_SESSION=0
# ── Prompts ──────────────────────────────────────────────────────────────────
# System prompt injected into every agent session (inline text).
# SPROUT_ACP_SYSTEM_PROMPT=
# Path to a file containing the system prompt (mutually exclusive with above).
# SPROUT_ACP_SYSTEM_PROMPT_FILE=
# Message sent to the agent immediately after session creation.
# SPROUT_ACP_INITIAL_MESSAGE=
# ── Heartbeat ────────────────────────────────────────────────────────────────
# Seconds between heartbeat prompts. 0 = disabled. Must be 0 or ≥10.
# Recommended: 60 for long-running agents to prevent idle session timeouts.
# SPROUT_ACP_HEARTBEAT_INTERVAL=0
# Heartbeat prompt text (inline). Mutually exclusive with file variant.
# SPROUT_ACP_HEARTBEAT_PROMPT=
# Path to a file containing the heartbeat prompt.
# SPROUT_ACP_HEARTBEAT_PROMPT_FILE=
# ── Subscription & filtering ─────────────────────────────────────────────────
# Subscribe mode: "mentions" (default), "all", or "config" (rule-based).
# SPROUT_ACP_SUBSCRIBE=mentions
# Comma-separated event kind numbers to subscribe to (overrides mode defaults).
# SPROUT_ACP_KINDS=
# Comma-separated channel UUIDs to limit subscription scope.
# SPROUT_ACP_CHANNELS=
# Set to true to disable the @-mention filter in mentions mode.
# SPROUT_ACP_NO_MENTION_FILTER=false
# Path to TOML config file for rule-based subscriptions (config mode).
# SPROUT_ACP_CONFIG=./sprout-acp.toml
# ── Dedup & self-ignore ──────────────────────────────────────────────────────
# How to handle duplicate events: "queue" (default) or "drop".
# SPROUT_ACP_DEDUP=queue
# Set to true to process the agent's own messages (default: ignore self).
# SPROUT_ACP_NO_IGNORE_SELF=false
# ── Context ──────────────────────────────────────────────────────────────────
# Max context messages fetched for thread replies and DMs (0–100). 0 = disabled.
# SPROUT_ACP_CONTEXT_MESSAGE_LIMIT=12
# ── Presence & typing ────────────────────────────────────────────────────────
# Set to true to disable automatic online/offline presence status.
# SPROUT_ACP_NO_PRESENCE=false
# Set to true to disable typing indicators while the agent is processing.
# SPROUT_ACP_NO_TYPING=false
# ── Advanced tuning ──────────────────────────────────────────────────────────
# Event channel buffer capacity (WebSocket → harness). Increase for
# high-throughput agents. Minimum 1.
# SPROUT_ACP_EVENT_BUFFER=256
# ── Legacy aliases ───────────────────────────────────────────────────────────
# These are accepted for backward compatibility but the canonical names above
# are preferred:
# SPROUT_ACP_PRIVATE_KEY → SPROUT_PRIVATE_KEY
# SPROUT_ACP_API_TOKEN → SPROUT_API_TOKEN