SECRET_KEY

JWT signing key (auto-generated by install script)

ENCRYPTION_KEY

Fernet key for encrypting stored credentials (LLM API keys, DB passwords)

DATABASE_PASSWORD

PostgreSQL password

SMTP_HOST

SMTP server hostname (e.g., smtp.sendgrid.net)

SMTP_PORT

SMTP port (typically 587)

SMTP_USER

SMTP username

SMTP_PASSWORD

SMTP password or API key

SMTP_DOMAIN

Email "from" domain (e.g., example.com)

SUPERADMIN_EMAIL

Admin user created on first startup

DOMAIN

Your domain for Caddy auto-HTTPS (e.g., sinas.example.com)

DEBUG

false

Enable verbose logging

CORS_ORIGINS

(none)

Comma-separated allowed origins

ACCESS_TOKEN_EXPIRE_MINUTES

15

JWT access token lifetime

REFRESH_TOKEN_EXPIRE_DAYS

30

Refresh token lifetime

OTP_EXPIRE_MINUTES

10

OTP code validity

OTP_MAX_ATTEMPTS

2

Wrong OTP guesses before invalidation

RATE_LIMIT_LOGIN_IP_MAX

10

Max login requests per IP per window

RATE_LIMIT_LOGIN_EMAIL_MAX

5

Max login requests per email per window

RATE_LIMIT_OTP_IP_MAX

10

Max OTP verify requests per IP per window

RATE_LIMIT_WINDOW_SECONDS

900

Rate limit window (15 minutes)

FUNCTION_TIMEOUT

300

Max execution time in seconds

MAX_FUNCTION_MEMORY

512

Memory limit in MB

MAX_FUNCTION_CPU

1.0

CPU cores per function

MAX_FUNCTION_STORAGE

1g

Disk storage limit

FUNCTION_CONTAINER_IDLE_TIMEOUT

3600

Idle container cleanup (seconds)

ALLOW_PACKAGE_INSTALLATION

true

Allow pip install in functions

ALLOWED_PACKAGES

(all)

Comma-separated package whitelist

SANDBOX_MIN_SIZE

4

Containers to pre-create

SANDBOX_MAX_SIZE

20

Maximum sandbox containers

SANDBOX_MIN_IDLE

2

Replenish when idle drops below this

SANDBOX_MAX_EXECUTIONS

100

Recycle after N executions

MAX_TOOL_ITERATIONS

25

Max consecutive tool-call rounds per message

MAX_HISTORY_MESSAGES

100

Messages loaded for conversation context

AGENT_JOB_TIMEOUT

600

Agent job timeout (seconds)

CODE_EXECUTION_TIMEOUT

120

Code execution timeout (seconds)

BACKEND_REPLICAS

1

Backend API replicas

UVICORN_WORKERS

4

Workers per backend replica

QUEUE_WORKER_REPLICAS

2

Function queue worker replicas

QUEUE_AGENT_REPLICAS

2

Agent queue worker replicas

QUEUE_FUNCTION_CONCURRENCY

10

Concurrent functions per worker

QUEUE_AGENT_CONCURRENCY

5

Concurrent agent jobs per worker

APP_CPU_LIMIT

2.0

Max CPU cores for backend container

APP_MEMORY_LIMIT

2G

Max RAM for backend container

APP_CPU_RESERVATION

0.5

Guaranteed CPU cores

APP_MEMORY_RESERVATION

512M

Guaranteed RAM

DATABASE_USER

postgres

PostgreSQL user

DATABASE_HOST

postgres

PostgreSQL host

DATABASE_PORT

5432

PostgreSQL port

DATABASE_NAME

sinas

Database name

DATABASE_URL

(built from above)

Full connection string (overrides individual vars)

REDIS_URL

redis://redis:6379/0

Redis connection string

CLICKHOUSE_HOST

clickhouse

ClickHouse host

CLICKHOUSE_PORT

8123

ClickHouse HTTP port

CLICKHOUSE_USER

default

ClickHouse user

CLICKHOUSE_PASSWORD

(empty)

ClickHouse password

CLICKHOUSE_DATABASE

sinas

ClickHouse database

CLICKHOUSE_RETENTION_DAYS

90

Data retention (no S3)

CLICKHOUSE_HOT_RETENTION_DAYS

30

Hot retention (with S3)

CLICKHOUSE_S3_ENDPOINT

(none)

S3 endpoint for tiered storage

CLICKHOUSE_S3_BUCKET

(none)

S3 bucket name

CLICKHOUSE_S3_ACCESS_KEY_ID

(none)

S3 access key

CLICKHOUSE_S3_SECRET_ACCESS_KEY

(none)

S3 secret key

CLICKHOUSE_S3_REGION

us-east-1

S3 region

CONFIG_FILE

(none)

Path to YAML config file

AUTO_APPLY_CONFIG

false

Apply config file on startup