Files
provenance/deploy/.env.example
T
justin de50f2c803 Model providers: OpenAI/xAI/Ollama + run several at once (registry)
Extends the #215 abstraction:
- OpenAICompatibleLLMProvider / OpenAICompatibleEmbeddingProvider — one impl (via
  the official openai SDK) covers OpenAI, xAI (api.x.ai/v1), Ollama
  (…:11434/v1), OpenRouter, etc.; they differ only by base_url, key, and model.
- Registry factory: build_llm_providers() / build_embedding_providers() return
  every provider whose credentials are configured, so you can run several
  concurrently. get_llm_provider(name)/get_embedding_provider(name) select by
  name, falling back to default_*_provider, then Null.
- Per-provider env config (ANTHROPIC_*, OPENAI_*, XAI_*, OLLAMA_*) +
  DEFAULT_LLM_PROVIDER / DEFAULT_EMBEDDING_PROVIDER; documented in .env.example.
  Defaults keep AI off (empty registry).

Embeddings now have real backends (OpenAI/Ollama), still separate from the LLM
since Anthropic offers no embeddings endpoint. Tests cover multi-provider
selection, default resolution, disabled-without-credentials, and null fail-loud.
Full suite 87 passed.

Relates to #215.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Justin Paul <justin@jpaul.me>
2026-06-09 18:39:19 -04:00

91 lines
3.3 KiB
Bash

# Provenance configuration — copy to `.env` and fill in. Never commit `.env`.
# Everything is twelve-factor; no endpoints or secrets live in code.
# --- Core ---
APP_ENV=development
# --- Images (pulled from git.jpaul.io; CI pushes to the LAN registry) ---
# test-main = current main build; or pin a semver / test-sha-<sha> for rollback.
IMAGE_TAG=test-main
# --- Database (Postgres) ---
POSTGRES_USER=provenance
POSTGRES_PASSWORD=change-me
POSTGRES_DB=provenance
# Backend connection string (async driver). Host 'postgres' = compose service.
DATABASE_URL=postgresql+asyncpg://provenance:change-me@postgres:5432/provenance
# --- Object storage (S3-compatible / MinIO) ---
MINIO_ROOT_USER=provenance
MINIO_ROOT_PASSWORD=change-me-too
S3_ENDPOINT_URL=http://minio:9000
S3_BUCKET=provenance
S3_ACCESS_KEY=provenance
S3_SECRET_KEY=change-me-too
S3_REGION=us-east-1
# --- Edge (Caddy) ---
# Local: ':80' (http://localhost). Production: 'provenance.example.com' for auto-HTTPS.
# Behind a Cloudflare Tunnel, keep ':80' — Cloudflare terminates TLS and the
# tunnel forwards plain HTTP to caddy:80.
PROVENANCE_SITE_ADDRESS=:80
# --- Deploy-host services (optional, selected via COMPOSE_PROFILES) ---
# 'tunnel' -> cloudflared connector (needs CLOUDFLARE_TUNNEL_TOKEN; public hostname -> http://caddy:80)
# Auto-deploy is handled by the host's global Watchtower (watches the
# watchtower-enabled backend/frontend labels) — no profile needed here.
CLOUDFLARE_TUNNEL_TOKEN=
COMPOSE_PROFILES=
# --- Auth / sessions ---
SESSION_TTL_DAYS=30
TOKEN_TTL_HOURS=24
# Set false for local http; true (default) behind TLS.
COOKIE_SECURE=false
# Base URL used to build links in outbound email.
APP_BASE_URL=http://localhost
# Mailer: 'console' logs links to stdout (dev); 'smtp' uses the SMTP settings below.
MAILER=console
# Require a verified email before an account has an active session. Leave false
# until SMTP works and existing accounts are verified, or you will lock users out.
REQUIRE_EMAIL_VERIFICATION=false
# --- Email (SMTP) — wired in a later phase ---
SMTP_HOST=
SMTP_PORT=587
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_FROM=
# --- Model providers (AI assistant + embeddings) -----------------------------
# Configure as many as you like — each turns on when its key is set. The
# default_* vars pick which one is used by default; the app can also select any
# configured provider by name. LLM and embeddings are independent (Anthropic has
# no embeddings endpoint). Leave the defaults 'null' to keep AI off.
DEFAULT_LLM_PROVIDER=null # null | anthropic | openai | xai | ollama
DEFAULT_EMBEDDING_PROVIDER=null # null | openai | ollama
LLM_MAX_TOKENS=4096
EMBEDDING_DIMENSIONS=1536 # must match the embedding model + pgvector column
# Anthropic (LLM)
ANTHROPIC_API_KEY=
ANTHROPIC_MODEL=claude-opus-4-8
# OpenAI (LLM + embeddings)
OPENAI_API_KEY=
OPENAI_BASE_URL=https://api.openai.com/v1
OPENAI_MODEL=gpt-4o
OPENAI_EMBEDDING_MODEL=text-embedding-3-small
# xAI / Grok — OpenAI-compatible (LLM)
XAI_API_KEY=
XAI_BASE_URL=https://api.x.ai/v1
XAI_MODEL=grok-2-latest # set to your account's current Grok model
# Ollama — local, OpenAI-compatible, no key (LLM + embeddings)
OLLAMA_ENABLED=false
OLLAMA_BASE_URL=http://localhost:11434/v1
OLLAMA_MODEL=llama3.1
OLLAMA_EMBEDDING_MODEL=nomic-embed-text
# XAI_API_KEY=