# ============================================================================= # Konstruct — Environment Variables # Copy this file to .env and fill in the values. # NEVER commit .env to version control. # ============================================================================= # ----------------------------------------------------------------------------- # Database (PostgreSQL 16) # IMPORTANT: Use konstruct_app role, not the postgres superuser. # The postgres superuser bypasses RLS and must never be used by application code. # ----------------------------------------------------------------------------- DATABASE_URL=postgresql+asyncpg://konstruct_app:konstruct_dev@localhost:5432/konstruct # For Alembic migrations (runs as postgres superuser to CREATE ROLE, enable RLS, etc.) DATABASE_ADMIN_URL=postgresql+asyncpg://postgres:postgres_dev@localhost:5432/konstruct # ----------------------------------------------------------------------------- # Redis / Valkey # ----------------------------------------------------------------------------- REDIS_URL=redis://localhost:6379/0 # Celery broker and result backend CELERY_BROKER_URL=redis://localhost:6379/1 CELERY_RESULT_BACKEND=redis://localhost:6379/2 # ----------------------------------------------------------------------------- # Slack # ----------------------------------------------------------------------------- SLACK_BOT_TOKEN=xoxb-your-slack-bot-token SLACK_SIGNING_SECRET=your-slack-signing-secret SLACK_APP_TOKEN=xapp-your-slack-app-token # For Socket Mode (optional) # ----------------------------------------------------------------------------- # LLM Providers # ----------------------------------------------------------------------------- ANTHROPIC_API_KEY=sk-ant-your-anthropic-api-key OPENAI_API_KEY=sk-your-openai-api-key OLLAMA_BASE_URL=http://localhost:11434 # ----------------------------------------------------------------------------- # Auth / Security # AUTH_SECRET: Used to sign JWT tokens for the admin portal. # Generate with: python -c "import secrets; print(secrets.token_hex(32))" # ----------------------------------------------------------------------------- AUTH_SECRET=change-me-generate-with-secrets-token-hex-32 # ----------------------------------------------------------------------------- # Service URLs (internal) # ----------------------------------------------------------------------------- GATEWAY_URL=http://localhost:8001 ROUTER_URL=http://localhost:8002 ORCHESTRATOR_URL=http://localhost:8003 LLM_POOL_URL=http://localhost:8004 # ----------------------------------------------------------------------------- # Application Settings # ----------------------------------------------------------------------------- ENVIRONMENT=development LOG_LEVEL=INFO DEBUG=false # Tenant rate limits (requests per minute defaults) DEFAULT_RATE_LIMIT_RPM=60 # ----------------------------------------------------------------------------- # Web Search / Knowledge Base Scraping # BRAVE_API_KEY: Get from https://brave.com/search/api/ # FIRECRAWL_API_KEY: Get from https://firecrawl.dev # ----------------------------------------------------------------------------- BRAVE_API_KEY= FIRECRAWL_API_KEY= # Google OAuth (Calendar integration) GOOGLE_CLIENT_ID= GOOGLE_CLIENT_SECRET= # MinIO KB bucket (for knowledge base documents) MINIO_KB_BUCKET=kb-documents # ----------------------------------------------------------------------------- # Web Push Notifications (VAPID keys) # Generate with: cd packages/portal && npx web-push generate-vapid-keys # ----------------------------------------------------------------------------- NEXT_PUBLIC_VAPID_PUBLIC_KEY=your-vapid-public-key VAPID_PRIVATE_KEY=your-vapid-private-key VAPID_CLAIMS_EMAIL=admin@yourdomain.com