183 lines
6.6 KiB
Text
183 lines
6.6 KiB
Text
# Onboarding profile — setup/onboarding or setup/profile can detect defaults from FreeBSD locale/timezone
|
|
SETUP_LOCALE=en-US
|
|
DISPLAY_LOCALE=en-US
|
|
ASSISTANT_LOCALE=en-US
|
|
SYSTEM_LOCALE=en_US.UTF-8
|
|
TZ=UTC
|
|
|
|
# Agent identity — ASSISTANT_NAME is primary; AGENT_NAME is auto-derived unless overridden
|
|
# AGENT_NAME drives all system identifiers (user, service, ZFS, DB names)
|
|
AGENT_NAME=clawdie
|
|
ASSISTANT_NAME=Clawdie
|
|
|
|
# Primary engine for fresh installs
|
|
AGENT_ENGINE=pi-tui
|
|
PI_TUI_BIN=pi
|
|
# Profile presets:
|
|
# setup, operator, status, payments, docs, cms, git, memory, local
|
|
# Explicit provider/model values below override the profile defaults.
|
|
PI_TUI_PROFILE=operator
|
|
PI_TUI_PROVIDER=zai
|
|
PI_TUI_MODEL=glm-5
|
|
|
|
# Primary API key for pi
|
|
ZAI_API_KEY=
|
|
# ZAI API base URL — override if the default endpoint does not match your key
|
|
# pi uses https://api.z.ai/api/coding/paas/v4; litellm defaults differ
|
|
# ZAI_API_BASE=https://api.z.ai/api/coding/paas/v4
|
|
|
|
# Optional alternative providers supported by pi
|
|
# OPENAI_API_KEY=
|
|
# ANTHROPIC_API_KEY=
|
|
# GEMINI_API_KEY=
|
|
# OPENROUTER_API_KEY=
|
|
|
|
# Ollama Cloud — free tier at ollama.com, no local hardware needed
|
|
# Sign up at https://ollama.com, create API key in settings
|
|
# Provides access to 30+ models including coding, reasoning, and vision
|
|
# OLLAMA_API_KEY=
|
|
|
|
# Local LLM runtime (optional)
|
|
# LOCAL_LLM_PROVIDER=none|ollama|llama_cpp
|
|
LOCAL_LLM_PROVIDER=none
|
|
FEATURE_OLLAMA=NO
|
|
FEATURE_LLAMA_CPP=NO
|
|
FEATURE_OLLAMA_HPP=NO
|
|
FEATURE_TAILSCALE=NO
|
|
TAILSCALE_AUTHKEY=
|
|
|
|
# Channels
|
|
TELEGRAM_BOT_TOKEN=
|
|
|
|
# Crowdin — Translation management for multi-language docs
|
|
# Free for open source: https://crowdin.com/open-source
|
|
# Create token at: https://crowdin.com/settings#api-key
|
|
CROWDIN_PERSONAL_TOKEN=
|
|
|
|
# SSH (optional) — used by Ansible when enabling sshd inside jails
|
|
# Example: SSH_PUBLIC_KEY="ssh-ed25519 AAAA... you@host"
|
|
SSH_PUBLIC_KEY=
|
|
|
|
# Stripe is built into the default Clawdie runtime.
|
|
# Leave blank to skip for now, or set a Restricted key from
|
|
# Stripe Dashboard -> Developers -> API Keys -> Restricted Keys.
|
|
STRIPE_SECRET_KEY=
|
|
STRIPE_ENABLE_REFUNDS=NO
|
|
|
|
# Domain split:
|
|
# AGENT_DOMAIN -> public-facing site/API domain
|
|
# AGENT_INTERNAL_DOMAIN -> internal jail/service names written into /etc/hosts
|
|
#
|
|
# Use home.arpa for internal-only names. .local is reserved for mDNS and can
|
|
# create resolver ambiguity on the local link.
|
|
# Use .invalid as the safe placeholder until you set a real public domain.
|
|
# These example values match the default AGENT_NAME above; replace them if you rename the agent.
|
|
AGENT_DOMAIN=clawdie.invalid
|
|
AGENT_INTERNAL_DOMAIN=clawdie.home.arpa
|
|
|
|
# Local code hosting defaults
|
|
# Current main provisions a dedicated git jail by default.
|
|
CODE_HOSTING_MODE=git
|
|
REMOTE_GIT_URL=https://codeberg.org/Clawdie/Clawdie-AI.git
|
|
FEATURE_GIT=YES
|
|
FEATURE_GITEA=NO
|
|
|
|
# Warden jail network — choose your private subnet at bootstrap.
|
|
# AGENT_SUBNET_BASE is the current primary key; WARDEN_* stays for compatibility.
|
|
# Code defaults to 10.0.0.x if these are not set.
|
|
# Common choices: 192.168.100.x, 10.0.0.x, 172.16.50.x
|
|
#
|
|
# Reserved IPs (lower = more foundational to agent runtime):
|
|
# .1 Gateway — bridge interface
|
|
# .2 Reserved — compatibility slot, do not use for new runtime
|
|
# .3 Database — PostgreSQL (skills + memory)
|
|
# .4 CMS — Astro/Strapi content (if enabled)
|
|
# .5 Local LLM — Ollama or llama-cpp (if enabled)
|
|
# .6 Git — local bare repositories
|
|
# .101+ Worker — jailed agent execution
|
|
# .150 Browser VM — reserved browser automation profile
|
|
AGENT_SUBNET_BASE=10.0.0
|
|
WARDEN_SUBNET_BASE=10.0.0
|
|
WARDEN_SUBNET=10.0.0.0/24
|
|
WARDEN_GATEWAY=10.0.0.1
|
|
# Legacy compatibility only; there is no active controlplane jail on current main.
|
|
WARDEN_CONTROLPLANE_IP=10.0.0.2
|
|
WARDEN_DB_IP=10.0.0.3
|
|
WARDEN_CMS_IP=10.0.0.4
|
|
WARDEN_OLLAMA_IP=10.0.0.5
|
|
WARDEN_LLAMA_CPP_IP=10.0.0.5
|
|
WARDEN_GIT_IP=10.0.0.6
|
|
|
|
# PostgreSQL runtime: jail (default) or host.
|
|
# When DB_RUNTIME=host, DB_HOST defaults to ${AGENT_SUBNET_BASE}.1 so jails can reach it.
|
|
DB_RUNTIME=jail
|
|
DB_HOST=
|
|
# ZFS dataset compression for host-based PostgreSQL (lz4 default, zstd optional).
|
|
DB_COMPRESSION=lz4
|
|
|
|
# PostgreSQL — split-brain architecture (three databases, all in db jail at .3)
|
|
# Skills DB: ships with repo, restored from dump, read-only at runtime
|
|
# Memory DB: user data, grows with conversations, needs backups
|
|
# Ops DB: operational data (chats, messages, tasks, sessions, routing)
|
|
# setup/onboarding and setup/db will generate these if missing and keep the
|
|
# URLs below in sync with AGENT_NAME, subnet, and passwords.
|
|
# PostgreSQL identifiers use a DB-safe namespace derived from AGENT_NAME:
|
|
# clawdie-ai -> clawdie_ai_reader / clawdie_ai_skills / clawdie_ai_brain / clawdie_ai_ops
|
|
POSTGRES_ADMIN_PASSWORD=
|
|
SKILLS_DB_PASSWORD=
|
|
MEMORY_DB_PASSWORD=
|
|
OPS_DB_PASSWORD=
|
|
FORGEJO_DB_PASSWORD=
|
|
SKILLS_DB_URL=
|
|
MEMORY_DB_URL=
|
|
OPS_DB_URL=
|
|
FORGEJO_DB_URL=
|
|
# Strapi secrets are generated automatically by onboarding/db/cms if missing.
|
|
# They back the internal Strapi app in the cms jail and should not be exposed.
|
|
STRAPI_DB_PASSWORD=
|
|
STRAPI_APP_KEYS=
|
|
STRAPI_API_TOKEN_SALT=
|
|
STRAPI_ADMIN_JWT_SECRET=
|
|
STRAPI_TRANSFER_TOKEN_SALT=
|
|
STRAPI_JWT_SECRET=
|
|
CMS_ENABLE=NO
|
|
CMS_ADMIN_UI=NO
|
|
GIT_JAIL_NAME=
|
|
GIT_JAIL_IP=
|
|
GIT_STORAGE_ROOT=
|
|
GIT_DEFAULT_REPO_NAME=
|
|
# Multi-agent note: if you run multiple agents on one host, set explicit jail
|
|
# names so service jails do not collide.
|
|
CMS_JAIL_NAME=
|
|
OLLAMA_JAIL_NAME=
|
|
LLAMA_CPP_JAIL_NAME=
|
|
|
|
# CMS_JAIL_NAME defaults to "cms" and auto-detects legacy names.
|
|
# CMS_JAIL_IP defaults to ${AGENT_SUBNET_BASE}.4 when setup --step cms runs.
|
|
# CMS_WEBROOT defaults to /srv/www
|
|
# CMS_ASTRO_PATH defaults to /home/clawdie/clawdie-site
|
|
# CMS_STRAPI_PATH defaults to /home/clawdie/strapi
|
|
# CMS_STRAPI_URL defaults to http://cms.<agent>.home.arpa:1337/api
|
|
# CMS_STRAPI_ADMIN_URL defaults to http://cms.<agent>.home.arpa:1337/admin
|
|
# CMS_ASTRO_MODE=strapi-seed
|
|
|
|
# Protected screenshots auth (generated by onboarding/cms if missing)
|
|
SCREENSHOTS_USER=clawdie
|
|
SCREENSHOTS_PASSWORD=
|
|
|
|
# Control Plane (multi-agent orchestration)
|
|
CONTROLPLANE_NAME=clawdie
|
|
CONTROLPLANE_DAILY_TOKENS=100000
|
|
CONTROLPLANE_PORT=3100
|
|
CONTROLPLANE_BIND_HOST=0.0.0.0
|
|
CONTROLPLANE_AUTH_MODE=local_trusted
|
|
# CONTROLPLANE_RUNNER=pi
|
|
# CONTROLPLANE_AIDER_BIN=aider
|
|
# CONTROLPLANE_AIDER_FLAGS=--no-check-update --no-gitignore
|
|
# CONTROLPLANE_AIDER_TMUX_SESSION=clawdie-controlplane
|
|
# CONTROLPLANE_AIDER_LOG_DIR=/home/clawdie/clawdie-ai/tmp/controlplane/aider
|
|
# BETTER_AUTH_SECRET — required when CONTROLPLANE_AUTH_MODE=authenticated
|
|
CONTROLPLANE_DASHBOARD_DIR=/usr/local/www/clawdie/controlplane
|
|
# Generate with: openssl rand -base64 32
|
|
BETTER_AUTH_SECRET=
|
|
OPERATOR_PASSWORD=
|