mirror of
https://github.com/vxcontrol/pentagi.git
synced 2026-05-03 21:40:32 +00:00
Dmitry Ng
379 lines
10 KiB
Bash
379 lines
10 KiB
Bash
# PentAGI Environment Variables
|
|
|
|
## For communication with PentAGI Cloud API
|
|
INSTALLATION_ID=
|
|
LICENSE_KEY=
|
|
|
|
## Allow to interact with user while executing tasks
|
|
ASK_USER=
|
|
|
|
## LLM Providers
|
|
OPEN_AI_KEY=
|
|
OPEN_AI_SERVER_URL=https://api.openai.com/v1
|
|
|
|
ANTHROPIC_API_KEY=
|
|
ANTHROPIC_SERVER_URL=https://api.anthropic.com/v1
|
|
|
|
## Google AI (Gemini) LLM provider
|
|
GEMINI_API_KEY=
|
|
GEMINI_SERVER_URL=https://generativelanguage.googleapis.com
|
|
|
|
## AWS Bedrock LLM provider
|
|
BEDROCK_REGION=us-east-1
|
|
BEDROCK_DEFAULT_AUTH=
|
|
BEDROCK_BEARER_TOKEN=
|
|
BEDROCK_ACCESS_KEY_ID=
|
|
BEDROCK_SECRET_ACCESS_KEY=
|
|
BEDROCK_SESSION_TOKEN=
|
|
BEDROCK_SERVER_URL=
|
|
|
|
## DeepSeek LLM provider
|
|
DEEPSEEK_API_KEY=
|
|
DEEPSEEK_SERVER_URL=https://api.deepseek.com
|
|
DEEPSEEK_PROVIDER=
|
|
|
|
## GLM (Zhipu AI) LLM provider
|
|
GLM_API_KEY=
|
|
GLM_SERVER_URL=https://api.z.ai/api/paas/v4
|
|
GLM_PROVIDER=
|
|
|
|
## Kimi (Moonshot) LLM provider
|
|
KIMI_API_KEY=
|
|
KIMI_SERVER_URL=https://api.moonshot.ai/v1
|
|
KIMI_PROVIDER=
|
|
|
|
## Qwen (Alibaba Cloud DashScope) LLM provider
|
|
QWEN_API_KEY=
|
|
QWEN_SERVER_URL=https://dashscope-us.aliyuncs.com/compatible-mode/v1
|
|
QWEN_PROVIDER=
|
|
|
|
## Custom LLM provider
|
|
LLM_SERVER_URL=
|
|
LLM_SERVER_KEY=
|
|
LLM_SERVER_MODEL=
|
|
LLM_SERVER_PROVIDER=
|
|
LLM_SERVER_CONFIG_PATH=
|
|
LLM_SERVER_LEGACY_REASONING=
|
|
LLM_SERVER_PRESERVE_REASONING=
|
|
|
|
## Ollama LLM provider (Local Server or Cloud)
|
|
# Local: http://ollama-server:11434, Cloud: https://ollama.com
|
|
OLLAMA_SERVER_URL=
|
|
# Required for Ollama Cloud (https://ollama.com/settings/keys), leave empty for local
|
|
OLLAMA_SERVER_API_KEY=
|
|
OLLAMA_SERVER_MODEL=
|
|
OLLAMA_SERVER_CONFIG_PATH=
|
|
OLLAMA_SERVER_PULL_MODELS_TIMEOUT=
|
|
OLLAMA_SERVER_PULL_MODELS_ENABLED=
|
|
OLLAMA_SERVER_LOAD_MODELS_ENABLED=
|
|
|
|
## Embedding
|
|
EMBEDDING_URL=
|
|
EMBEDDING_KEY=
|
|
EMBEDDING_MODEL=
|
|
EMBEDDING_PROVIDER=
|
|
EMBEDDING_BATCH_SIZE=
|
|
EMBEDDING_STRIP_NEW_LINES=
|
|
|
|
## Summarizer
|
|
SUMMARIZER_PRESERVE_LAST=
|
|
SUMMARIZER_USE_QA=
|
|
SUMMARIZER_SUM_MSG_HUMAN_IN_QA=
|
|
SUMMARIZER_LAST_SEC_BYTES=
|
|
SUMMARIZER_MAX_BP_BYTES=
|
|
SUMMARIZER_MAX_QA_SECTIONS=
|
|
SUMMARIZER_MAX_QA_BYTES=
|
|
SUMMARIZER_KEEP_QA_SECTIONS=
|
|
|
|
## Assistant
|
|
ASSISTANT_USE_AGENTS=
|
|
ASSISTANT_SUMMARIZER_PRESERVE_LAST=
|
|
ASSISTANT_SUMMARIZER_LAST_SEC_BYTES=
|
|
ASSISTANT_SUMMARIZER_MAX_BP_BYTES=
|
|
ASSISTANT_SUMMARIZER_MAX_QA_SECTIONS=
|
|
ASSISTANT_SUMMARIZER_MAX_QA_BYTES=
|
|
ASSISTANT_SUMMARIZER_KEEP_QA_SECTIONS=
|
|
|
|
## Execution Monitor Detector
|
|
EXECUTION_MONITOR_ENABLED=
|
|
EXECUTION_MONITOR_SAME_TOOL_LIMIT=
|
|
EXECUTION_MONITOR_TOTAL_TOOL_LIMIT=
|
|
|
|
## Agent execution tool calls limit
|
|
MAX_GENERAL_AGENT_TOOL_CALLS=
|
|
MAX_LIMITED_AGENT_TOOL_CALLS=
|
|
|
|
## Agent planning step for pentester, coder, installer
|
|
AGENT_PLANNING_STEP_ENABLED=
|
|
|
|
## HTTP proxy to use it in isolation environment
|
|
PROXY_URL=
|
|
|
|
## SSL/TLS Certificate Configuration
|
|
EXTERNAL_SSL_CA_PATH=
|
|
EXTERNAL_SSL_INSECURE=
|
|
|
|
## HTTP client timeout in seconds for external API calls (LLM providers, search tools, etc.)
|
|
## Default: 600 (10 minutes). Set to 0 to use the default.
|
|
HTTP_CLIENT_TIMEOUT=
|
|
|
|
## Scraper URLs and settings
|
|
## For Docker (default):
|
|
SCRAPER_PUBLIC_URL=
|
|
SCRAPER_PRIVATE_URL=https://someuser:somepass@scraper/
|
|
## For Podman rootless, use: SCRAPER_PRIVATE_URL=http://someuser:somepass@scraper:3000/
|
|
## See README.md "Running PentAGI with Podman" section for details
|
|
LOCAL_SCRAPER_USERNAME=someuser
|
|
LOCAL_SCRAPER_PASSWORD=somepass
|
|
LOCAL_SCRAPER_MAX_CONCURRENT_SESSIONS=10
|
|
|
|
## PentAGI server settings (docker-compose.yml)
|
|
PENTAGI_LISTEN_IP=
|
|
PENTAGI_LISTEN_PORT=
|
|
PENTAGI_DATA_DIR=
|
|
PENTAGI_SSL_DIR=
|
|
PENTAGI_OLLAMA_DIR=
|
|
PENTAGI_DOCKER_SOCKET=
|
|
PENTAGI_DOCKER_CERT_PATH=
|
|
PENTAGI_LLM_SERVER_CONFIG_PATH=
|
|
PENTAGI_OLLAMA_SERVER_CONFIG_PATH=
|
|
|
|
## PentAGI security settings
|
|
PUBLIC_URL=https://localhost:8443
|
|
CORS_ORIGINS=https://localhost:8443
|
|
COOKIE_SIGNING_SALT=salt # change this to improve security
|
|
|
|
## PentAGI internal server settings (inside the container)
|
|
STATIC_DIR=
|
|
STATIC_URL=
|
|
SERVER_PORT=8443
|
|
SERVER_HOST=0.0.0.0
|
|
SERVER_SSL_CRT=
|
|
SERVER_SSL_KEY=
|
|
SERVER_USE_SSL=true
|
|
|
|
## OAuth google
|
|
OAUTH_GOOGLE_CLIENT_ID=
|
|
OAUTH_GOOGLE_CLIENT_SECRET=
|
|
|
|
## OAuth github
|
|
OAUTH_GITHUB_CLIENT_ID=
|
|
OAUTH_GITHUB_CLIENT_SECRET=
|
|
|
|
## DuckDuckGo search engine
|
|
DUCKDUCKGO_ENABLED=
|
|
DUCKDUCKGO_REGION=
|
|
DUCKDUCKGO_SAFESEARCH=
|
|
DUCKDUCKGO_TIME_RANGE=
|
|
|
|
## Sploitus search engine API
|
|
SPLOITUS_ENABLED=
|
|
|
|
## Google search engine API
|
|
GOOGLE_API_KEY=
|
|
GOOGLE_CX_KEY=
|
|
GOOGLE_LR_KEY=
|
|
|
|
## Traversaal search engine API
|
|
TRAVERSAAL_API_KEY=
|
|
|
|
## Tavily search engine API
|
|
TAVILY_API_KEY=
|
|
|
|
## Perplexity search engine API
|
|
PERPLEXITY_API_KEY=
|
|
PERPLEXITY_MODEL=
|
|
PERPLEXITY_CONTEXT_SIZE=
|
|
|
|
## SEARXNG search engine API
|
|
SEARXNG_URL=
|
|
SEARXNG_CATEGORIES=general
|
|
SEARXNG_LANGUAGE=
|
|
SEARXNG_SAFESEARCH=0
|
|
SEARXNG_TIME_RANGE=
|
|
SEARXNG_TIMEOUT=
|
|
|
|
## Langfuse observability settings
|
|
LANGFUSE_BASE_URL=
|
|
LANGFUSE_PROJECT_ID=
|
|
LANGFUSE_PUBLIC_KEY=
|
|
LANGFUSE_SECRET_KEY=
|
|
|
|
## OpenTelemetry observability settings
|
|
OTEL_HOST=
|
|
|
|
## Docker client settings to run primary terminal container
|
|
DOCKER_HOST=
|
|
DOCKER_TLS_VERIFY=
|
|
DOCKER_CERT_PATH=
|
|
|
|
## Docker settings inside primary terminal container
|
|
DOCKER_INSIDE=true # enable to use docker socket
|
|
DOCKER_NET_ADMIN=true # enable to use net_admin capability
|
|
DOCKER_SOCKET=/var/run/docker.sock # path on host machine
|
|
DOCKER_NETWORK=
|
|
DOCKER_WORK_DIR=
|
|
DOCKER_PUBLIC_IP=0.0.0.0 # public ip of host machine
|
|
DOCKER_DEFAULT_IMAGE=
|
|
DOCKER_DEFAULT_IMAGE_FOR_PENTEST=
|
|
|
|
# Postgres (pgvector) settings
|
|
PENTAGI_POSTGRES_USER=postgres
|
|
PENTAGI_POSTGRES_PASSWORD=postgres # change this to improve security
|
|
PENTAGI_POSTGRES_DB=pentagidb
|
|
|
|
## Graphiti knowledge graph settings
|
|
## Set GRAPHITI_ENABLED=true and GRAPHITI_URL=http://graphiti:8000 to enable embedded Graphiti
|
|
GRAPHITI_ENABLED=false
|
|
GRAPHITI_TIMEOUT=30
|
|
GRAPHITI_URL=
|
|
GRAPHITI_MODEL_NAME=
|
|
|
|
# Neo4j settings (used by Graphiti stack)
|
|
NEO4J_USER=neo4j
|
|
NEO4J_DATABASE=neo4j
|
|
NEO4J_PASSWORD=devpassword # change this to improve security
|
|
NEO4J_URI=bolt://neo4j:7687
|
|
|
|
## PentAGI image settings
|
|
PENTAGI_IMAGE=
|
|
|
|
## Scraper network settings
|
|
## Default ports: SCRAPER_LISTEN_IP=127.0.0.1, SCRAPER_LISTEN_PORT=9443
|
|
## Note: These settings don't need to change for Podman rootless
|
|
SCRAPER_LISTEN_IP=
|
|
SCRAPER_LISTEN_PORT=
|
|
|
|
## Postgres network settings
|
|
PGVECTOR_LISTEN_IP=
|
|
PGVECTOR_LISTEN_PORT=
|
|
|
|
## Postgres Exporter network settings
|
|
POSTGRES_EXPORTER_LISTEN_IP=
|
|
POSTGRES_EXPORTER_LISTEN_PORT=
|
|
|
|
|
|
# Langfuse Environment Variables
|
|
|
|
## Langfuse server settings
|
|
LANGFUSE_LISTEN_IP=
|
|
LANGFUSE_LISTEN_PORT=
|
|
LANGFUSE_NEXTAUTH_URL=
|
|
|
|
## Langfuse Postgres
|
|
LANGFUSE_POSTGRES_USER=postgres
|
|
LANGFUSE_POSTGRES_PASSWORD=postgres # change this to improve security
|
|
LANGFUSE_POSTGRES_DB=langfuse
|
|
|
|
## Langfuse Clickhouse
|
|
LANGFUSE_CLICKHOUSE_USER=clickhouse
|
|
LANGFUSE_CLICKHOUSE_PASSWORD=clickhouse # change this to improve security
|
|
LANGFUSE_CLICKHOUSE_URL=http://langfuse-clickhouse:8123
|
|
LANGFUSE_CLICKHOUSE_MIGRATION_URL=clickhouse://langfuse-clickhouse:9000
|
|
LANGFUSE_CLICKHOUSE_CLUSTER_ENABLED=false
|
|
|
|
## Langfuse S3
|
|
LANGFUSE_S3_BUCKET=langfuse
|
|
LANGFUSE_S3_REGION=auto
|
|
LANGFUSE_S3_ACCESS_KEY_ID=accesskey # change this to improve security
|
|
LANGFUSE_S3_SECRET_ACCESS_KEY=secretkey # change this to improve security
|
|
LANGFUSE_S3_ENDPOINT=http://langfuse-minio:9000
|
|
LANGFUSE_S3_FORCE_PATH_STYLE=true
|
|
LANGFUSE_S3_EVENT_UPLOAD_PREFIX=events/
|
|
LANGFUSE_S3_MEDIA_UPLOAD_PREFIX=media/
|
|
LANGFUSE_S3_BATCH_EXPORT_ENABLED=true
|
|
|
|
## Langfuse Redis
|
|
LANGFUSE_REDIS_HOST=langfuse-redis
|
|
LANGFUSE_REDIS_PORT=6379
|
|
LANGFUSE_REDIS_AUTH=redispassword # change this to improve security
|
|
LANGFUSE_REDIS_TLS_ENABLED=false
|
|
LANGFUSE_REDIS_TLS_CA=
|
|
LANGFUSE_REDIS_TLS_CERT=
|
|
LANGFUSE_REDIS_TLS_KEY=
|
|
|
|
## Langfuse web app security settings
|
|
LANGFUSE_SALT=salt # change this to improve security
|
|
LANGFUSE_ENCRYPTION_KEY=0000000000000000000000000000000000000000000000000000000000000000 # change this to improve security
|
|
|
|
## Langfuse web app nextauth settings
|
|
LANGFUSE_NEXTAUTH_URL=http://localhost:4000
|
|
LANGFUSE_NEXTAUTH_SECRET=secret # change this to improve security
|
|
|
|
## Langfuse extra settings
|
|
LANGFUSE_ENABLE_EXPERIMENTAL_FEATURES=true
|
|
LANGFUSE_TELEMETRY_ENABLED=false
|
|
LANGFUSE_LOG_LEVEL=info
|
|
|
|
## Langfuse init settings
|
|
LANGFUSE_INIT_ORG_ID=ocm47619l0000872mcd2dlbqwb
|
|
LANGFUSE_INIT_ORG_NAME=PentAGI Org
|
|
LANGFUSE_INIT_PROJECT_ID=cm47619l0000872mcd2dlbqwb
|
|
LANGFUSE_INIT_PROJECT_NAME=PentAGI
|
|
LANGFUSE_INIT_PROJECT_PUBLIC_KEY=pk-lf-00000000-0000-0000-0000-000000000000 # change this to improve security
|
|
LANGFUSE_INIT_PROJECT_SECRET_KEY=sk-lf-00000000-0000-0000-0000-000000000000 # change this to improve security
|
|
LANGFUSE_INIT_USER_EMAIL=admin@pentagi.com
|
|
LANGFUSE_INIT_USER_NAME=admin
|
|
LANGFUSE_INIT_USER_PASSWORD=password # change this to improve security
|
|
|
|
## Langfuse SDK sync settings
|
|
LANGFUSE_SDK_CI_SYNC_PROCESSING_ENABLED=false
|
|
LANGFUSE_READ_FROM_POSTGRES_ONLY=false
|
|
LANGFUSE_READ_FROM_CLICKHOUSE_ONLY=true
|
|
LANGFUSE_RETURN_FROM_CLICKHOUSE=true
|
|
|
|
## Langfuse ingestion tuning
|
|
LANGFUSE_INGESTION_QUEUE_DELAY_MS=
|
|
LANGFUSE_INGESTION_CLICKHOUSE_WRITE_INTERVAL_MS=
|
|
LANGFUSE_INGESTION_CLICKHOUSE_WRITE_BATCH_SIZE=
|
|
LANGFUSE_INGESTION_CLICKHOUSE_MAX_ATTEMPTS=
|
|
|
|
## Langfuse email
|
|
LANGFUSE_EMAIL_FROM_ADDRESS=
|
|
LANGFUSE_SMTP_CONNECTION_URL=
|
|
|
|
## Langfuse optional Azure blob
|
|
LANGFUSE_USE_AZURE_BLOB=false
|
|
|
|
## Langfuse license settings
|
|
LANGFUSE_EE_LICENSE_KEY=
|
|
|
|
## Langfuse OpenTelemetry settings
|
|
LANGFUSE_OTEL_EXPORTER_OTLP_ENDPOINT=
|
|
LANGFUSE_OTEL_SERVICE_NAME=
|
|
|
|
## Langfuse custom oauth2 settings
|
|
LANGFUSE_AUTH_CUSTOM_CLIENT_ID=
|
|
LANGFUSE_AUTH_CUSTOM_CLIENT_SECRET=
|
|
LANGFUSE_AUTH_CUSTOM_ISSUER=
|
|
LANGFUSE_AUTH_CUSTOM_NAME=PentAGI
|
|
LANGFUSE_AUTH_CUSTOM_SCOPE=openid email profile
|
|
LANGFUSE_AUTH_CUSTOM_CLIENT_AUTH_METHOD=client_secret_post
|
|
LANGFUSE_AUTH_CUSTOM_ALLOW_ACCOUNT_LINKING=true
|
|
|
|
## Langfuse auth settings
|
|
LANGFUSE_AUTH_DISABLE_SIGNUP=false # disable signup if PentAGI OAuth2 is used
|
|
LANGFUSE_AUTH_SESSION_MAX_AGE=240
|
|
|
|
## Langfuse allowed organization creators
|
|
LANGFUSE_ALLOWED_ORGANIZATION_CREATORS=admin@pentagi.com
|
|
|
|
## Langfuse default settings for new users
|
|
LANGFUSE_DEFAULT_ORG_ID=ocm47619l0000872mcd2dlbqwb
|
|
LANGFUSE_DEFAULT_PROJECT_ID=cm47619l0000872mcd2dlbqwb
|
|
LANGFUSE_DEFAULT_ORG_ROLE=VIEWER
|
|
LANGFUSE_DEFAULT_PROJECT_ROLE=VIEWER
|
|
|
|
|
|
# Observability Environment Variables
|
|
|
|
## Observability server settings
|
|
GRAFANA_LISTEN_IP=
|
|
GRAFANA_LISTEN_PORT=
|
|
|
|
## OpenTelemetry server settings
|
|
OTEL_GRPC_LISTEN_IP=
|
|
OTEL_GRPC_LISTEN_PORT=
|
|
OTEL_HTTP_LISTEN_IP=
|
|
OTEL_HTTP_LISTEN_PORT=
|