-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathenv.example
More file actions
261 lines (223 loc) · 12.3 KB
/
env.example
File metadata and controls
261 lines (223 loc) · 12.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# =============================================================================
# MORPHEUS API ENVIRONMENT CONFIGURATION
# =============================================================================
# =============================================================================
# APPLICATION SETTINGS
# =============================================================================
ENVIRONMENT=development
API_V1_STR=/api/v1
# =============================================================================
# CORS CONFIGURATION (for ALB lb_cookie stickiness)
# =============================================================================
# Environment - determines auto CORS origins if CORS_ALLOWED_ORIGINS is empty
ENVIRONMENT=production
# Comma-separated list of allowed origins for CORS with credentials
# Leave empty for auto-detection based on ENVIRONMENT
# NEVER use "*" with credentials enabled - security violation
CORS_ALLOWED_ORIGINS=
# Auto-detected origins by environment:
# production: https://openbeta.mor.org,https://api.mor.org
# development: includes dev.mor.org domains + localhost origins
#
# Manual override examples:
# CORS_ALLOWED_ORIGINS=https://openbeta.mor.org,https://api.mor.org
# CORS_ALLOWED_ORIGINS=https://openbeta.dev.mor.org,https://api.dev.mor.org,http://localhost:3000
# Additional development origins (ignored in production)
CORS_DEV_ORIGINS=http://localhost:3000,http://localhost:8080,http://127.0.0.1:3000,http://127.0.0.1:8080
# =============================================================================
# DATABASE CONFIGURATION
# =============================================================================
# PostgreSQL Database Settings
POSTGRES_USER=morpheus
POSTGRES_PASSWORD=your_database_password
POSTGRES_DB=morpheus_db
DATABASE_URL=postgresql+asyncpg://morpheus:your_database_password@your_db_host:5432/morpheus_db
# Alternative Database URLs (choose one):
# For local development:
# DATABASE_URL=sqlite:///./dev.db
# For exported format:
# export DATABASE_URL="postgresql+asyncpg://morpheus:your_password@your_host:5432/morpheus_db"
# SQLAlchemy Connection Pool Settings
# Adjust these based on load requirements and RDS max_connections setting
# Total possible connections per instance = DB_POOL_SIZE + DB_MAX_OVERFLOW
# Important: Ensure RDS max_connections > (num_instances * (DB_POOL_SIZE + DB_MAX_OVERFLOW))
DB_POOL_SIZE=20 # Base connection pool size (default: 20)
DB_MAX_OVERFLOW=30 # Additional connections during load spikes (default: 30)
DB_POOL_TIMEOUT=30 # Seconds to wait for connection before timeout (default: 30)
DB_POOL_RECYCLE=3600 # Seconds before recycling connections (default: 3600 = 1 hour)
DB_POOL_PRE_PING=true # Test connections before use (default: true)
DEFAULT_BALANCE_AMOUNT=10
# =============================================================================
# AWS CONFIGURATION
# =============================================================================
AWS_REGION=us-east-2
AWS_ACCOUNT_ID=YOUR_AWS_ACCOUNT_ID
# AWS Credentials (optional if using IAM roles)
# AWS_ACCESS_KEY_ID=your_access_key_id
# AWS_SECRET_ACCESS_KEY=your_secret_access_key
# AWS Profile for CLI operations
AWS_PROFILE=your-aws-profile
# =============================================================================
# EKS/ECS DEPLOYMENT CONFIGURATION
# =============================================================================
# ECR (Elastic Container Registry) Settings
# Note: ECR_REGISTRY will be constructed dynamically by the deployment script
# ECR_REGISTRY=YOUR_AWS_ACCOUNT_ID.dkr.ecr.us-east-2.amazonaws.com # This will be built from AWS_ACCOUNT_ID and AWS_REGION
ECR_REPO=ecr-morpheus
# ECS (Elastic Container Service) Settings
ECS_CLUSTER=ecs-dev-morpheus-engine
ECS_SERVICE=svc-dev-api-service
# Container and Image Settings
DOCKER_IMAGE_TAG=latest
CONTAINER_PORT=8000
# =============================================================================
# COGNITO AUTHENTICATION
# =============================================================================
COGNITO_USER_POOL_ID=your_user_pool_id
COGNITO_CLIENT_ID=your_client_id
COGNITO_REGION=us-east-2
COGNITO_DOMAIN=your-cognito-domain.auth.us-east-2.amazoncognito.com
# =============================================================================
# BLOCKCHAIN CONFIGURATION (BASE)
# =============================================================================
CONTRACT_ADDRESS=0x0000000000000000000000000000000000000000
DIAMOND_CONTRACT_ADDRESS=0x0000000000000000000000000000000000000000
BLOCKSCOUT_API_URL=https://base.blockscout.com/api/v2
CHAIN_ID=8453
# =============================================================================
# WEB3 / SIWE (Sign-In with Ethereum) CONFIGURATION
# =============================================================================
# SIWE domain and URI (ERC-4361) - must match your frontend application
SIWE_DOMAIN=app.mor.org
SIWE_URI=https://app.mor.org
SIWE_CHAIN_ID=8453
# Optional: Web3 provider URL for EIP-1271 smart contract wallet verification
# Required for supporting smart contract wallets (Safe, Argent, Coinbase Smart Wallet, etc.)
# If not set, only EOA wallets (MetaMask, Rabby, etc.) will be supported
# Examples:
# WEB3_PROVIDER_URL=https://base-mainnet.g.alchemy.com/v2/YOUR_API_KEY
# WEB3_PROVIDER_URL=https://mainnet.infura.io/v3/YOUR_PROJECT_ID
WEB3_PROVIDER_URL=
# =============================================================================
# PROXY ROUTER CONFIGURATION
# =============================================================================
PROXY_ROUTER_URL=http://your-router-host:8082
PROXY_ROUTER_USERNAME=your_router_username
PROXY_ROUTER_PASSWORD=your_router_password
# Timeout in seconds for non-streaming chat completion requests (default: 300 = 5 minutes)
PROXY_ROUTER_CHAT_TIMEOUT=300.0
# Timeout in seconds for streaming chat completion requests (default: 300 = 5 minutes)
PROXY_ROUTER_STREAM_TIMEOUT=300.0
# =============================================================================
# FEATURE FLAGS
# =============================================================================
# Model Synchronization
MODEL_SYNC_ENABLED=false
MODEL_SYNC_ON_STARTUP=false
# =============================================================================
# BILLING CONFIGURATION
# =============================================================================
# Admin secret for protected billing endpoints (staking settings, manual topups)
# Generate a secure random string, e.g.: openssl rand -hex 32
BILLING_ADMIN_SECRET=your-billing-admin-secret-generate-a-secure-random-string
# =============================================================================
# STRIPE CONFIGURATION
# =============================================================================
# Stripe API secret key for server-side operations
# Get this from: https://dashboard.stripe.com/apikeys
# Use test key (sk_test_...) for development, live key (sk_live_...) for production
STRIPE_SECRET_KEY=sk_test_your_stripe_secret_key
# Stripe webhook signing secret for signature verification
# Get this from: https://dashboard.stripe.com/webhooks (click on your endpoint)
# For local testing with Stripe CLI, run: stripe listen --forward-to localhost:8000/api/v1/webhooks/stripe
# The CLI will display the signing secret (whsec_...)
STRIPE_WEBHOOK_SECRET=whsec_your_webhook_signing_secret
# =============================================================================
# COINBASE BUSINESS CONFIGURATION
# =============================================================================
# CDP Secret API Key for Payment Link CRUD operations
# Generate at: https://portal.cdp.coinbase.com/projects/api-keys (Secret API Keys tab)
# Docs: https://docs.cdp.coinbase.com/api-reference/v2/authentication
# Key ID: UUID from the CDP portal
CDP_API_KEY_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
# Key Secret: base64-encoded secret from the CDP portal
CDP_API_KEY_SECRET=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==
# Set to true for sandbox (no real transactions, uses Base Sepolia testnet)
# See: https://docs.cdp.coinbase.com/coinbase-business/payment-link-apis/sandbox
CDP_SANDBOX=false
# Payment Link webhook signature verification secret
# From metadata.secret when creating a webhook subscription
# See: https://docs.cdp.coinbase.com/coinbase-business/payment-link-apis/webhooks
COINBASE_PAYMENT_LINK_WEBHOOK_SECRET=your_webhook_secret
# =============================================================================
# BUILDERS API CONFIGURATION (MOR Staking Data)
# =============================================================================
# Base URL for the Builders API (for fetching staker data)
BUILDERS_API_URL=https://dashboard.mor.org/api
# Subnet ID for staking queries
BUILDERS_SUBNET_ID=0x20ba70f2bbdc384bbc0e016ec2e888c38e6d1a5454555eefdc91d546fccca932
# =============================================================================
# SESSION AUTOMATION CONFIGURATION
# =============================================================================
# Interval between automation checks (in seconds)
SESSION_AUTOMATION_INTERVAL_SECONDS=30
# Grace period before closing idle sessions (prevents thrashing, in seconds)
SESSION_IDLE_GRACE_SECONDS=300
# Default session duration when creating new sessions (in seconds)
SESSION_DEFAULT_DURATION_SECONDS=1800
# Comma-separated list of preferred models (keep at least one idle session)
SESSION_PREFERRED_MODELS=
# =============================================================================
# LOGGING CONFIGURATION
# =============================================================================
# Master log level (controls all components by default)
LOG_LEVEL=INFO
# Enable structured JSON logging (recommended for production)
LOG_JSON=true
# Production mode (affects log format and performance)
LOG_IS_PROD=false
# Component-specific logging levels (override the application default)
LOG_LEVEL_CORE=WARN # Infrastructure (Uvicorn, FastAPI, HTTP, dependencies, local testing)
LOG_LEVEL_AUTH=INFO # Authentication (Cognito, JWT, API keys, private keys)
LOG_LEVEL_PROXY=INFO # Upstream calls to proxy-router API endpoints
LOG_LEVEL_MODELS=INFO # Model fetching, caching, routing
LOG_LEVEL_API=DEBUG # Local API endpoints (chat, embeddings, models, sessions)
# =============================================================================
# REDIS CONFIGURATION (for rate limiting)
# =============================================================================
# Redis connection URL (required for rate limiting in production)
REDIS_URL=redis://localhost:6379/0
# Maximum Redis connections in the pool
REDIS_MAX_CONNECTIONS=20
# Socket timeout in seconds
REDIS_SOCKET_TIMEOUT=5.0
# Socket connect timeout in seconds
REDIS_SOCKET_CONNECT_TIMEOUT=5.0
# =============================================================================
# HOLD RECONCILIATION CONFIGURATION
# =============================================================================
# Interval between reconciliation sweeps (in seconds, default: 600 = 10 minutes)
HOLD_RECONCILIATION_INTERVAL_SECONDS=600
# Maximum age of a pending hold before it is auto-voided (in seconds, default: 3600 = 60 minutes)
# Should match or exceed SESSION_DEFAULT_DURATION_SECONDS
HOLD_MAX_PENDING_SECONDS=3600
# =============================================================================
# RATE LIMITING CONFIGURATION
# =============================================================================
# Enable/disable rate limiting globally
RATE_LIMIT_ENABLED=true
# Rate limit defaults and model groups are configured in models/{env}_rate_limit.json
# Model pricing is configured in models/{env}_model_price.json
# The ENVIRONMENT variable determines which file is used (see above)
# =============================================================================
# SIGNUP BONUS
# =============================================================================
# One-time credit bonus granted when a new user's balance is first created
SIGNUP_BONUS_AMOUNT=1
# IP-based abuse window: only one bonus per IP within this many hours (0 to disable)
SIGNUP_BONUS_IP_WINDOW_HOURS=24
# =============================================================================
# CORS & NETWORKING
# =============================================================================
# CORS Origins (comma-separated URLs, leave empty for development)
BACKEND_CORS_ORIGINS=