-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy path.env.example
More file actions
110 lines (98 loc) · 3.41 KB
/
.env.example
File metadata and controls
110 lines (98 loc) · 3.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# Runtime mode: dev | demo | prod
APP_MODE="demo"
# DEV_MODE only for explicit local convenience (fallback tokens/logins).
DEV_MODE="false"
# Cluster access
# Base64 kubeconfig content for single cluster mode.
KUBECONFIG_DATA=""
# Multi-cluster contexts: name:base64,name:base64
KUBECONFIG_CONTEXTS=""
# Server
PORT="3000"
DIST_DIR="dist"
# Build metadata (optional, injected by CI/release pipeline).
APP_VERSION="dev"
APP_COMMIT="local"
APP_BUILT_AT=""
# Predictor service
PREDICTOR_BASE_URL=""
PREDICTOR_TIMEOUT_SECONDS="4"
PREDICTOR_SHARED_SECRET=""
# Assistant provider
ASSISTANT_PROVIDER="none"
ASSISTANT_TIMEOUT_SECONDS="8"
ASSISTANT_API_BASE_URL="https://api.openai.com/v1"
ASSISTANT_API_KEY=""
ASSISTANT_MODEL=""
ASSISTANT_TEMPERATURE="0.2"
# Increase for larger incident/runbook context; lower this for small-context local models such as some Ollama setups.
ASSISTANT_MAX_TOKENS="2048"
ASSISTANT_RAG_ENABLED="true"
# Timeout used for prompt-context collection before the assistant request is sent.
ASSISTANT_PROMPT_TIMEOUT_SECONDS="8"
# Semantic RAG embeddings (optional).
# If OLLAMA_BASE_URL is empty, backend falls back to keyword retrieval.
OLLAMA_BASE_URL=""
OLLAMA_EMBEDDING_MODEL="nomic-embed-text"
# Legacy embedding envs (still supported).
ASSISTANT_EMBEDDING_MODEL=""
ASSISTANT_EMBEDDING_BASE_URL=""
ASSISTANT_EMBEDDING_API_KEY=""
# Cluster memory
MEMORY_FILE_PATH="data/memory-runbooks.json"
# ChatOps (Slack notifications)
CHATOPS_SLACK_WEBHOOK_URL=""
CHATOPS_BASE_URL="http://localhost:5173"
CHATOPS_NOTIFY_INCIDENTS="true"
CHATOPS_NOTIFY_REMEDIATIONS="true"
CHATOPS_NOTIFY_POSTMORTEMS="true"
CHATOPS_NOTIFY_ASSISTANT_FINDINGS="false"
# Authentication and permissions
# Required when AUTH_ENABLED=true and DEV_MODE=false.
# Format: user:role:token,user:role:token
AUTH_ENABLED="false"
AUTH_TOKENS=""
# Allows legacy X-Auth-Token header (recommended: false; rejected in prod).
AUTH_ALLOW_HEADER_TOKEN="false"
# Additional trusted origins for cookie-authenticated mutating requests (Origin/Referer host allowlist).
AUTH_TRUSTED_CSRF_DOMAINS=""
# Comma-separated CIDRs for reverse proxies allowed to supply X-Forwarded-For.
# Example: 10.0.0.0/8,192.168.0.0/16
AUTH_TRUSTED_PROXY_CIDRS=""
# OIDC/JWT auth (optional). Supports provider presets: oidc, google, keycloak, github.
AUTH_PROVIDER=""
# Legacy alias for AUTH_PROVIDER.
AUTH_OIDC_PROVIDER=""
AUTH_OIDC_ENABLED="false"
AUTH_OIDC_ISSUER_URL=""
# Required when AUTH_OIDC_ENABLED=true or when AUTH_PROVIDER/AUTH_OIDC_PROVIDER enables OIDC.
AUTH_OIDC_CLIENT_ID=""
AUTH_OIDC_USERNAME_CLAIM=""
AUTH_OIDC_ROLE_CLAIM=""
# Cluster mutations are opt-in.
WRITE_ACTIONS_ENABLED="false"
# API rate limit
RATE_LIMIT_ENABLED="true"
RATE_LIMIT_REQUESTS="300"
RATE_LIMIT_WINDOW_SECONDS="60"
# Audit
AUDIT_LOG_FILE=""
AUDIT_MAX_ITEMS="500"
# Alert integrations
ALERT_TIMEOUT_SECONDS="5"
ALERTMANAGER_WEBHOOK_URL=""
SLACK_WEBHOOK_URL=""
PAGERDUTY_EVENTS_URL="https://events.pagerduty.com/v2/enqueue"
PAGERDUTY_ROUTING_KEY=""
# OpenTelemetry tracing
# OTEL_EXPORTER_OTLP_ENDPOINT should be host:port for gRPC (example: "tempo:4317").
OTEL_EXPORTER_OTLP_ENDPOINT=""
# Optional traces-specific endpoint/protocol/insecure overrides.
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT=""
OTEL_EXPORTER_OTLP_PROTOCOL="grpc"
OTEL_EXPORTER_OTLP_TRACES_PROTOCOL=""
OTEL_EXPORTER_OTLP_INSECURE="true"
OTEL_EXPORTER_OTLP_TRACES_INSECURE=""
OTEL_SERVICE_NAME="kubelens-backend"
OTEL_PREDICTOR_SERVICE_NAME="kubelens-predictor"
OTEL_TRACES_SAMPLE_RATIO="1"