Configuration

Environment Variable Mapping

Environment Variable Mapping

This document maps centralized configuration (pkg/config/types.go) environment variables to service-specific variables, facilitating the Sprint 3 migration.

Infrastructure

Database (PostgreSQL)

Centralized Env VarTypeDefaultServices UsingNotes
POSTGRES_HOSTstringapi-dbllm-apiUsed in DB_POSTGRESQL_WRITE_DSN
POSTGRES_PORTint5432llm-apiUsed in DB_POSTGRESQL_WRITE_DSN
POSTGRES_USERstringjan_userllm-apiUsed in DB_POSTGRESQL_WRITE_DSN
POSTGRES_PASSWORDstringjan_passwordllm-apiFrom secrets, used in DB_POSTGRESQL_WRITE_DSN
POSTGRES_DBstringjan_llm_apillm-apiUsed in DB_POSTGRESQL_WRITE_DSN
POSTGRES_SSL_MODEstringdisablellm-apiUsed in DB_POSTGRESQL_WRITE_DSN
POSTGRES_MAX_CONNECTIONSint100llm-apiNew standardized var
POSTGRES_MAX_IDLE_CONNSint5llm-apiNew standardized var
POSTGRES_MAX_OPEN_CONNSint15llm-apiNew standardized var
DB_CONN_MAX_LIFETIMEduration30mllm-apiOK Already aligned

Migration Notes:

  • All services use DB_POSTGRESQL_WRITE_DSN for database connections
  • Connection URL is built from components: postgres://user:password@host:port/database?sslmode=disable
  • This allows better secret management (password separate from URL)

Authentication (Keycloak)

Centralized Env VarTypeDefaultServices UsingNotes
KEYCLOAK_BASE_URLstringhttp://keycloak:8085llm-apiOK Already aligned
KEYCLOAK_REALMstringjanllm-apiOK Already aligned
KEYCLOAK_HTTP_PORTint8085InfrastructureNew standardized var
KEYCLOAK_ADMINstringadminllm-apiOK Already aligned
KEYCLOAK_ADMIN_PASSWORDstring(secret)llm-apiOK Already aligned
KEYCLOAK_ADMIN_REALMstringmasterllm-apiOK Already aligned
KEYCLOAK_ADMIN_CLIENT_IDstringadmin-clillm-apiOK Already aligned
BACKEND_CLIENT_IDstringbackendllm-apiOK Already aligned
BACKEND_CLIENT_SECRETstring(secret)llm-apiOK Already aligned
CLIENTstringjan-clientllm-apiOK Already aligned
OAUTH_REDIRECT_URIstringhttp://localhost:8000/auth/callbackllm-apiOK Already aligned
JWKS_URLstring(computed)llm-apiOK Already aligned
OIDC_DISCOVERY_URLstring(computed)llm-apiNew standardized var
ISSUERstringhttp://localhost:8085/realms/janllm-apiOK Already aligned
ACCOUNTstringaccountllm-apiOK Already aligned
JWKS_REFRESH_INTERVALduration5mllm-apiOK Already aligned
AUTH_CLOCK_SKEWduration60sllm-apiOK Already aligned
GUEST_ROLEstringguestllm-apiOK Already aligned
KEYCLOAK_FEATURES[]stringtoken-exchange,previewInfrastructureNew standardized var

Gateway (Kong)

Centralized Env VarTypeDefaultServices UsingNotes
KONG_HTTP_PORTint8000InfrastructureNew standardized var
KONG_ADMIN_PORTint8001InfrastructureNew standardized var
KONG_ADMIN_URLstringhttp://kong:8001llm-apiOK Already aligned
KONG_LOG_LEVELstringinfoInfrastructureNew standardized var

Services

LLM API

Centralized Env VarTypeDefaultCurrent VarStatus
HTTP_PORTint8080HTTP_PORTOK Aligned
METRICS_PORTint9091METRICS_PORTOK Aligned
LOG_LEVELstringinfoLOG_LEVELOK Aligned
LOG_FORMATstringjsonLOG_FORMATOK Aligned
AUTO_MIGRATEbooltrueAUTO_MIGRATEOK Aligned
API_KEY_PREFIXstringsk_liveAPI_KEY_PREFIXOK Aligned
API_KEY_DEFAULT_TTLduration2160hAPI_KEY_DEFAULT_TTLOK Aligned
API_KEY_MAX_TTLduration2160hAPI_KEY_MAX_TTLOK Aligned
API_KEY_MAX_PER_USERint5API_KEY_MAX_PER_USEROK Aligned
MODEL_PROVIDER_SECRETstringjan-model-provider-secret-2024MODEL_PROVIDER_SECRETOK Aligned
MODEL_SYNC_ENABLEDbooltrueMODEL_SYNC_ENABLEDOK Aligned
MODEL_SYNC_INTERVAL_MINUTESint60MODEL_SYNC_INTERVAL_MINUTESOK Aligned
MEDIA_RESOLVE_URLstringhttp://kong:8000/media/v1/media/resolveMEDIA_RESOLVE_URLOK Aligned
MEDIA_RESOLVE_TIMEOUTduration5sMEDIA_RESOLVE_TIMEOUTOK Aligned

Provider Config:

Centralized Env VarTypeDefaultCurrent VarStatus
JAN_PROVIDER_CONFIGS_FILEstringconfigs/providers.ymlJAN_PROVIDER_CONFIGS_FILETODO Path may differ
JAN_PROVIDER_CONFIG_SETstringdefaultJAN_PROVIDER_CONFIG_SETOK Aligned
JAN_PROVIDER_CONFIGSbooltrueJAN_PROVIDER_CONFIGSOK Aligned

MCP Tools

Centralized Env VarTypeDefaultCurrent VarStatus
MCP_TOOLS_HTTP_PORTint8091HTTP_PORTTODO Need prefix
MCP_TOOLS_LOG_LEVELstringinfoLOG_LEVELTODO Need prefix
MCP_TOOLS_LOG_FORMATstringjsonLOG_FORMATTODO Need prefix
MCP_SEARCH_ENGINEstringserperSEARCH_ENGINETODO Need prefix
SEARXNG_URLstringhttp://searxng:8080SEARXNG_URLOK Aligned
VECTOR_STORE_URLstringhttp://vector-store:3015VECTOR_STORE_URLOK Aligned
SANDBOXFUSION_URLstringhttp://sandboxfusion:8080SANDBOXFUSION_URLOK Aligned
MCP_SANDBOX_REQUIRE_APPROVALbooltrueSANDBOX_REQUIRE_APPROVALTODO Need prefix
MCP_CONFIG_FILEstringconfigs/mcp-providers.ymlMCP_CONFIG_FILEOK Aligned

Migration Notes:

  • Add MCP_ or MCP_TOOLS_ prefix to disambiguate from other services
  • HTTP_PORT collision with llm-api when running in same environment

Memory Tools

Centralized Env VarTypeDefaultCurrent VarStatus
MEMORY_TOOLS_PORTint8090MEMORY_TOOLS_PORTOK Aligned
DB_POSTGRESQL_WRITE_DSNstring(computed)-✅ Standard
DB_POSTGRESQL_READ1_DSNstring--✅ New (optional)
MEMORY_LOG_LEVELstringinfoLOG_LEVELTODO Need prefix
MEMORY_LOG_FORMATstringjsonLOG_FORMATTODO Need prefix
EMBEDDING_SERVICE_URLstring-EMBEDDING_SERVICE_URLOK Aligned
EMBEDDING_CACHE_TYPEstringmemoryEMBEDDING_CACHE_TYPEOK Aligned
EMBEDDING_CACHE_REDIS_URLstringredis://redis:6379/3EMBEDDING_CACHE_REDIS_URLOK Aligned
EMBEDDING_CACHE_KEY_PREFIXstringemb:EMBEDDING_CACHE_KEY_PREFIXOK Aligned
EMBEDDING_CACHE_MAX_SIZEint10000EMBEDDING_CACHE_MAX_SIZEOK Aligned
EMBEDDING_CACHE_TTLduration1hEMBEDDING_CACHE_TTLOK Aligned

Migration Notes:

  • Database configuration uses DB_POSTGRESQL_WRITE_DSN and optional DB_POSTGRESQL_READ1_DSN for read replicas
  • Supports read/write splitting for better scalability
  • Can share database with other services or use separate database
  • Read replica is optional; falls back to write DSN if not configured

Realtime API

Centralized Env VarTypeDefaultCurrent VarStatus
REALTIME_API_PORTint8186REALTIME_API_PORTOK Aligned
REALTIME_LOG_LEVELstringinfoLOG_LEVELTODO Need prefix
LIVEKIT_WS_URLstringwss://your-livekit-server.comLIVEKIT_WS_URLOK Aligned
LIVEKIT_API_KEYstring(secret)LIVEKIT_API_KEYOK Aligned
LIVEKIT_API_SECRETstring(secret)LIVEKIT_API_SECRETOK Aligned
LIVEKIT_TOKEN_TTLduration24hLIVEKIT_TOKEN_TTLOK Aligned
SESSION_STALE_TTLduration10mSESSION_STALE_TTLOK Aligned
SESSION_CLEANUP_INTERVALduration15sSESSION_CLEANUP_INTERVALOK Aligned
REALTIME_AUTH_ENABLEDbooltrueAUTH_ENABLEDTODO Need prefix

Migration Notes:

  • LiveKit configuration already uses proper prefixes
  • Session management variables are clear and aligned
  • Only generic LOG_LEVEL and AUTH_ENABLED need REALTIME_ prefix for consistency

Media API

Centralized Env VarTypeDefaultCurrent VarStatus
MEDIA_API_PORTint8285HTTP_PORTTODO Need rename
MEDIA_API_LOG_LEVELstringinfoLOG_LEVELTODO Need prefix
MEDIA_MAX_UPLOAD_BYTESint20971520MAX_UPLOAD_SIZETODO Rename needed
MEDIA_RETENTION_DAYSint30RETENTION_DAYSTODO Need prefix
MEDIA_PROXY_DOWNLOADbooltruePROXY_DOWNLOADTODO Need prefix
MEDIA_REMOTE_FETCH_TIMEOUTduration15sFETCH_TIMEOUTTODO Rename needed
MEDIA_S3_ENDPOINTstringhttps://s3.menlo.aiS3_ENDPOINTTODO Need prefix
MEDIA_S3_REGIONstringus-west-2S3_REGIONTODO Need prefix
MEDIA_S3_BUCKETstringplatform-devS3_BUCKETTODO Need prefix
MEDIA_S3_USE_PATH_STYLEbooltrueS3_PATH_STYLETODO Rename needed
MEDIA_S3_PRESIGN_TTLduration168hPRESIGN_TTLTODO Need prefix
MEDIA_S3_ACCESS_KEY_IDstring(secret)AWS_ACCESS_KEY_IDTODO Rename for clarity
MEDIA_S3_SECRET_ACCESS_KEYstring(secret)AWS_SECRET_ACCESS_KEYTODO Rename for clarity

Migration Notes:

  • Most env vars need MEDIA_ prefix to avoid conflicts
  • S3 vars should use MEDIA_S3_ prefix for clarity
  • Consider AWS credential standardization

Response API

Centralized Env VarTypeDefaultCurrent VarStatus
RESPONSE_API_PORTint8082HTTP_PORTTODO Need rename
RESPONSE_API_LOG_LEVELstringinfoLOG_LEVELTODO Need prefix
RESPONSE_LLM_API_URLstringhttp://llm-api:8080LLM_API_URLTODO Need prefix
RESPONSE_MCP_TOOLS_URLstringhttp://mcp-tools:8091MCP_TOOLS_URLTODO Need prefix
RESPONSE_MAX_TOOL_DEPTHint8MAX_TOOL_DEPTHTODO Need prefix
RESPONSE_TOOL_TIMEOUTduration45sTOOL_TIMEOUTTODO Need prefix

Monitoring

OpenTelemetry

Centralized Env VarTypeDefaultServices UsingStatus
OTEL_ENABLEDboolfalseAll servicesOK Standard
OTEL_SERVICE_NAMEstringllm-apiAll servicesTODO Service-specific
OTEL_EXPORTER_OTLP_ENDPOINTstringhttp://otel-collector:4318All servicesOK Standard
OTEL_HTTP_PORTint4318InfrastructureNew
OTEL_GRPC_PORTint4317InfrastructureNew

Prometheus

Centralized Env VarTypeDefaultServices UsingStatus
PROMETHEUS_PORTint9090InfrastructureNew

Grafana

Centralized Env VarTypeDefaultServices UsingStatus
GRAFANA_PORTint3331InfrastructureNew
GRAFANA_ADMIN_USERstringadminInfrastructureNew
GRAFANA_ADMIN_PASSWORDstring(secret)InfrastructureNew

Jaeger

Centralized Env VarTypeDefaultServices UsingStatus
JAEGER_UI_PORTint16686InfrastructureNew

Inference

vLLM

Centralized Env VarTypeDefaultServices UsingStatus
VLLM_ENABLEDbooltrueInfrastructureNew
VLLM_PORTint8001llm-apiNew
VLLM_MODELstringQwen/Qwen2.5-0.5B-InstructInfrastructureNew
VLLM_SERVED_NAMEstringqwen2.5-0.5b-instructInfrastructureNew
VLLM_GPU_UTILIZATIONfloat0.66InfrastructureNew

Migration Priority

Phase 1: Critical (Sprint 3.1)

OK Already Aligned - No Changes Needed:

  • llm-api authentication vars (Keycloak)
  • llm-api API key management
  • llm-api model sync
  • Database connection timeouts

Phase 2: High Priority (Sprint 3.2)

TODO Requires Prefix/Rename:

  • Service-specific HTTP_PORT -> {SERVICE}_PORT
  • Service-specific LOG_LEVEL -> {SERVICE}_LOG_LEVEL
  • Database URL components

Phase 3: Medium Priority (Sprint 3.3)

TODO New Variables - Add Support:

  • Infrastructure monitoring ports (Prometheus, Grafana, Jaeger)
  • vLLM inference configuration
  • Kong gateway ports
  • Database connection pool settings

Phase 4: Low Priority (Sprint 3.4)

TODO Nice to Have:

  • Media API S3 prefixing
  • Response API prefixing
  • MCP Tools prefixing

Testing Strategy

Per-Service Testing

For each service after env var migration:

  1. Unit Tests: Verify config loading with new env vars
  2. Integration Tests: Test with Docker Compose
  3. Precedence Tests: Verify env vars override defaults
  4. Backward Compatibility: Old env vars still work (deprecation warnings)

Test Script Template

#!/bin/bash
# Test service with new env vars

# Set centralized env vars
export POSTGRES_HOST=testdb
export POSTGRES_PORT=5432
export POSTGRES_USER=testuser
export POSTGRES_PASSWORD=testpass
export POSTGRES_DB=testdb
export POSTGRES_SSL_MODE=disable

# Run service
./service-binary

# Verify config loaded correctly
curl http://localhost:8080/health

Rollback Plan

If migration causes issues:

  1. Immediate: Revert docker compose.yml to use old env vars
  2. Service-Level: Keep backward compatibility (read both old and new vars)
  3. Gradual Migration: Migrate one service at a time, not all at once

See Also

Kubernetes Helm Values Generation

Previous Page

Configuration Precedence

Next Page

On this page

Environment Variable MappingInfrastructureDatabase (PostgreSQL)Authentication (Keycloak)Gateway (Kong)ServicesLLM APIMCP ToolsMemory ToolsRealtime APIMedia APIResponse APIMonitoringOpenTelemetryPrometheusGrafanaJaegerInferencevLLMMigration PriorityPhase 1: Critical (Sprint 3.1)Phase 2: High Priority (Sprint 3.2)Phase 3: Medium Priority (Sprint 3.3)Phase 4: Low Priority (Sprint 3.4)Testing StrategyPer-Service TestingTest Script TemplateRollback PlanSee Also