David/veylant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3051f71edd
veylant/config.yaml
David 3051f71edd fix
2026-03-10 12:01:34 +01:00

130 lines
4.0 KiB
YAML
Raw Blame History

server:
port: 8090
shutdown_timeout_seconds: 30
env: development
tenant_name: "Mon Organisation"
# CORS: origins allowed to call the proxy from a browser (React dashboard).
# Override in production: VEYLANT_SERVER_ALLOWED_ORIGINS=https://dashboard.veylant.ai
allowed_origins:
- "http://localhost:3000"
database:
url: "postgres://veylant:veylant_dev@localhost:5432/veylant?sslmode=disable"
max_open_conns: 25
max_idle_conns: 5
migrations_path: "migrations"
redis:
url: "redis://localhost:6379"
# Local JWT authentication (email/password — replaces Keycloak).
# Override jwt_secret in production via VEYLANT_AUTH_JWT_SECRET.
auth:
jwt_secret: "change-me-in-production-use-VEYLANT_AUTH_JWT_SECRET"
jwt_ttl_hours: 24
pii:
enabled: true
service_addr: "localhost:50051"
timeout_ms: 100
fail_open: true
log:
level: "info"
format: "json"
# LLM provider adapters.
# Sensitive values (API keys) must be injected via env vars — never hardcode them.
# Example: VEYLANT_PROVIDERS_OPENAI_API_KEY=sk-...
providers:
openai:
base_url: "https://api.openai.com/v1"
timeout_seconds: 30
max_conns: 100
anthropic:
base_url: "https://api.anthropic.com/v1"
version: "2023-06-01"
timeout_seconds: 30
max_conns: 100
# api_key: set via VEYLANT_PROVIDERS_ANTHROPIC_API_KEY
azure:
api_version: "2024-02-01"
timeout_seconds: 30
max_conns: 100
# api_key: set via VEYLANT_PROVIDERS_AZURE_API_KEY
# resource_name: set via VEYLANT_PROVIDERS_AZURE_RESOURCE_NAME (e.g. "my-azure-resource")
# deployment_id: set via VEYLANT_PROVIDERS_AZURE_DEPLOYMENT_ID (e.g. "gpt-4o")
mistral:
base_url: "https://api.mistral.ai/v1"
timeout_seconds: 30
max_conns: 100
# api_key: set via VEYLANT_PROVIDERS_MISTRAL_API_KEY
ollama:
base_url: "http://localhost:11434/v1"
timeout_seconds: 120
max_conns: 10
# Role-based access control for the provider router.
# Controls which models each role can access.
rbac:
# Models accessible to the "user" role (exact match or prefix, e.g. "gpt-4o-mini" matches "gpt-4o-mini-2024-07-18").
# admin and manager roles always have unrestricted access.
user_allowed_models:
- "gpt-4o-mini"
- "gpt-3.5-turbo"
- "mistral-small"
# If false (default), auditors receive 403 on /v1/chat/completions.
auditor_can_complete: false
metrics:
enabled: true
path: "/metrics"
# Intelligent routing engine.
# Rules are stored in the routing_rules table and cached per tenant.
routing:
# How long routing rules are cached in memory before a background refresh.
# Admin mutations call Invalidate() immediately regardless of this TTL.
cache_ttl_seconds: 30
# ClickHouse audit log (Sprint 6).
# DSN: clickhouse://user:pass@host:9000/database
# Set via env var: VEYLANT_CLICKHOUSE_DSN
clickhouse:
dsn: "clickhouse://veylant:veylant_dev@localhost:9000/veylant_logs"
max_conns: 10
dial_timeout_seconds: 5
# Cryptography settings.
# AES-256-GCM key for encrypting prompt_anonymized in the audit log.
# MUST be set via env var in production: VEYLANT_CRYPTO_AES_KEY_BASE64
# Generate: openssl rand -base64 32
crypto:
# Development placeholder — override in production via env var.
aes_key_base64: ""
# Rate limiting defaults. Per-tenant overrides are stored in rate_limit_configs table.
# Override via env: VEYLANT_RATE_LIMIT_DEFAULT_TENANT_RPM, VEYLANT_RATE_LIMIT_DEFAULT_USER_RPM, etc.
rate_limit:
default_tenant_rpm: 1000
default_tenant_burst: 200
default_user_rpm: 100
default_user_burst: 20
# Email notifications via SMTP (Mailtrap sandbox).
# Override password in production: VEYLANT_NOTIFICATIONS_SMTP_PASSWORD=<full_password>
# Full password visible in Mailtrap dashboard → Sending → SMTP Settings → Show credentials.
notifications:
smtp:
host: "sandbox.smtp.mailtrap.io"
port: 587
username: "2597bd31d265eb"
# Mailtrap password — replace ****3c89 with the full value from the dashboard.
password: "cd126234193c89"
from: "noreply@veylant.ai"
from_name: "Veylant IA"
Reference in New Issue View Git Blame Copy Permalink