# Glean Environment Configuration # Copy this file to .env and customize for your environment # ======================================== # Database Configuration # ======================================== POSTGRES_DB=glean POSTGRES_USER=glean POSTGRES_PASSWORD=glean # ======================================== # Backend Configuration # ======================================== # JWT secret key - CHANGE THIS IN PRODUCTION! # Generate with: openssl rand -hex 32 SECRET_KEY=change-me-in-production-use-a-long-random-string # Enable debug mode (shows API docs at /api/docs) DEBUG=false # ======================================== # Authentication Providers # ======================================== # Local authentication (password-based) AUTH_LOCAL_ENABLED=true AUTH_LOCAL_ALLOW_REGISTRATION=true # OIDC authentication (works with any OIDC-compliant provider) # Examples: Google, Microsoft, Auth0, Keycloak, Okta, etc. AUTH_OIDC_ENABLED=false AUTH_OIDC_PROVIDER_NAME=Google # Display name shown to users AUTH_OIDC_CLIENT_ID= AUTH_OIDC_CLIENT_SECRET= AUTH_OIDC_ISSUER=https://accounts.google.com # Optional: Auto-discovered from issuer if not specified AUTH_OIDC_DISCOVERY_URL= AUTH_OIDC_SCOPES=openid email profile AUTH_OIDC_REDIRECT_URI=http://localhost:3000/auth/callback AUTH_OIDC_JWKS_CACHE_TTL_SECONDS=86400 AUTH_OIDC_RATE_LIMIT_WINDOW_SECONDS=60 AUTH_OIDC_AUTHORIZE_RATE_LIMIT=30 AUTH_OIDC_CALLBACK_RATE_LIMIT=30 # Trust forwarding headers only from these proxy IPs (comma-separated). # Example: 127.0.0.1,10.0.0.10 AUTH_OIDC_TRUSTED_PROXY_IPS= # Priority-ordered client IP headers (comma-separated) AUTH_OIDC_CLIENT_IP_HEADERS=cf-connecting-ip,x-real-ip # ======================================== # Port Configuration # ======================================== # Web interface port WEB_PORT=80 # Admin dashboard port (only for full deployment) ADMIN_PORT=3001 # ======================================== # Development Configuration (optional) # ======================================== # Full database URL (auto-generated from above if not set) # DATABASE_URL=postgresql+asyncpg://glean:devpassword@localhost:5432/glean # Redis URL # REDIS_URL=redis://localhost:6379/0 # CORS origins (JSON array) # CORS_ORIGINS=["http://localhost", "http://localhost:3000"] # ======================================== # Embedding Configuration # ======================================== # Embedding provider: openai, sentence-transformers, volc-engine EMBEDDING_PROVIDER=sentence-transformers # API key for embeddings (needed for openai and volc-engine providers) # OpenAI: Get from https://platform.openai.com/api-keys # Volcengine: Get from https://console.volcengine.com/ark/region:ark+cn-beijing/apiKey # EMBEDDING_API_KEY=your-api-key-here # Alternative API key for Volcengine (official SDK recommended) # Get from: https://console.volcengine.com/ark/region:ark+cn-beijing/apiKey # ARK_API_KEY=your-volcengine-api-key-here # Embedding model name # For sentence-transformers: all-MiniLM-L6-v2 (384d), paraphrase-multilingual-MiniLM-L12-v2 (384d) # For openai: text-embedding-3-small (1536d), text-embedding-3-large (3072d) # For volc-engine: doubao-embedding (1024d) or your model endpoint ID EMBEDDING_MODEL=all-MiniLM-L6-v2 # Embedding dimension # all-MiniLM-L6-v2: 384 # paraphrase-multilingual-MiniLM-L12-v2: 384 # text-embedding-3-small: 1536 # doubao-embedding: 1024 EMBEDDING_DIMENSION=384 # Batch size for embedding generation # Recommended: sentence-transformers (20), openai (20), volc-engine (4) EMBEDDING_BATCH_SIZE=20 # Max retries for failed embedding requests EMBEDDING_MAX_RETRIES=3 # Request timeout in seconds EMBEDDING_TIMEOUT=30 # Optional: Custom API base URL # For local models via LiteLLM: http://localhost:8000/v1 # For Volcengine (default): https://ark.cn-beijing.volces.com # EMBEDDING_BASE_URL=http://localhost:8000/v1 # ======================================== # Milvus Configuration # ======================================== # Milvus host MILVUS_HOST=localhost # Milvus port MILVUS_PORT=19530 # Milvus credentials (optional for dev) # MILVUS_USER= # MILVUS_PASSWORD= # Collection names MILVUS_ENTRIES_COLLECTION=entries MILVUS_PREFS_COLLECTION=user_preferences # ======================================== # Preference Configuration # ======================================== # Default score for entries without preference model PREFERENCE_DEFAULT_SCORE=50.0 # Confidence threshold (samples needed for full confidence) PREFERENCE_CONFIDENCE_THRESHOLD=10 # Signal weights PREFERENCE_LIKE_WEIGHT=1.0 PREFERENCE_BOOKMARK_WEIGHT=0.7 # Maximum affinity boosts PREFERENCE_SOURCE_BOOST_MAX=5.0 PREFERENCE_AUTHOR_BOOST_MAX=3.0 # ======================================== # Score Configuration # ======================================== # Threshold for "recommended" section (score >= 70) SCORE_RECOMMEND_THRESHOLD=70.0 # Threshold for "low interest" section (score < 40) SCORE_LOW_INTEREST_THRESHOLD=40.0 # Score cache TTL in seconds SCORE_CACHE_TTL=3600 # ======================================== # Docker Image Version (for testing pre-releases) # ======================================== # Docker image tag to use (default: latest) # For stable releases, use: latest (default) # For testing pre-releases, use specific version tag like: v0.3.0-alpha.1, v0.3.0-beta.1, v0.3.0-rc.1 # IMAGE_TAG=latest