-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.env.example
More file actions
56 lines (46 loc) · 1.89 KB
/
.env.example
File metadata and controls
56 lines (46 loc) · 1.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# Reflect Memory — Local development config
# Copy to .env and fill in. Never commit .env.
# Required
RM_API_KEY=your-api-key-for-clients
RM_MODEL_NAME=gpt-4o-mini
RM_MODEL_API_KEY=sk-your-openai-api-key
# Optional — model config
# RM_MODEL_BASE_URL=https://api.openai.com/v1
# RM_MODEL_TEMPERATURE=0.7
# RM_MODEL_MAX_TOKENS=1024
# Optional — local dev
# RM_PORT=3000
# RM_DB_PATH=./data/reflect.db
# Deployment mode abstraction
# hosted | isolated-hosted | self-host
# RM_DEPLOYMENT_MODE=hosted
# RM_TENANT_ID=tenant-a
# RM_DISABLE_MODEL_EGRESS=false
# RM_REQUIRE_INTERNAL_MODEL_BASE_URL=false
# RM_ALLOW_PUBLIC_WEBHOOKS=true
# RM_ALLOWED_MODEL_HOSTS=api.openai.com,internal-llm.local
# Optional — agent keys (for MCP / Custom Actions)
# Each RM_AGENT_KEY_* maps to a vendor name. Memories get origin labels.
# RM_AGENT_KEY_CLAUDE=...
# RM_AGENT_KEY_CHATGPT=...
# RM_AGENT_KEY_CURSOR=...
# RM_AGENT_KEY_GROK=...
# RM_AGENT_KEY_GEMINI=...
# RM_AGENT_KEY_N8N=...
# Optional — dashboard multi-user auth
# RM_DASHBOARD_SERVICE_KEY=... # Shared with dashboard. Generate: openssl rand -hex 32
# RM_DASHBOARD_JWT_SECRET=... # Must match dashboard AUTH_SECRET. Minimum 32 characters.
# RM_OWNER_EMAIL=you@example.com # Owner email for admin access and bootstrap
# Optional — public URL for OAuth discovery (required for Claude native connector)
# RM_PUBLIC_URL=https://api.reflectmemory.com
# Optional — ChatGPT Custom GPT OAuth (enables per-user auth for public GPTs)
# RM_CHATGPT_CLIENT_ID=reflect-memory-chatgpt
# RM_CHATGPT_CLIENT_SECRET=... # Generate: openssl rand -hex 32
# Optional — audit retention (days, default 90)
# RM_AUDIT_RETENTION_DAYS=90
# Optional — enterprise SSO (OIDC/JWKS-backed bearer validation)
# RM_SSO_ENABLED=false
# RM_SSO_JWKS_URL=https://idp.example.com/.well-known/jwks.json
# RM_SSO_ISSUER=https://idp.example.com/
# RM_SSO_AUDIENCE=reflect-memory
# RM_SSO_EMAIL_CLAIM=email