Skip to content
Kodakodadocs
Reference

Environment variables

Bootstrap variables for .env and deployment profiles.

Environment variables control bootstrap-time concerns: how the control plane and runtime bind, where state lives, how auth is enforced, and which storage backends the stack talks to. Product configuration (providers, agents, secrets) lives behind the control plane and is not set here.

Where to set them

Set values in the .env file at the install directory root. The installer writes safe defaults on first boot. On VPS deployments, make sure the file is owned by the service user with permissions 0600.

Environment profile

VariableDefaultPurpose
KODA_ENVdevelopmentSet to production to refuse development auth modes and loopback-bootstrap at boot.
ALLOW_LOOPBACK_BOOTSTRAPtrue (dev)Allow 127.0.0.1 to skip the setup code during first-owner registration. Must be false in production.

Control plane

VariableDefaultPurpose
CONTROL_PLANE_ENABLEDtrueMaster toggle for the control-plane HTTP service.
CONTROL_PLANE_BIND127.0.0.1Address the control plane binds to.
CONTROL_PLANE_PORT8090Port the control plane listens on.
CONTROL_PLANE_AUTH_MODEtokenAuth mode. Use token in production. development and open are refused when KODA_ENV=production.
CONTROL_PLANE_API_TOKENOptional break-glass token for CLI access. Leave blank unless needed.
CONTROL_PLANE_MASTER_KEY_FILEPath to a file containing the master encryption key used for secret storage.
CONTROL_PLANE_RATE_LIMIT120/minGeneral operator request bucket.
CONTROL_PLANE_OPERATOR_LOGIN_MAX_FAILURES5Failed logins before account lockout.
CONTROL_PLANE_OPERATOR_LOGIN_LOCKOUT_SECONDS900Seconds an account stays locked after hitting the failure cap.
CONTROL_PLANE_OPERATOR_PASSWORD_MIN_LENGTH12Minimum password length. You can only override upward.
CONTROL_PLANE_OPERATOR_SESSION_TTL_SECONDS604800Operator session lifetime in seconds (7 days).

Web dashboard

VariableDefaultPurpose
WEB_PORT3000Port the Next.js dashboard listens on.
WEB_OPERATOR_SESSION_SECRETRequired in production. 32+ random bytes used to seal the operator session cookie.
ALLOW_INSECURE_WEB_OPERATOR_SESSION_SECRETfalseDevelopment-only escape hatch. Refused in production.
ALLOW_INSECURE_COOKIESfalseDevelopment-only. Lets cookies skip the Secure flag.
RUNTIME_LOCAL_UI_TOKENToken the dashboard presents to the runtime when the two are on different origins.

State & storage roots

VariableDefaultPurpose
STATE_BACKENDpostgresDurable state backend. Postgres is the supported default.
STATE_ROOT_DIR/var/lib/koda/stateRoot directory for container-local state (bootstrap files, caches).
RUNTIME_EPHEMERAL_ROOT/var/lib/koda/runtimeRuntime scratch root. Cleaned up between tasks.
ARTIFACT_STORE_DIR/var/lib/koda/artifactsLocal fallback artifact directory (ignored when S3 is available).
OBJECT_STORAGE_REQUIREDtrueRefuse to start if object storage is unavailable.

Postgres

VariableDefaultPurpose
KNOWLEDGE_V2_POSTGRES_DSNFull Postgres DSN for knowledge, memory, runtime, and audit schemas.
KNOWLEDGE_V2_POSTGRES_SCHEMAknowledge_v2Schema prefix. Override when sharing a cluster with other workloads.

Object storage (S3-compatible)

VariableDefaultPurpose
KNOWLEDGE_V2_STORAGE_MODEprimaryprimary uses object storage as the source of truth; secondary mirrors from Postgres.
KNOWLEDGE_V2_S3_BUCKETkoda-objectsBucket name.
KNOWLEDGE_V2_S3_PREFIXkodaObject key prefix.
KNOWLEDGE_V2_S3_ENDPOINT_URLhttp://seaweedfs:8333S3 endpoint. Point at AWS, MinIO, R2, or the bundled SeaweedFS.
KNOWLEDGE_V2_S3_REGIONus-east-1Region hint. Most S3-compatible backends ignore this; AWS requires it.
KNOWLEDGE_V2_S3_ACCESS_KEY_IDAccess key for the configured endpoint.
KNOWLEDGE_V2_S3_SECRET_ACCESS_KEYSecret for the configured endpoint.

Memory

VariableDefaultPurpose
MEMORY_ENABLEDtrueGlobal memory enablement.
MEMORY_EMBEDDING_MODELparaphrase-multilingual-MiniLM-L12-v2Sentence-transformer model used for memory embeddings.
MEMORY_MAX_RECALL25Maximum memories returned per recall.
MEMORY_RECALL_THRESHOLD0.25Minimum similarity for a memory to be recalled.
MEMORY_RECALL_TIMEOUT3.0Seconds the recall step is allowed to take before it's dropped (best-effort).
MEMORY_MAX_CONTEXT_TOKENS3500Token budget for the recall-assembled context.
MEMORY_RECENCY_HALF_LIFE_DAYS120Decay rate for time-based ranking.
MEMORY_MAX_PER_USER2000Retention cap before maintenance prunes least-important records.
MEMORY_SIMILARITY_DEDUP_THRESHOLD0.92Cosine threshold for deduplication during extraction.
MEMORY_EXTRACTION_PROVIDERclaudeProvider used for post-query memory extraction.
MEMORY_EXTRACTION_MODELclaude-sonnet-4-6Model used for extraction.
MEMORY_MAINTENANCE_ENABLEDtrueRun background maintenance (retention, embedding repair).
MEMORY_DIGEST_ENABLEDtrueRun the daily digest job.

Knowledge

VariableDefaultPurpose
KNOWLEDGE_ENABLEDtrueGlobal retrieval enablement.
KNOWLEDGE_MAX_RESULTS6Ranked hits returned per query.
KNOWLEDGE_RECALL_THRESHOLD0.35Minimum similarity for a chunk to be returned.
KNOWLEDGE_CONTEXT_MAX_TOKENS2200Token budget for the retrieval-assembled context.
KNOWLEDGE_RECALL_TIMEOUT2.0Seconds the retrieval step is allowed to take (best-effort).
KNOWLEDGE_V2_ENABLEDtrueToggle for the modern retrieval pipeline.
KNOWLEDGE_V2_MAX_GRAPH_HOPS3Entity-graph traversal depth during retrieval.

Skills

VariableDefaultPurpose
SKILLS_DIRkoda/skillsDirectory the skill registry scans. Changed files are picked up automatically.

Browser automation

VariableDefaultPurpose
BROWSER_ALLOW_PRIVATE_NETWORKfalseAllow runtime browser sessions to reach internal/loopback destinations. Keep disabled unless explicitly needed.

Next steps

  • VPS deployment — the production checklist that pins the critical values above.
  • Security — the full story around auth, sessions, cookies, and audit.