Hosting Variables

Hosting Variables

While the API offers ways to configure Generator’s behavior as an application, most of the aspects that are relevant to a hosting or infrastructure team are controlled with environment variables. These variables are mostly easily defined in a .env file, but you can also pass them directly to your Docker container or runtime environment as needed.

Example File

Below is an example .env file to help you get started. Variables with comments but no default values require your input before launching the application; the others are provided with reasonable defaults. Be sure to review and customize these settings to suit your environment.

HOSTING__PROJECT_NAME=Rustici Generator

# A JSON formatted array of domains that CORS requests are accepted from
# This value will block all CORS access
HOSTING__BACKEND_CORS_ORIGINS=[]

# The domain that will be used to access your Generator instance.
HOSTING__DOMAIN=

# An API credential that is created during start up.
# You will use this to access the API the first time.
# Set these to something secure.
# After the application has been started once, these env vars are still required to start the app,
# but you can change/delete the var values to avoid storing a copy of your credentials on disk.
SECURITY__FIRST_CREDENTIAL=
SECURITY__FIRST_CREDENTIAL_PASSWORD=

# A secret key used to encrypt sensitive information stored in the app database
# Set to something random and secure
# If you ever want to rotate your encryption keys, see the SECURITY__PREVIOUS_ENCRYPTION_KEYS setting below
SECURITY__ENCRYPTION_KEY=

# After rotating your encryption keys, Generator still needs to be able to decode records that were encrypted with your previous key.
# After changing the value of SECURITY__ENCRYPTION_KEY, adding the previous value to this JSON formatted array
# will allow that.
SECURITY__PREVIOUS_ENCRYPTION_KEYS=[]

# A secret key used to sign the API's auth tokens
# Set to something random and secure
SECURITY__SECRET_KEY=

# How long in minutes should API auth tokens live before expiring
SECURITY__ACCESS_TOKEN_EXPIRE_MINUTES=60

# Options are DEBUG, INFO, WARN, ERROR, and FATAL
LOGGING__DEFAULT_LEVEL=INFO

# Details for connecting to the app database
DB__HOST=
DB__USER=
DB__PASSWORD=
DB__DATABASE=generator
DB__ENGINE=postgresql
DB__DRIVER=psycopg2

# Details of your Rabbit MQ broker
QUEUE__USER=
QUEUE__HOST=
QUEUE__PASSWORD=
QUEUE__PORT=5672

# The name of the S3 bucket where Generator should store its content
AWS_S3_BUCKET=

# Controls how many threads are used to execute tasks from the queue
# We recommend a starting point of roughly 1 thread per GB of memory on your worker node(s).
# However, requirements may vary due to your usage, so this can be increased if your host's metrics
# aren't being stressed.
# In particular, PDF parsing uses a lot of memory, so if you aren't doing much of that, you probably have room
# to increase the number of threads.
THREADS__DRAMATIQ_THREADS=2

# Controls how many Dramatiq process run in a worker node.
# Each process will contain $THREADS__DRAMATIQ_THREADS number of threads,
# so this setting can drastically increase resource requirements
THREADS__DRAMATIQ_PROCESSES=1

Optional Settings

Here are some optional settings that you can change if necessary. Specifying them is not necessary in all cases, as they all have reasonable defaults.

# Set these if you're not using something like IAM roles/EC2 instance profiles
AWS_ACCESS_KEY_ID=
AWS_REGION=
AWS_SECRET_ACCESS_KEY=
AWS_SESSION_TOKEN=

# The minimum size of the connection pool
DB__POOL_SIZE=5
# The maximum size of the connection pool
DB__MAX_OVERFLOW=10
# How long to wait for a connection from the pool before timing out
DB__POOL_TIMEOUT=30

# The ID and version of an AWS Bedrock Guardrail, if you'd like to use one
GENERATION__BEDROCK_GUARDRAIL_ID=
GENERATION__BEDROCK_GUARDRAIL_VERSION=

# How long should the config cache last before being refreshed
HOSTING__CONFIG_CACHE_EXPIRY_MINUTES=5

# The maximum number of locations to scrape during a web import
# Protects against accidentally importing way too many locations or spamming the source with requests
# Lower this for more protection, raise it for more freedom
HOSTING__WEB_IMPORT_MAX_LOCATIONS=1000

# Should the text of lessons be logged? True or false
LOGGING__LESSON_TEXT=False

# Set this if you want logs to be written to a file rather than sent to stdout
LOGGING__LOCATION=

# Can be used to customize the log level of different modules.
# i.e. LOGGING__MODULE_LEVELS='{"app.ai.ai_client":"INFO"}
LOGGING__MODULE_LEVELS=

# How many times should we retry messages from the queue after encountering a retryable error
QUEUE__MAX_RETRIES=2