Lupid is configured almost entirely from environment variables. The repo’s
.env.example is the canonical list; this page documents what each one means.
The agentum binary reads two prefixes:
AGENTUM_* (single underscore) — variables used by helper scripts, the CLI, and
the bootstrap admin.
AGENTUM__* (double underscore) — typed config fields mapped 1:1 onto the
AgentumConfig Rust struct. AGENTUM__FIELD_NAME overrides field_name in
agentum.yaml.
| Variable | Required | Default | Purpose |
|---|
POSTGRES_USER | yes | — | Postgres user (the compose file builds the URL from this) |
POSTGRES_PASSWORD | yes | — | Postgres password |
POSTGRES_DB | yes | — | Postgres database name |
AGENTUM__DATABASE_URL | inherits | built from above | Full Postgres URL; overrides the above |
The docker-compose interpolation uses :? so startup fails loudly if any of the
three Postgres vars is unset — no quiet defaults.
| Variable | Required | Format | Purpose |
|---|
AGENTUM_ENCRYPTION_KEY_HEX | yes | 64 hex chars | Root encryption key for AES-256-GCM at rest (credentials, agent private keys) |
AGENTUM_CAPABILITY_SECRET_HEX | yes | 64 hex chars | HMAC key for capability tokens |
AGENTUM_OPERATOR_SECRET_HEX | yes | 64 hex chars | HMAC key for dashboard → API request signing |
NEXTAUTH_SECRET | yes | 32+ random bytes | Encrypts the dashboard session cookie (AES-GCM) |
Generate each with openssl rand -hex 32 (or openssl rand -base64 32 for
NEXTAUTH_SECRET). The installer does this for you.
| Variable | Required | Default | Purpose |
|---|
NEXTAUTH_URL | yes | http://localhost:3000 | Origin the dashboard runs on (CSRF + cookie) |
AUTH_TRUST_HOST | yes | true | Allow NextAuth to trust the host header |
| Variable | Required | Purpose |
|---|
AGENTUM_ADMIN_EMAIL | recommended | First admin operator, created on first boot when the operators table is empty |
AGENTUM_ADMIN_PASSWORD | recommended | Plaintext password for that admin. Bcrypt-hashed before storage |
Both must be set together for the bootstrap to fire. The hook is idempotent — once
an admin exists, changing these values has no effect. See
Identity & access → Bootstrap.
| Variable | Default | Options | Purpose |
|---|
AGENTUM_DLP_ACTION_HIGH | block | observe / warn / redact / block | Action for High-severity DLP hits |
AGENTUM_DLP_ACTION_CRITICAL | block | same | Action for Critical-severity DLP hits |
| Variable | Default | Purpose |
|---|
AGENTUM__GATEWAY_MODE | enforce | observe or enforce |
AGENTUM__GATEWAY_PORT | 7070 | HTTPS-CONNECT gateway port |
AGENTUM__API_PORT | 7071 | REST API port |
AGENTUM__MCP_GATEWAY_PORT | 7072 | MCP gateway port |
AGENTUM__POLICIES_DIR | /app/policies/cedar | Runtime directory for .cedar files |
AGENTUM__CERTS_DIR | /app/certs | Local CA cert dir |
AGENTUM__HITL_TIMEOUT_SECONDS | 300 | How long a HITL request waits |
AGENTUM__ACCESS_REVIEW_DAYS | 90 | Default access-review cadence |
AGENTUM__H2_LLM_FILTER | 0 | Enable HTTP/2 LLM body filtering |
AGENTUM_CORS_ORIGIN | http://localhost:3000 | CORS origin for the API |
AGENTUM_BIND_HOST | 127.0.0.1 | Bind interface for all listeners |
AGENTUM__LOG_LEVEL | info | tracing log level |
RUST_LOG | various | Per-module log filter |
| Variable | When required | Purpose |
|---|
AGENTUM__CLICKHOUSE_URL | when using --profile audit | ClickHouse connection URL |
AGENTUM__CLICKHOUSE_DATABASE | always (has a default) | ClickHouse database name (defaults to agentum) |
CLICKHOUSE_PASSWORD | when using --profile audit | ClickHouse password |
| Variable | When required | Purpose |
|---|
AGENTUM__VAULT_BACKEND | optional (defaults to static) | static / hashicorp / aws / azure |
AGENTUM__VAULT_HASHICORP_ADDR | when VAULT_BACKEND=hashicorp | HashiCorp Vault address |
AGENTUM__VAULT_HASHICORP_TOKEN | when VAULT_BACKEND=hashicorp | Vault token (or AppRole RoleID) |
AGENTUM__VAULT_HASHICORP_MOUNT | optional (default secret) | KV v2 mount path |
AGENTUM__VAULT_AWS_REGION | when VAULT_BACKEND=aws | AWS region |
AGENTUM__VAULT_AWS_ACCESS_KEY_ID | when VAULT_BACKEND=aws | AWS access key (or use IAM role) |
AGENTUM__VAULT_AWS_SECRET_ACCESS_KEY | when VAULT_BACKEND=aws | AWS secret access key |
AGENTUM__VAULT_AZURE_URL | when VAULT_BACKEND=azure | Key Vault URL |
AGENTUM__VAULT_AZURE_TENANT_ID | when VAULT_BACKEND=azure | Azure tenant id |
AGENTUM__VAULT_AZURE_CLIENT_ID | when VAULT_BACKEND=azure | Azure client id |
AGENTUM__VAULT_AZURE_CLIENT_SECRET | when VAULT_BACKEND=azure | Azure client secret |
| Variable | Required | Purpose |
|---|
OTLP_ENDPOINT | no | OpenTelemetry OTLP gRPC endpoint (e.g. http://otel:4317) |
METRICS_BEARER_TOKEN | no | Require Bearer auth on /metrics |
AGENTUM_DB_POOL_MAX / _MIN / _ACQUIRE_MS | no | Override Postgres pool tuning (defaults 20/2/3000) |