Configuration Loading Order
1
Load .env.local
Secrets and local overrides. Never committed to git.
2
Load .env
Shared defaults. Can be committed to git.
3
Load JSON config file
~/.agtos/config.json (desktop/user default) or /etc/agtos/config.json (system default), or the path in AGTOS_CONFIG_PATH. Only fills gaps not covered by env vars..env.local or .env override the JSON config file. The JSON file is useful for Docker deployments and for storing model slot configuration.
~/.agtos/config.json
Server Ports
The Tauri desktop app and web dashboard connect to the same ports via localhost. The health port serves the REST API, Prometheus metrics, static dashboard files, and health checks.
Authentication
Claude / Anthropic
OpenAI
Claude Transport
Cloud provider selection (Claude vs OpenAI) is no longer configured via environment variable. It is now set per slot in
~/.agtos/config.json via the Model Slot Registry (ADR-020). Run agtos setup to configure slots interactively.API Security
Claude Options
Ollama Options
STT / TTS
sherpa-onnx (In-Process Speech Engine)
sherpa-onnx is the default provider. These variables tune its behavior. Set
STT_PROVIDER=speaches or TTS_PROVIDER=speaches to use the external server instead.STT Configuration
TTS Configuration
VAD Configuration
Model Storage
Voice Pipeline
Cognitive Task Providers
These variables configure independent provider selection for specialized AI tasks (ADR-018). Each task can use a different provider (ollama, claude, or openrouter), allowing you to optimize cost, quality, and privacy per task.
These settings are also configurable at runtime via
PUT /api/settings. Changes to provider settings require a provider restart to take effect.Memory Maintenance
These variables control the periodic memory lint sweep and its background-work gating (ADR-021, ADR-027). See Memory System for the user-facing description.Provider Catalog
These variables control model discovery and caching for the ProviderCatalog system (ADR-026).Redis
Redis is optional but recommended. Without it, the scheduler, episodic/semantic memory, device registry, and user preferences are disabled. Session management falls back to in-memory storage.
Networking
Tauri 2 desktop app origins (
tauri://localhost, https://tauri.localhost) are always included regardless of CORS_ORIGIN.
Logging
Feature Flags
Runtime Configuration (Hot-Reload)
These variables are managed by the Settings API (PUT /api/settings) and the legacy config API (PUT /api/config). They can be changed at runtime without restarting the server.
The
API_RATE_LIMIT and CHAT_RATE_LIMIT variables (without the AGTOS_ prefix) are used at server startup. The AGTOS_ prefixed versions are used by the runtime config system for hot-reload. Both control the same behavior — set the non-prefixed versions in .env.local for startup defaults, and use the Settings API to adjust at runtime.Credentials / Encryption
Credentials are stored encrypted at
~/.agtos/credentials.json with 0o600 permissions. Key derivation uses scrypt (N=16384, r=8, p=1) with AAD binding per provider. The machine secret (~/.agtos/.secret) and salt (~/.agtos/.salt) are auto-generated on first use. For Docker deployments, set AGTOS_CREDENTIAL_SECRET and AGTOS_CREDENTIAL_SALT as environment variables so credentials persist across container restarts.Config File
CLI
Complete .env.local Example
Full example with all common variables
Full example with all common variables
Docker Environment
When running with Docker, set variables viadocker-compose.yml or docker run -e: