import os def _read_secret(env_var: str, secret_file_var: str, default: str) -> str: """Read a config value from env var, or from a Docker secrets file.""" value = os.environ.get(env_var) if value: return value secret_file = os.environ.get(secret_file_var) if secret_file: try: with open(secret_file) as f: return f.read().strip() except FileNotFoundError: pass return default class Config: DATABASE_URL: str = _read_secret( "DATABASE_URL", "DATABASE_URL_FILE", "postgresql+asyncpg://fabled:fabled@localhost:5432/fabledassistant", ) OLLAMA_URL: str = os.environ.get("OLLAMA_URL", "http://localhost:11434") OLLAMA_MODEL: str = os.environ.get("OLLAMA_MODEL", "qwen3:latest") # Optional dedicated model for intent classification. # Falls back to OLLAMA_MODEL if not set. Can also be overridden per-user via settings. OLLAMA_INTENT_MODEL: str = os.environ.get("OLLAMA_INTENT_MODEL", "qwen2.5:7b") # KV cache context window for generation. Lower = less VRAM, less throughput impact. OLLAMA_NUM_CTX: int = int(os.environ.get("OLLAMA_NUM_CTX", "16384")) SECRET_KEY: str = _read_secret("SECRET_KEY", "SECRET_KEY_FILE", "dev-secret-change-me") SECURE_COOKIES: bool = os.environ.get("SECURE_COOKIES", "").lower() in ("1", "true", "yes") LOG_LEVEL: str = os.environ.get("LOG_LEVEL", "INFO") LOG_RETENTION_DAYS: int = int(os.environ.get("LOG_RETENTION_DAYS", "90")) # Embedding model for semantic note search (served by Ollama) EMBEDDING_MODEL: str = os.environ.get("EMBEDDING_MODEL", "nomic-embed-text") # SMTP defaults (overridden by DB settings when configured via admin UI) SMTP_HOST: str = os.environ.get("SMTP_HOST", "") SMTP_PORT: int = int(os.environ.get("SMTP_PORT", "587")) SMTP_USERNAME: str = os.environ.get("SMTP_USERNAME", "") SMTP_PASSWORD: str = _read_secret("SMTP_PASSWORD", "SMTP_PASSWORD_FILE", "") SMTP_FROM_ADDRESS: str = os.environ.get("SMTP_FROM_ADDRESS", "") SMTP_FROM_NAME: str = os.environ.get("SMTP_FROM_NAME", "Fabled Assistant") SMTP_USE_TLS: bool = os.environ.get("SMTP_USE_TLS", "true").lower() in ("1", "true", "yes") BASE_URL: str = os.environ.get("BASE_URL", "http://localhost:5000").rstrip("/") TRUST_PROXY_HEADERS: bool = os.environ.get("TRUST_PROXY_HEADERS", "").lower() in ("1", "true", "yes") # OIDC / OAuth2 SSO (e.g. Authentik) OIDC_ISSUER: str = os.environ.get("OIDC_ISSUER", "") OIDC_CLIENT_ID: str = os.environ.get("OIDC_CLIENT_ID", "") OIDC_CLIENT_SECRET: str = _read_secret("OIDC_CLIENT_SECRET", "OIDC_CLIENT_SECRET_FILE", "") OIDC_SCOPES: str = os.environ.get("OIDC_SCOPES", "openid profile email") LOCAL_AUTH_ENABLED: bool = os.environ.get("LOCAL_AUTH_ENABLED", "true").lower() not in ("0", "false", "no") # SearXNG web search (external instance) SEARXNG_URL: str = os.environ.get("SEARXNG_URL", "") # Image cache — images fetched from the web are stored here and served locally IMAGE_CACHE_DIR: str = os.environ.get("IMAGE_CACHE_DIR", "/data/images") # Maximum size of a single image to cache (default 5 MB) IMAGE_MAX_BYTES: int = int(os.environ.get("IMAGE_MAX_BYTES", str(5 * 1024 * 1024))) @classmethod def oidc_enabled(cls) -> bool: return bool(cls.OIDC_ISSUER and cls.OIDC_CLIENT_ID and cls.OIDC_CLIENT_SECRET) @classmethod def searxng_enabled(cls) -> bool: return bool(cls.SEARXNG_URL)