Environment Variables
All configuration is supplied via a .env file at the project root. Copy config/dev.env.template to .env to get started.
Required — core services
| Variable | Example | Description |
|---|---|---|
POSTGRES_HOST | postgres | Hostname of the PostgreSQL container |
POSTGRES_PORT | 5432 | PostgreSQL port |
POSTGRES_DB | purple8 | Database name |
POSTGRES_USER | purple8 | Database user |
POSTGRES_PASSWORD | (secret) | Database password — never commit this |
JWT_SECRET | (secret, min 32 chars) | Signs all JWT access tokens |
JWT_EXPIRY_SECONDS | 3600 | Token lifetime |
RABBITMQ_HOST | rabbitmq | RabbitMQ hostname |
RABBITMQ_DEFAULT_USER | purple8 | RabbitMQ user |
RABBITMQ_DEFAULT_PASS | (secret) | RabbitMQ password |
MINIO_ENDPOINT | minio:9000 | MinIO endpoint (artifact storage) |
MINIO_ROOT_USER | purple8 | MinIO access key |
MINIO_ROOT_PASSWORD | (secret) | MinIO secret key |
REDIS_URL | redis://redis:6379/0 | Redis connection string |
Required — LLM providers
Provide at least one of the following. Builder uses the first configured provider unless LLM_PROVIDER is set explicitly.
| Variable | Description |
|---|---|
OPENAI_API_KEY | OpenAI key (GPT-4o, GPT-4o-mini) |
ANTHROPIC_API_KEY | Anthropic key (Claude 3.5 Sonnet) |
GOOGLE_API_KEY | Google key (Gemini 1.5 Pro) |
LLM_PROVIDER | Override auto-detection: openai · anthropic · google · ollama |
LLM_MODEL | Override the default model (e.g. gpt-4o-mini) |
Required — Purple8 Graph integration
| Variable | Example | Description |
|---|---|---|
PURPLE8_GRAPH_URL | http://purple8-graph:8100 | Graph service URL |
PURPLE8_GRAPH_API_KEY | (secret) | API key issued by the Graph service |
Optional — local LLM
| Variable | Example | Description |
|---|---|---|
OLLAMA_BASE_URL | http://host.docker.internal:11434 | Ollama server URL |
OLLAMA_MODEL | llama3.2 | Model name to use for local inference |
Optional — features
| Variable | Default | Description |
|---|---|---|
HITL_ENABLED | false | Enable human-in-the-loop checkpoints globally |
MEMORY_ENABLED | true | Enable the two-tier memory system |
SANDBOX_TIMEOUT | 300 | Default sandbox session timeout (seconds) |
MAX_PIPELINE_CONCURRENCY | 3 | Max simultaneous pipeline runs |
LOG_LEVEL | info | One of debug · info · warning · error |
SENTRY_DSN | — | Sentry DSN for error tracking (optional) |
Optional — licensing
| Variable | Description |
|---|---|
PURPLE8_LICENSE_KEY | Commercial license key (required for PLUS mode and enterprise features) |
PURPLE8_LICENSE_TIER | developer · team · enterprise — auto-detected from key |
Secrets management
For production, inject secrets via your orchestrator's native secret management rather than a plain .env file:
- Docker Compose: use
secrets:blocks - Kubernetes: use Kubernetes Secrets or external secret operators (e.g. External Secrets Operator with AWS SSM / Vault)
- Render / Railway: use environment variable groups in the platform UI
Never commit .env files containing real credentials. The .gitignore at the project root already excludes .env.