# ============================================================================ # ForensicPathways Environment Configuration - COMPLETE # ============================================================================ # Copy this file to .env and adjust the values below. # This file covers ALL environment variables used in the codebase. # ============================================================================ # 1. CORE APPLICATION SETTINGS (REQUIRED) # ============================================================================ # Your application's public URL (used for redirects and links) PUBLIC_BASE_URL=http://localhost:4321 # Application environment NODE_ENV=development # Secret key for session encryption (CHANGE IN PRODUCTION!) AUTH_SECRET=your-secret-key-change-in-production-please # ============================================================================ # 2. AI SERVICES CONFIGURATION (REQUIRED FOR AI FEATURES) # ============================================================================ # Main AI Analysis Service (for query processing and recommendations) # Examples: http://localhost:11434 (Ollama), https://api.mistral.ai, https://api.openai.com AI_ANALYZER_ENDPOINT=https://api.mistral.ai/v1/chat/completions AI_ANALYZER_API_KEY= AI_ANALYZER_MODEL=mistral/mistral-small-latest # Vector Embeddings Service (for semantic search) # Leave API_KEY empty for Ollama, use actual key for cloud services AI_EMBEDDINGS_ENABLED=true AI_EMBEDDINGS_ENDPOINT=https://api.mistral.ai/v1/embeddings AI_EMBEDDINGS_API_KEY= AI_EMBEDDINGS_MODEL=mistral-embed # ============================================================================ # 3. AI PIPELINE CONFIGURATION (CONTEXT & PERFORMANCE TUNING) # ============================================================================ # === SIMILARITY SEARCH STAGE === # How many similar tools/concepts embeddings search returns as candidates # 🔍 This is the FIRST filter - vector similarity matching # Lower = faster, less comprehensive | Higher = slower, more comprehensive AI_EMBEDDING_CANDIDATES=50 # Minimum similarity score threshold (0.0-1.0) # Lower = more results but less relevant | Higher = fewer but more relevant AI_SIMILARITY_THRESHOLD=0.3 # === AI SELECTION FROM EMBEDDINGS === # When embeddings are enabled, how many top tools to send with full context # 🎯 This is the SECOND filter - take best N from embeddings results AI_EMBEDDING_SELECTION_LIMIT=30 AI_EMBEDDING_CONCEPTS_LIMIT=15 # Maximum tools/concepts sent to AI when embeddings are DISABLED # Set to 0 for no limit (WARNING: may cause token overflow with large datasets) AI_NO_EMBEDDINGS_TOOL_LIMIT=0 AI_NO_EMBEDDINGS_CONCEPT_LIMIT=0 # === AI SELECTION STAGE === # Maximum tools the AI can select from embedding candidates # 🤖 This is the SECOND filter - AI intelligent selection # Should be ≤ AI_EMBEDDING_CANDIDATES AI_MAX_SELECTED_ITEMS=25 # === EMBEDDINGS EFFICIENCY THRESHOLDS === # Minimum tools required for embeddings to be considered useful AI_EMBEDDINGS_MIN_TOOLS=8 # Maximum percentage of total tools that embeddings can return to be considered "filtering" AI_EMBEDDINGS_MAX_REDUCTION_RATIO=0.75 # === CONTEXT FLOW SUMMARY === # 1. Vector Search: 111 total tools → AI_EMBEDDING_CANDIDATES (40) most similar # 2. AI Selection: 40 candidates → AI_MAX_SELECTED_ITEMS (25) best matches # 3. Final Output: Recommendations based on analyzed subset # ============================================================================ # 4. AI PERFORMANCE & RATE LIMITING # ============================================================================ # === USER RATE LIMITS (per minute) === # Main queries per user per minute AI_RATE_LIMIT_MAX_REQUESTS=4 # Total AI micro-task calls per user per minute (across all micro-tasks) AI_MICRO_TASK_TOTAL_LIMIT=30 # === PIPELINE TIMING === # Delay between micro-tasks within a single query (milliseconds) # Higher = gentler on AI service | Lower = faster responses AI_MICRO_TASK_DELAY_MS=500 # Delay between queued requests (milliseconds) AI_RATE_LIMIT_DELAY_MS=2000 # === EMBEDDINGS BATCH PROCESSING === # How many embeddings to generate per API call AI_EMBEDDINGS_BATCH_SIZE=10 # Delay between embedding batches (milliseconds) AI_EMBEDDINGS_BATCH_DELAY_MS=1000 # Maximum tools sent to AI for detailed analysis (micro-tasks) AI_MAX_TOOLS_TO_ANALYZE=20 AI_MAX_CONCEPTS_TO_ANALYZE=10 # ============================================================================ # 5. AI CONTEXT & TOKEN MANAGEMENT # ============================================================================ # Maximum context tokens to maintain across micro-tasks # Controls how much conversation history is preserved between AI calls AI_MAX_CONTEXT_TOKENS=4000 # Maximum tokens per individual AI prompt # Larger = more context per call | Smaller = faster responses AI_MAX_PROMPT_TOKENS=1500 # ============================================================================ # 6. AUTHENTICATION & AUTHORIZATION (OPTIONAL) # ============================================================================ # Enable authentication for different features AUTHENTICATION_NECESSARY=false AUTHENTICATION_NECESSARY_CONTRIBUTIONS=false AUTHENTICATION_NECESSARY_AI=false # OIDC Provider Settings (only needed if authentication enabled) OIDC_ENDPOINT=https://your-oidc-provider.com OIDC_CLIENT_ID=your-client-id OIDC_CLIENT_SECRET=your-client-secret # ============================================================================ # 7. FILE UPLOADS - NEXTCLOUD INTEGRATION (OPTIONAL) # ============================================================================ # Nextcloud server for file uploads (knowledgebase contributions) # Leave empty to disable file upload functionality NEXTCLOUD_ENDPOINT=https://your-nextcloud.com # Nextcloud credentials (app password recommended) NEXTCLOUD_USERNAME=your-username NEXTCLOUD_PASSWORD=your-app-password # Upload directory on Nextcloud (will be created if doesn't exist) NEXTCLOUD_UPLOAD_PATH=/kb-media # Public URL base for sharing uploaded files # Usually your Nextcloud base URL + share path NEXTCLOUD_PUBLIC_URL=https://your-nextcloud.com/s/ # ============================================================================ # 8. GIT CONTRIBUTIONS - ISSUE CREATION (OPTIONAL) # ============================================================================ # Git provider: gitea, github, or gitlab GIT_PROVIDER=gitea # Repository URL (used to extract owner/name) # Example: https://git.example.com/owner/forensic-pathways.git GIT_REPO_URL=https://git.example.com/owner/forensic-pathways.git # API endpoint for your git provider # Gitea: https://git.example.com/api/v1 # GitHub: https://api.github.com # GitLab: https://gitlab.example.com/api/v4 GIT_API_ENDPOINT=https://git.example.com/api/v1 # Personal access token or API token for creating issues # Generate this in your git provider's settings GIT_API_TOKEN=your-git-api-token # ============================================================================ # 9. AUDIT & DEBUGGING (OPTIONAL) # ============================================================================ # Enable detailed audit trail of AI decision-making FORENSIC_AUDIT_ENABLED=true # Audit detail level: minimal, standard, verbose FORENSIC_AUDIT_DETAIL_LEVEL=standard # Audit retention time (hours) FORENSIC_AUDIT_RETENTION_HOURS=24 # Maximum audit entries per request FORENSIC_AUDIT_MAX_ENTRIES=50 # ============================================================================ # 10. CONFIDENCE SCORING SYSTEM (Enhancement 2) # ============================================================================ # Confidence component weights (must sum to 1.0) CONFIDENCE_EMBEDDINGS_WEIGHT=0.3 # Weight for vector similarity quality CONFIDENCE_CONSENSUS_WEIGHT=0.25 # Weight for micro-task agreement CONFIDENCE_DOMAIN_MATCH_WEIGHT=0.25 # Weight for domain alignment CONFIDENCE_FRESHNESS_WEIGHT=0.2 # Weight for tool freshness/maintenance # Confidence thresholds (0-100) CONFIDENCE_MINIMUM_THRESHOLD=40 # Below this = weak recommendation CONFIDENCE_MEDIUM_THRESHOLD=60 # 40-59 = weak, 60-79 = moderate CONFIDENCE_HIGH_THRESHOLD=80 # 80+ = strong recommendation # Domain keywords for confidence scoring (domain:keyword1,keyword2|domain:keyword3,keyword4) CONFIDENCE_DOMAIN_KEYWORDS="incident-response:incident,breach,attack,compromise,response|malware-analysis:malware,virus,trojan,reverse,analysis|network-forensics:network,traffic,packet,pcap,wireshark|mobile-forensics:mobile,android,ios,phone,app|cloud-forensics:cloud,aws,azure,saas,paas" # ============================================================================ # PERFORMANCE TUNING PRESETS # ============================================================================ # 🚀 FOR FASTER RESPONSES (prevent token overflow): # AI_NO_EMBEDDINGS_TOOL_LIMIT=25 # AI_NO_EMBEDDINGS_CONCEPT_LIMIT=10 # 🎯 FOR FULL DATABASE ACCESS (risk of truncation): # AI_NO_EMBEDDINGS_TOOL_LIMIT=0 # AI_NO_EMBEDDINGS_CONCEPT_LIMIT=0 # 🔋 FOR LOW-POWER SYSTEMS: # AI_NO_EMBEDDINGS_TOOL_LIMIT=15 # ============================================================================ # FEATURE COMBINATIONS GUIDE # ============================================================================ # 📝 BASIC SETUP (AI only): # - Configure AI_ANALYZER_* and AI_EMBEDDINGS_* # - Leave authentication, file uploads, and git disabled # 🔐 WITH AUTHENTICATION: # - Set AUTHENTICATION_NECESSARY_* to true # - Configure OIDC_* settings # 📁 WITH FILE UPLOADS: # - Configure all NEXTCLOUD_* settings # - Test connection before enabling in UI # 🔄 WITH CONTRIBUTIONS: # - Configure all GIT_* settings # - Test API token permissions for issue creation # 🔍 WITH FULL MONITORING: # - Enable FORENSIC_AUDIT_ENABLED=true # - Configure audit retention and detail level # ============================================================================ # SETUP CHECKLIST # ============================================================================ # ✅ 1. Set PUBLIC_BASE_URL to your domain # ✅ 2. Change AUTH_SECRET to a secure random string # ✅ 3. Configure AI endpoints (Ollama: leave API_KEY empty) # ✅ 4. Start with default AI values, tune based on performance # ✅ 5. Enable authentication if needed (configure OIDC) # ✅ 6. Configure Nextcloud if file uploads needed # ✅ 7. Configure Git provider if contributions needed # ✅ 8. Test with a simple query to verify pipeline works # ✅ 9. Enable audit trail for transparency if desired # ✅ 10. Tune performance settings based on usage patterns # ============================================================================