Environment Variables
WASP is configured via .env (loaded by Docker Compose) and validated at startup by Pydantic Settings (src/config.py). The container refuses to start if a required value is missing or weak.
Auto-generated by the installer
These three are filled with openssl rand values by install.sh. Don't edit unless you know what you're doing.
| Variable | Purpose |
|---|---|
POSTGRES_PASSWORD | Postgres password. Changing this without resetting the DB volume will lock you out. |
DASHBOARD_SECRET | HMAC signing key for dashboard sessions (≥ 32 chars). |
MEDIA_SIGNING_SECRET | HMAC signing key for /chat/media/* URLs (≥ 64 hex chars). |
Configured by the wizard
| Variable | Purpose |
|---|---|
TIMEZONE | IANA timezone (America/Santiago, Europe/Berlin, …). Default UTC. |
DASHBOARD_USER / DASHBOARD_PASSWORD | Dashboard login. If unset on first boot, a temporary password is generated and printed to stderr. |
DASHBOARD_PUBLIC_URL | External URL when behind a reverse proxy. Empty = http://<host>:8080. |
DEFAULT_PROVIDER | anthropic (default) / openai / xai / google / local (for Ollama). |
WASP_HOST_DIR | Path on the host where WASP is installed. The wizard sets this from --install-dir. The agent reads it so its self-repair commands point to the right rebuild directory. |
Telegram bridge
| Variable | Purpose |
|---|---|
TELEGRAM_BOT_TOKEN | From @BotFather. Empty = bridge exits cleanly, no bot. |
TELEGRAM_ALLOWED_USERS | Required if TELEGRAM_BOT_TOKEN is set. Comma-separated numeric Telegram user IDs. Empty + token set = bridge refuses to start (fail-closed; there is no public-bot mode). |
SCHEDULER_NOTIFY_CHAT_ID | Chat ID where the scheduler sends proactive notifications. The wizard replicates TELEGRAM_ALLOWED_USERS here. |
LLM providers
You need at least one of:
| Variable | Provider |
|---|---|
ANTHROPIC_API_KEY | Anthropic Claude |
OPENAI_API_KEY | OpenAI |
XAI_API_KEY | xAI Grok |
GOOGLE_API_KEY | Google Gemini |
Or set DEFAULT_PROVIDER=local and pull a model with docker exec agent-ollama ollama pull <model>.
Integrations (optional)
| Variable | Purpose |
|---|---|
SMTP_HOST / SMTP_PORT / SMTP_USER / SMTP_PASSWORD / SMTP_FROM | Email (SMTP). Leave blank to disable. |
GMAIL_RECIPIENT_ALLOWLIST | Comma-separated allowed addresses (alice@example.com) or domains (@company.com). When set, the gmail send skill refuses to email anyone not on the list — defense-in-depth against prompt injection. Empty = no restriction. |
Per-connector credentials (Slack, Discord, GitHub, Notion, Binance, Coinbase, etc.) are stored encrypted in the SecretVault (Postgres) rather than in .env. Add them at runtime via the dashboard's /integrations page or with integration_skill(action="configure", ...).
Operational
| Variable | Default | Purpose |
|---|---|---|
LOG_LEVEL | INFO | structlog level — DEBUG, INFO, WARNING, ERROR. |
SOVEREIGN_MODE | true | Raises MAX_SKILL_ROUNDS to 12 and injects the operator prime block at the top of every system prompt. |
DASHBOARD_PORT | 8080 | Host-facing port for the dashboard. |
DASHBOARD_BIND | 127.0.0.1 | Host interface the dashboard listens on. Default 127.0.0.1 means loopback only — the dashboard is reachable from the host itself but not from the public internet. Set to 0.0.0.0 to expose publicly (only do this behind a TLS reverse proxy). See Dashboard Access for the three supported access patterns. |
Feature flags (Pydantic settings)
These default to true and can be overridden at runtime via the dashboard /config page (persisted to Redis key config:overrides and re-applied on restart):
| Flag | Effect |
|---|---|
vector_memory_enabled | Embedding-based memory retrieval |
knowledge_graph_enabled | KG extraction + injection into the system prompt |
dream_enabled | Dream cycle (gated by user inactivity) |
autonomous_goal_enabled | Autonomous goal generator job |
perception_enabled | Background crypto/web perception |
behavioral_learning_enabled | Behavioral rule learning from corrections |
plan_critic_enabled | LLM validation of TaskGraphs before execution |
skill_evolution_enabled | Composite-skill synthesis from recurring patterns |
cpi_monitor_enabled | Cognitive Pressure Index monitoring |
integrity_monitor_enabled | Self-Integrity Monitor |
opportunity_engine_enabled | Proactive automation suggestions |
goal_meta_reflection_enabled | Per-goal post-mortem reflections |
Resource governance
| Variable | Default | Purpose |
|---|---|---|
goals_per_day_cap | 10 | Daily user-goal creation limit |
concurrent_agents_cap | 5 | Max parallel sub-agents |
tasks_per_hour_cap | 50 | Max scheduled-task fires per hour |
llm_calls_per_minute_cap | 30 | LLM rate limit |
api_calls_per_minute_cap | 60 | External-API rate limit |
goal_budget_max_replans | 5 | Max replans before goal fails |
Validation rules
config.py Pydantic validators enforce at startup:
DASHBOARD_SECRET≥ 16 chars (≥ 32 recommended; the installer generates 64).MEDIA_SIGNING_SECRETminimum entropy unlessmedia_signing_debug=true(the validator checks character distribution).POSTGRES_PASSWORDnon-empty.- At least one model API key present, OR
DEFAULT_PROVIDER=local. - If
TELEGRAM_BOT_TOKENis set,TELEGRAM_ALLOWED_USERSmust also be set (fail-closed; checked in the Telegram bridge container, not core).
A failed validation prints the error and exits non-zero.
Loading order
- Docker Compose loads
.envinto the container environment. - Pydantic Settings reads env vars at startup.
- After
init_db(), theconfig:overridesRedis key is read and supported flag overrides are applied viasetattr()— this is how the/configdashboard page persists changes across restarts.
Setting model API keys after start
You can add or rotate keys without restarting:
- Dashboard:
/modelspage → "Add API Key". - Telegram:
/api set <provider> <key>(e.g./api set anthropic sk-ant-...).
Keys are encrypted by the SecretVault and persisted to the integration_secrets table. They survive container restarts.
See also
- Installation — install path, wizard
- Configuration —
prime.md, runtime overrides - Resource Governor — runtime limits in detail