Diminuendo is configured via environment variables (loaded from .env).

Core Settings

VariableDefaultDescription
PORT8080HTTP/WebSocket listen port
DEV_MODEfalseEnable dev mode (auth bypass, verbose errors)
DATA_DIR./dataBase directory for SQLite databases
LOG_LEVELinfoLog level (debug, info, warn, error)

Upstream Services

VariableDescription
ENSEMBLE_URLEnsemble URL (used for model config queries, not inference)
ENSEMBLE_API_KEYEnsemble API key (for config queries)
PODIUM_URLPodium gateway URL
PODIUM_API_KEYPodium API key
PODIUM_API_PREFIXPodium API path prefix (default: /api/v1)
PODIUM_ADMIN_API_KEYPodium admin key
PODIUM_ENSEMBLE_URLEnsemble URL passed to agents for direct inference calls (may differ from gateway’s)
PODIUM_EXECUTION_TARGETDefault execution target: local, docker, cloud
PODIUM_DEPLOYMENT_VERSIONDefault agent deployment version
PODIUM_SECRETS_KEYEncryption key for agent secrets

Authentication

VariableDescription
AUTH0_DOMAINAuth0 tenant domain
AUTH0_CLIENT_IDAuth0 application client ID
AUTH0_CLIENT_SECRETAuth0 application client secret
AUTH0_AUDIENCEAuth0 API audience

Gateway WebSocket

VariableDefaultDescription
VITE_GATEWAY_URLws://localhost:8080/wsWebSocket URL for web client

External Integrations

VariableDescription
GITHUB_APP_IDGitHub App ID
GITHUB_APP_PRIVATE_KEYGitHub App private key
GITHUB_WEBHOOK_SECRETWebhook signature secret

Observability

VariableDescription
OTEL_EXPORTER_OTLP_ENDPOINTOpenTelemetry collector endpoint
OTEL_SERVICE_NAMEService name for traces (default: diminuendo)

AppConfig

The AppConfig TypeScript module enforces fail-closed production safety: missing required config in production mode causes startup failure rather than falling back to defaults. In dev mode, sensible defaults are used. 30+ configurable parameters covering:
  • Server settings (port, timeouts, CORS)
  • Auth settings (Auth0, dev mode)
  • Upstream service URLs
  • Rate limiting thresholds
  • Database settings (WAL mode, busy timeout)
  • Security settings (CSRF, SSRF, headers)