Skip to content

Latest commit

 

History

History
86 lines (68 loc) · 4.43 KB

ENVIRONMENT_VARIABLES.md

File metadata and controls

86 lines (68 loc) · 4.43 KB

Canonical Environment Variables (Jarvis Meeting Assistant)

This file is the authoritative, permanent reference. Do not introduce new names without updating THIS file.

All runtime configuration MUST use only the canonical names below. Legacy aliases (double underscores, mixed casing) are deprecated and will be removed.

Mandatory Variables (Thumbprint Binding Only)

Thumbprint store binding is now the sole supported certificate mechanism. Always import the PFX into LocalMachine\\My and set the thumbprint.

Name Purpose
BOT_APP_ID Microsoft Bot / AAD App (Client) ID for the bot.
BOT_APP_PASSWORD Client secret (bot password) for AAD app.
BOT_BASEURL Public base URL (e.g. https://jarvis.aicollaborator.net) for bot endpoints & calling webhook. No trailing slash.
CERTIFICATE_THUMBPRINT Thumbprint of TLS cert in LocalMachine\My (store binding).
AZURE_SPEECH_REGION Azure Speech Service region (e.g. eastus).
AZURE_SPEECH_KEY Azure Speech Service key.
AZURE_OPENAI_ENDPOINT Azure OpenAI endpoint base URL.
AZURE_OPENAI_DEPLOYMENT Azure OpenAI deployment name (model deployment).
AZURE_OPENAI_KEY Azure OpenAI API key.

Optional / Feature Variables

| Name | Purpose | Default | |------|---------|---------|| | AZURE_OPENAI_MAX_TOKENS | Override max tokens for responses (validated bounds). | 350 | | JARVIS_MAX_CONCURRENT_AI | Semaphore limit for concurrent AI calls. | 2 | | JARVIS_CONVERSATION_MEMORY_TURNS | Number of previous Q&A turns to remember per call. | 10 | | JARVIS_WAKE_DEBOUNCE_MS | Minimum milliseconds between wake acknowledgements. | 5000 | | JARVIS_MAX_PROACTIVE_PER_MINUTE | Proactive message throttle window (max messages per minute). | 10 | | JARVIS_IDLE_TIMEOUT_SECONDS | Seconds of idle time before stopping STT recognizer. | 600 | | JARVIS_LOG_VERBOSE_AUDIO | Enable verbose audio frame logging (1=on, 0=off). | 0 | | SPEECH_INITIAL_SILENCE_MS | Azure Speech STT initial silence timeout (ms). | 2000 | | SPEECH_END_SILENCE_MS | Azure Speech STT end-of-utterance silence timeout (ms). | 500 | | APP_PORT | Override HTTP (non-HTTPS) listener port (for health/diagnostics). | 8080 | | TEST_RELAX | If 1, relax strict startup checks (speech, external deps). | Off |

Platform Variables (Set by Platform Only)

Name Purpose
ASPNETCORE_ENVIRONMENT Standard ASP.NET Core environment (Development/Production).

Deprecated / Removed Variables (Do Not Use)

File path certificate binding has been removed. Always use store thumbprint.

Deprecated Reason / Replacement
CERT_THUMBPRINT Use CERTIFICATE_THUMBPRINT (will be removed)
CertificateThumbprint Use CERTIFICATE_THUMBPRINT
CERTIFICATE_PATH Removed (no direct file binding)
CERTIFICATE_PASSWORD Removed (no direct file binding)
Certificate__FilePath Removed
Certificate__Password Removed
AzureSpeech__Region Use AZURE_SPEECH_REGION
AzureSpeech__Key Use AZURE_SPEECH_KEY
AZURE_OPENAI_DEPLOYMENT_NAME Use AZURE_OPENAI_DEPLOYMENT
AzureOpenAI__MaxTokens Use AZURE_OPENAI_MAX_TOKENS
PORT Use APP_PORT
CI_TEST_RELAX / UNIT_TEST_MODE / JARVIS_TEST_LIGHTWEIGHT Use TEST_RELAX

Enforcement Plan

  1. Transitional phase: Code supports canonical + deprecated (read canonical first, fallback to deprecated).
  2. After stabilization: Remove deprecated lookups.
  3. Any new variable must be added here prior to code changes.

Operational Checklist (Set Before Start)

  1. Import certificate PFX into LocalMachine\My.
  2. Set CERTIFICATE_THUMBPRINT (verify with Get-ChildItem Cert:\LocalMachine\My).
  3. BOT_APP_ID / BOT_APP_PASSWORD
  4. BOT_BASEURL (matches DNS + certificate CN/SAN)
  5. AZURE_SPEECH_REGION / AZURE_SPEECH_KEY
  6. AZURE_OPENAI_ENDPOINT / AZURE_OPENAI_DEPLOYMENT / AZURE_OPENAI_KEY
  7. (Optional) AZURE_OPENAI_MAX_TOKENS - increase for longer responses (default: 350)
  8. (Optional) JARVIS_CONVERSATION_MEMORY_TURNS - adjust memory size (default: 10, range: 3-50)
  9. (Optional) SPEECH_INITIAL_SILENCE_MS / SPEECH_END_SILENCE_MS - tune wake phrase sensitivity
  10. (Optional) JARVIS_LOG_VERBOSE_AUDIO - enable for audio troubleshooting (set to 1)
  11. (Optional) APP_PORT, TEST_RELAX (for staging/testing only)

Security Notes

Store all secrets in Key Vault where possible; rotate on exposure. Never commit real key values to the repo. Thumbprint-only binding reduces secret surface (no PFX password needed at runtime).