Reference

Environment variables

The ~30 env vars you actually have to set. Grouped by concern. Full list lives in clairvoyance/.env.example.

Breeze Buddy reads configuration from ~198 environment variables. Most have working defaults; this page lists the subset you must set for a deployment, and the ones you probably want to tune early. The authoritative list lives in clairvoyance/.env.example.

Server

VarDefaultPurpose
PORT8000HTTP port the FastAPI app binds to.
HOST0.0.0.0Bind address. Leave as 0.0.0.0 in containers.
ENVIRONMENTdevdev enables coloured logs; production emits JSON logs.
PROD_LOG_LEVELDEBUGLog level when ENVIRONMENT=production. Set to INFO at scale.
ENABLE_SIGTERM_HANDLERGraceful drain on container stop. Enable in production.

Database

VarRequiredPurpose
POSTGRES_HOSTyesHost for the application DB.
POSTGRES_PORTyesTypically 5432.
POSTGRES_USERyesDB user.
POSTGRES_PASSWORDyesDB password.
POSTGRES_DByesDatabase name.

Redis

Redis is used for feature-flag cache, IVR config, distributed locks, and rate limiting.

VarRequiredPurpose
REDIS_HOSTyesHost.
REDIS_PORTyesTypically 6379.
REDIS_PASSWORDnoSet if your Redis requires auth.

LLM, STT, TTS

VarPurpose
AZURE_OPENAI_API_KEYAzure OpenAI credential for the LLM.
AZURE_OPENAI_ENDPOINTAzure OpenAI endpoint URL.
AZURE_OPENAI_MODELModel name, e.g. gpt-4o-automatic.
DEEPGRAM_API_KEYSTT provider.
SONIOX_API_KEYAlternate STT.
SARVAM_API_KEYIndian-language STT/TTS.
ELEVENLABS_API_KEYTTS default.
ELEVENLABS_VOICE_IDDefault voice.
CARTESIA_API_KEYLow-latency TTS.
GOOGLE_CREDENTIALS_JSONOptional multilingual TTS.

See STT and TTS for provider selection rules.

Telephony

VarPurpose
TWILIO_ACCOUNT_SID / TWILIO_AUTH_TOKENTwilio credentials.
PLIVO_AUTH_ID / PLIVO_AUTH_TOKENPlivo credentials.
EXOTEL_SID / EXOTEL_TOKENExotel credentials.

Daily / WebRTC

VarPurpose
DAILY_API_KEYDaily.co credential.
DAILY_API_URLDaily API base URL, default https://api.daily.co/v1.
BREEZE_BUDDY_DAILY_API_KEYOptional override; falls back to DAILY_API_KEY.

Pools and capacity

See Pools for context.

VarDefault
VOICE_AGENT_POOL_SIZE3
VOICE_AGENT_MAX_POOL_SIZE3
DAILY_ROOM_POOL_SIZE5
DAILY_ROOM_MAX_POOL_SIZE5

Rate limiting

VarDefault
OUTBOUND_RATE_LIMIT_MAX_CALLS7
OUTBOUND_RATE_LIMIT_WINDOW_SECONDS3600
OUTBOUND_RATE_LIMIT_BLOCK_ENABLEDfalse

Observability

VarPurpose
LANGFUSE_SECRET_KEYLangfuse write credential.
LANGFUSE_PUBLIC_KEYLangfuse public key.
LANGFUSE_BASEURLLangfuse base URL.
LANGFUSE_EVALUATORSComma-separated evaluator names monitored by the auto-eval loop.
ENABLE_SCORE_MONITORING_LOOPtrue / false — start the background loop.
SCORE_CHECK_INTERVAL_SECONDS600 — seconds between polls.
SLACK_WEBHOOK_URLIncoming webhook for alerts.
SLACK_ALERTS_ENABLEDMaster switch for Slack alerts.
ENABLE_TRACINGtrue / false — emit OpenTelemetry traces.

See Langfuse auto-evaluation and Observability overview.

Secrets and KMS

VarPurpose
AWS_REGIONAWS region for KMS.
AWS_ACCESS_KEY_IDAWS creds.
AWS_SECRET_ACCESS_KEYAWS creds.
SKIP_KMS_DECRYPTtrue only for local dev. See KMS and secrets.
JWT_SECRET_KEYSigning key for access tokens.

Storage

VarPurpose
UPLOAD_BREEZE_BUDDY_CALL_RECORDINGS_TO_CLOUDtrue / false — upload recordings to GCS/S3.
AWS_S3_BUCKETS3 bucket for recordings, if using S3.
GCS_CREDENTIALS_JSONGCS creds, if using GCS.
GCS_BUCKETGCS bucket.

Feature flags

VarPurpose
DEVCYCLE_SERVER_KEYDevCycle SDK key. See Feature flags.
DEVCYCLE_WEBHOOK_SECRETShared secret validating DevCycle → Breeze Buddy webhook calls.

Don't commit secrets

Every var in the “Secrets and KMS” and “LLM/STT/TTS” groups is a credential. Use a secrets manager in production; .env files are for local dev only.

Next steps

KMS and secrets How per-merchant credentials are encrypted at rest.Health and metrics Endpoints to watch.Pools Startup capacity tuning.
Was this helpful?
Edit on GitHub