# clawdforge — copy to .env on Lucy at /mnt/cache/appdata/secrets/clawdforge.env
# (chmod 600, root:root)

# Bind
BIND_HOST=0.0.0.0
BIND_PORT=8800

# Bootstrap admin token. Used to mint per-app tokens via /admin/tokens.
# Once the SQLite db has any token, this var becomes a "root override" and
# should be rotated or unset.
ADMIN_BOOTSTRAP_TOKEN=change-me-32-bytes-of-entropy

# IP allowlist applied to ALL requests. CIDR list, comma-separated.
# 172.24.0.0/16 = sulkta bridge (where clawdforge sits with peer apps)
# 172.17.0.0/16 = docker0 default (some legacy apps still here)
# 192.168.0.0/24 = LAN clients
# Loopback always allowed.
ALLOW_CIDRS=172.24.0.0/16,172.17.0.0/16,192.168.0.0/24

# Default claude config (per-request override allowed)
CLAUDE_BIN=claude
DEFAULT_MODEL=sonnet
DEFAULT_TIMEOUT_SECS=120

# ACPX (multi-turn /sessions endpoints). Reuses Claude Code auth at /root/.claude.
ACPX_BIN=acpx
# Working directory for each session's CWD (acpx scopes by cwd; we give each session its own subdir).
ACPX_SESSIONS_CWD=/data/acpx-cwds
# Max simultaneously-open (non-closed) sessions across all apps. New /sessions returns 503 if at cap.
CLAWDFORGE_MAX_LIVE_SESSIONS=32
# How long an idle session lives before the sweeper soft-closes it. Counted from last_turn_at (or
# created_at if no turn ever ran).
CLAWDFORGE_SESSION_TTL_SECS=3600
# How long a closed session record stays before hard-delete (ledger row + acpx on-disk metadata).
CLAWDFORGE_SESSION_HARD_TTL_SECS=86400
# Sweep cadence in seconds.
CLAWDFORGE_SWEEP_INTERVAL_SECS=60

# Run-staging area inside the container (don't change unless you also change compose mount)
RUNS_DIR=/data/runs

# SQLite db path (don't change unless you also change compose mount)
DB_PATH=/data/clawdforge.db