Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Arvo-AI/aurora/llms.txt

Use this file to discover all available pages before exploring further.

Aurora uses environment variables for configuration. Copy .env.example to .env and configure the variables below.

Quick Start

For local development: 
make init  # Auto-generates secrets
# Add your OPENROUTER_API_KEY (get from https://openrouter.ai/keys)
make prod-prebuilt  # or: make prod-local to build from source

Core Configuration

AURORA_ENV
string
default:"dev"
Environment mode: dev, staging, or prod

Database

PostgreSQL database configuration (required).
POSTGRES_USER
string
default:"aurora"
required
PostgreSQL username
POSTGRES_PASSWORD
string
required
PostgreSQL password. Auto-generated by make init.
POSTGRES_DB
string
default:"aurora_db"
PostgreSQL database name
POSTGRES_HOST
string
default:"postgres"
PostgreSQL host (Docker service name or hostname)
POSTGRES_PORT
number
default:"5432"
PostgreSQL port

Redis

Redis is used for Celery task queue and caching.
REDIS_URL
string
default:"redis://redis:6379/0"
Redis connection URL

Object Storage

S3-compatible object storage configuration. See Storage Configuration for details.
STORAGE_BUCKET
string
default:"aurora-storage"
required
S3 bucket name
STORAGE_ENDPOINT_URL
string
default:"http://seaweedfs-filer:8333"
S3 endpoint URL. Default uses SeaweedFS (included in docker-compose).For AWS S3, omit this variable. For other providers (Cloudflare R2, MinIO, etc.), set the endpoint URL.
STORAGE_ACCESS_KEY
string
default:"admin"
required
S3 access key ID
STORAGE_SECRET_KEY
string
default:"admin"
required
S3 secret access key
STORAGE_REGION
string
default:"us-east-1"
S3 region
STORAGE_USE_SSL
boolean
default:"false"
Enable SSL/TLS for storage connections
STORAGE_VERIFY_SSL
boolean
default:"false"
Verify SSL certificates. Set to true in production for security.
STORAGE_CACHE_ENABLED
boolean
default:"true"
Enable Redis caching for storage file listings
STORAGE_CACHE_TTL
number
default:"60"
Cache TTL in seconds

URLs & Networking

FRONTEND_URL
string
default:"http://localhost:3000"
Frontend URL (for internal use)
BACKEND_URL
string
default:"http://aurora-server:5080"
Backend URL (for internal container-to-container communication)
NEXT_PUBLIC_BACKEND_URL
string
default:"http://localhost:5080"
Backend URL accessible from the browser. Injected at container startup.
NEXT_PUBLIC_WEBSOCKET_URL
string
default:"ws://localhost:5006"
WebSocket URL for chatbot. Injected at container startup.
CHATBOT_INTERNAL_URL
string
default:"http://chatbot:5007"
Internal chatbot service URL
NEXT_PUBLIC_* variables are injected at container startup, not baked at build time. To change them:
  1. Update .env
  2. Recreate the frontend container: docker compose -f docker-compose.prod-local.yml up -d frontend

Authentication & Security

FLASK_SECRET_KEY
string
required
Flask session secret key. Auto-generated by make init.
FLASK_PORT
number
default:"5080"
Flask API port
AUTH_SECRET
string
required
Auth.js secret key. Auto-generated by make init.
VAULT_TOKEN
string
required
HashiCorp Vault root token. Auto-generated by make init.See Vault Secrets for details.
VAULT_ADDR
string
default:"http://vault:8200"
Vault server address
VAULT_KV_MOUNT
string
default:"aurora"
Vault KV v2 engine mount point
VAULT_KV_BASE_PATH
string
default:"users"
Base path for user secrets in Vault

LLM & AI Services

At least one LLM provider API key is required. See LLM Providers for details.
OPENROUTER_API_KEY
string
OpenRouter API key (recommended). Get from https://openrouter.ai/keysSupports multiple models from various providers through a single API.
OPENAI_API_KEY
string
OpenAI API key. Get from https://platform.openai.com/api-keys
ANTHROPIC_API_KEY
string
Anthropic API key. Get from https://console.anthropic.com/
GOOGLE_AI_API_KEY
string
Google AI (Gemini) API key. Get from https://aistudio.google.com/app/apikey
LLM_PROVIDER_MODE
string
default:"openrouter"
Default LLM provider: openrouter, openai, anthropic, or google
AGENT_RECURSION_LIMIT
number
default:"240"
Maximum recursion depth for agent workflows
SEARXNG_URL
string
default:"http://searxng:8080"
SearxNG internal URL
SEARXNG_BASE_URL
string
default:"http://localhost:8082"
SearxNG public URL
SEARXNG_SECRET
string
SearxNG secret key. Auto-generated by make init.

AI Features

RCA_OPTIMIZE_COSTS
boolean
default:"false"
Enable cost optimization for root cause analysis
GEMINI_DISABLE_THINKING
boolean
default:"false"
Disable “thinking” mode for Gemini models

Cloud Provider Integrations

Optional cloud provider credentials for resource discovery and management.

Google Cloud Platform

CLIENT_ID
string
GCP OAuth client ID
CLIENT_SECRET
string
GCP OAuth client secret

Amazon Web Services

AWS_ACCESS_KEY_ID
string
AWS access key ID
AWS_SECRET_ACCESS_KEY
string
AWS secret access key
AWS_DEFAULT_REGION
string
default:"us-east-1"
AWS default region

Cloud Provider Cache

Applies to all cloud providers (GCP, AWS, Azure).
AURORA_SETUP_CACHE_ENABLED
boolean
default:"true"
Enable caching for cloud provider API responses
AURORA_SETUP_CACHE_TTL
number
default:"3600"
Cache TTL in seconds (1 hour)
AURORA_VERIFY_CLI_IDENTITY
boolean
default:"false"
Verify CLI identity for cloud provider connections
AURORA_CACHE_TOKEN_IN_REDIS
boolean
default:"false"
Cache cloud provider tokens in Redis

Third-Party Integrations

Optional integrations with external services.

GitHub OAuth

GH_OAUTH_CLIENT_ID
string
GitHub OAuth client ID
GH_OAUTH_CLIENT_SECRET
string
GitHub OAuth client secret

Slack

NEXT_PUBLIC_ENABLE_SLACK
boolean
default:"false"
Enable Slack integration
SLACK_CLIENT_ID
string
Slack OAuth client ID
SLACK_CLIENT_SECRET
string
Slack OAuth client secret
SLACK_SIGNING_SECRET
string
Slack signing secret

PagerDuty

NEXT_PUBLIC_ENABLE_PAGERDUTY_OAUTH
boolean
default:"false"
Enable PagerDuty OAuth integration
PAGERDUTY_CLIENT_ID
string
PagerDuty OAuth client ID
PAGERDUTY_CLIENT_SECRET
string
PagerDuty OAuth client secret

Bitbucket

NEXT_PUBLIC_ENABLE_BITBUCKET
boolean
default:"false"
Enable Bitbucket integration
BB_OAUTH_CLIENT_ID
string
Bitbucket OAuth client ID
BB_OAUTH_CLIENT_SECRET
string
Bitbucket OAuth client secret

OVH (Multi-Region)

NEXT_PUBLIC_ENABLE_OVH
boolean
default:"false"
Enable OVH integration
OVH_EU_CLIENT_ID
string
OVH Europe client ID
OVH_EU_CLIENT_SECRET
string
OVH Europe client secret
OVH_CA_CLIENT_ID
string
OVH Canada client ID
OVH_CA_CLIENT_SECRET
string
OVH Canada client secret
OVH_US_CLIENT_ID
string
OVH US client ID
OVH_US_CLIENT_SECRET
string
OVH US client secret

Scaleway

NEXT_PUBLIC_ENABLE_SCALEWAY
boolean
default:"false"
Enable Scaleway integration

Confluence

NEXT_PUBLIC_ENABLE_CONFLUENCE
boolean
default:"false"
Enable Confluence integration
CONFLUENCE_CLIENT_ID
string
Confluence OAuth client ID
CONFLUENCE_CLIENT_SECRET
string
Confluence OAuth client secret

Dynatrace

NEXT_PUBLIC_ENABLE_DYNATRACE
boolean
default:"false"
Enable Dynatrace integration

BigPanda

NEXT_PUBLIC_ENABLE_BIGPANDA
boolean
default:"false"
Enable BigPanda integration

ThousandEyes

NEXT_PUBLIC_ENABLE_THOUSANDEYES
boolean
default:"false"
Enable ThousandEyes integration

Email (SMTP)

SMTP_HOST
string
SMTP server hostname
SMTP_PORT
number
default:"587"
SMTP server port
SMTP_USER
string
SMTP username
SMTP_PASSWORD
string
SMTP password
SMTP_FROM_EMAIL
string
Email sender address
SMTP_FROM_NAME
string
default:"Aurora"
Email sender name

Kubernetes & Pod Isolation

Configuration for running Aurora agents in isolated Kubernetes pods.
ENABLE_POD_ISOLATION
boolean
default:"false"
Enable isolated pod execution for terminal and chatbot agents
TERMINAL_NAMESPACE
string
Kubernetes namespace for terminal pods
TERMINAL_IMAGE
string
Container image for terminal pods
TERMINAL_POD_TTL
number
Time-to-live for terminal pods (seconds)
TERMINAL_RUNTIME_CLASS
string
Runtime class for terminal pods (e.g., gvisor, kata-containers)
CHATBOT_POD_TTL
number
Time-to-live for chatbot pods (seconds)
USE_UNTRUSTED_NODES
boolean
Schedule pods on untrusted nodes (with appropriate taints/tolerations)
NEXT_PUBLIC_KUBECTL_AGENT_CHART_URL
string
Helm chart URL for kubectl agent deployment

Weaviate (Vector Database)

WEAVIATE_HOST
string
default:"weaviate"
Weaviate host (Docker service name or hostname)
WEAVIATE_PORT
number
default:"8080"
Weaviate HTTP port
WEAVIATE_GRPC_PORT
number
default:"50051"
Weaviate gRPC port

Memgraph (Graph Database)

MEMGRAPH_HOST
string
default:"memgraph"
Memgraph host (Docker service name or hostname)
MEMGRAPH_PORT
number
default:"7687"
Memgraph Bolt protocol port
MEMGRAPH_USER
string
default:"aurora"
Memgraph username
MEMGRAPH_PASSWORD
string
default:"CHANGE_ME"
Memgraph password
DISCOVERY_INTERVAL_HOURS
number
default:"1"
Resource discovery interval (hours)

Rate Limiting

RATE_LIMITING_ENABLED
boolean
default:"false"
Enable API rate limiting
RATE_LIMIT_BYPASS_TOKEN
string
Token to bypass rate limits (for testing/admin)
RATE_LIMIT_HEADERS_ENABLED
boolean
default:"true"
Include rate limit headers in API responses

Development

NGROK_URL
string
ngrok tunnel URL for local development (webhooks, OAuth callbacks)

Configuration Examples

Minimal Local Development

# .env
AURORA_ENV=dev

# Database (auto-generated by make init)
POSTGRES_PASSWORD=generated_password

# Auth & Security (auto-generated by make init)
FLASK_SECRET_KEY=generated_secret
AUTH_SECRET=generated_secret
VAULT_TOKEN=generated_token
SEARXNG_SECRET=generated_secret

# LLM Provider (add your key)
OPENROUTER_API_KEY=sk-or-v1-...
LLM_PROVIDER_MODE=openrouter

# All other variables use defaults from .env.example

Production with AWS S3

# .env
AURORA_ENV=prod

# Storage (AWS S3)
STORAGE_BUCKET=my-aurora-bucket
STORAGE_ENDPOINT_URL=  # Omit for AWS S3
STORAGE_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE
STORAGE_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
STORAGE_REGION=us-west-2
STORAGE_USE_SSL=true
STORAGE_VERIFY_SSL=true

# LLM Providers
OPENROUTER_API_KEY=sk-or-v1-...
OPENAI_API_KEY=sk-...
LLM_PROVIDER_MODE=openrouter

# URLs (update for your domain)
FRONTEND_URL=https://aurora.example.com
NEXT_PUBLIC_BACKEND_URL=https://api.aurora.example.com
NEXT_PUBLIC_WEBSOCKET_URL=wss://ws.aurora.example.com

Production with Cloudflare R2

# .env
AURORA_ENV=prod

# Storage (Cloudflare R2)
STORAGE_BUCKET=my-aurora-bucket
STORAGE_ENDPOINT_URL=https://<account_id>.r2.cloudflarestorage.com
STORAGE_ACCESS_KEY=<r2_access_key>
STORAGE_SECRET_KEY=<r2_secret_key>
STORAGE_REGION=auto
STORAGE_USE_SSL=true
STORAGE_VERIFY_SSL=true

Build docs developers (and LLMs) love

Get started for freeTalk to us