Sherpa ships as a single release tarball containing the application core, scripts, and configuration templates. The stores (PostgreSQL, Neo4j, Elasticsearch) are managed by Docker Compose, while the app process runs directly on the host under systemd. This page covers both the one-command local-development startup and the full production deployment workflow.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/tudoumono/Sherpa/llms.txt
Use this file to discover all available pages before exploring further.
Local development
For a cloned repository, one command handles everything — venv creation, dependency installation, store startup, and FastAPI launch:http://127.0.0.1:8000. Open http://127.0.0.1:8000/ui/chat.html in a browser. Stop the app with Ctrl+C; stop the Docker stores with make stop.
make start and ./scripts/start.sh use make serve (i.e. run-api.sh serve) internally, which sets SHERPA_ENV=production and clears SHERPA_USE_FIXTURES. Use make api (which calls run-api.sh dev) only when you need fixture data during development — fixture mode is never appropriate for real document corpora.Production deployment
Production layout uses three separate trees to cleanly separate code, configuration, and data:| Purpose | Path |
|---|---|
| Application code | /opt/sherpa/current |
| Environment config | /etc/sherpa/sherpa.env |
| Runtime data | /srv/sherpa |
Build the release tarball
Run
make dist from the repository root. It creates a versioned tarball and a matching SHA-256 checksum in dist/. The tarball excludes fixtures/, tests/, and mockups/.Copy and edit the production environment file
CHANGE_ME_… placeholder. Key variables to set:POSTGRES_PASSWORD/DATABASE_URL— PostgreSQL credentialsNEO4J_PASSWORD— Neo4j passwordSHERPA_ADMIN_PASSWORD— initial admin password for bootstrapSHERPA_AUDIT_IP_SALT— random salt for IP-address hashing in audit logsSHERPA_DERIVED_DIRandSHERPA_USERS_DIR— must be absolute paths, not relative
Create runtime users and directory ownership
sherpa-ingest, sherpa-agent, sherpa-api, and sherpa-workspace users and sets ownership and permissions on /srv/sherpa/kb, /srv/sherpa/users, and /srv/sherpa/derived. The script is idempotent; re-running it is safe. Use --dry-run to preview changes or --verify to inspect the current state without modifying anything.Install Python dependencies
Create a dedicated virtualenv and install from The systemd unit references this venv via
requirements.txt:PYTHON_BIN=/opt/sherpa/current/.venv/bin/python.Run the production preflight check
- The env file is present and loadable
- Python and required packages (
fastapi,uvicorn,psycopg,neo4j) can be imported SHERPA_USE_FIXTURESis not setSHERPA_AUTH_ENABLED=1is set- A PostgreSQL connection variable is present
SHERPA_USERS_DIRandSHERPA_DERIVED_DIRare absolute paths that do not point intofixtures/
NG: lines before proceeding. WARN: lines are advisory.Install and enable the systemd unit
sherpa-api:sherpa-workspace, reads the env file from /etc/sherpa/sherpa.env, and enforces ProtectSystem=strict, ReadOnlyPaths=/srv/sherpa/kb, and ReadWritePaths=/srv/sherpa/users /srv/sherpa/derived.Systemd unit reference
The bundled unit file atdeploy/systemd/sherpa-api.service is reproduced here for reference:
Make command reference
| Command | Description |
|---|---|
make up | Start PostgreSQL, Neo4j, and Elasticsearch via Docker Compose |
make bootstrap | Prepare .env, create local data directories, and wait for stores to be ready |
make serve | Start FastAPI in production mode (SHERPA_ENV=production, fixtures disabled). Use this for real document corpora. |
make stop | Stop all Docker Compose stores |
make status | Show Docker Compose container status |
make logs | Tail Docker Compose store logs (--tail=100 -f) |
make prod-check | Run the production preflight script (reads SHERPA_ENV_FILE) |
make dist | Build a versioned release tarball in dist/ (excludes fixtures, tests, mockups) |
make nuke | Stop stores and delete all Docker volumes (all database data is destroyed) |
Port and bind address
By default, FastAPI binds to127.0.0.1:8000. To change either value, set the corresponding environment variable in your env file before starting the service:
Production / test separation (fail-closed)
Sherpa enforces a hard boundary between production and test data at startup:make servesetsSHERPA_ENV=productionand clearsSHERPA_USE_FIXTURESunconditionally.- If
SHERPA_ENV=productionis set and any fixture path is configured in the same environment, the process refuses to start. - The
make disttarball never includes thefixtures/directory.