will/flynn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ce621d1b72a8d5c05b0fdd61a1f4c0bc6a2739df
flynn/config/default.yaml
T

358 lines
13 KiB
YAML
Raw Blame History

# Flynn Configuration
# Copy to ~/.config/flynn/config.yaml and customize
# Log verbosity: debug | info | warn | error | silent (default: info)
# Set to 'debug' to see model fallback details.
# log_level: info
telegram:
bot_token: ${FLYNN_TELEGRAM_TOKEN}
allowed_chat_ids: [] # Add your Telegram chat ID
# Optional: Signal via signal-cli
# signal:
# account: "+15551234567"
# signal_cli_path: signal-cli
# allowed_numbers: [] # Empty = allow all DMs
# allowed_group_ids: [] # Empty = no groups
# require_mention: true
# mention_name: flynn
# poll_interval_ms: 5000
# send_timeout_ms: 15000
# Optional: Mattermost
# mattermost:
# server_url: ${MATTERMOST_SERVER_URL}
# bot_token: ${MATTERMOST_BOT_TOKEN}
# allowed_channel_ids: [] # Empty = allow all channels (pairing/mention rules still apply)
# require_mention: true
# mention_name: flynn
# poll_interval_ms: 3000
# Optional: Microsoft Teams (Bot Framework)
# teams:
# app_id: ${TEAMS_APP_ID}
# app_password: ${TEAMS_APP_PASSWORD}
# allowed_conversation_ids: [] # Empty = allow all conversations
# require_mention: true
# Optional: Google Chat
# google_chat:
# service_account_key_file: ~/.config/flynn/google-chat-service-account.json
# # or inline via env var expansion:
# # service_account_json: ${GOOGLE_CHAT_SERVICE_ACCOUNT_JSON}
# webhook_token: ${GOOGLE_CHAT_WEBHOOK_TOKEN}
# allowed_space_names: [] # Empty = allow all spaces
# require_mention: true
# Optional: iMessage via BlueBubbles
# bluebubbles:
# endpoint: http://localhost:1234
# api_key: ${BLUEBUBBLES_API_KEY}
# webhook_token: ${BLUEBUBBLES_WEBHOOK_TOKEN}
# allowed_chat_guids: [] # Empty = allow all chats
# require_mention: true
# mention_name: flynn
# Optional: LINE
# line:
# channel_access_token: ${LINE_CHANNEL_ACCESS_TOKEN}
# channel_secret: ${LINE_CHANNEL_SECRET}
# allowed_source_ids: [] # Empty = allow all users/groups/rooms
# require_mention: true
# mention_name: flynn
# Optional: Feishu / Lark
# feishu:
# app_id: ${FEISHU_APP_ID}
# app_secret: ${FEISHU_APP_SECRET}
# webhook_token: ${FEISHU_WEBHOOK_TOKEN}
# allowed_chat_ids: [] # Empty = allow all chats
# require_mention: true
# mention_name: flynn
# endpoint: https://open.feishu.cn
# Optional: Zalo
# zalo:
# oa_access_token: ${ZALO_OA_ACCESS_TOKEN}
# webhook_token: ${ZALO_WEBHOOK_TOKEN}
# allowed_user_ids: [] # Empty = allow all users
# require_mention: true
# mention_name: flynn
# endpoint: https://openapi.zalo.me
server:
# Tailscale Serve config (optional). Enable `serve: true` to expose the
# gateway to your tailnet via `tailscale serve`.
tailscale:
serve: false
localhost: true
port: 18800
# Maximum inbound HTTP request body size (bytes) for webhooks/Gmail push.
max_request_body_bytes: 1048576
ws_rate_limit:
enabled: true
capacity: 30
refill_per_sec: 15
max_violations: 8
violation_window_ms: 10000
# Per-session FIFO lane queue for gateway requests.
queue:
mode: collect # collect | followup | steer | steer_backlog | interrupt
cap: 50 # max queued (pending) requests per session lane
overflow: drop_old # drop_old | drop_new
debounce_ms: 0 # delay before starting next queued request
summarize_overflow: true
overrides:
channels: {} # e.g. ws: { mode: followup, cap: 10, debounce_ms: 100 }
sessions: {} # e.g. ws:vip-user: { mode: interrupt, overflow: drop_new }
# Companion-node capability negotiation surface (default disabled).
nodes:
enabled: false
allowed_roles: [companion]
feature_gates: {}
location:
enabled: false
push:
enabled: false
# Local-network service discovery (mDNS/Bonjour). Keep disabled by default.
# Requires server.localhost: false so LAN clients can actually connect.
discovery:
enabled: false
service_name: flynn-gateway
service_type: _flynn._tcp
txt: {}
models:
# ── Model tiers ────────────────────────────────────────────────────
# Each tier (default, fast, complex, local) defines a primary model.
# When an Anthropic tier fails, Flynn automatically tries the same
# model via GitHub Models before falling through to the global chain.
#
# You can override auto-fallback with an inline `fallback:` block:
#
# default:
# provider: anthropic
# model: claude-sonnet-4-20250514
# fallback: # ← inline per-tier fallback
# provider: openai
# model: gpt-4o
#
# ── Fallback order ─────────────────────────────────────────────────
# 1. Primary client for the tier
# 2. Auto same-model fallback via GitHub Models (Anthropic tiers only,
# skipped when an inline `fallback:` block is present)
# 3. Inline `fallback:` client (if configured)
# 4. Global fallback_chain (tried in order)
#
default:
provider: anthropic
model: claude-sonnet-4-20250514
# auth_mode: auto # auto | api_key | oauth (provider-specific)
# use_oauth: false # compat alias for auth_mode: oauth
# supports_audio: false # Override native audio detection per tier
fast:
provider: anthropic
model: claude-haiku-4-5-20251001
complex:
provider: anthropic
model: claude-opus-4-6-20250715
local:
provider: ollama
model: glm-4.7-flash
# ── Global fallback chain ──────────────────────────────────────────
# Entries can be tier names (default, fast, complex, local) or keys
# from local_providers below. Tried in order after per-tier fallbacks
# are exhausted.
fallback_chain: [local]
# ── Named providers (optional) ─────────────────────────────────────
# Define additional providers that can be referenced by name in
# fallback_chain. Useful for secondary API accounts or self-hosted
# endpoints that aren't tied to a specific tier.
#
# Use /backend <name> in the TUI to switch between these providers
local_providers:
ollama:
provider: ollama
model: glm-4.7-flash
endpoint: http://localhost:11434
llamacpp:
provider: llamacpp
model: gpt-oss-20b
endpoint: http://localhost:8080
#
# Then reference them in fallback_chain:
# fallback_chain: [ollama, llamacpp, local]
hooks:
confirm:
- shell.*
- file.write
- file.patch
log:
- web.*
- file.read
silent:
- notify
# ── Safety Notes ─────────────────────────────────────────────────────
# - Tool policy (tools.profile/allow/deny) controls which tools are available.
# - Skills can declare capability permissions in skills/<name>/manifest.json under `permissions`.
# Those permissions are enforced at runtime when requests are routed into a skill context.
# - See: docs/security/SAFE_PERSONAL_AGENT.md
# ── Prompt Assembly ───────────────────────────────────────────────────
# Tune how much context Flynn loads into the system prompt.
#
# prompt:
# search_dirs: []
# extra_sections: []
# context_level: normal # minimal | normal | detailed | debug
# skills:
# # Registry catalog source for discovery and install-by-id:
# # local path or HTTPS URL. Can also be set via FLYNN_SKILLS_REGISTRY_SOURCE.
# registry_source: ~/.config/flynn/skills-registry.json
# # Global installer execution policy.
# # disabled: never run installer commands (default)
# # enabled: allow command execution only with --execute --confirm
# installation_execution: disabled
# # Allow shell-based installer runner when --runner shell is requested.
# allow_shell_runner: false
# # Allowlist command patterns for shell runner (`*` wildcard supported).
# # Empty list means no shell commands are allowed.
# shell_runner_allowlist: []
# # Governance metadata for shell-runner allowlist and rollout decisions.
# shell_runner_governance:
# owner: "skills-team" # Required when allow_shell_runner is true
# review_cadence_days: 7 # Review `skills rollout-status` at this cadence
# promotion_min_success_rate: 0.9 # Rollout threshold for broader enablement
# ── Automation ──────────────────────────────────────────────────────
# Uncomment and configure any automation sources you need.
# automation:
# # shared_session: keep one session per cron job/webhook name.
# # isolated_job: create a fresh session per cron trigger/webhook request.
# delivery_mode: shared_session
# cron:
# - name: daily-summary
# schedule: "0 9 * * *"
# message: "Give me a summary of today's tasks"
# output:
# channel: telegram
# peer: "123456789"
#
# # Optional built-in morning briefing job (auto-registered as a cron job)
# daily_briefing:
# enabled: false
# name: daily-briefing
# schedule: "0 8 * * *"
# timezone: America/New_York
# output:
# channel: telegram
# peer: "123456789"
# model_tier: fast
# prompt: |
# Create my daily briefing.
# Summarize today's calendar, unread/important email, and top pending tasks.
#
# webhooks:
# - name: github-push
# secret: "whsec_..."
# message: "GitHub push to {{json.repository.full_name}}: {{json.head_commit.message}}"
# output:
# channel: telegram
# peer: "123456789"
#
# gmail:
# enabled: false
# credentials_file: ~/.config/flynn/gmail-credentials.json
# token_file: ~/.config/flynn/gmail-token.json
#
# # Optional Pub/Sub delivery
# # Push mode: configure a topic and a push subscription that POSTs to /gmail/push
# pubsub_topic: projects/your-project/topics/gmail-push
# disable_push: false
#
# # Pull mode: no inbound webhook required (requires Application Default Credentials)
# pubsub_subscription_id: projects/your-project/subscriptions/gmail-pull
# pubsub_pull_interval: "60s"
# pubsub_max_messages: 10
# watch_labels: [INBOX]
# poll_interval: "60s"
# message: "New email from {{from}}: {{subject}}\n\n{{snippet}}"
# output:
# channel: telegram
# peer: "123456789"
#
# heartbeat:
# enabled: false
# interval: "5m"
# checks: [gateway, model, channels, memory, disk]
# notify:
# channel: telegram
# peer: "123456789"
# failure_threshold: 2
# disk_threshold_mb: 100
# ── Backup ──────────────────────────────────────────────────────────
# Snapshot sessions.db, vectors.db (optional), and memory/ into a tarball.
# If MinIO is enabled, upload with `mc` using ephemeral credentials.
#
# backup:
# enabled: false
# # Optional cron schedule (takes precedence over interval), e.g. nightly at 2 AM.
# schedule: "0 2 * * *"
# interval: "24h"
# run_on_start: false
# local_dir: ~/.local/share/flynn/backups
# include_vectors: true
# minio:
# enabled: false
# endpoint: localhost:9000
# access_key: ${MINIO_ACCESS_KEY}
# secret_key: ${MINIO_SECRET_KEY}
# bucket: flynn-backups
# prefix: flynn
# secure: true
# ── Session Lifecycle ───────────────────────────────────────────────
# sessions:
# ttl: "30d"
# end_summary:
# enabled: false
# tier: fast
# max_messages: 50
# max_input_chars: 20000
# max_tokens: 512
# write_to_memory: true
# memory_namespace: session/summaries
# ── Audio ────────────────────────────────────────────────────────────
# Configure a Whisper-compatible endpoint for audio transcription.
# Models that support native audio input (Gemini, OpenAI, GitHub) will
# receive raw audio directly; others fall back to this endpoint.
#
# For local transcription with whisper.cpp:
# docker run -d --name whisper-server -p 18801:8080 \
# ghcr.io/ggml-org/whisper.cpp:main \
# --model /app/models/ggml-base.en.bin \
# --host 0.0.0.0 --port 8080 --convert --language en \
# --inference-path /v1/audio/transcriptions
#
# audio:
# enabled: true
# provider:
# type: custom # openai, groq, ollama, llamacpp, custom
# endpoint: "http://localhost:18801/v1/audio/transcriptions"
# api_key: "${WHISPER_API_KEY}" # Optional Bearer token
# model: "whisper-1" # Model name (default: whisper-1)
# talk_mode:
# enabled: false
# wake_phrase: "hey flynn"
# timeout_ms: 120000
# allow_manual_toggle: true
Reference in New Issue View Git Blame Copy Permalink