config

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 28, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ProviderTypeToEmbeddingType = map[types.ProviderType]string{
	types.ProviderOpenAI:    "openai",
	types.ProviderGemini:    "google",
	types.ProviderGoogle:    "google",
	types.ProviderAnthropic: "",
	types.ProviderOllama:    "local",
}

ProviderTypeToEmbeddingType maps a provider config type to the corresponding embedding backend type.

Functions

func Validate 

func Validate(cfg *Config) error

Validate checks if the configuration is valid

Types

type A2AConfig 

type A2AConfig struct {
	// Enable A2A protocol support.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// BaseURL is the external URL where this agent is reachable.
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`

	// AgentName is the name advertised in the Agent Card.
	AgentName string `mapstructure:"agentName" json:"agentName"`

	// AgentDescription is the description in the Agent Card.
	AgentDescription string `mapstructure:"agentDescription" json:"agentDescription"`

	// RemoteAgents is a list of external A2A agents to integrate as sub-agents.
	RemoteAgents []RemoteAgentConfig `mapstructure:"remoteAgents" json:"remoteAgents"`
}

A2AConfig defines Agent-to-Agent protocol settings.

type AgentConfig 

type AgentConfig struct {
	// Default model provider (anthropic, openai, google)
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID to use
	Model string `mapstructure:"model" json:"model"`

	// Maximum tokens for context window
	MaxTokens int `mapstructure:"maxTokens" json:"maxTokens"`

	// Temperature for generation
	Temperature float64 `mapstructure:"temperature" json:"temperature"`

	// PromptsDir is the directory containing section .md files (AGENTS.md, SAFETY.md, etc.)
	// If empty, built-in default sections are used.
	PromptsDir string `mapstructure:"promptsDir" json:"promptsDir"`

	// Fallback provider ID
	FallbackProvider string `mapstructure:"fallbackProvider" json:"fallbackProvider"`

	// Fallback model ID
	FallbackModel string `mapstructure:"fallbackModel" json:"fallbackModel"`

	// MultiAgent enables hierarchical sub-agent orchestration.
	// When false (default), a single monolithic agent handles all tasks.
	MultiAgent bool `mapstructure:"multiAgent" json:"multiAgent"`

	// RequestTimeout is the maximum duration for a single agent request (default: 5m).
	RequestTimeout time.Duration `mapstructure:"requestTimeout" json:"requestTimeout"`

	// ToolTimeout is the maximum duration for a single tool call execution (default: 2m).
	ToolTimeout time.Duration `mapstructure:"toolTimeout" json:"toolTimeout"`

	// MaxTurns limits the number of tool-calling iterations per agent run (default: 25).
	// Zero means use the default.
	MaxTurns int `mapstructure:"maxTurns" json:"maxTurns"`

	// ErrorCorrectionEnabled enables learning-based error correction (default: true).
	// When nil, defaults to true if the knowledge system is enabled.
	ErrorCorrectionEnabled *bool `mapstructure:"errorCorrectionEnabled" json:"errorCorrectionEnabled"`

	// MaxDelegationRounds limits orchestrator→sub-agent delegation rounds per turn (default: 10).
	// Zero means use the default.
	MaxDelegationRounds int `mapstructure:"maxDelegationRounds" json:"maxDelegationRounds"`
}

AgentConfig defines LLM agent settings

type ApprovalPolicy 

type ApprovalPolicy string

ApprovalPolicy determines which tools require approval before execution. 

const (
	// ApprovalPolicyDangerous requires approval for Dangerous-level tools (default).
	ApprovalPolicyDangerous ApprovalPolicy = "dangerous"
	// ApprovalPolicyAll requires approval for all tools.
	ApprovalPolicyAll ApprovalPolicy = "all"
	// ApprovalPolicyConfigured requires approval only for explicitly listed SensitiveTools.
	ApprovalPolicyConfigured ApprovalPolicy = "configured"
	// ApprovalPolicyNone disables approval entirely.
	ApprovalPolicyNone ApprovalPolicy = "none"
)

func (ApprovalPolicy) Valid 

func (p ApprovalPolicy) Valid() bool

Valid reports whether p is a known approval policy.

func (ApprovalPolicy) Values 

func (p ApprovalPolicy) Values() []ApprovalPolicy

Values returns all known approval policies.

type AuthConfig 

type AuthConfig struct {
	// OIDC Providers
	Providers map[string]OIDCProviderConfig `mapstructure:"providers" json:"providers"`
}

AuthConfig defines authentication settings

type AzureKVConfig 

type AzureKVConfig struct {
	// VaultURL is the Azure Key Vault URL (e.g. "https://myvault.vault.azure.net").
	VaultURL string `mapstructure:"vaultUrl" json:"vaultUrl"`

	// KeyVersion is the specific key version to use (empty = latest).
	KeyVersion string `mapstructure:"keyVersion" json:"keyVersion,omitempty"`
}

AzureKVConfig defines Azure Key Vault specific settings.

type BackgroundConfig 

type BackgroundConfig struct {
	// Enable the background task system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Time in milliseconds before an agent turn is auto-yielded to background.
	YieldMs int `mapstructure:"yieldMs" json:"yieldMs"`

	// Maximum number of concurrently running background tasks.
	MaxConcurrentTasks int `mapstructure:"maxConcurrentTasks" json:"maxConcurrentTasks"`

	// TaskTimeout is the maximum duration for a single background task (default: 30m).
	TaskTimeout time.Duration `mapstructure:"taskTimeout" json:"taskTimeout"`

	// Default delivery channels when channel is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

BackgroundConfig defines background task execution settings.

type BrowserToolConfig 

type BrowserToolConfig struct {
	// Enable browser tools (requires Chromium)
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Run headless
	Headless bool `mapstructure:"headless" json:"headless"`

	// Path to browser binary (empty = auto-detect via launcher.LookPath)
	BrowserBin string `mapstructure:"browserBin" json:"browserBin"`

	// Session timeout
	SessionTimeout time.Duration `mapstructure:"sessionTimeout" json:"sessionTimeout"`
}

BrowserToolConfig defines browser automation settings

type ChannelsConfig 

type ChannelsConfig struct {
	Telegram TelegramConfig `mapstructure:"telegram" json:"telegram"`
	Discord  DiscordConfig  `mapstructure:"discord" json:"discord"`
	Slack    SlackConfig    `mapstructure:"slack" json:"slack"`
}

ChannelsConfig holds all channel configurations

type Config 

type Config struct {
	// Server configuration
	Server ServerConfig `mapstructure:"server" json:"server"`

	// Agent configuration
	Agent AgentConfig `mapstructure:"agent" json:"agent"`

	// Channel configurations
	Channels ChannelsConfig `mapstructure:"channels" json:"channels"`

	// Logging configuration
	Logging LoggingConfig `mapstructure:"logging" json:"logging"`

	// Session configuration
	Session SessionConfig `mapstructure:"session" json:"session"`

	// Tools configuration
	Tools ToolsConfig `mapstructure:"tools" json:"tools"`

	// Auth configuration
	Auth AuthConfig `mapstructure:"auth" json:"auth"`

	// Security configuration
	Security SecurityConfig `mapstructure:"security" json:"security"`

	// Knowledge configuration
	Knowledge KnowledgeConfig `mapstructure:"knowledge" json:"knowledge"`

	// Observational Memory configuration
	ObservationalMemory ObservationalMemoryConfig `mapstructure:"observationalMemory" json:"observationalMemory"`

	// Embedding / RAG configuration
	Embedding EmbeddingConfig `mapstructure:"embedding" json:"embedding"`

	// Graph store configuration
	Graph GraphConfig `mapstructure:"graph" json:"graph"`

	// A2A protocol configuration
	A2A A2AConfig `mapstructure:"a2a" json:"a2a"`

	// Payment configuration (blockchain micropayments)
	Payment PaymentConfig `mapstructure:"payment" json:"payment"`

	// Cron scheduling configuration
	Cron CronConfig `mapstructure:"cron" json:"cron"`

	// Background task execution configuration
	Background BackgroundConfig `mapstructure:"background" json:"background"`

	// Workflow engine configuration
	Workflow WorkflowConfig `mapstructure:"workflow" json:"workflow"`

	// Skill configuration (file-based skills)
	Skill SkillConfig `mapstructure:"skill" json:"skill"`

	// Librarian configuration (proactive knowledge agent)
	Librarian LibrarianConfig `mapstructure:"librarian" json:"librarian"`

	// P2P network configuration
	P2P P2PConfig `mapstructure:"p2p" json:"p2p"`

	// Providers configuration
	Providers map[string]ProviderConfig `mapstructure:"providers" json:"providers"`
}

Config is the root configuration structure for lango

func DefaultConfig 

func DefaultConfig() *Config

DefaultConfig returns a Config with sensible defaults

func Load 

func Load(configPath string) (*Config, error)

Load reads configuration from file and environment

func (*Config) MigrateEmbeddingProvider 

func (c *Config) MigrateEmbeddingProvider()

MigrateEmbeddingProvider migrates legacy configs that use separate ProviderID and Provider fields into the unified Provider field, and consolidates the deprecated Local.Model into the canonical Model field.

func (*Config) ResolveEmbeddingProvider 

func (c *Config) ResolveEmbeddingProvider() (backendType, apiKey string)

ResolveEmbeddingProvider returns the embedding backend type and API key for the configured embedding provider. The Provider field can be "local" (Ollama) or a key in the providers map. Legacy configs with ProviderID are handled via MigrateEmbeddingProvider.

type ContainerSandboxConfig 

type ContainerSandboxConfig struct {
	// Enabled activates container-based sandbox instead of subprocess isolation.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Runtime selects the container runtime: "auto", "docker", "gvisor", or "native" (default: "auto").
	Runtime string `mapstructure:"runtime" json:"runtime"`

	// Image is the Docker image for the sandbox container (default: "lango-sandbox:latest").
	Image string `mapstructure:"image" json:"image"`

	// NetworkMode is the Docker network mode for sandbox containers (default: "none").
	NetworkMode string `mapstructure:"networkMode" json:"networkMode"`

	// ReadOnlyRootfs mounts the container root filesystem as read-only (default: true).
	ReadOnlyRootfs *bool `mapstructure:"readOnlyRootfs" json:"readOnlyRootfs"`

	// CPUQuotaUS is the Docker CPU quota in microseconds (0 = unlimited).
	CPUQuotaUS int64 `mapstructure:"cpuQuotaUs" json:"cpuQuotaUs"`

	// PoolSize is the number of pre-warmed containers in the pool (0 = disabled).
	PoolSize int `mapstructure:"poolSize" json:"poolSize"`

	// PoolIdleTimeout is the idle timeout before pool containers are recycled (default: 5m).
	PoolIdleTimeout time.Duration `mapstructure:"poolIdleTimeout" json:"poolIdleTimeout"`
}

ContainerSandboxConfig configures container-based tool execution isolation.

type CronConfig 

type CronConfig struct {
	// Enable the cron scheduling system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Default timezone for cron schedules (e.g. "Asia/Seoul").
	Timezone string `mapstructure:"timezone" json:"timezone"`

	// Maximum number of concurrently executing jobs.
	MaxConcurrentJobs int `mapstructure:"maxConcurrentJobs" json:"maxConcurrentJobs"`

	// Default session mode for jobs: "isolated" or "main".
	DefaultSessionMode string `mapstructure:"defaultSessionMode" json:"defaultSessionMode"`

	// How long to retain job execution history (e.g. "30d", "720h").
	HistoryRetention string `mapstructure:"historyRetention" json:"historyRetention"`

	// Default delivery channels when deliver_to is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

CronConfig defines cron scheduling settings.

type DBEncryptionConfig 

type DBEncryptionConfig struct {
	// Enabled activates SQLCipher encryption for the application database.
	Enabled bool `mapstructure:"enabled" json:"enabled"`
	// CipherPageSize is the SQLCipher cipher_page_size PRAGMA (default: 4096).
	CipherPageSize int `mapstructure:"cipherPageSize" json:"cipherPageSize"`
}

DBEncryptionConfig defines SQLCipher transparent database encryption settings.

type DiscordConfig 

type DiscordConfig struct {
	// Enable Discord channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot token from Discord Developer Portal
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// Application ID for slash commands
	ApplicationID string `mapstructure:"applicationId" json:"applicationId"`

	// Allowed guild IDs (empty = allow all)
	AllowedGuilds []string `mapstructure:"allowedGuilds" json:"allowedGuilds"`
}

DiscordConfig defines Discord bot settings

type EmbeddingConfig 

type EmbeddingConfig struct {
	// Provider selects the embedding provider. Set to "local" for Ollama-based
	// local embeddings, or use a key from the providers map (e.g., "my-openai",
	// "gemini-1") to resolve the backend type and API key automatically.
	Provider string `mapstructure:"provider" json:"provider"`

	// Deprecated: ProviderID is kept only for backwards-compatible config loading.
	// New configs should use Provider for both local and remote providers.
	ProviderID string `mapstructure:"providerID" json:"providerID,omitempty"`

	// Model is the embedding model identifier.
	Model string `mapstructure:"model" json:"model"`

	// Dimensions is the embedding vector dimensionality.
	Dimensions int `mapstructure:"dimensions" json:"dimensions"`

	// Local holds settings for the local (Ollama) provider.
	Local LocalEmbeddingConfig `mapstructure:"local" json:"local"`

	// RAG holds retrieval-augmented generation settings.
	RAG RAGConfig `mapstructure:"rag" json:"rag"`
}

EmbeddingConfig defines embedding and RAG settings.

type ExecToolConfig 

type ExecToolConfig struct {
	// Default timeout for commands
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// Allow background processes
	AllowBackground bool `mapstructure:"allowBackground" json:"allowBackground"`

	// Working directory (empty = current)
	WorkDir string `mapstructure:"workDir" json:"workDir"`
}

ExecToolConfig defines shell execution settings

type FilesystemToolConfig 

type FilesystemToolConfig struct {
	// Maximum file size to read
	MaxReadSize int64 `mapstructure:"maxReadSize" json:"maxReadSize"`

	// Allowed paths (empty = allow all)
	AllowedPaths []string `mapstructure:"allowedPaths" json:"allowedPaths"`
}

FilesystemToolConfig defines file access settings

type FirewallRule 

type FirewallRule struct {
	// PeerDID is the DID of the peer this rule applies to ("*" for all).
	PeerDID string `mapstructure:"peerDid" json:"peerDid"`

	// Action is "allow" or "deny".
	Action string `mapstructure:"action" json:"action"`

	// Tools lists tool name patterns this rule applies to.
	Tools []string `mapstructure:"tools" json:"tools"`

	// RateLimit is the maximum requests per minute (0 = unlimited).
	RateLimit int `mapstructure:"rateLimit" json:"rateLimit"`
}

FirewallRule defines an ACL rule for the knowledge firewall.

type GraphConfig 

type GraphConfig struct {
	// Enable the graph store.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Backend type: "bolt" (default, embedded BoltDB) or "rocksdb".
	Backend string `mapstructure:"backend" json:"backend"`

	// DatabasePath is the file path for the graph database.
	// Defaults to a "graph.db" file next to the session database.
	DatabasePath string `mapstructure:"databasePath" json:"databasePath"`

	// MaxTraversalDepth limits graph expansion depth (default: 2).
	MaxTraversalDepth int `mapstructure:"maxTraversalDepth" json:"maxTraversalDepth"`

	// MaxExpansionResults limits how many graph-expanded results to return (default: 10).
	MaxExpansionResults int `mapstructure:"maxExpansionResults" json:"maxExpansionResults"`
}

GraphConfig defines graph store settings for relationship-aware retrieval.

type InterceptorConfig 

type InterceptorConfig struct {
	Enabled             bool              `mapstructure:"enabled" json:"enabled"`
	RedactPII           bool              `mapstructure:"redactPii" json:"redactPii"`
	ApprovalPolicy      ApprovalPolicy    `mapstructure:"approvalPolicy" json:"approvalPolicy"` // default: "dangerous"
	HeadlessAutoApprove bool              `mapstructure:"headlessAutoApprove" json:"headlessAutoApprove"`
	NotifyChannel       string            `mapstructure:"notifyChannel" json:"notifyChannel"` // e.g. "discord", "telegram"
	SensitiveTools      []string          `mapstructure:"sensitiveTools" json:"sensitiveTools"`
	ExemptTools         []string          `mapstructure:"exemptTools" json:"exemptTools"` // Tools exempt from approval regardless of policy
	PIIRegexPatterns    []string          `mapstructure:"piiRegexPatterns" json:"piiRegexPatterns"`
	ApprovalTimeoutSec  int               `mapstructure:"approvalTimeoutSec" json:"approvalTimeoutSec"` // default 30
	PIIDisabledPatterns []string          `mapstructure:"piiDisabledPatterns" json:"piiDisabledPatterns"`
	PIICustomPatterns   map[string]string `mapstructure:"piiCustomPatterns" json:"piiCustomPatterns"`
	Presidio            PresidioConfig    `mapstructure:"presidio" json:"presidio"`
}

InterceptorConfig defines AI Privacy Interceptor settings

type KMSConfig 

type KMSConfig struct {
	// Region is the cloud region for KMS API calls (e.g. "us-east-1", "us-central1").
	Region string `mapstructure:"region" json:"region"`

	// KeyID is the KMS key identifier (ARN, resource name, or alias).
	KeyID string `mapstructure:"keyId" json:"keyId"`

	// Endpoint is an optional custom endpoint for KMS API calls (useful for testing).
	Endpoint string `mapstructure:"endpoint" json:"endpoint,omitempty"`

	// FallbackToLocal enables automatic fallback to the local CryptoProvider when KMS is unavailable.
	FallbackToLocal bool `mapstructure:"fallbackToLocal" json:"fallbackToLocal"`

	// TimeoutPerOperation is the maximum duration for a single KMS API call (default: 5s).
	TimeoutPerOperation time.Duration `mapstructure:"timeoutPerOperation" json:"timeoutPerOperation"`

	// MaxRetries is the number of retry attempts for transient KMS errors (default: 3).
	MaxRetries int `mapstructure:"maxRetries" json:"maxRetries"`

	// Azure holds Azure Key Vault specific settings.
	Azure AzureKVConfig `mapstructure:"azure" json:"azure"`

	// PKCS11 holds PKCS#11 HSM specific settings.
	PKCS11 PKCS11Config `mapstructure:"pkcs11" json:"pkcs11"`
}

KMSConfig defines Cloud KMS and HSM backend settings.

type KnowledgeConfig 

type KnowledgeConfig struct {
	// Enable the knowledge/learning system
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Maximum context items per layer in retrieval
	MaxContextPerLayer int `mapstructure:"maxContextPerLayer" json:"maxContextPerLayer"`

	// AnalysisTurnThreshold is the number of new turns before triggering conversation analysis (default: 10).
	AnalysisTurnThreshold int `mapstructure:"analysisTurnThreshold" json:"analysisTurnThreshold"`

	// AnalysisTokenThreshold is the token count before triggering conversation analysis (default: 2000).
	AnalysisTokenThreshold int `mapstructure:"analysisTokenThreshold" json:"analysisTokenThreshold"`
}

KnowledgeConfig defines self-learning knowledge system settings

type LibrarianConfig 

type LibrarianConfig struct {
	// Enable the proactive librarian system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Minimum observation count to trigger analysis (default: 2).
	ObservationThreshold int `mapstructure:"observationThreshold" json:"observationThreshold"`

	// Turns between inquiries per session (default: 3).
	InquiryCooldownTurns int `mapstructure:"inquiryCooldownTurns" json:"inquiryCooldownTurns"`

	// Maximum pending inquiries per session (default: 2).
	MaxPendingInquiries int `mapstructure:"maxPendingInquiries" json:"maxPendingInquiries"`

	// Minimum confidence level for auto-save: "high", "medium", "low" (default: "high").
	AutoSaveConfidence types.Confidence `mapstructure:"autoSaveConfidence" json:"autoSaveConfidence"`

	// LLM provider for analysis (empty = use agent default).
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID for analysis (empty = use agent default).
	Model string `mapstructure:"model" json:"model"`
}

LibrarianConfig defines proactive knowledge librarian settings.

type LocalEmbeddingConfig 

type LocalEmbeddingConfig struct {
	// BaseURL is the Ollama endpoint (default: http://localhost:11434/v1).
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
	// Deprecated: Model is now unified in EmbeddingConfig.Model for all providers.
	// Retained only for backward-compatible config loading and migration.
	Model string `mapstructure:"model" json:"model,omitempty"`
}

LocalEmbeddingConfig defines settings for a local embedding provider.

type LoggingConfig 

type LoggingConfig struct {
	// Log level (debug, info, warn, error)
	Level string `mapstructure:"level" json:"level"`

	// Output format (json, console)
	Format string `mapstructure:"format" json:"format"`

	// Output file path (empty = stdout)
	OutputPath string `mapstructure:"outputPath" json:"outputPath"`
}

LoggingConfig defines logging settings

type OIDCProviderConfig 

type OIDCProviderConfig struct {
	IssuerURL    string   `mapstructure:"issuerUrl" json:"issuerUrl"`
	ClientID     string   `mapstructure:"clientId" json:"clientId"`
	ClientSecret string   `mapstructure:"clientSecret" json:"clientSecret"`
	RedirectURL  string   `mapstructure:"redirectUrl" json:"redirectUrl"`
	Scopes       []string `mapstructure:"scopes" json:"scopes"`
}

OIDCProviderConfig defines a single OIDC provider

type ObservationalMemoryConfig 

type ObservationalMemoryConfig struct {
	// Enable the observational memory system
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// LLM provider for observer/reflector (empty = use agent default)
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID for observer/reflector (empty = use agent default)
	Model string `mapstructure:"model" json:"model"`

	// Token threshold to trigger observation (default: 1000)
	MessageTokenThreshold int `mapstructure:"messageTokenThreshold" json:"messageTokenThreshold"`

	// Token threshold to trigger reflection (default: 2000)
	ObservationTokenThreshold int `mapstructure:"observationTokenThreshold" json:"observationTokenThreshold"`

	// Max token budget for recent messages in context (default: 8000)
	MaxMessageTokenBudget int `mapstructure:"maxMessageTokenBudget" json:"maxMessageTokenBudget"`

	// MaxReflectionsInContext limits reflections injected into LLM context (default: 5, 0 = unlimited).
	MaxReflectionsInContext int `mapstructure:"maxReflectionsInContext" json:"maxReflectionsInContext"`

	// MaxObservationsInContext limits observations injected into LLM context (default: 20, 0 = unlimited).
	MaxObservationsInContext int `mapstructure:"maxObservationsInContext" json:"maxObservationsInContext"`

	// MemoryTokenBudget sets the max token budget for the memory section in system prompt (default: 4000).
	// Zero means use the default.
	MemoryTokenBudget int `mapstructure:"memoryTokenBudget" json:"memoryTokenBudget"`

	// ReflectionConsolidationThreshold is the min reflections before meta-reflection triggers (default: 5).
	// Zero means use the default.
	ReflectionConsolidationThreshold int `mapstructure:"reflectionConsolidationThreshold" json:"reflectionConsolidationThreshold"`
}

ObservationalMemoryConfig defines Observational Memory settings

type OwnerProtectionConfig 

type OwnerProtectionConfig struct {
	// OwnerName is the owner's name to block from P2P responses.
	OwnerName string `mapstructure:"ownerName" json:"ownerName"`

	// OwnerEmail is the owner's email to block from P2P responses.
	OwnerEmail string `mapstructure:"ownerEmail" json:"ownerEmail"`

	// OwnerPhone is the owner's phone number to block from P2P responses.
	OwnerPhone string `mapstructure:"ownerPhone" json:"ownerPhone"`

	// ExtraTerms are additional terms to block from P2P responses.
	ExtraTerms []string `mapstructure:"extraTerms" json:"extraTerms,omitempty"`

	// BlockConversations blocks all conversation-related fields from P2P responses (default: true).
	BlockConversations *bool `mapstructure:"blockConversations" json:"blockConversations"`
}

OwnerProtectionConfig configures owner data protection for P2P responses.

type P2PConfig 

type P2PConfig struct {
	// Enable P2P networking.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// ListenAddrs are the multiaddrs to listen on (e.g. /ip4/0.0.0.0/tcp/9000).
	ListenAddrs []string `mapstructure:"listenAddrs" json:"listenAddrs"`

	// BootstrapPeers are initial peers to connect to for DHT bootstrapping.
	BootstrapPeers []string `mapstructure:"bootstrapPeers" json:"bootstrapPeers"`

	// Deprecated: KeyDir is the legacy directory for persisting node keys.
	// Node keys are now stored in SecretsStore (encrypted) when available.
	// This field is retained for backward compatibility and migration.
	KeyDir string `mapstructure:"keyDir" json:"keyDir,omitempty"`

	// EnableRelay allows this node to act as a relay for NAT traversal.
	EnableRelay bool `mapstructure:"enableRelay" json:"enableRelay"`

	// EnableMDNS enables multicast DNS for local peer discovery.
	EnableMDNS bool `mapstructure:"enableMdns" json:"enableMdns"`

	// MaxPeers is the maximum number of connected peers.
	MaxPeers int `mapstructure:"maxPeers" json:"maxPeers"`

	// HandshakeTimeout is the maximum duration for peer handshake.
	HandshakeTimeout time.Duration `mapstructure:"handshakeTimeout" json:"handshakeTimeout"`

	// SessionTokenTTL is the lifetime of session tokens after handshake.
	SessionTokenTTL time.Duration `mapstructure:"sessionTokenTtl" json:"sessionTokenTtl"`

	// AutoApproveKnownPeers skips HITL approval for previously authenticated peers.
	AutoApproveKnownPeers bool `mapstructure:"autoApproveKnownPeers" json:"autoApproveKnownPeers"`

	// FirewallRules defines static ACL rules for the knowledge firewall.
	FirewallRules []FirewallRule `mapstructure:"firewallRules" json:"firewallRules"`

	// GossipInterval is the interval for gossip-based agent card propagation.
	GossipInterval time.Duration `mapstructure:"gossipInterval" json:"gossipInterval"`

	// ZKHandshake enables ZK-enhanced handshake instead of plain signature mode.
	ZKHandshake bool `mapstructure:"zkHandshake" json:"zkHandshake"`

	// ZKAttestation enables ZK attestation proofs on responses to peers.
	ZKAttestation bool `mapstructure:"zkAttestation" json:"zkAttestation"`

	// ZKP holds zero-knowledge proof settings.
	ZKP ZKPConfig `mapstructure:"zkp" json:"zkp"`

	// Pricing for paid P2P tool invocations.
	Pricing P2PPricingConfig `mapstructure:"pricing" json:"pricing"`

	// OwnerProtection prevents owner PII from leaking via P2P.
	OwnerProtection OwnerProtectionConfig `mapstructure:"ownerProtection" json:"ownerProtection"`

	// MinTrustScore is the minimum reputation to accept requests (0.0 to 1.0, default 0.3).
	MinTrustScore float64 `mapstructure:"minTrustScore" json:"minTrustScore"`

	// ToolIsolation configures process isolation for remote tool invocations.
	ToolIsolation ToolIsolationConfig `mapstructure:"toolIsolation" json:"toolIsolation"`

	// RequireSignedChallenge rejects unsigned challenges from peers when true.
	// When false (default), unsigned legacy challenges are accepted for backward compatibility.
	RequireSignedChallenge bool `mapstructure:"requireSignedChallenge" json:"requireSignedChallenge"`
}

P2PConfig defines peer-to-peer network settings for the Sovereign Agent Network.

type P2PPricingConfig 

type P2PPricingConfig struct {
	// Enable paid tool invocations.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// PerQuery is the default price per query in USDC (e.g. "0.50").
	PerQuery string `mapstructure:"perQuery" json:"perQuery"`

	// ToolPrices maps tool names to their specific prices in USDC.
	ToolPrices map[string]string `mapstructure:"toolPrices" json:"toolPrices,omitempty"`
}

P2PPricingConfig defines pricing for P2P tool invocations.

type PKCS11Config 

type PKCS11Config struct {
	// ModulePath is the path to the PKCS#11 shared library (.so/.dylib/.dll).
	ModulePath string `mapstructure:"modulePath" json:"modulePath"`

	// SlotID is the PKCS#11 slot number to use.
	SlotID int `mapstructure:"slotId" json:"slotId"`

	// Pin is the PKCS#11 user PIN (prefer LANGO_PKCS11_PIN env var).
	Pin string `mapstructure:"pin" json:"pin,omitempty"`

	// KeyLabel is the label of the key object in the HSM.
	KeyLabel string `mapstructure:"keyLabel" json:"keyLabel"`
}

PKCS11Config defines PKCS#11 HSM specific settings.

type PaymentConfig 

type PaymentConfig struct {
	// Enable blockchain payment features.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// WalletProvider selects the wallet backend: "local", "rpc", or "composite".
	WalletProvider string `mapstructure:"walletProvider" json:"walletProvider"`

	// Network defines blockchain network parameters.
	Network PaymentNetworkConfig `mapstructure:"network" json:"network"`

	// Limits defines spending restrictions.
	Limits SpendingLimitsConfig `mapstructure:"limits" json:"limits"`

	// X402 defines X402 protocol interception settings.
	X402 X402Config `mapstructure:"x402" json:"x402"`
}

PaymentConfig defines blockchain payment settings.

type PaymentNetworkConfig 

type PaymentNetworkConfig struct {
	// ChainID is the EVM chain ID (default: 84532 = Base Sepolia).
	ChainID int64 `mapstructure:"chainId" json:"chainId"`

	// RPCURL is the JSON-RPC endpoint for the blockchain network.
	RPCURL string `mapstructure:"rpcUrl" json:"rpcUrl"`

	// USDCContract is the USDC token contract address on the target chain.
	USDCContract string `mapstructure:"usdcContract" json:"usdcContract"`
}

PaymentNetworkConfig defines blockchain network parameters.

type PresidioConfig 

type PresidioConfig struct {
	Enabled        bool    `mapstructure:"enabled" json:"enabled"`
	URL            string  `mapstructure:"url" json:"url"`                       // default: http://localhost:5002
	ScoreThreshold float64 `mapstructure:"scoreThreshold" json:"scoreThreshold"` // default: 0.7
	Language       string  `mapstructure:"language" json:"language"`             // default: "en"
}

PresidioConfig defines Microsoft Presidio integration settings.

type ProviderConfig 

type ProviderConfig struct {
	// Provider type (openai, anthropic, gemini)
	Type types.ProviderType `mapstructure:"type" json:"type"`

	// API key for the provider (supports ${ENV_VAR} substitution)
	APIKey string `mapstructure:"apiKey" json:"apiKey"`

	// Base URL for OpenAI-compatible providers
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
}

ProviderConfig defines AI provider settings

type RAGConfig 

type RAGConfig struct {
	// Enabled activates RAG context injection.
	Enabled bool `mapstructure:"enabled" json:"enabled"`
	// MaxResults is the maximum number of results to inject.
	MaxResults int `mapstructure:"maxResults" json:"maxResults"`
	// Collections to search (empty means all).
	Collections []string `mapstructure:"collections" json:"collections"`
	// MaxDistance is the maximum cosine distance for RAG results (0.0 = disabled).
	MaxDistance float32 `mapstructure:"maxDistance" json:"maxDistance"`
}

RAGConfig defines retrieval-augmented generation settings.

type RemoteAgentConfig 

type RemoteAgentConfig struct {
	// Name is the local name for this remote agent.
	Name string `mapstructure:"name" json:"name"`

	// AgentCardURL is the URL to fetch the agent card from.
	// Typically: https://host/.well-known/agent.json
	AgentCardURL string `mapstructure:"agentCardUrl" json:"agentCardUrl"`
}

RemoteAgentConfig defines an external A2A agent to connect to.

type SecurityConfig 

type SecurityConfig struct {
	// Interceptor configuration
	Interceptor InterceptorConfig `mapstructure:"interceptor" json:"interceptor"`
	// Signer configuration
	Signer SignerConfig `mapstructure:"signer" json:"signer"`
	// DBEncryption configuration (SQLCipher transparent encryption)
	DBEncryption DBEncryptionConfig `mapstructure:"dbEncryption" json:"dbEncryption"`
	// KMS configuration (Cloud KMS / HSM backends)
	KMS KMSConfig `mapstructure:"kms" json:"kms"`
}

SecurityConfig defines security settings

type ServerConfig 

type ServerConfig struct {
	// Host to bind to (default: "localhost")
	Host string `mapstructure:"host" json:"host"`

	// Port to listen on (default: 18789)
	Port int `mapstructure:"port" json:"port"`

	// Enable HTTP API endpoints
	HTTPEnabled bool `mapstructure:"httpEnabled" json:"httpEnabled"`

	// Enable WebSocket server
	WebSocketEnabled bool `mapstructure:"wsEnabled" json:"wsEnabled"`

	// Allowed origins for WebSocket CORS (empty = same-origin, ["*"] = allow all)
	AllowedOrigins []string `mapstructure:"allowedOrigins" json:"allowedOrigins"`
}

ServerConfig defines gateway server settings

type SessionConfig 

type SessionConfig struct {
	// Database path for standalone CLI access (defaults to ~/.lango/lango.db).
	// In normal operation the bootstrap Ent client is reused instead.
	DatabasePath string `mapstructure:"databasePath" json:"databasePath"`

	// Session TTL before expiration
	TTL time.Duration `mapstructure:"ttl" json:"ttl"`

	// Maximum history turns per session
	MaxHistoryTurns int `mapstructure:"maxHistoryTurns" json:"maxHistoryTurns"`
}

SessionConfig defines session storage settings. The primary database is always ~/.lango/lango.db (opened during bootstrap). DatabasePath is used as a fallback for standalone CLI commands.

type SignerConfig 

type SignerConfig struct {
	Provider string `mapstructure:"provider" json:"provider"` // "local", "rpc", "enclave"
	RPCUrl   string `mapstructure:"rpcUrl" json:"rpcUrl"`     // for RPC provider
	KeyID    string `mapstructure:"keyId" json:"keyId"`       // Key identifier
}

SignerConfig defines Secure Signer settings

type SkillConfig 

type SkillConfig struct {
	// Enable the skill system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// SkillsDir is the directory containing skill files (default: ~/.lango/skills).
	SkillsDir string `mapstructure:"skillsDir" json:"skillsDir"`

	// AllowImport enables importing skills from external URLs and GitHub repositories.
	AllowImport bool `mapstructure:"allowImport" json:"allowImport"`

	// MaxBulkImport limits the number of skills in a single bulk import operation (default: 50).
	MaxBulkImport int `mapstructure:"maxBulkImport" json:"maxBulkImport"`

	// ImportConcurrency sets the number of concurrent HTTP requests during bulk import (default: 5).
	ImportConcurrency int `mapstructure:"importConcurrency" json:"importConcurrency"`

	// ImportTimeout is the overall timeout for skill import operations (default: 2m).
	ImportTimeout time.Duration `mapstructure:"importTimeout" json:"importTimeout"`
}

SkillConfig defines file-based skill settings.

type SlackConfig 

type SlackConfig struct {
	// Enable Slack channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot OAuth token
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// App-level token for Socket Mode
	AppToken string `mapstructure:"appToken" json:"appToken"`

	// Signing secret for request verification
	SigningSecret string `mapstructure:"signingSecret" json:"signingSecret"`
}

SlackConfig defines Slack app settings

type SpendingLimitsConfig 

type SpendingLimitsConfig struct {
	// MaxPerTx is the maximum amount per transaction in USDC (e.g. "1.00").
	MaxPerTx string `mapstructure:"maxPerTx" json:"maxPerTx"`

	// MaxDaily is the maximum daily spending in USDC (e.g. "10.00").
	MaxDaily string `mapstructure:"maxDaily" json:"maxDaily"`

	// AutoApproveBelow is the amount below which transactions are auto-approved.
	AutoApproveBelow string `mapstructure:"autoApproveBelow" json:"autoApproveBelow"`
}

SpendingLimitsConfig defines spending restrictions for payment transactions.

type TelegramConfig 

type TelegramConfig struct {
	// Enable Telegram channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot token from BotFather
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// Allowed user/group IDs (empty = allow all)
	Allowlist []int64 `mapstructure:"allowlist" json:"allowlist"`
}

TelegramConfig defines Telegram bot settings

type ToolIsolationConfig 

type ToolIsolationConfig struct {
	// Enabled turns on subprocess isolation for remote peer tool invocations.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// TimeoutPerTool is the maximum duration for a single tool execution (default: 30s).
	TimeoutPerTool time.Duration `mapstructure:"timeoutPerTool" json:"timeoutPerTool"`

	// MaxMemoryMB is a soft memory limit per subprocess in megabytes (Phase 2).
	MaxMemoryMB int `mapstructure:"maxMemoryMB" json:"maxMemoryMB"`

	// Container configures container-based tool execution sandbox (Phase 2).
	Container ContainerSandboxConfig `mapstructure:"container" json:"container"`
}

ToolIsolationConfig configures subprocess isolation for P2P tool execution.

type ToolsConfig 

type ToolsConfig struct {
	Exec       ExecToolConfig       `mapstructure:"exec" json:"exec"`
	Filesystem FilesystemToolConfig `mapstructure:"filesystem" json:"filesystem"`
	Browser    BrowserToolConfig    `mapstructure:"browser" json:"browser"`
}

ToolsConfig defines tool-specific settings

type WorkflowConfig 

type WorkflowConfig struct {
	// Enable the workflow engine.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Maximum number of concurrently executing workflow steps.
	MaxConcurrentSteps int `mapstructure:"maxConcurrentSteps" json:"maxConcurrentSteps"`

	// Default timeout for a single workflow step (e.g. "10m").
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// Directory to store workflow state for resume capability.
	StateDir string `mapstructure:"stateDir" json:"stateDir"`

	// Default delivery channels when deliver_to is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

WorkflowConfig defines workflow engine settings.

type X402Config 

type X402Config struct {
	// AutoIntercept enables automatic interception of HTTP 402 responses.
	AutoIntercept bool `mapstructure:"autoIntercept" json:"autoIntercept"`

	// MaxAutoPayAmount is the maximum amount to auto-pay for X402 challenges.
	MaxAutoPayAmount string `mapstructure:"maxAutoPayAmount" json:"maxAutoPayAmount"`
}

X402Config defines X402 protocol interception settings.

type ZKPConfig 

type ZKPConfig struct {
	// ProofCacheDir is the directory for caching compiled circuits and proving keys.
	ProofCacheDir string `mapstructure:"proofCacheDir" json:"proofCacheDir"`

	// ProvingScheme selects the ZKP proving scheme: "plonk" or "groth16".
	ProvingScheme string `mapstructure:"provingScheme" json:"provingScheme"`

	// SRSMode selects the SRS generation mode: "unsafe" (default) or "file".
	SRSMode string `mapstructure:"srsMode" json:"srsMode"`

	// SRSPath is the path to the SRS file (used when SRSMode == "file").
	SRSPath string `mapstructure:"srsPath" json:"srsPath"`

	// MaxCredentialAge is the maximum age for ZK credentials (e.g. "24h").
	MaxCredentialAge string `mapstructure:"maxCredentialAge" json:"maxCredentialAge"`
}

ZKPConfig defines zero-knowledge proof settings.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.