config

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 5, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ProviderTypeToEmbeddingType = map[types.ProviderType]string{
	types.ProviderOpenAI:    "openai",
	types.ProviderGemini:    "google",
	types.ProviderGoogle:    "google",
	types.ProviderAnthropic: "",
	types.ProviderOllama:    "local",
}

ProviderTypeToEmbeddingType maps a provider config type to the corresponding embedding backend type.

Functions

func ExpandEnvVars added in v0.4.0 

func ExpandEnvVars(s string) string

ExpandEnvVars replaces ${VAR} patterns in s with environment variable values. Variables that are not set in the environment are left as-is.

func Validate 

func Validate(cfg *Config) error

Validate checks if the configuration is valid

Types

type A2AConfig 

type A2AConfig struct {
	// Enable A2A protocol support.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// BaseURL is the external URL where this agent is reachable.
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`

	// AgentName is the name advertised in the Agent Card.
	AgentName string `mapstructure:"agentName" json:"agentName"`

	// AgentDescription is the description in the Agent Card.
	AgentDescription string `mapstructure:"agentDescription" json:"agentDescription"`

	// RemoteAgents is a list of external A2A agents to integrate as sub-agents.
	RemoteAgents []RemoteAgentConfig `mapstructure:"remoteAgents" json:"remoteAgents"`
}

A2AConfig defines Agent-to-Agent protocol settings.

type AgentConfig 

type AgentConfig struct {
	// Default model provider (anthropic, openai, google)
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID to use
	Model string `mapstructure:"model" json:"model"`

	// Maximum tokens for context window
	MaxTokens int `mapstructure:"maxTokens" json:"maxTokens"`

	// Temperature for generation
	Temperature float64 `mapstructure:"temperature" json:"temperature"`

	// PromptsDir is the directory containing section .md files (AGENTS.md, SAFETY.md, etc.)
	// If empty, built-in default sections are used.
	PromptsDir string `mapstructure:"promptsDir" json:"promptsDir"`

	// Fallback provider ID
	FallbackProvider string `mapstructure:"fallbackProvider" json:"fallbackProvider"`

	// Fallback model ID
	FallbackModel string `mapstructure:"fallbackModel" json:"fallbackModel"`

	// MultiAgent enables hierarchical sub-agent orchestration.
	// When false (default), a single monolithic agent handles all tasks.
	MultiAgent bool `mapstructure:"multiAgent" json:"multiAgent"`

	// RequestTimeout is the maximum duration for a single agent request (default: 5m).
	RequestTimeout time.Duration `mapstructure:"requestTimeout" json:"requestTimeout"`

	// ToolTimeout is the maximum duration for a single tool call execution (default: 2m).
	ToolTimeout time.Duration `mapstructure:"toolTimeout" json:"toolTimeout"`

	// MaxTurns limits the number of tool-calling iterations per agent run (default: 25).
	// Zero means use the default.
	MaxTurns int `mapstructure:"maxTurns" json:"maxTurns"`

	// ErrorCorrectionEnabled enables learning-based error correction (default: true).
	// When nil, defaults to true if the knowledge system is enabled.
	ErrorCorrectionEnabled *bool `mapstructure:"errorCorrectionEnabled" json:"errorCorrectionEnabled"`

	// MaxDelegationRounds limits orchestrator→sub-agent delegation rounds per turn (default: 10).
	// Zero means use the default.
	MaxDelegationRounds int `mapstructure:"maxDelegationRounds" json:"maxDelegationRounds"`

	// AgentsDir is the directory containing user-defined AGENT.md files.
	// Structure: <dir>/<name>/AGENT.md
	// If empty, only built-in agents are used.
	AgentsDir string `mapstructure:"agentsDir" json:"agentsDir"`
}

AgentConfig defines LLM agent settings

type AgentMemoryConfig added in v0.4.0 

type AgentMemoryConfig struct {
	// Enable agent memory system
	Enabled bool `mapstructure:"enabled" json:"enabled"`
}

AgentMemoryConfig defines agent-scoped persistent memory settings.

type ApprovalPolicy 

type ApprovalPolicy string

ApprovalPolicy determines which tools require approval before execution. 

const (
	// ApprovalPolicyDangerous requires approval for Dangerous-level tools (default).
	ApprovalPolicyDangerous ApprovalPolicy = "dangerous"
	// ApprovalPolicyAll requires approval for all tools.
	ApprovalPolicyAll ApprovalPolicy = "all"
	// ApprovalPolicyConfigured requires approval only for explicitly listed SensitiveTools.
	ApprovalPolicyConfigured ApprovalPolicy = "configured"
	// ApprovalPolicyNone disables approval entirely.
	ApprovalPolicyNone ApprovalPolicy = "none"
)

func (ApprovalPolicy) Valid 

func (p ApprovalPolicy) Valid() bool

Valid reports whether p is a known approval policy.

func (ApprovalPolicy) Values 

func (p ApprovalPolicy) Values() []ApprovalPolicy

Values returns all known approval policies.

type AuthConfig 

type AuthConfig struct {
	// OIDC Providers
	Providers map[string]OIDCProviderConfig `mapstructure:"providers" json:"providers"`
}

AuthConfig defines authentication settings

type AzureKVConfig 

type AzureKVConfig struct {
	// VaultURL is the Azure Key Vault URL (e.g. "https://myvault.vault.azure.net").
	VaultURL string `mapstructure:"vaultUrl" json:"vaultUrl"`

	// KeyVersion is the specific key version to use (empty = latest).
	KeyVersion string `mapstructure:"keyVersion" json:"keyVersion,omitempty"`
}

AzureKVConfig defines Azure Key Vault specific settings.

type BackgroundConfig 

type BackgroundConfig struct {
	// Enable the background task system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Time in milliseconds before an agent turn is auto-yielded to background.
	YieldMs int `mapstructure:"yieldMs" json:"yieldMs"`

	// Maximum number of concurrently running background tasks.
	MaxConcurrentTasks int `mapstructure:"maxConcurrentTasks" json:"maxConcurrentTasks"`

	// TaskTimeout is the maximum duration for a single background task (default: 30m).
	TaskTimeout time.Duration `mapstructure:"taskTimeout" json:"taskTimeout"`

	// Default delivery channels when channel is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

BackgroundConfig defines background task execution settings.

type BrowserToolConfig 

type BrowserToolConfig struct {
	// Enable browser tools (requires Chromium)
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Run headless
	Headless bool `mapstructure:"headless" json:"headless"`

	// Path to browser binary (empty = auto-detect via launcher.LookPath)
	BrowserBin string `mapstructure:"browserBin" json:"browserBin"`

	// Session timeout
	SessionTimeout time.Duration `mapstructure:"sessionTimeout" json:"sessionTimeout"`
}

BrowserToolConfig defines browser automation settings

type ChannelsConfig 

type ChannelsConfig struct {
	Telegram TelegramConfig `mapstructure:"telegram" json:"telegram"`
	Discord  DiscordConfig  `mapstructure:"discord" json:"discord"`
	Slack    SlackConfig    `mapstructure:"slack" json:"slack"`
}

ChannelsConfig holds all channel configurations

type Config 

type Config struct {
	// Server configuration
	Server ServerConfig `mapstructure:"server" json:"server"`

	// Agent configuration
	Agent AgentConfig `mapstructure:"agent" json:"agent"`

	// Channel configurations
	Channels ChannelsConfig `mapstructure:"channels" json:"channels"`

	// Logging configuration
	Logging LoggingConfig `mapstructure:"logging" json:"logging"`

	// Session configuration
	Session SessionConfig `mapstructure:"session" json:"session"`

	// Tools configuration
	Tools ToolsConfig `mapstructure:"tools" json:"tools"`

	// Hooks configuration (tool execution hooks)
	Hooks HooksConfig `mapstructure:"hooks" json:"hooks"`

	// Auth configuration
	Auth AuthConfig `mapstructure:"auth" json:"auth"`

	// Security configuration
	Security SecurityConfig `mapstructure:"security" json:"security"`

	// Knowledge configuration
	Knowledge KnowledgeConfig `mapstructure:"knowledge" json:"knowledge"`

	// Observational Memory configuration
	ObservationalMemory ObservationalMemoryConfig `mapstructure:"observationalMemory" json:"observationalMemory"`

	// Embedding / RAG configuration
	Embedding EmbeddingConfig `mapstructure:"embedding" json:"embedding"`

	// Graph store configuration
	Graph GraphConfig `mapstructure:"graph" json:"graph"`

	// A2A protocol configuration
	A2A A2AConfig `mapstructure:"a2a" json:"a2a"`

	// Payment configuration (blockchain micropayments)
	Payment PaymentConfig `mapstructure:"payment" json:"payment"`

	// Cron scheduling configuration
	Cron CronConfig `mapstructure:"cron" json:"cron"`

	// Background task execution configuration
	Background BackgroundConfig `mapstructure:"background" json:"background"`

	// Workflow engine configuration
	Workflow WorkflowConfig `mapstructure:"workflow" json:"workflow"`

	// Skill configuration (file-based skills)
	Skill SkillConfig `mapstructure:"skill" json:"skill"`

	// Librarian configuration (proactive knowledge agent)
	Librarian LibrarianConfig `mapstructure:"librarian" json:"librarian"`

	// P2P network configuration
	P2P P2PConfig `mapstructure:"p2p" json:"p2p"`

	// Agent Memory configuration (per-agent persistent memory)
	AgentMemory AgentMemoryConfig `mapstructure:"agentMemory" json:"agentMemory"`

	// MCP server integration configuration
	MCP MCPConfig `mapstructure:"mcp" json:"mcp"`

	// Providers configuration
	Providers map[string]ProviderConfig `mapstructure:"providers" json:"providers"`
}

Config is the root configuration structure for lango

func DefaultConfig 

func DefaultConfig() *Config

DefaultConfig returns a Config with sensible defaults

func Load 

func Load(configPath string) (*Config, error)

Load reads configuration from file and environment

func (*Config) MigrateEmbeddingProvider 

func (c *Config) MigrateEmbeddingProvider()

MigrateEmbeddingProvider migrates legacy configs that use separate ProviderID and Provider fields into the unified Provider field, and consolidates the deprecated Local.Model into the canonical Model field.

func (*Config) ResolveEmbeddingProvider 

func (c *Config) ResolveEmbeddingProvider() (backendType, apiKey string)

ResolveEmbeddingProvider returns the embedding backend type and API key for the configured embedding provider. The Provider field can be "local" (Ollama) or a key in the providers map. Legacy configs with ProviderID are handled via MigrateEmbeddingProvider.

type ContainerSandboxConfig 

type ContainerSandboxConfig struct {
	// Enabled activates container-based sandbox instead of subprocess isolation.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Runtime selects the container runtime: "auto", "docker", "gvisor", or "native" (default: "auto").
	Runtime string `mapstructure:"runtime" json:"runtime"`

	// Image is the Docker image for the sandbox container (default: "lango-sandbox:latest").
	Image string `mapstructure:"image" json:"image"`

	// NetworkMode is the Docker network mode for sandbox containers (default: "none").
	NetworkMode string `mapstructure:"networkMode" json:"networkMode"`

	// ReadOnlyRootfs mounts the container root filesystem as read-only (default: true).
	ReadOnlyRootfs *bool `mapstructure:"readOnlyRootfs" json:"readOnlyRootfs"`

	// CPUQuotaUS is the Docker CPU quota in microseconds (0 = unlimited).
	CPUQuotaUS int64 `mapstructure:"cpuQuotaUs" json:"cpuQuotaUs"`

	// PoolSize is the number of pre-warmed containers in the pool (0 = disabled).
	PoolSize int `mapstructure:"poolSize" json:"poolSize"`

	// PoolIdleTimeout is the idle timeout before pool containers are recycled (default: 5m).
	PoolIdleTimeout time.Duration `mapstructure:"poolIdleTimeout" json:"poolIdleTimeout"`
}

ContainerSandboxConfig configures container-based tool execution isolation.

type CronConfig 

type CronConfig struct {
	// Enable the cron scheduling system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Default timezone for cron schedules (e.g. "Asia/Seoul").
	Timezone string `mapstructure:"timezone" json:"timezone"`

	// Maximum number of concurrently executing jobs.
	MaxConcurrentJobs int `mapstructure:"maxConcurrentJobs" json:"maxConcurrentJobs"`

	// Default session mode for jobs: "isolated" or "main".
	DefaultSessionMode string `mapstructure:"defaultSessionMode" json:"defaultSessionMode"`

	// How long to retain job execution history (e.g. "30d", "720h").
	HistoryRetention string `mapstructure:"historyRetention" json:"historyRetention"`

	// Default delivery channels when deliver_to is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

CronConfig defines cron scheduling settings.

type DBEncryptionConfig 

type DBEncryptionConfig struct {
	// Enabled activates SQLCipher encryption for the application database.
	Enabled bool `mapstructure:"enabled" json:"enabled"`
	// CipherPageSize is the SQLCipher cipher_page_size PRAGMA (default: 4096).
	CipherPageSize int `mapstructure:"cipherPageSize" json:"cipherPageSize"`
}

DBEncryptionConfig defines SQLCipher transparent database encryption settings.

type DiscordConfig 

type DiscordConfig struct {
	// Enable Discord channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot token from Discord Developer Portal
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// Application ID for slash commands
	ApplicationID string `mapstructure:"applicationId" json:"applicationId"`

	// Allowed guild IDs (empty = allow all)
	AllowedGuilds []string `mapstructure:"allowedGuilds" json:"allowedGuilds"`
}

DiscordConfig defines Discord bot settings

type EmbeddingConfig 

type EmbeddingConfig struct {
	// Provider selects the embedding provider. Set to "local" for Ollama-based
	// local embeddings, or use a key from the providers map (e.g., "my-openai",
	// "gemini-1") to resolve the backend type and API key automatically.
	Provider string `mapstructure:"provider" json:"provider"`

	// Deprecated: ProviderID is kept only for backwards-compatible config loading.
	// New configs should use Provider for both local and remote providers.
	ProviderID string `mapstructure:"providerID" json:"providerID,omitempty"`

	// Model is the embedding model identifier.
	Model string `mapstructure:"model" json:"model"`

	// Dimensions is the embedding vector dimensionality.
	Dimensions int `mapstructure:"dimensions" json:"dimensions"`

	// Local holds settings for the local (Ollama) provider.
	Local LocalEmbeddingConfig `mapstructure:"local" json:"local"`

	// RAG holds retrieval-augmented generation settings.
	RAG RAGConfig `mapstructure:"rag" json:"rag"`
}

EmbeddingConfig defines embedding and RAG settings.

type ExecToolConfig 

type ExecToolConfig struct {
	// Default timeout for commands
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// Allow background processes
	AllowBackground bool `mapstructure:"allowBackground" json:"allowBackground"`

	// Working directory (empty = current)
	WorkDir string `mapstructure:"workDir" json:"workDir"`
}

ExecToolConfig defines shell execution settings

type FilesystemToolConfig 

type FilesystemToolConfig struct {
	// Maximum file size to read
	MaxReadSize int64 `mapstructure:"maxReadSize" json:"maxReadSize"`

	// Allowed paths (empty = allow all)
	AllowedPaths []string `mapstructure:"allowedPaths" json:"allowedPaths"`
}

FilesystemToolConfig defines file access settings

type FirewallRule 

type FirewallRule struct {
	// PeerDID is the DID of the peer this rule applies to ("*" for all).
	PeerDID string `mapstructure:"peerDid" json:"peerDid"`

	// Action is "allow" or "deny".
	Action string `mapstructure:"action" json:"action"`

	// Tools lists tool name patterns this rule applies to.
	Tools []string `mapstructure:"tools" json:"tools"`

	// RateLimit is the maximum requests per minute (0 = unlimited).
	RateLimit int `mapstructure:"rateLimit" json:"rateLimit"`
}

FirewallRule defines an ACL rule for the knowledge firewall.

type GraphConfig 

type GraphConfig struct {
	// Enable the graph store.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Backend type: "bolt" (default, embedded BoltDB) or "rocksdb".
	Backend string `mapstructure:"backend" json:"backend"`

	// DatabasePath is the file path for the graph database.
	// Defaults to a "graph.db" file next to the session database.
	DatabasePath string `mapstructure:"databasePath" json:"databasePath"`

	// MaxTraversalDepth limits graph expansion depth (default: 2).
	MaxTraversalDepth int `mapstructure:"maxTraversalDepth" json:"maxTraversalDepth"`

	// MaxExpansionResults limits how many graph-expanded results to return (default: 10).
	MaxExpansionResults int `mapstructure:"maxExpansionResults" json:"maxExpansionResults"`
}

GraphConfig defines graph store settings for relationship-aware retrieval.

type HooksConfig added in v0.4.0 

type HooksConfig struct {
	// Enabled activates the hook system (default: true when multi-agent is enabled).
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// SecurityFilter enables the security filter hook that blocks dangerous commands.
	SecurityFilter bool `mapstructure:"securityFilter" json:"securityFilter"`

	// AccessControl enables per-agent tool access control.
	AccessControl bool `mapstructure:"accessControl" json:"accessControl"`

	// EventPublishing enables publishing tool execution events to the event bus.
	EventPublishing bool `mapstructure:"eventPublishing" json:"eventPublishing"`

	// KnowledgeSave enables automatic knowledge saving from tool results.
	KnowledgeSave bool `mapstructure:"knowledgeSave" json:"knowledgeSave"`

	// BlockedCommands is a list of command patterns to block (security filter).
	BlockedCommands []string `mapstructure:"blockedCommands" json:"blockedCommands"`
}

HooksConfig defines tool execution hook settings.

type InterceptorConfig 

type InterceptorConfig struct {
	Enabled             bool              `mapstructure:"enabled" json:"enabled"`
	RedactPII           bool              `mapstructure:"redactPii" json:"redactPii"`
	ApprovalPolicy      ApprovalPolicy    `mapstructure:"approvalPolicy" json:"approvalPolicy"` // default: "dangerous"
	HeadlessAutoApprove bool              `mapstructure:"headlessAutoApprove" json:"headlessAutoApprove"`
	NotifyChannel       string            `mapstructure:"notifyChannel" json:"notifyChannel"` // e.g. "discord", "telegram"
	SensitiveTools      []string          `mapstructure:"sensitiveTools" json:"sensitiveTools"`
	ExemptTools         []string          `mapstructure:"exemptTools" json:"exemptTools"` // Tools exempt from approval regardless of policy
	PIIRegexPatterns    []string          `mapstructure:"piiRegexPatterns" json:"piiRegexPatterns"`
	ApprovalTimeoutSec  int               `mapstructure:"approvalTimeoutSec" json:"approvalTimeoutSec"` // default 30
	PIIDisabledPatterns []string          `mapstructure:"piiDisabledPatterns" json:"piiDisabledPatterns"`
	PIICustomPatterns   map[string]string `mapstructure:"piiCustomPatterns" json:"piiCustomPatterns"`
	Presidio            PresidioConfig    `mapstructure:"presidio" json:"presidio"`
}

InterceptorConfig defines AI Privacy Interceptor settings

type KMSConfig 

type KMSConfig struct {
	// Region is the cloud region for KMS API calls (e.g. "us-east-1", "us-central1").
	Region string `mapstructure:"region" json:"region"`

	// KeyID is the KMS key identifier (ARN, resource name, or alias).
	KeyID string `mapstructure:"keyId" json:"keyId"`

	// Endpoint is an optional custom endpoint for KMS API calls (useful for testing).
	Endpoint string `mapstructure:"endpoint" json:"endpoint,omitempty"`

	// FallbackToLocal enables automatic fallback to the local CryptoProvider when KMS is unavailable.
	FallbackToLocal bool `mapstructure:"fallbackToLocal" json:"fallbackToLocal"`

	// TimeoutPerOperation is the maximum duration for a single KMS API call (default: 5s).
	TimeoutPerOperation time.Duration `mapstructure:"timeoutPerOperation" json:"timeoutPerOperation"`

	// MaxRetries is the number of retry attempts for transient KMS errors (default: 3).
	MaxRetries int `mapstructure:"maxRetries" json:"maxRetries"`

	// Azure holds Azure Key Vault specific settings.
	Azure AzureKVConfig `mapstructure:"azure" json:"azure"`

	// PKCS11 holds PKCS#11 HSM specific settings.
	PKCS11 PKCS11Config `mapstructure:"pkcs11" json:"pkcs11"`
}

KMSConfig defines Cloud KMS and HSM backend settings.

type KnowledgeConfig 

type KnowledgeConfig struct {
	// Enable the knowledge/learning system
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Maximum context items per layer in retrieval
	MaxContextPerLayer int `mapstructure:"maxContextPerLayer" json:"maxContextPerLayer"`

	// AnalysisTurnThreshold is the number of new turns before triggering conversation analysis (default: 10).
	AnalysisTurnThreshold int `mapstructure:"analysisTurnThreshold" json:"analysisTurnThreshold"`

	// AnalysisTokenThreshold is the token count before triggering conversation analysis (default: 2000).
	AnalysisTokenThreshold int `mapstructure:"analysisTokenThreshold" json:"analysisTokenThreshold"`
}

KnowledgeConfig defines self-learning knowledge system settings

type LibrarianConfig 

type LibrarianConfig struct {
	// Enable the proactive librarian system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Minimum observation count to trigger analysis (default: 2).
	ObservationThreshold int `mapstructure:"observationThreshold" json:"observationThreshold"`

	// Turns between inquiries per session (default: 3).
	InquiryCooldownTurns int `mapstructure:"inquiryCooldownTurns" json:"inquiryCooldownTurns"`

	// Maximum pending inquiries per session (default: 2).
	MaxPendingInquiries int `mapstructure:"maxPendingInquiries" json:"maxPendingInquiries"`

	// Minimum confidence level for auto-save: "high", "medium", "low" (default: "high").
	AutoSaveConfidence types.Confidence `mapstructure:"autoSaveConfidence" json:"autoSaveConfidence"`

	// LLM provider for analysis (empty = use agent default).
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID for analysis (empty = use agent default).
	Model string `mapstructure:"model" json:"model"`
}

LibrarianConfig defines proactive knowledge librarian settings.

type LocalEmbeddingConfig 

type LocalEmbeddingConfig struct {
	// BaseURL is the Ollama endpoint (default: http://localhost:11434/v1).
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
	// Deprecated: Model is now unified in EmbeddingConfig.Model for all providers.
	// Retained only for backward-compatible config loading and migration.
	Model string `mapstructure:"model" json:"model,omitempty"`
}

LocalEmbeddingConfig defines settings for a local embedding provider.

type LoggingConfig 

type LoggingConfig struct {
	// Log level (debug, info, warn, error)
	Level string `mapstructure:"level" json:"level"`

	// Output format (json, console)
	Format string `mapstructure:"format" json:"format"`

	// Output file path (empty = stdout)
	OutputPath string `mapstructure:"outputPath" json:"outputPath"`
}

LoggingConfig defines logging settings

type MCPConfig added in v0.4.0 

type MCPConfig struct {
	// Enable MCP server integration
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Servers is a map of named MCP server configurations.
	Servers map[string]MCPServerConfig `mapstructure:"servers" json:"servers"`

	// DefaultTimeout for MCP operations (default: 30s)
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// MaxOutputTokens limits the output size from MCP tool calls (default: 25000)
	MaxOutputTokens int `mapstructure:"maxOutputTokens" json:"maxOutputTokens"`

	// HealthCheckInterval for periodic server health probes (default: 30s)
	HealthCheckInterval time.Duration `mapstructure:"healthCheckInterval" json:"healthCheckInterval"`

	// AutoReconnect enables automatic reconnection on connection loss (default: true)
	AutoReconnect bool `mapstructure:"autoReconnect" json:"autoReconnect"`

	// MaxReconnectAttempts limits reconnection attempts (default: 5)
	MaxReconnectAttempts int `mapstructure:"maxReconnectAttempts" json:"maxReconnectAttempts"`
}

MCPConfig defines MCP (Model Context Protocol) server integration settings.

type MCPServerConfig added in v0.4.0 

type MCPServerConfig struct {
	// Transport type: "stdio" (default), "http", "sse"
	Transport string `mapstructure:"transport" json:"transport"`

	// Command is the executable for stdio transport.
	Command string `mapstructure:"command" json:"command"`

	// Args are command-line arguments for stdio transport.
	Args []string `mapstructure:"args" json:"args"`

	// Env are environment variables for stdio transport (supports ${VAR} expansion).
	Env map[string]string `mapstructure:"env" json:"env"`

	// URL is the endpoint for http/sse transport.
	URL string `mapstructure:"url" json:"url"`

	// Headers are HTTP headers for http/sse transport (supports ${VAR} expansion).
	Headers map[string]string `mapstructure:"headers" json:"headers"`

	// Enabled controls whether this server is active (default: true when nil).
	Enabled *bool `mapstructure:"enabled" json:"enabled"`

	// Timeout overrides the global default timeout for this server.
	Timeout time.Duration `mapstructure:"timeout" json:"timeout"`

	// SafetyLevel for tools from this server: "safe", "moderate", "dangerous" (default: "dangerous")
	SafetyLevel string `mapstructure:"safetyLevel" json:"safetyLevel"`
}

MCPServerConfig defines a single MCP server connection.

func (MCPServerConfig) IsEnabled added in v0.4.0 

func (s MCPServerConfig) IsEnabled() bool

IsEnabled returns whether the server is enabled (defaults to true when nil).

type OIDCProviderConfig 

type OIDCProviderConfig struct {
	IssuerURL    string   `mapstructure:"issuerUrl" json:"issuerUrl"`
	ClientID     string   `mapstructure:"clientId" json:"clientId"`
	ClientSecret string   `mapstructure:"clientSecret" json:"clientSecret"`
	RedirectURL  string   `mapstructure:"redirectUrl" json:"redirectUrl"`
	Scopes       []string `mapstructure:"scopes" json:"scopes"`
}

OIDCProviderConfig defines a single OIDC provider

type ObservationalMemoryConfig 

type ObservationalMemoryConfig struct {
	// Enable the observational memory system
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// LLM provider for observer/reflector (empty = use agent default)
	Provider string `mapstructure:"provider" json:"provider"`

	// Model ID for observer/reflector (empty = use agent default)
	Model string `mapstructure:"model" json:"model"`

	// Token threshold to trigger observation (default: 1000)
	MessageTokenThreshold int `mapstructure:"messageTokenThreshold" json:"messageTokenThreshold"`

	// Token threshold to trigger reflection (default: 2000)
	ObservationTokenThreshold int `mapstructure:"observationTokenThreshold" json:"observationTokenThreshold"`

	// Max token budget for recent messages in context (default: 8000)
	MaxMessageTokenBudget int `mapstructure:"maxMessageTokenBudget" json:"maxMessageTokenBudget"`

	// MaxReflectionsInContext limits reflections injected into LLM context (default: 5, 0 = unlimited).
	MaxReflectionsInContext int `mapstructure:"maxReflectionsInContext" json:"maxReflectionsInContext"`

	// MaxObservationsInContext limits observations injected into LLM context (default: 20, 0 = unlimited).
	MaxObservationsInContext int `mapstructure:"maxObservationsInContext" json:"maxObservationsInContext"`

	// MemoryTokenBudget sets the max token budget for the memory section in system prompt (default: 4000).
	// Zero means use the default.
	MemoryTokenBudget int `mapstructure:"memoryTokenBudget" json:"memoryTokenBudget"`

	// ReflectionConsolidationThreshold is the min reflections before meta-reflection triggers (default: 5).
	// Zero means use the default.
	ReflectionConsolidationThreshold int `mapstructure:"reflectionConsolidationThreshold" json:"reflectionConsolidationThreshold"`
}

ObservationalMemoryConfig defines Observational Memory settings

type OwnerProtectionConfig 

type OwnerProtectionConfig struct {
	// OwnerName is the owner's name to block from P2P responses.
	OwnerName string `mapstructure:"ownerName" json:"ownerName"`

	// OwnerEmail is the owner's email to block from P2P responses.
	OwnerEmail string `mapstructure:"ownerEmail" json:"ownerEmail"`

	// OwnerPhone is the owner's phone number to block from P2P responses.
	OwnerPhone string `mapstructure:"ownerPhone" json:"ownerPhone"`

	// ExtraTerms are additional terms to block from P2P responses.
	ExtraTerms []string `mapstructure:"extraTerms" json:"extraTerms,omitempty"`

	// BlockConversations blocks all conversation-related fields from P2P responses (default: true).
	BlockConversations *bool `mapstructure:"blockConversations" json:"blockConversations"`
}

OwnerProtectionConfig configures owner data protection for P2P responses.

type P2PConfig 

type P2PConfig struct {
	// Enable P2P networking.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// ListenAddrs are the multiaddrs to listen on (e.g. /ip4/0.0.0.0/tcp/9000).
	ListenAddrs []string `mapstructure:"listenAddrs" json:"listenAddrs"`

	// BootstrapPeers are initial peers to connect to for DHT bootstrapping.
	BootstrapPeers []string `mapstructure:"bootstrapPeers" json:"bootstrapPeers"`

	// Deprecated: KeyDir is the legacy directory for persisting node keys.
	// Node keys are now stored in SecretsStore (encrypted) when available.
	// This field is retained for backward compatibility and migration.
	KeyDir string `mapstructure:"keyDir" json:"keyDir,omitempty"`

	// EnableRelay allows this node to act as a relay for NAT traversal.
	EnableRelay bool `mapstructure:"enableRelay" json:"enableRelay"`

	// EnableMDNS enables multicast DNS for local peer discovery.
	EnableMDNS bool `mapstructure:"enableMdns" json:"enableMdns"`

	// MaxPeers is the maximum number of connected peers.
	MaxPeers int `mapstructure:"maxPeers" json:"maxPeers"`

	// HandshakeTimeout is the maximum duration for peer handshake.
	HandshakeTimeout time.Duration `mapstructure:"handshakeTimeout" json:"handshakeTimeout"`

	// SessionTokenTTL is the lifetime of session tokens after handshake.
	SessionTokenTTL time.Duration `mapstructure:"sessionTokenTtl" json:"sessionTokenTtl"`

	// AutoApproveKnownPeers skips HITL approval for previously authenticated peers.
	AutoApproveKnownPeers bool `mapstructure:"autoApproveKnownPeers" json:"autoApproveKnownPeers"`

	// FirewallRules defines static ACL rules for the knowledge firewall.
	FirewallRules []FirewallRule `mapstructure:"firewallRules" json:"firewallRules"`

	// GossipInterval is the interval for gossip-based agent card propagation.
	GossipInterval time.Duration `mapstructure:"gossipInterval" json:"gossipInterval"`

	// ZKHandshake enables ZK-enhanced handshake instead of plain signature mode.
	ZKHandshake bool `mapstructure:"zkHandshake" json:"zkHandshake"`

	// ZKAttestation enables ZK attestation proofs on responses to peers.
	ZKAttestation bool `mapstructure:"zkAttestation" json:"zkAttestation"`

	// ZKP holds zero-knowledge proof settings.
	ZKP ZKPConfig `mapstructure:"zkp" json:"zkp"`

	// Pricing for paid P2P tool invocations.
	Pricing P2PPricingConfig `mapstructure:"pricing" json:"pricing"`

	// OwnerProtection prevents owner PII from leaking via P2P.
	OwnerProtection OwnerProtectionConfig `mapstructure:"ownerProtection" json:"ownerProtection"`

	// MinTrustScore is the minimum reputation to accept requests (0.0 to 1.0, default 0.3).
	MinTrustScore float64 `mapstructure:"minTrustScore" json:"minTrustScore"`

	// ToolIsolation configures process isolation for remote tool invocations.
	ToolIsolation ToolIsolationConfig `mapstructure:"toolIsolation" json:"toolIsolation"`

	// RequireSignedChallenge rejects unsigned challenges from peers when true.
	// When false (default), unsigned legacy challenges are accepted for backward compatibility.
	RequireSignedChallenge bool `mapstructure:"requireSignedChallenge" json:"requireSignedChallenge"`
}

P2PConfig defines peer-to-peer network settings for the Sovereign Agent Network.

type P2PPricingConfig 

type P2PPricingConfig struct {
	// Enable paid tool invocations.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// PerQuery is the default price per query in USDC (e.g. "0.50").
	PerQuery string `mapstructure:"perQuery" json:"perQuery"`

	// ToolPrices maps tool names to their specific prices in USDC.
	ToolPrices map[string]string `mapstructure:"toolPrices" json:"toolPrices,omitempty"`

	// TrustThresholds configures trust-based payment tier thresholds.
	TrustThresholds TrustThresholds `mapstructure:"trustThresholds" json:"trustThresholds"`

	// Settlement configures on-chain settlement behavior.
	Settlement SettlementConfig `mapstructure:"settlement" json:"settlement"`
}

P2PPricingConfig defines pricing for P2P tool invocations.

type PKCS11Config 

type PKCS11Config struct {
	// ModulePath is the path to the PKCS#11 shared library (.so/.dylib/.dll).
	ModulePath string `mapstructure:"modulePath" json:"modulePath"`

	// SlotID is the PKCS#11 slot number to use.
	SlotID int `mapstructure:"slotId" json:"slotId"`

	// Pin is the PKCS#11 user PIN (prefer LANGO_PKCS11_PIN env var).
	Pin string `mapstructure:"pin" json:"pin,omitempty"`

	// KeyLabel is the label of the key object in the HSM.
	KeyLabel string `mapstructure:"keyLabel" json:"keyLabel"`
}

PKCS11Config defines PKCS#11 HSM specific settings.

type PaymentConfig 

type PaymentConfig struct {
	// Enable blockchain payment features.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// WalletProvider selects the wallet backend: "local", "rpc", or "composite".
	WalletProvider string `mapstructure:"walletProvider" json:"walletProvider"`

	// Network defines blockchain network parameters.
	Network PaymentNetworkConfig `mapstructure:"network" json:"network"`

	// Limits defines spending restrictions.
	Limits SpendingLimitsConfig `mapstructure:"limits" json:"limits"`

	// X402 defines X402 protocol interception settings.
	X402 X402Config `mapstructure:"x402" json:"x402"`
}

PaymentConfig defines blockchain payment settings.

type PaymentNetworkConfig 

type PaymentNetworkConfig struct {
	// ChainID is the EVM chain ID (default: 84532 = Base Sepolia).
	ChainID int64 `mapstructure:"chainId" json:"chainId"`

	// RPCURL is the JSON-RPC endpoint for the blockchain network.
	RPCURL string `mapstructure:"rpcUrl" json:"rpcUrl"`

	// USDCContract is the USDC token contract address on the target chain.
	USDCContract string `mapstructure:"usdcContract" json:"usdcContract"`
}

PaymentNetworkConfig defines blockchain network parameters.

type PresidioConfig 

type PresidioConfig struct {
	Enabled        bool    `mapstructure:"enabled" json:"enabled"`
	URL            string  `mapstructure:"url" json:"url"`                       // default: http://localhost:5002
	ScoreThreshold float64 `mapstructure:"scoreThreshold" json:"scoreThreshold"` // default: 0.7
	Language       string  `mapstructure:"language" json:"language"`             // default: "en"
}

PresidioConfig defines Microsoft Presidio integration settings.

type ProviderConfig 

type ProviderConfig struct {
	// Provider type (openai, anthropic, gemini)
	Type types.ProviderType `mapstructure:"type" json:"type"`

	// API key for the provider (supports ${ENV_VAR} substitution)
	APIKey string `mapstructure:"apiKey" json:"apiKey"`

	// Base URL for OpenAI-compatible providers
	BaseURL string `mapstructure:"baseUrl" json:"baseUrl"`
}

ProviderConfig defines AI provider settings

type RAGConfig 

type RAGConfig struct {
	// Enabled activates RAG context injection.
	Enabled bool `mapstructure:"enabled" json:"enabled"`
	// MaxResults is the maximum number of results to inject.
	MaxResults int `mapstructure:"maxResults" json:"maxResults"`
	// Collections to search (empty means all).
	Collections []string `mapstructure:"collections" json:"collections"`
	// MaxDistance is the maximum cosine distance for RAG results (0.0 = disabled).
	MaxDistance float32 `mapstructure:"maxDistance" json:"maxDistance"`
}

RAGConfig defines retrieval-augmented generation settings.

type RemoteAgentConfig 

type RemoteAgentConfig struct {
	// Name is the local name for this remote agent.
	Name string `mapstructure:"name" json:"name"`

	// AgentCardURL is the URL to fetch the agent card from.
	// Typically: https://host/.well-known/agent.json
	AgentCardURL string `mapstructure:"agentCardUrl" json:"agentCardUrl"`
}

RemoteAgentConfig defines an external A2A agent to connect to.

type SecurityConfig 

type SecurityConfig struct {
	// Interceptor configuration
	Interceptor InterceptorConfig `mapstructure:"interceptor" json:"interceptor"`
	// Signer configuration
	Signer SignerConfig `mapstructure:"signer" json:"signer"`
	// DBEncryption configuration (SQLCipher transparent encryption)
	DBEncryption DBEncryptionConfig `mapstructure:"dbEncryption" json:"dbEncryption"`
	// KMS configuration (Cloud KMS / HSM backends)
	KMS KMSConfig `mapstructure:"kms" json:"kms"`
}

SecurityConfig defines security settings

type ServerConfig 

type ServerConfig struct {
	// Host to bind to (default: "localhost")
	Host string `mapstructure:"host" json:"host"`

	// Port to listen on (default: 18789)
	Port int `mapstructure:"port" json:"port"`

	// Enable HTTP API endpoints
	HTTPEnabled bool `mapstructure:"httpEnabled" json:"httpEnabled"`

	// Enable WebSocket server
	WebSocketEnabled bool `mapstructure:"wsEnabled" json:"wsEnabled"`

	// Allowed origins for WebSocket CORS (empty = same-origin, ["*"] = allow all)
	AllowedOrigins []string `mapstructure:"allowedOrigins" json:"allowedOrigins"`
}

ServerConfig defines gateway server settings

type SessionConfig 

type SessionConfig struct {
	// Database path for standalone CLI access (defaults to ~/.lango/lango.db).
	// In normal operation the bootstrap Ent client is reused instead.
	DatabasePath string `mapstructure:"databasePath" json:"databasePath"`

	// Session TTL before expiration
	TTL time.Duration `mapstructure:"ttl" json:"ttl"`

	// Maximum history turns per session
	MaxHistoryTurns int `mapstructure:"maxHistoryTurns" json:"maxHistoryTurns"`
}

SessionConfig defines session storage settings. The primary database is always ~/.lango/lango.db (opened during bootstrap). DatabasePath is used as a fallback for standalone CLI commands.

type SettlementConfig added in v0.4.0 

type SettlementConfig struct {
	// ReceiptTimeout is the maximum wait time for on-chain receipt confirmation (default: 2m).
	ReceiptTimeout time.Duration `mapstructure:"receiptTimeout" json:"receiptTimeout"`

	// MaxRetries is the maximum number of submission retries (default: 3).
	MaxRetries int `mapstructure:"maxRetries" json:"maxRetries"`
}

SettlementConfig configures on-chain settlement parameters.

type SignerConfig 

type SignerConfig struct {
	Provider string `mapstructure:"provider" json:"provider"` // "local", "rpc", "enclave"
	RPCUrl   string `mapstructure:"rpcUrl" json:"rpcUrl"`     // for RPC provider
	KeyID    string `mapstructure:"keyId" json:"keyId"`       // Key identifier
}

SignerConfig defines Secure Signer settings

type SkillConfig 

type SkillConfig struct {
	// Enable the skill system.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// SkillsDir is the directory containing skill files (default: ~/.lango/skills).
	SkillsDir string `mapstructure:"skillsDir" json:"skillsDir"`

	// AllowImport enables importing skills from external URLs and GitHub repositories.
	AllowImport bool `mapstructure:"allowImport" json:"allowImport"`

	// MaxBulkImport limits the number of skills in a single bulk import operation (default: 50).
	MaxBulkImport int `mapstructure:"maxBulkImport" json:"maxBulkImport"`

	// ImportConcurrency sets the number of concurrent HTTP requests during bulk import (default: 5).
	ImportConcurrency int `mapstructure:"importConcurrency" json:"importConcurrency"`

	// ImportTimeout is the overall timeout for skill import operations (default: 2m).
	ImportTimeout time.Duration `mapstructure:"importTimeout" json:"importTimeout"`
}

SkillConfig defines file-based skill settings.

type SlackConfig 

type SlackConfig struct {
	// Enable Slack channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot OAuth token
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// App-level token for Socket Mode
	AppToken string `mapstructure:"appToken" json:"appToken"`

	// Signing secret for request verification
	SigningSecret string `mapstructure:"signingSecret" json:"signingSecret"`
}

SlackConfig defines Slack app settings

type SpendingLimitsConfig 

type SpendingLimitsConfig struct {
	// MaxPerTx is the maximum amount per transaction in USDC (e.g. "1.00").
	MaxPerTx string `mapstructure:"maxPerTx" json:"maxPerTx"`

	// MaxDaily is the maximum daily spending in USDC (e.g. "10.00").
	MaxDaily string `mapstructure:"maxDaily" json:"maxDaily"`

	// AutoApproveBelow is the amount below which transactions are auto-approved.
	AutoApproveBelow string `mapstructure:"autoApproveBelow" json:"autoApproveBelow"`
}

SpendingLimitsConfig defines spending restrictions for payment transactions.

type TelegramConfig 

type TelegramConfig struct {
	// Enable Telegram channel
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Bot token from BotFather
	BotToken string `mapstructure:"botToken" json:"botToken"`

	// Allowed user/group IDs (empty = allow all)
	Allowlist []int64 `mapstructure:"allowlist" json:"allowlist"`
}

TelegramConfig defines Telegram bot settings

type ToolIsolationConfig 

type ToolIsolationConfig struct {
	// Enabled turns on subprocess isolation for remote peer tool invocations.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// TimeoutPerTool is the maximum duration for a single tool execution (default: 30s).
	TimeoutPerTool time.Duration `mapstructure:"timeoutPerTool" json:"timeoutPerTool"`

	// MaxMemoryMB is a soft memory limit per subprocess in megabytes (Phase 2).
	MaxMemoryMB int `mapstructure:"maxMemoryMB" json:"maxMemoryMB"`

	// Container configures container-based tool execution sandbox (Phase 2).
	Container ContainerSandboxConfig `mapstructure:"container" json:"container"`
}

ToolIsolationConfig configures subprocess isolation for P2P tool execution.

type ToolsConfig 

type ToolsConfig struct {
	Exec       ExecToolConfig       `mapstructure:"exec" json:"exec"`
	Filesystem FilesystemToolConfig `mapstructure:"filesystem" json:"filesystem"`
	Browser    BrowserToolConfig    `mapstructure:"browser" json:"browser"`
}

ToolsConfig defines tool-specific settings

type TrustThresholds added in v0.4.0 

type TrustThresholds struct {
	// PostPayMinScore is the minimum reputation score for post-pay eligibility (default: 0.8).
	PostPayMinScore float64 `mapstructure:"postPayMinScore" json:"postPayMinScore"`
}

TrustThresholds defines score thresholds for payment tier routing.

type WorkflowConfig 

type WorkflowConfig struct {
	// Enable the workflow engine.
	Enabled bool `mapstructure:"enabled" json:"enabled"`

	// Maximum number of concurrently executing workflow steps.
	MaxConcurrentSteps int `mapstructure:"maxConcurrentSteps" json:"maxConcurrentSteps"`

	// Default timeout for a single workflow step (e.g. "10m").
	DefaultTimeout time.Duration `mapstructure:"defaultTimeout" json:"defaultTimeout"`

	// Directory to store workflow state for resume capability.
	StateDir string `mapstructure:"stateDir" json:"stateDir"`

	// Default delivery channels when deliver_to is not specified (e.g. ["telegram"]).
	DefaultDeliverTo []string `mapstructure:"defaultDeliverTo" json:"defaultDeliverTo"`
}

WorkflowConfig defines workflow engine settings.

type X402Config 

type X402Config struct {
	// AutoIntercept enables automatic interception of HTTP 402 responses.
	AutoIntercept bool `mapstructure:"autoIntercept" json:"autoIntercept"`

	// MaxAutoPayAmount is the maximum amount to auto-pay for X402 challenges.
	MaxAutoPayAmount string `mapstructure:"maxAutoPayAmount" json:"maxAutoPayAmount"`
}

X402Config defines X402 protocol interception settings.

type ZKPConfig 

type ZKPConfig struct {
	// ProofCacheDir is the directory for caching compiled circuits and proving keys.
	ProofCacheDir string `mapstructure:"proofCacheDir" json:"proofCacheDir"`

	// ProvingScheme selects the ZKP proving scheme: "plonk" or "groth16".
	ProvingScheme string `mapstructure:"provingScheme" json:"provingScheme"`

	// SRSMode selects the SRS generation mode: "unsafe" (default) or "file".
	SRSMode string `mapstructure:"srsMode" json:"srsMode"`

	// SRSPath is the path to the SRS file (used when SRSMode == "file").
	SRSPath string `mapstructure:"srsPath" json:"srsPath"`

	// MaxCredentialAge is the maximum age for ZK credentials (e.g. "24h").
	MaxCredentialAge string `mapstructure:"maxCredentialAge" json:"maxCredentialAge"`
}

ZKPConfig defines zero-knowledge proof settings.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.