All keys are shown with their defaults. Each option can be set in config.yaml or via the listed environment variable, which takes precedence.
| Key | Env var | Default | Description |
|---|
http.addr | ALTAVMS_HTTP_ADDR | :3303 | Listen address and port |
http.read_timeout | ALTAVMS_HTTP_READ_TIMEOUT | 15s | Max time to read a full request |
http.write_timeout | ALTAVMS_HTTP_WRITE_TIMEOUT | 30s | Max time to write a response |
http.idle_timeout | ALTAVMS_HTTP_IDLE_TIMEOUT | 60s | Keep-alive idle timeout |
http.shutdown_grace | ALTAVMS_HTTP_SHUTDOWN_GRACE | 10s | Grace period for in-flight requests on shutdown |
http.pre_drain_delay | ALTAVMS_HTTP_PREDRAIN_DELAY | 5s | Delay after /readyz starts failing before shutdown (for load balancers) |
http.tls_enabled | ALTAVMS_HTTP_TLS_ENABLED | false | Set true when fronted by TLS; enables HSTS in production |
http.allowed_origins | ALTAVMS_ALLOWED_ORIGINS | ["http://localhost:3303"] | CORS allow-list. Production rejects */empty |
http.internal_addr | ALTAVMS_HTTP_INTERNAL_ADDR | (empty) | Separate listener for /healthz, /readyz, /metrics |
| Key | Env var | Default | Description |
|---|
db.path | ALTAVMS_DB_PATH | ./data/altavms.db | SQLite file path (parent dir must exist) |
db.connect_timeout | ALTAVMS_DB_CONNECT_TIMEOUT | 5s | Connection open timeout |
db.query_timeout | ALTAVMS_DB_QUERY_TIMEOUT | 30s | Single-query timeout |
| Key | Env var | Default | Description |
|---|
log.level | ALTAVMS_LOG_LEVEL | info | debug | info | warn | error |
log.format | ALTAVMS_LOG_FORMAT | json | json (production) | text (development) |
| Key | Env var | Default | Description |
|---|
auth.jwt_secret | ALTAVMS_AUTH_JWT_SECRET | (empty) | JWT signing secret. Required in staging/production |
crypto.encryption_keys | ALTAVMS_ENCRYPTION_KEY, _V2, _V3, … | [] | Base64 AES-256-GCM keys for encrypted DB fields. First key is active; older keys decrypt during rotation. Required in production |
Generate a key with openssl rand -base64 32.
The first admin user is seeded on first start.
| Env var | Default | Description |
|---|
ADMIN_BOOTSTRAP_EMAIL | admin@localhost (dev) | Initial admin email. Required in production |
ADMIN_BOOTSTRAP_PASSWORD | admin (dev) | Initial admin password. Required in production |
Alta server connection details live in the database and are managed in the UI. These tune the shared client.
| Key | Default | Description |
|---|
alta.default_timeout | 10s | Per-attempt timeout for CRUD calls |
alta.long_timeout | 30s | Per-attempt timeout for Preview/VOD calls |
alta.breaker_threshold | 5 | Consecutive failures before the circuit breaker opens |
alta.breaker_open_for | 30s | How long the breaker stays open |
alta.bulkhead_capacity | 64 | Max concurrent in-flight Alta calls |
alta.stream.hls_token_ttl | 5m | TTL for HLS playlist tokens (≤ 1h) |
alta.stream.webrtc_token_ttl | 2m | TTL for WHEP bearer tokens (≤ 1h) |
alta.stream.auth_mode | jwt | jwt (production) | none (dev-only, logs a warning) |
| Key | Env var | Default | Description |
|---|
workers.enabled | ALTAVMS_WORKERS_ENABLED | motion,clips,screenshots,cleanup | Allow-list from {motion, clips, screenshots, cleanup, health, webhooks, alerts, notifications}. true = all, false = none |
workers.motion_interval | ALTAVMS_WORKERS_MOTION_INTERVAL | 1s | Motion reconcile interval per camera |
workers.clips_output_path | CLIPS_OUTPUT_PATH | /var/lib/altavms/clips | Root for exported clip MP4s |
workers.clips_ffmpeg_binary | CLIPS_FFMPEG_BINARY | ffmpeg | Path to the ffmpeg executable |
workers.clips_worker_timeout | CLIPS_WORKER_TIMEOUT | 5m | Per-clip ffmpeg deadline |
workers.clips_worker_concurrency | CLIPS_WORKER_CONCURRENCY | 2 | Max concurrent ffmpeg subprocesses |
workers.screenshots_output_path | SCREENSHOTS_OUTPUT_PATH | /var/lib/altavms/screenshots | Root for screenshot JPEGs |
workers.drain_timeout | ALTAVMS_WORKERS_DRAIN_TIMEOUT | 10s | Total budget to drain workers on shutdown |
| Key | Env var | Default | Description |
|---|
metrics.enabled | ALTAVMS_METRICS_ENABLED | true | Expose Prometheus metrics at /metrics |
readiness.timeout | ALTAVMS_READINESS_TIMEOUT | 5s | Overall deadline for /readyz |
readiness.check_workers | ALTAVMS_READINESS_CHECK_WORKERS | true | Include worker liveness in readiness |
readiness.check_schema | ALTAVMS_READINESS_CHECK_SCHEMA | true | Include schema-version check |
| Key | Env var | Default | Description |
|---|
security.csp_strict_mode | ALTAVMS_SECURITY_CSP_STRICT | false | Opt in to strict CSP in dev (always strict in production) |
startup.check_schema | ALTAVMS_STARTUP_CHECK_SCHEMA | true | Verify DB schema on boot |
startup.check_environment | ALTAVMS_STARTUP_CHECK_ENVIRONMENT | true | Verify environment on boot |
startup.check_keyring | ALTAVMS_STARTUP_CHECK_KEYRING | true | Verify encryption keyring on boot |
startup.check_alta | ALTAVMS_STARTUP_CHECK_ALTA | true | Verify Alta reachability on boot. Set false to start before any Alta server is configured |
startup.timeout | ALTAVMS_STARTUP_TIMEOUT | 10s | Total budget for startup checks |
Per-user token bucket, keyed on user ID. Public endpoints (/healthz, /readyz, /metrics, /auth/verify) are exempt.
| Key | Env var | Default | Description |
|---|
rate_limit.enabled | ALTAVMS_RATE_LIMIT_ENABLED | true | Enable the limiter |
rate_limit.read_per_min | ALTAVMS_RATE_LIMIT_READ_PER_MIN | 60 | Read requests per minute |
rate_limit.write_per_min | ALTAVMS_RATE_LIMIT_WRITE_PER_MIN | 20 | Write requests per minute |
rate_limit.burst | ALTAVMS_RATE_LIMIT_BURST | 0 | Burst allowance (0 = use per-minute budget) |
