Skip to main content
Version: 0.9.14

Environment variable index

A consolidated catalogue of environment variables consumed by Delphi services. Each row carries a source badge (where the value comes from) and an optional scope badge.

Source legend
  • env — set in .env files or compose; the canonical local override.
  • SSM — AWS SSM Parameter Store; expanded into env at boot.
  • Secrets Manager — AWS Secrets Manager; expanded into env or files at boot.
  • Code default — value baked in code if nothing overrides it.
  • TelWeb · Team / TelWeb · Admin / TelWeb · Platform — DB-backed setting changed via TelWeb UI.
  • DB rowPlatformSetting or domain table (not exposed in TelWeb UI).
  • Redis (runtime) — ephemeral runtime cache.

Voice and SIP

NameSourceScopeDefaultDescription
JANUS_WS_PORTenvall8188 (local) / 443 (prod)Janus WebSocket port; required for WebRTC bridging.
TELPHI_MEDIA_HOSTenvallhost.docker.internal / TelPhi private IPTelSys → TelPhi media plane host.
TELPHI_MEDIA_PORTenvall12001TelSys → TelPhi media plane port.
TELPHI_MEDIA_SCHEMEenvallwsScheme for TelPhi media WebSocket.
TELPHI_MEDIA_PATHenvall/mediaPath for TelPhi media WebSocket.
RTPENGINE_HOSTenvall10.30.0.10 (local)RTPEngine control endpoint.
RTPENGINE_NG_PORTenvall22222RTPEngine ng control port.
KAMAILIO_SIP_DOMAINSSMprodPublic SIP domain Kamailio serves.
REFER_TARGET_HOSTenvallKamailio REFER_SBC_HOST (TelPro). Defaults to DOMAIN_TELPRO. Align with TelPhi transfer REFER configuration.
COTURN_SHARED_SECRETSecrets ManagerprodShared secret for TURN credentials.
SIP_100REL_MODEenvalloffTelSys PJSIP 100rel mode: off (default) | peer_supported | yes | required — PRACK / reliable provisional responses toward TelPro. Synonyms accepted (e.g. no→off, on→yes). See Voice operations.
VAIASTERISKCONSOLELOGFORMATenvalljsonTelSys/Asterisk console log format. Use json for structured logging and log-to-span parsing; default/plain text is mainly for ad-hoc troubleshooting.
TELSYS_LOG_LEVELenvallinfoPino-aligned TelSys/Asterisk log level: trace | debug | info | warn | error | fatal. SIP capture remains available independently.
TELPRO_LOG_LEVELenvallLOG_LEVELPino-aligned TelPro/Kamailio log level. Replaces generated DEBUG_LEVEL overrides.
RTPENGINE_LOG_LEVELenvallLOG_LEVELPino-aligned RTPEngine log level, mapped to RTPEngine syslog verbosity. Replaces RTP_LOG_LEVEL.
WEBRTC_LOG_LEVELenvallLOG_LEVELPino-aligned Janus WebRTC log level, mapped to Janus verbosity. Replaces JANUS_*LOG_LEVEL overrides.
SIP_CAPTURE_ENABLE_PJSIP_LOGGERenvall1Enables detailed TelSys PJSIP SIP message logging for SIP ladder and log-to-span diagnostics.

Database and Redis

NameSourceScopeDefaultDescription
DATABASE_URLSecrets ManagerallPostgres connection string. Keep `ssl*` query params out of the URL; TLS policy comes from `DATABASE_SSL_MODE` and the CA file (see [Internal encryption](https://docs.delphi.ki-kombinat.com/platform/security/internal-encryption)).
DATABASE_SSL_MODESSMalldisable (local)Client SSL policy: `disable` | `require` | `verify-ca` | `verify-full`.
DATABASE_SSL_CA_BUNDLE_B64Secrets ManagerprodBase64 PEM CA bundle for Postgres TLS verification; decoded to `./tls/database-ca.crt` and mounted at `/etc/ssl/database/ca.crt`. Use the CA that signs PgBouncer’s cert (or the RDS/Aurora global CA when connecting straight to AWS).
DATABASE_SSL_CA_FILEenvall/etc/ssl/database/ca.crtIn-container path to the decoded Postgres CA bundle.
MIGRATION_DATABASE_URLSecrets ManagerprodPrivileged direct Postgres URL for the Ops db-migrate one-shot only (DDL / migrations / delphi-setup). Separate from runtime DATABASE_URL. See Database credentials.
DATABASE_SECRET_ARNenvprodOptional Secrets Manager ARN for runtime DB credential refresh on long-running Node services (day-2 rotation of the CRUD user, not the migration user). See Database credentials.
DATABASE_SECRET_REGIONenvprodAWS_REGIONAWS region for DATABASE_SECRET_ARN when it differs from the deployment region.
REDIS_URLSecrets ManagerallRedis connection string; rediss:// when TLS is enabled.
REDIS_TLS_CA_BUNDLE_B64Secrets ManagerprodBase64 PEM CA bundle for Redis TLS; decoded to `./tls/redis-ca.crt` and mounted at `/etc/ssl/redis/ca.crt`. Often empty when relying on the system trust store (e.g. ElastiCache).
REDIS_TLS_CA_FILEenvall/etc/ssl/redis/ca.crtIn-container path to the decoded Redis CA bundle.

AWS and infrastructure

NameSourceScopeDefaultDescription
AWS_REGIONenvalleu-central-1AWS region for SSM / Secrets Manager / S3 calls.
ENVIRONMENTenvalldelphiDeployment identifier used for generated config, instance labels, and default team Secrets Manager paths.
NEXT_PUBLIC_ENVIRONMENTenvallENVIRONMENTClient-visible deployment identifier used by TelWeb. Keep it equal to ENVIRONMENT for team variable paths.
HTTP_PROXYenvprodForward proxy for outbound HTTP, including AWS and LLM provider paths.
HTTPS_PROXYenvprodForward proxy for outbound HTTPS.
NO_PROXYenvprodHosts to bypass the proxy.
SSM_PARAM_PREFIXenvall/delphi/<env>/Prefix under which Delphi SSM params live.
S3_CONFIG_BUCKETenvprodS3 bucket where the deployment config bundles live; consumed by fetch-config on every host. Bundles include `.config-manifest.json` for checksum verification.
CONFIG_BASE_PATHenvprod/opt/servicesOptional base path used by fetch-config when promoting verified config bundles on a host.

Observability

NameSourceScopeDefaultDescription
OTEL_EXPORTER_OTLP_ENDPOINTenvall10.0.1.10:4317 (prod)OTLP collector endpoint.
OTEL_SERVICE_NAMEenvallService identifier in spans / logs.
OTEL_ENABLEDenvwebtrueEnables TelWeb OpenTelemetry instrumentation in generated Web service config.
SIGNOZ_URLenvallhttps://signoz.<env>.delphi/URL TelWeb queries for the Debug tab.
SIGNOZ_API_TOKENSecrets ManagerprodAPI token for SigNoz Logs / Traces queries.
SIGNOZ_OTLP_ENDPOINTenvdevOptional OTLP endpoint override for local or tunneled SigNoz collection.
LOG_TO_SPAN_OTLP_ENDPOINTenvalllocalhost:4318OTLP HTTP endpoint used by the TelPro log-to-span sidecar to send SIP ladder spans through the local collector.
LOG_TO_SPAN_EXPORT_LOGSenvallfalseWhen true, exports parsed SIP capture logs as OTLP logs in addition to spans. Keep false unless the collector/parser path is sized for the volume.
ENABLE_PII_LOGGINGenvallfalseWhen not true, enables PII redaction: OTel collector transform/pii (and transform/pii_traces on Voice) scrubs logs/traces before SigNoz export; TelPhi redacts transcript + caller number on DB persist; TelAPI redacts browser-action transcripts. SIP ladder logs (event=sip_message) stay unmasked. Does not control transcript retention — full text is still written to S3 when app Recording is on. Production: keep false except short support sessions. Staging/dev: may set true for debugging. See Monitoring in SigNoz — PII redaction and Conversations — Recording and transcript retention.
MSISDN_UNMASKED_DIGITSenvall4Trailing phone-number digits kept when masking MSISDNs in collector logs/traces, TelPhi DB writes, and callerNumber attributes (for example ***3456). Must match on voiceai-telphi, telapi, and voiceai-otel-collector on each host.

Service log levels

All values use the Pino labels trace, debug, info, warn, error, and fatal. Service-specific variables override the global LOG_LEVEL for that service.

NameSourceScopeDefaultDescription
LOG_LEVELenvallinfoGlobal fallback log level when a service-specific override is unset.
TELPHI_LOG_LEVELenvvoiceLOG_LEVELTelPhi conversation engine log level.
TELAPI_LOG_LEVELenvapiLOG_LEVELTelAPI HTTP/WebSocket service log level.
TELWEB_LOG_LEVELenvwebLOG_LEVELTelWeb server-side log level.
TASKER_LOG_LEVELenvopsLOG_LEVELTasker worker and scheduler log level.
SCALER_LOG_LEVELenvopsLOG_LEVELScaler decision-loop log level.
AUDIOPROC_LOG_LEVELenvvoiceLOG_LEVELAudioProc log level. Pino labels are mapped to Python logging levels.

Feature flags

NameSourceScopeDefaultDescription
FEATURE_AI_FLOW_BUILDERenvalltrueAI Flow Builder UI + runtime.
FEATURE_QA_SCORINGenvalltrueQA scoring jobs and tab.
FEATURE_AUDIO_PREPROCESSINGenvalltrueAudioProc container in the voice stack.
FEATURE_TTS_MEDIA_CACHEenvalltrueTTS cache lookups and writes.
FEATURE_REGISTRATIONenvallfalsePublic registration flow.
FEATURE_SUBSCRIPTIONSenvallfalseSubscription / billing guards.
FEATURE_SMSenvallfalseSMS dispatch (Vonage).
FEATURE_WEBRTCenvalltrueJanus + TURN WebRTC stack. When false, browser SDK session/runtime/endpoint TelAPI surfaces are not registered.
FEATURE_API_ACCESSenvalltrueExternal REST/SDK access and related TelWeb API surfaces. When false, deployments keep health/webhooks but hide API keys, API Server Config, and SDK session/runtime routes.
FEATURE_ADDITIONAL_PROVIDERSenvalltrueAdditional provider catalogue entries beyond the core set, including Gemini Live, Inworld, Grok, Pythia, and TOBi where available.
FEATURE_SUBSCRIPTION_MANAGEMENTenvallfalseSelf-service subscription UI, custom deals, and related billing administration surfaces.
FEATURE_ALGOLIA_ASK_AIenvallfalseOptional TelWeb Ask AI docs assistant.

TelWeb public UI

NameSourceScopeDefaultDescription
LEGAL_BANNER_HTMLenvallTrusted operator-provided HTML shown as a legal notice on unauthenticated/public TelWeb pages. Takes precedence over LEGAL_BANNER_TEXT.
LEGAL_BANNER_TEXTenvallPlain-text legal notice shown on unauthenticated/public TelWeb pages when LEGAL_BANNER_HTML is unset.

Sessions and passwords

NameSourceScopeDefaultDescription
SESSION_TIMEOUTenvall1800000Main session timeout used for server cookies and client idle logout.
MAX_CONCURRENT_SESSIONSenvall2 in prod; unlimited outside prodMaximum active sessions allowed for one user. Positive integers set a cap; 0 or negative disables the cap. Verify the Web bundle exposes this var before overriding.
SESSION_HEARTBEAT_TTLenvallSESSION_TIMEOUTTTL in milliseconds for session heartbeat records used by concurrent-session enforcement. Must stay between 60000 and SESSION_TIMEOUT.
LOGIN_MAX_ATTEMPTS_CREDENTIALSenvall5Failed credentials-login attempts before an account is locked. Set to 3 to enforce a three-attempt policy; verify the Web bundle exposes this var before overriding.
LOGIN_LOCKOUT_MINUTES_CREDENTIALSenvall30Credentials-login counting window and displayed lockout duration. Locked accounts stay locked until reset-password unlocks them.
LOGIN_MAX_ATTEMPTS_AZURE_ADenvall10Failed Microsoft Entra ID attempts before an account is locked when that provider is enabled.
LOGIN_LOCKOUT_MINUTES_AZURE_ADenvall60Microsoft Entra ID lockout window reported to users and audit events.
PASSWORD_MAX_AGE_DAYSenvall90Password age after which users must change their password. Set on TelWeb and Tasker (must match).
PASSWORD_WARNING_DAYSenvall10Days before password expiry when users see warnings and Tasker sends reminder emails. Set on TelWeb and Tasker (must match).

Scaling and background jobs

NameSourceScopeDefaultDescription
SCALING_EVALUATION_INTERVAL_MSenvall30000How often the Scaler leader evaluates API and Voice scaling rules.
SCALING_DRAIN_TIMEOUT_MSenvall3600000Maximum time in milliseconds a Voice instance may drain active calls during scale-down.
SCALING_MAX_PARALLEL_BELOW_MIN_SCALE_UPSenvall8Maximum replacement instances the Scaler may provision in one evaluation when a group is below minInstances.
AUDIT_LOG_RETENTION_DAYSenvall180Days of AuditLog rows retained by the Tasker audit-log cleanup cron. Must be a positive integer.

Billing

NameSourceScopeDefaultDescription
STRIPE_SECRET_KEYSecrets ManagerprodStripe API key for checkout / subscriptions.
STRIPE_WEBHOOK_SECRETSecrets ManagerprodVerifies inbound Stripe webhook signatures.
BILLING_DEFAULT_PLANTelWeb · PlatformallDefault plan assigned on registration; mutable in TelWeb.

Removed or deprecated

v0.9.14-patch3

VariableReplaced in generated configsReplacement
DEBUG_LEVELTelPro / KamailioTELPRO_LOG_LEVEL
RTP_LOG_LEVELRTPEngineRTPENGINE_LOG_LEVEL
JANUS_LOG_LEVELJanus WebRTCWEBRTC_LOG_LEVEL
JANUS_DEBUG_LEVELJanus WebRTCWEBRTC_LOG_LEVEL
JANUS_JSON_LOG_LEVELJanus WebRTCWEBRTC_LOG_LEVEL

The lower-level variables may still appear in container internals, but generated service configuration now takes the Pino-aligned service variables above.

v0.9.13-patch3

VariableRemoved fromReplacement
RATE_LIMIT_MAXTelAPIAdmin Settings → API Server Config → API Rate Limit Max
RATE_LIMIT_WINDOW_MSTelAPIAdmin Settings → API Server Config → API Rate Limit Window (ms)

TelAPI also dropped the rateLimitPerApiKey database flag — limits are always per client IP by route tier.

See also