Configuration
Punk is configured through environment variables and tenant settings.
Local Defaults
bun install
bun run devDefault local behavior:
- Port:
4100. - Database:
data/punk.db. - Provider: deterministic mock simulator when
OPENAI_API_KEYis absent. - Auth: open dev mode when
PUNK_API_KEYis absent. - Worker: embedded in the API process.
- Learning tick: every 10 seconds.
- SOM runtime: built-in TypeScript compiler unless
PLASMATE_URLis set. - Governance: embedded policy engine unless
MESHGUARD_URLis set.
Environment Variables
| Variable | Default | Purpose |
|---|---|---|
PUNK_PORT | 4100 | HTTP port. |
PUNK_API_KEY | unset | Bootstrap bearer token. When set, /api/ and /v1/ require auth. |
PUNK_DATABASE_URL | unset | Postgres/Neon-compatible database URL. Overrides SQLite. |
PUNK_DB_PATH | data/punk.db | SQLite database path. |
PUNK_PROVIDER | inferred | mock or openai; forces provider choice. |
OPENAI_API_KEY | unset | Enables live OpenAI-compatible pass-through. |
OPENAI_BASE_URL | OpenAI default | Optional compatible provider base URL. |
PLASMATE_URL | unset | AWP WebSocket endpoint for Punk's Plasmate-compatible semantic web adapter. |
MESHGUARD_URL | unset | MeshGuard-compatible governance control plane URL. |
MESHGUARD_API_KEY | unset | Optional token for governance bridge. |
PUNK_POLICIES_DIR | policies | Directory containing policy YAML. |
PUNK_AUTO_PROMOTE | false | Allows hands-free promotion for side-effect-free artifacts that pass gates. |
PUNK_LEARN_INTERVAL_MS | 10000 | Learning tick enqueue cadence. |
PUNK_WORKER_POLL_MS | 500 | Embedded/standalone worker poll interval. |
PUNK_RETENTION_DAYS | 90 | Retention sweep window. |
PUNK_RATE_LIMIT_RPM | 300 | /api/v1/* requests per caller per minute; 0 disables. |
PUNK_CHAT_RATE_LIMIT_RPM | 600 | /v1/chat/completions requests per caller per minute; 0 disables. |
PUNK_ALLOW_PRIVATE_WEB_FETCH | false when auth enabled | Allows web fetch to private/loopback addresses in authenticated deployments. |
PUNK_ALLOW_PRIVATE_WEBHOOKS | false | Allows webhook URLs to private addresses. Always off unless explicitly true. |
Provider Modes
| Setup | Behavior |
|---|---|
No OPENAI_API_KEY | Deterministic mock provider, fully offline. |
OPENAI_API_KEY set | Live OpenAI-compatible pass-through. |
PUNK_PROVIDER=mock | Force mock even if API key is present. |
PUNK_PROVIDER=openai + key | Force live provider. |
Use mock mode for docs, demos, CI, and deterministic local testing.
Auth Modes
Open Dev Mode
When PUNK_API_KEY is unset:
- Headerless requests are accepted.
- Requests resolve to default tenant.
- Requests are admin.
- Private web fetches are allowed for local demo/fixture use.
Do not expose open dev mode publicly.
Protected Mode
When PUNK_API_KEY is set:
- Protected routes require bearer auth.
- The bootstrap token is admin.
- You can create tenant API keys through
/api/v1/keys. - Private web fetches are blocked unless
PUNK_ALLOW_PRIVATE_WEB_FETCH=true.
Tenant API Keys
API keys can be:
- Admin or non-admin.
observeoroptimize.- Pinned to an app id.
- Revoked.
The full token is returned once and stored only as a hash.
Tenant Settings
Settings are managed through /api/v1/settings.
| Setting | Purpose |
|---|---|
retention_days | Tenant retention window. |
redaction | Redact SDK tool/side-effect payloads before trace append. |
webhook_url | Public webhook destination. |
webhook_secret | HMAC/signing secret; not returned by GET. |
approval_exception_ttl_hours | Duration for approved policy exceptions. |
canary_enabled | Promotion enters canary rollout rather than full traffic. |
Database Choice
Use SQLite for:
- Local development.
- Demos.
- Single-process prototypes.
Use Postgres for:
- Deployed environments.
- Separate worker processes.
- Multi-instance API.
- More reliable job processing.
Policy Directory
Default policies are read from policies/.
Policy files:
- Must end in
.yamlor.yml. - Are loaded in sorted order.
- Invalid files are skipped with a warning.
- Can be hot-reloaded by the governance runtime when invoked.