Datalumo splits configuration into app config (JSON file) and secrets / infra (environment variables).
On this page
Path: datalumo.config.json in the working directory, or set DATALUMO_CONFIG=/path/to/config.json.
Start from the example:
cp datalumo.config.example.json datalumo.config.json
Minimal example:
{
"embedding": {
"provider": "openai",
"model": "text-embedding-3-small",
"dimensions": 1536
},
"llm": {
"provider": "openai",
"model": "gpt-4o-mini"
},
"vectorStore": { "type": "sqlite", "sqlite": { "path": "./data/datalumo.db" } },
"stateStore": { "type": "sqlite", "sqlite": { "path": "./data/datalumo.db" } },
"auth": { "mode": "apiKey" },
"apps": [
{
"name": "support-bot",
"indexes": ["docs"],
"persona": "You are a helpful assistant. Cite sources.",
"retrieval": { "k": 8, "minScore": 0.15 }
}
]
}
| Section |
Purpose |
embedding |
Default embedding provider/model/dimensions for new indexes |
llm |
Default chat/summarize model |
vectorStore / stateStore |
Where vectors and metadata live (sqlite or postgres / pgvector) |
chunking |
Default chunk strategy (token, maxTokens, overlap) |
apps |
Pre-defined apps (optional; apps can also be created via admin/API) |
auth |
Authentication mode and keys |
spend |
Deployment-wide daily LLM token ceiling |
rateLimit |
Per-IP throttling (memory or redis) |
analytics |
Query/click/feedback analytics (opt-in) |
conversations |
Retention and history window |
server |
Host, port, paths |
Configured per app (or inferred):
| Type |
Use |
Key fields |
| search |
Search widget, optional AI summary |
widget.summary, retrieval |
| chat |
Chat widget |
persona, widget.greeting, chat.mode (one-shot or agentic) |
| custom |
HTTP API only |
No widget |
Per-app under retrieval:
{
"retrieval": {
"k": 8,
"minScore": 0.15,
"hybrid": false
}
}
minScore: cosine relevance floor (drops weak matches)
hybrid: combine vector search with full-text (Postgres/SQLite)
For chat and custom apps, under chat:
{
"chat": {
"mode": "agentic",
"maxSteps": 4,
"forceFirstSearch": false,
"tools": ["search"]
}
}
- oneshot (default): retrieve once, inject context, single LLM call
- agentic: the model calls the
search tool and may refine across several steps
Managed apps can also set this in admin → Apps → Settings → Chat strategy.
| Variable |
Purpose |
OPENAI_API_KEY |
OpenAI LLM + embeddings |
ANTHROPIC_API_KEY |
Anthropic / Claude (LLM only) |
MISTRAL_API_KEY |
Mistral |
GOOGLE_GENERATIVE_AI_API_KEY |
Gemini |
XAI_API_KEY |
xAI (LLM only) |
CUSTOM_API_KEY |
Optional key for a custom OpenAI-compatible endpoint (local servers ignore it) |
DATALUMO_API_KEYS |
Comma-separated admin API keys |
| Variable |
Effect |
DATALUMO_CONFIG |
Config file path |
DATALUMO_PORT |
Listen port (default 3000) |
DATALUMO_DATABASE_URL |
Postgres URL → postgres state + pgvector |
DATALUMO_REDIS_URL |
Redis URL → rateLimit.strategy: redis |
DATALUMO_ADMIN_PATH |
Admin static files (default packages/admin/dist) |
DATALUMO_WIDGET_PATH |
Widget bundle path |
DATALUMO_PUBLIC_URL |
Public base URL (embeds, CORS) |
DATALUMO_ENV=production |
Strict config audit at boot |
DATALUMO_MAX_CONCURRENT |
In-flight request cap (0 = unlimited) |
These override datalumo.config.json. Useful in .env / compose without editing JSON:
| Variable |
Maps to |
Example |
DATALUMO_DAILY_TOKEN_CEILING |
spend.dailyTokenCeiling |
5000000 or none (unlimited) |
DATALUMO_PER_TOKEN_SPEND_CAP |
auth.clientTokens.perTokenSpendCap |
200000 or none |
DATALUMO_CLIENT_TOKEN_RETENTION_DAYS |
auth.clientTokens.retentionDays |
7 or none (keep forever) |
DATALUMO_CORS_ORIGINS |
auth.cors.allowedOrigins |
https://a.com,https://b.com |
DATALUMO_RATE_LIMIT_MAX |
rateLimit.max |
120 |
DATALUMO_RATE_LIMIT_WINDOW |
rateLimit.window |
1m |
DATALUMO_RATE_LIMIT_ENABLED |
rateLimit.enabled |
true / false |
DATALUMO_ANALYTICS_ENABLED |
analytics.enabled |
true / false |
DATALUMO_CONVERSATION_MAX_AGE_DAYS |
retention days (+ enables retention) |
90 or none |
DATALUMO_LLM_PROVIDER |
llm.provider |
openai |
DATALUMO_LLM_MODEL |
llm.model |
gpt-4o-mini |
DATALUMO_EMBEDDING_PROVIDER |
embedding.provider |
openai |
DATALUMO_EMBEDDING_MODEL |
embedding.model |
text-embedding-3-small |
DATALUMO_EMBEDDING_DIMENSIONS |
embedding.dimensions |
1536 |
Resolution order: defaults → config file → environment → programmatic (env wins over JSON).
Provider keys can also live in a .env file (auto-loaded by dl serve) or in /app/data/.env in Docker.
Manage via CLI:
dl env set OPENAI_API_KEY=sk-…
dl env list
Datalumo can talk to any OpenAI-compatible endpoint through the custom provider:
local servers (Ollama, vLLM, LM Studio) for a fully private, air-gapped setup, or
hosted ones (DeepSeek, Groq, Together, OpenRouter).
Datalumo does not ship with a model. You run one as a separate service. If you host it
on the same server, the model drives your hardware needs, not Datalumo. See
Running a local model.
Point the LLM and embedding providers at the endpoint's base URL. The example below
uses Ollama (ollama pull llama3.2 && ollama pull nomic-embed-text):
{
"llm": { "provider": "custom", "model": "llama3.2", "baseUrl": "http://localhost:11434/v1" },
"embedding": {
"provider": "custom",
"model": "nomic-embed-text",
"dimensions": 768,
"baseUrl": "http://localhost:11434/v1"
}
}
Notes:
- Set
embedding.dimensions to match the model (nomic-embed-text is 768). It's fixed once an index is created.
- The key is optional. Local servers ignore it; for a hosted endpoint set
CUSTOM_API_KEY.
- You can mix providers, e.g. a hosted LLM with local embeddings, or vice versa.
- Env equivalents:
DATALUMO_LLM_BASE_URL, DATALUMO_EMBEDDING_BASE_URL, CUSTOM_API_KEY.
Full guide: Keys and access (admin keys, publishable keys, client tokens, spend caps).
The config side is small. Set the admin mode, and optionally fixed keys:
{ "auth": { "mode": "apiKey", "keys": ["your-secret-key"] } }
Or pass DATALUMO_API_KEYS=key1,key2. With no keys set, Datalumo generates one on first boot and saves it to /app/data/admin-key.
Allow your site's origin so the widget can call your instance:
{ "auth": { "cors": { "allowedOrigins": ["https://example.com"] } } }
Or DATALUMO_CORS_ORIGINS=https://example.com. Publishable-key origins are allowed automatically.
Docker / .env (recommended for ops knobs):
DATALUMO_DAILY_TOKEN_CEILING=5000000
DATALUMO_PER_TOKEN_SPEND_CAP=200000
DATALUMO_RATE_LIMIT_MAX=120
DATALUMO_CORS_ORIGINS=https://example.com,https://www.example.com
Or in datalumo.config.json:
{
"spend": { "dailyTokenCeiling": 5000000 },
"auth": { "clientTokens": { "perTokenSpendCap": 200000 } },
"rateLimit": {
"enabled": true,
"strategy": "redis",
"window": "1m",
"max": 120
},
"redis": { "url": "redis://redis:6379" }
}
- Daily ceiling: max prompt+completion tokens per UTC day (whole deployment)
- Per-token cap: max lifetime tokens per minted
dlt_ token
- View usage vs limits in admin → System
In production (NODE_ENV=production or DATALUMO_ENV=production):
auth.mode must be "apiKey"
- Set
spend.dailyTokenCeiling
- Set
auth.clientTokens.perTokenSpendCap when using publishable keys
- Keep
rateLimit.enabled: true
Run dl config check or dl doctor to audit.
See Updates and backups for upgrade and snapshot procedures.