Documentation
Configuration reference
Cordum configuration comes from three layers: file-based YAML, environment variables, and the Redis-backed config service. The scheduler bootstraps pools and timeouts from files into Redis, then reloads from Redis when config changes.
Config files
| File | Purpose |
|---|---|
| config/pools.yaml | Topic-to-pool routing and pool capability requirements. |
| config/timeouts.yaml | Topic and workflow timeout defaults. |
| config/safety.yaml | Input and output policy rules plus MCP policy fields. |
| config/output_scanners.yaml | Output scanning regex patterns. |
| config/system.yaml | System-wide config payload stored through the config service. |
| config/nats.conf | NATS configuration, including JetStream sync settings. |
Current loading model
1. Load YAML files from configured paths. 2. Bootstrap pools/timeouts into Redis config documents on scheduler startup. 3. Treat Redis config as the runtime source of truth. 4. Apply env vars for service addresses, auth, TLS, and feature toggles.
Overlay scopes
| Scope | Redis key | Typical use |
|---|---|---|
| system | cfg:system:<id> | Global defaults and pack registries. |
| org | cfg:org:<id> | Organization overrides. |
| team | cfg:team:<id> | Team-specific overrides. |
| workflow | cfg:workflow:<id> | Workflow-level settings. |
| step | cfg:step:<id> | Most-specific step-level overrides. |
Reload behavior
Config writes publish a lightweight notification onsys.config.changed. Scheduler replicas also poll Redis onSCHEDULER_CONFIG_RELOAD_INTERVALas a fallback.
Selected environment variables
shared
- NATS_URL
- REDIS_URL
- CORDUM_ENV
- CORDUM_PRODUCTION
- CORDUM_LOG_FORMAT
gateway
- CORDUM_API_KEY
- CORDUM_API_KEYS
- CORDUM_API_KEYS_PATH
- TENANT_ID
- GATEWAY_HTTP_ADDR
- GATEWAY_GRPC_ADDR
scheduler
- POOL_CONFIG_PATH
- TIMEOUT_CONFIG_PATH
- JOB_META_TTL
- WORKER_SNAPSHOT_INTERVAL
- SCHEDULER_CONFIG_RELOAD_INTERVAL
safety
- SAFETY_KERNEL_ADDR
- SAFETY_POLICY_PATH
- SAFETY_POLICY_URL
- SAFETY_POLICY_RELOAD_INTERVAL
- SAFETY_POLICY_PUBLIC_KEY
workflow
- WORKFLOW_ENGINE_HTTP_ADDR
- WORKFLOW_ENGINE_SCAN_INTERVAL
- WORKFLOW_ENGINE_RUN_SCAN_LIMIT
For current defaults and comments, use.env.examplein the core repo as the authoritative reference.
Source of truth:docs/configuration-reference.md