diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..3849b0b --- /dev/null +++ b/.env.example @@ -0,0 +1,116 @@ +# Full FastMCP Server environment example. +# Copy this file to .env for local use and keep real secrets out of Git. +# Values below mirror the server defaults unless a placeholder is shown. + +# --------------------------------------------------------------------------- +# Server +# --------------------------------------------------------------------------- +MCP_SERVER_NAME=fastmcp-server +MCP_SERVER_VERSION=0.4.0 +MCP_HOST=0.0.0.0 +MCP_PORT=8000 +MCP_PATH=/mcp +MCP_WORKSPACE=/app/workspace +MCP_ENV=dev +# ENVIRONMENT=dev +# APP_ENV=dev +LOG_LEVEL=INFO +LOG_FORMAT=text +EXTRA_PIP_PACKAGES= +MCP_CORS_ALLOWED_ORIGINS= +MCP_UI_ENABLED=true +MCP_METRICS_ENABLED=false +MCP_MASK_ERROR_DETAILS=false +MCP_STRICT_LOADING=false +MCP_ON_DUPLICATE_TOOLS=warn +MCP_MAX_SOURCE_FILE_SIZE_BYTES=1048576 +MCP_MAX_KNOWLEDGE_BYTES=10485760 +MCP_ALLOWED_KNOWLEDGE_EXTENSIONS=.md,.txt,.json,.yaml,.yml,.html,.htm,.csv,.xml +SOURCE_BLOCKED_FILE_ALLOWLIST= + +# --------------------------------------------------------------------------- +# MCP client authentication and authorization +# --------------------------------------------------------------------------- +MCP_AUTH_TYPE=none +MCP_ALLOW_NO_AUTH=false +MCP_AUTH_TOKEN= +MCP_AUTH_SCOPES= +MCP_AUTH_REQUIRED_SCOPES= +MCP_AUTH_CLIENT_ID=bearer-user +MCP_AUTH_PROVIDERS= +MCP_AUTH_JWT_ISSUER= +MCP_AUTH_JWT_AUDIENCE= +MCP_AUTH_JWT_JWKS_URI= +MCP_AUTH_JWT_PUBLIC_KEY= +MCP_AUTH_JWT_ALGORITHM= +MCP_REQUIRE_HUMAN_APPROVAL_FOR_DESTRUCTIVE=true +MCP_RELOAD_REQUIRED_SCOPES=mcp:admin + +# --------------------------------------------------------------------------- +# Inline source +# --------------------------------------------------------------------------- +SOURCE_INLINE_DIR=/app/inline +MCP_HOT_RELOAD=false + +# --------------------------------------------------------------------------- +# S3 source +# --------------------------------------------------------------------------- +SOURCE_S3_ENABLED=false +SOURCE_S3_ENDPOINT= +SOURCE_S3_BUCKET= +SOURCE_S3_REGION=us-east-1 +SOURCE_S3_PREFIX= +SOURCE_S3_ACCESS_KEY= +SOURCE_S3_SECRET_KEY= +SOURCE_S3_INCLUDE= +SOURCE_S3_EXCLUDE= +SOURCE_S3_SYNC_INTERVAL=0 + +# --------------------------------------------------------------------------- +# Git source +# --------------------------------------------------------------------------- +SOURCE_GIT_ENABLED=false +SOURCE_GIT_REPOSITORY= +SOURCE_GIT_BRANCH=main +SOURCE_GIT_PATH= +SOURCE_GIT_TOKEN= +SOURCE_GIT_USERNAME=x-access-token +SOURCE_GIT_ALLOWED_REPOSITORIES= +SOURCE_GIT_ALLOWED_BRANCHES= +SOURCE_GIT_INCLUDE= +SOURCE_GIT_EXCLUDE= +SOURCE_GIT_SYNC_INTERVAL=0 + +# --------------------------------------------------------------------------- +# OCI source +# --------------------------------------------------------------------------- +SOURCE_OCI_ENABLED=false +SOURCE_OCI_REGISTRY= +SOURCE_OCI_TAG=latest +SOURCE_OCI_USERNAME= +SOURCE_OCI_PASSWORD= +SOURCE_OCI_INCLUDE= +SOURCE_OCI_EXCLUDE= + +# --------------------------------------------------------------------------- +# Gateway mode +# --------------------------------------------------------------------------- +MCP_MODE=server +MCP_MOUNT_SERVERS= + +# --------------------------------------------------------------------------- +# Tool visibility +# --------------------------------------------------------------------------- +MCP_ENABLE_TAGS= +MCP_DISABLE_TAGS= +MCP_VISIBILITY_MODE=blocklist + +# --------------------------------------------------------------------------- +# Rate limiting, cache, and sandbox limits +# --------------------------------------------------------------------------- +MCP_RATE_LIMIT_DEFAULT= +# MCP_RATE_LIMIT_= +MCP_CACHE_ENABLED=true +MCP_CACHE_MAX_SIZE=1000 +MCP_MAX_MEMORY_MB=0 +MCP_MAX_OUTPUT_SIZE_KB=0 diff --git a/README.md b/README.md index c8c2e62..4b5d5de 100644 --- a/README.md +++ b/README.md @@ -459,15 +459,20 @@ Set `LOG_FORMAT=json` for JSON-structured logs compatible with Loki, ELK, CloudW ## Environment Variables +See [.env.example](.env.example) for a copyable full environment template with +every supported variable, defaults, and placeholder values for secrets. + ### Server | Variable | Default | Description | |---|---|---| | `MCP_SERVER_NAME` | `fastmcp-server` | Server display name | +| `MCP_SERVER_VERSION` | `0.4.0` | Server version returned by diagnostics APIs | | `MCP_HOST` | `0.0.0.0` | Listen address | | `MCP_PORT` | `8000` | Listen port | | `MCP_PATH` | `/mcp` | HTTP endpoint path | | `MCP_WORKSPACE` | `/app/workspace` | Workspace directory | +| `MCP_ENV` / `ENVIRONMENT` / `APP_ENV` | `dev` | Deployment environment; `staging`, `prod`, and `production` enable stricter defaults | | `LOG_LEVEL` | `INFO` | Logging level | | `LOG_FORMAT` | `text` | Log format: `text` or `json` | | `MCP_MASK_ERROR_DETAILS` | `false`, `true` in production/staging | Hide internal error details from clients | @@ -485,7 +490,8 @@ Set `LOG_FORMAT=json` for JSON-structured logs compatible with Loki, ELK, CloudW | Variable | Default | Description | |---|---|---| -| `MCP_AUTH_TYPE` | `none` | `bearer`, `jwt`, or `none` | +| `MCP_AUTH_TYPE` | `none` | `bearer`, `jwt`, `multi`, or `none` | +| `MCP_ALLOW_NO_AUTH` | `false` | Explicitly allow `MCP_AUTH_TYPE=none` in production-like environments | | `MCP_AUTH_TOKEN` | | Bearer token value | | `MCP_AUTH_SCOPES` | | Comma-separated scopes granted to the bearer token | | `MCP_AUTH_REQUIRED_SCOPES` | | Comma-separated scopes required on every authenticated request | @@ -512,6 +518,7 @@ Set `LOG_FORMAT=json` for JSON-structured logs compatible with Loki, ELK, CloudW | `SOURCE_S3_SECRET_KEY` | | Secret access key | | `SOURCE_S3_INCLUDE` | | Comma-separated include glob patterns within each asset directory | | `SOURCE_S3_EXCLUDE` | | Comma-separated exclude glob patterns within each asset directory | +| `SOURCE_S3_SYNC_INTERVAL` | `0` | Periodic S3 sync interval in seconds; `0` disables background sync | ### Git Source @@ -522,10 +529,12 @@ Set `LOG_FORMAT=json` for JSON-structured logs compatible with Loki, ELK, CloudW | `SOURCE_GIT_BRANCH` | `main` | Branch to clone | | `SOURCE_GIT_PATH` | | Subdirectory within the repo | | `SOURCE_GIT_TOKEN` | | Auth token for private repos | +| `SOURCE_GIT_USERNAME` | `x-access-token` | Username used by the temporary Git askpass helper | | `SOURCE_GIT_ALLOWED_REPOSITORIES` | | Comma-separated allowlist of repository URL patterns | | `SOURCE_GIT_ALLOWED_BRANCHES` | | Comma-separated allowlist of branch patterns | | `SOURCE_GIT_INCLUDE` | | Comma-separated include glob patterns within each asset directory | | `SOURCE_GIT_EXCLUDE` | | Comma-separated exclude glob patterns within each asset directory | +| `SOURCE_GIT_SYNC_INTERVAL` | `0` | Periodic Git sync interval in seconds; `0` disables background sync | | `SOURCE_BLOCKED_FILE_ALLOWLIST` | | Explicit allowlist for normally blocked source files | Sensitive files are skipped by default from all sources: `.env`, `*.env`, `*.pem`, `*.key`, `*.p12`, `id_rsa`, and filenames containing `secret`. Tool, resource, and prompt directories accept only Python files by default. Knowledge files are restricted by extension and total size. @@ -542,6 +551,39 @@ Sensitive files are skipped by default from all sources: `.env`, `*.env`, `*.pem | `SOURCE_OCI_INCLUDE` | | Comma-separated include glob patterns within each asset directory | | `SOURCE_OCI_EXCLUDE` | | Comma-separated exclude glob patterns within each asset directory | +### Inline Source + +| Variable | Default | Description | +|---|---|---| +| `SOURCE_INLINE_DIR` | `/app/inline` | Directory copied into the workspace during startup | +| `MCP_HOT_RELOAD` | `false` | Watch `SOURCE_INLINE_DIR` for `.py` changes and rebuild components automatically | + +### Gateway + +| Variable | Default | Description | +|---|---|---| +| `MCP_MODE` | `server` | Set to `gateway` to mount remote MCP servers | +| `MCP_MOUNT_SERVERS` | | JSON array of `{name, url, namespace}` mount definitions | + +### Visibility + +| Variable | Default | Description | +|---|---|---| +| `MCP_ENABLE_TAGS` | | Comma-separated allowlist of tags to expose | +| `MCP_DISABLE_TAGS` | | Comma-separated blocklist of tags to hide | +| `MCP_VISIBILITY_MODE` | `blocklist` | Visibility strategy: `blocklist` or `allowlist` | + +### Rate Limiting, Cache, and Sandbox Limits + +| Variable | Default | Description | +|---|---|---| +| `MCP_RATE_LIMIT_DEFAULT` | | Global tool rate limit, for example `100/min` | +| `MCP_RATE_LIMIT_` | | Per-tool override using the uppercased tool name, for example `MCP_RATE_LIMIT_DEPLOY=5/min` | +| `MCP_CACHE_ENABLED` | `true` | Enable tool-result caching for tools configured with cache support | +| `MCP_CACHE_MAX_SIZE` | `1000` | Maximum cache entries per tool | +| `MCP_MAX_MEMORY_MB` | `0` | Best-effort memory limit in MB on supported Linux runtimes; `0` disables | +| `MCP_MAX_OUTPUT_SIZE_KB` | `0` | Maximum tool output size before truncation; `0` disables | + ## Init Container Pattern For Kubernetes, separate source syncing from server startup using `sync_only.py`: