homeassistant-mcp/.env.example

# Home Assistant Configuration
# The URL of your Home Assistant instance
HASS_HOST=http://homeassistant.local:8123

# Long-lived access token from Home Assistant
# Generate from Profile -> Long-Lived Access Tokens
HASS_TOKEN=your_long_lived_token

# WebSocket URL for real-time updates
HASS_SOCKET_URL=ws://homeassistant.local:8123/api/websocket

# Server Configuration
# Port for the MCP server (default: 3000)
PORT=3000

# Environment (development/production/test)
NODE_ENV=development

# Debug mode (true/false)
DEBUG=false

# Logging level (debug/info/warn/error)
LOG_LEVEL=info

# AI Configuration
# Natural Language Processor type (claude/gpt4/custom)
PROCESSOR_TYPE=claude

# OpenAI API Key (required for GPT-4 analysis)
OPENAI_API_KEY=your_openai_api_key

# Rate Limiting
# Requests per minute per IP for regular endpoints
RATE_LIMIT_REGULAR=100

# Requests per minute per IP for WebSocket connections
RATE_LIMIT_WEBSOCKET=1000

# Security Configuration
# JWT Configuration
JWT_SECRET=your_jwt_secret_key_min_32_chars
JWT_EXPIRY=86400000
JWT_MAX_AGE=2592000000
JWT_ALGORITHM=HS256

# Rate Limiting
RATE_LIMIT_WINDOW=900000
RATE_LIMIT_MAX_REQUESTS=100

# Token Security
TOKEN_MIN_LENGTH=32
MAX_FAILED_ATTEMPTS=5
LOCKOUT_DURATION=900000

# CORS Configuration
CORS_ORIGINS=http://localhost:3000,http://localhost:8123
CORS_METHODS=GET,POST,PUT,DELETE,OPTIONS
CORS_ALLOWED_HEADERS=Content-Type,Authorization,X-Requested-With
CORS_EXPOSED_HEADERS=
CORS_CREDENTIALS=true
CORS_MAX_AGE=86400

# Content Security Policy
CSP_ENABLED=true
CSP_REPORT_ONLY=false
CSP_REPORT_URI=

# SSL/TLS Configuration
REQUIRE_HTTPS=true
HSTS_MAX_AGE=31536000
HSTS_INCLUDE_SUBDOMAINS=true
HSTS_PRELOAD=true

# Cookie Security
COOKIE_SECRET=your_cookie_secret_key_min_32_chars
COOKIE_SECURE=true
COOKIE_HTTP_ONLY=true
COOKIE_SAME_SITE=Strict

# Request Limits
MAX_REQUEST_SIZE=1048576
MAX_REQUEST_FIELDS=1000

# SSE Configuration
SSE_MAX_CLIENTS=1000
SSE_PING_INTERVAL=30000

# Logging Configuration
LOG_LEVEL=info
LOG_DIR=logs
LOG_MAX_SIZE=20m
LOG_MAX_DAYS=14d
LOG_COMPRESS=true
LOG_REQUESTS=true

# Version
VERSION=0.1.0

# Test Configuration
# Only needed if running tests
TEST_HASS_HOST=http://localhost:8123
TEST_HASS_TOKEN=test_token
TEST_HASS_SOCKET_URL=ws://localhost:8123/api/websocket
TEST_PORT=3001

# Speech Features Configuration
ENABLE_SPEECH_FEATURES=false
ENABLE_WAKE_WORD=false
ENABLE_SPEECH_TO_TEXT=false
WHISPER_MODEL_PATH=/models
WHISPER_MODEL_TYPE=tiny

# Advanced (Docker)
COMPOSE_PROJECT_NAME=mcp