All application settings — secrets, URLs, DB credentials, tunables —
live in src/main/backend/application.ini. The bld build
copies this file into the WAR (work/exploded/WEB-INF/backend/) on
every build; the servlet reads it once at load via
MainServlet.getEnvironment(). Edit the source-tree copy, then
rebuild and redeploy.
The repo ships application.ini.example (a redacted template) and gitignores application.ini itself, so your live secrets never end up in commits. First-time setup is a copy + edit:
cp src/main/backend/application.ini.example src/main/backend/application.ini $EDITOR src/main/backend/application.ini
Required:
[main] DatabaseType = PostgreSQL DatabaseHost = localhost DatabasePort = 5432 DatabaseName = ownsona DatabaseUser = ownsona DatabasePassword = <PGPW> EMBEDDING_API_KEY = sk-...your-OpenAI-key... OWNSONA_API_TOKEN = <openssl rand -hex 32> EMBEDDING_ENDPOINT = https://api.openai.com/v1/embeddings EMBEDDING_MODEL = text-embedding-3-small EMBEDDING_DIMENSIONS = 1536
Generate the bearer token with openssl rand -hex 32 and save it
somewhere safe — it’s what every MCP client must present in
Authorization: Bearer ....
EMBEDDING_DIMENSIONS must match the vector(N) column
type in sql/001_init.sql. The shipped schema uses
vector(1536), which matches text-embedding-3-small.
Optional keys with defaults are documented in Configuration.