Configuration
Environment variables and runtime options.
Core
| Variable | Default | Description |
|---|---|---|
PORT | 4200 | HTTP server listen port |
STOCKYARD_ADMIN_KEY | none | Admin API key. Required for all /api/* management endpoints. If unset, management API is open (dev mode only). |
STOCKYARD_DB_PATH | ./stockyard.db | Path to SQLite database file. Use a persistent volume in production. |
STOCKYARD_REQUIRE_AUTH | false | When true, all /v1/* proxy requests require a valid sk-sy- API key. |
STOCKYARD_TRUST_PROXY | none | When set, trusts X-User-Id and X-Customer-ID headers from upstream reverse proxies. |
Provider Keys
Configure LLM providers by setting environment variables. Stockyard auto-detects which providers are available based on which keys are set.
| Variable | Provider |
|---|---|
OPENAI_API_KEY | OpenAI (GPT-4o, o1, o3) |
ANTHROPIC_API_KEY | Anthropic (Claude) |
GEMINI_API_KEY | Google Gemini |
GROQ_API_KEY | Groq |
MISTRAL_API_KEY | Mistral |
TOGETHER_API_KEY | Together AI |
DEEPSEEK_API_KEY | DeepSeek |
FIREWORKS_API_KEY | Fireworks AI |
PERPLEXITY_API_KEY | Perplexity |
OPENROUTER_API_KEY | OpenRouter |
XAI_API_KEY | xAI (Grok) |
COHERE_API_KEY | Cohere |
REPLICATE_API_TOKEN | Replicate |
AZURE_OPENAI_API_KEY | Azure OpenAI |
AZURE_OPENAI_ENDPOINT | Azure OpenAI endpoint URL |
Users can also store per-user provider keys via the API (PUT /api/auth/me/providers/{provider}). Per-user keys override global environment keys for that user's requests.
Local Providers
| Variable | Default | Description |
|---|---|---|
OLLAMA_BASE_URL | http://localhost:11434 | Ollama server URL |
LMSTUDIO_BASE_URL | http://localhost:1234 | LM Studio server URL |
Billing
| Variable | Description |
|---|---|
STRIPE_SECRET_KEY | Stripe API key for subscription billing |
STRIPE_WEBHOOK_SECRET | Stripe webhook signing secret |
Persistence
Stockyard stores everything in a single SQLite file. In production, mount a persistent volume at the database path:
# Docker docker run -v stockyard-data:/data \ -e STOCKYARD_DB_PATH=/data/stockyard.db \ ghcr.io/stockyard-dev/stockyard
# Railway # Mount a volume at /data and set: STOCKYARD_DB_PATH=/data/stockyard.db
Back up by copying the file:
cp /data/stockyard.db /data/backup-$(date +%Y%m%d).db
Runtime Configuration
Most configuration beyond provider keys is managed at runtime through the API or dashboard. This includes middleware modules, routing rules, trust policies, spend caps, and alert rules. Changes take effect immediately without restart.
# Enable a middleware module
curl -X PUT https://your-host/api/proxy/modules/cache \
-H "X-Admin-Key: $ADMIN_KEY" \
-d '{"enabled": true}'
# Set a spend cap
curl -X POST https://your-host/api/config \
-H "X-Admin-Key: $ADMIN_KEY" \
-d '{"spend_caps": {"default": {"daily": 50.0, "monthly": 500.0}}}'
Production Checklist
1. Set STOCKYARD_ADMIN_KEY to a strong random value.
2. Set STOCKYARD_REQUIRE_AUTH=true so proxy requests require API keys.
3. Mount a persistent volume for the SQLite database.
4. Set at least one provider API key.
5. Set up a reverse proxy (Caddy, nginx) for TLS termination.