Configuration¶

This page describes how to configure optional integrations of Jarvis after the base installation.

Configuration layout¶

File	Purpose	Tracked in git?
`.env`	Real tokens and secrets	❌ NEVER
`.env.example`	Sample template	✅ Yes
`config/jarvis.yaml`	Non-secret application config	✅ Yes
`data/`	Database, vector store, conversations	❌ NEVER

1. LLM providers¶

You can configure one or more providers. Jarvis picks the most appropriate model for each task based on:

task complexity
user privacy policy
device availability

Anthropic (Claude)¶

ANTHROPIC_API_KEY=sk-ant-...
JARVIS_MODEL_LARGE=anthropic/claude-sonnet-4-6

OpenAI¶

OPENAI_API_KEY=sk-...
JARVIS_MODEL_LARGE=openai/gpt-4o

Ollama (local, 100% private)¶

OLLAMA_BASE_URL=http://ollama:11434
JARVIS_MODEL_SMALL=ollama/llama3.2:1b
JARVIS_MODEL_MEDIUM=ollama/llama3.1:8b
JARVIS_MODEL_LARGE=ollama/qwen2.5:14b

Pull local models:

docker compose exec ollama ollama pull llama3.1:8b
docker compose exec ollama ollama pull qwen2.5:14b
docker compose exec ollama ollama pull bge-m3   # multilingual IT+EN embeddings

Groq (low-latency cloud)¶

GROQ_API_KEY=gsk_...
JARVIS_MODEL_FAST=groq/llama-3.3-70b-versatile

2. Identity and OAuth¶

For multi-device SSO authentication we recommend Authentik (Docker-friendly, FIDO2/passkey, OIDC).

# config/jarvis.yaml
auth:
  provider: authentik
  oidc_issuer: https://auth.yourdomain.com/application/o/jarvis/
  client_id: jarvis-client

The matching client_secret goes in .env:

OIDC_CLIENT_SECRET=...

3. Device pairing¶

Desktop device¶

docker compose exec server jarvis enroll --type=desktop --label="Office laptop"

Scan the QR code with the mobile app or copy the token shown on screen.

Mobile device (iOS/Android)¶

Install the Jarvis app from the store
Open Settings → Pair new device
Scan the QR code generated by the server

Watch device (Wear OS)¶

Automatic pairing through the mobile companion app.

Medical wearables (Oura, Whoop, …)¶

See Health integration.

4. Memory and RAG¶

Default: mem0 + Qdrant.

MEMORY_BACKEND=mem0
QDRANT_URL=http://qdrant:6333
EMBEDDING_MODEL=ollama/bge-m3   # multilingual IT+EN

To index personal documents (Obsidian, Notion, Drive):

docker compose exec server jarvis rag connect obsidian \
  --vault-path /vaults/personal

See Documents & RAG for the full detail.

5. Optional features¶

Feature	`.env` variables	Docs
Health	`OURA_`, `WHOOP_`, `POLAR_`, `GARMIN_`, `FHIR_SERVER_URL`	Health
Finance	`TRUELAYER_`, `GOCARDLESS_`, `IBKR_`, `COINBASE_`, `ETHERSCAN_API_KEY`	Finance
News	`MINIFLUX_URL`, `CURRENTS_API_KEY`, `BLUESKY_HANDLE`	News
AR / VR	`FRAME_DEVICE_ID`, `MENTRAOS_API_KEY`	Devices
Holographic	`LOOKING_GLASS_BRIDGE_URL`, `VOXON_DEVICE_ID`	Holographic
3D printing	`MOONRAKER_URL`, `OCTOPRINT_`, `BAMBU_`	Maker
Smart home	`HOME_ASSISTANT_URL`, `HOME_ASSISTANT_TOKEN`	Other systems

6. Security hardening¶

✅ Reverse-proxy with TLS (Caddy / Traefik / Nginx) ✅ Inbound firewall exposing only :443 ✅ At-rest encryption of data/ volume (LUKS / FileVault) ✅ Monthly rotation of SERVER_SECRET_KEY and JWT_SECRET ✅ Daily backup of data/ to offline storage ✅ Weekly updates (docker compose pull && docker compose up -d)

Continue to → Daily usage