Skip to content
Frona AI

Config File Reference

Frona is configured through a YAML config file at data/config.yaml. You can change the path by setting the FRONA_CONFIG environment variable.

Environment variables with the FRONA_ prefix override values from the config file. For example, FRONA_SERVER_PORT=9999 overrides server.port in the YAML. See Configuration for the environment variable reference.

Server

Section titled “Server”

General server settings.

server:
  port: 3001
  base_url: https://frona.example.com
  static_dir: frontend/out
  max_concurrent_tasks: 10
  sandbox_disabled: false
  cors_origins: https://app.example.com
  max_body_size_bytes: 104857600
FieldTypeDefaultDescription
portinteger3001HTTP server port
base_urlstringPublic-facing base URL, used for callbacks and links
static_dirstringfrontend/outDirectory serving the frontend static files
max_concurrent_tasksinteger10Maximum concurrent background tasks across all agents
sandbox_disabledbooleanfalseDisable CLI/Python sandboxing. Not recommended for production
cors_originsstringAllowed CORS origins
max_body_size_bytesinteger104857600 (100 MB)Maximum HTTP request body size

Auth

Section titled “Auth”

Authentication and token settings.

auth:
  encryption_secret: change-this-in-production
  access_token_expiry_secs: 900
  refresh_token_expiry_secs: 604800
  presign_expiry_secs: 86400
FieldTypeDefaultDescription
encryption_secretstringdev-secret-change-in-productionSecret used to derive the AES-256 key that encrypts JWT signing keypairs at rest. Must be changed in production
access_token_expiry_secsinteger900 (15 min)How long access tokens are valid
refresh_token_expiry_secsinteger604800 (7 days)How long refresh tokens are valid
presign_expiry_secsinteger86400 (24 hours)How long pre-signed URLs are valid

SSO

Section titled “SSO”

OpenID Connect single sign-on. Disabled by default.

sso:
  enabled: true
  authority: https://auth.example.com
  client_id: your-client-id
  client_secret: your-client-secret
  scopes: email profile offline_access
  only: false
  signups_match_email: true
  allow_unknown_email_verification: false
  client_cache_expiration: 0
FieldTypeDefaultDescription
enabledbooleanfalseEnable OIDC authentication
authoritystringOpenID Connect authority URL
client_idstringOAuth client ID
client_secretstringOAuth client secret
scopesstringemail profile offline_accessOpenID scopes to request
onlybooleanfalseForce SSO-only authentication. Disables local login
signups_match_emailbooleantrueMatch SSO signups to existing accounts by email
allow_unknown_email_verificationbooleanfalseAccept emails not verified by the identity provider
client_cache_expirationinteger0Client metadata cache expiration in seconds

Database

Section titled “Database”
database:
  path: data/db
FieldTypeDefaultDescription
pathstringdata/dbPath to the SurrealDB data directory

Browser

Section titled “Browser”

Headless Chrome configuration for browser automation. Optional. If not configured, browser tools are unavailable.

browser:
  ws_url: ws://browserless:3333
  profiles_path: /profiles
  connection_timeout_ms: 30000
FieldTypeDefaultDescription
ws_urlstringWebSocket URL of the Browserless instance
profiles_pathstring/profilesDirectory for storing browser profiles
connection_timeout_msinteger30000 (30s)Timeout for connecting to the browser service
Section titled “Search”

Web search provider configuration. Optional. If not configured, search tools are unavailable.

search:
  provider: searxng
  searxng_base_url: http://searxng:8080
FieldTypeDefaultDescription
providerstringSearch provider: searxng, tavily, or brave
searxng_base_urlstringBase URL of the SearXNG instance

Storage

Section titled “Storage”

File storage paths.

storage:
  workspaces_path: data/workspaces
  files_path: data/files
  shared_config_dir: resources
FieldTypeDefaultDescription
workspaces_pathstringdata/workspacesDirectory for agent workspace files
files_pathstringdata/filesDirectory for file uploads and attachments
shared_config_dirstringresourcesDirectory containing shared prompts and agent configurations

Scheduler

Section titled “Scheduler”

Background job intervals.

scheduler:
  poll_secs: 60
  space_compaction_secs: 3600
  insight_compaction_secs: 7200
FieldTypeDefaultDescription
poll_secsinteger60 (1 min)How often the scheduler checks for due tasks
space_compaction_secsinteger3600 (1 hour)Interval for space context compaction
insight_compaction_secsinteger7200 (2 hours)Interval for memory insight compaction

Inference

Section titled “Inference”

LLM inference settings.

inference:
  max_tool_turns: 200
  default_max_tokens: 8192
  compaction_trigger_pct: 80
  history_truncation_pct: 90
FieldTypeDefaultDescription
max_tool_turnsinteger200Maximum tool call iterations per agent response
default_max_tokensinteger8192Default max tokens for LLM responses
compaction_trigger_pctinteger80Context usage percentage that triggers message compaction
history_truncation_pctinteger90Context usage percentage that triggers history truncation

Voice

Section titled “Voice”

Twilio voice call configuration. Optional. If not configured, voice tools are unavailable.

voice:
  provider: twilio
  twilio_account_sid: your-account-sid
  twilio_auth_token: your-auth-token
  twilio_from_number: "+15551234567"
  twilio_voice_id: Polly.Matthew
  twilio_speech_model: enhanced
  callback_base_url: https://frona.example.com
FieldTypeDefaultDescription
providerstringVoice provider. Currently only twilio is supported
twilio_account_sidstringTwilio account SID
twilio_auth_tokenstringTwilio auth token
twilio_from_numberstringTwilio phone number for outbound calls (E.164 format)
twilio_voice_idstringTwilio voice ID for text-to-speech
twilio_speech_modelstringTwilio speech recognition model
callback_base_urlstringPublic URL for Twilio callbacks. Overrides server.base_url for voice

Providers

Section titled “Providers”

LLM provider API keys and endpoints. Providers can also be auto-discovered from environment variables (e.g., ANTHROPIC_API_KEY, OPENAI_API_KEY).

providers:
  anthropic:
    api_key: sk-ant-...
    enabled: true
  openai:
    api_key: sk-...
    enabled: true
  ollama:
    base_url: http://localhost:11434/v1
    enabled: true
FieldTypeDefaultDescription
api_keystringAPI key for the provider
base_urlstringCustom base URL (for self-hosted models like Ollama)
enabledbooleantrueWhether this provider is active

Supported providers: anthropic, openai, groq, openrouter, deepseek, gemini, cohere, mistral, perplexity, together, xai, hyperbolic, moonshot, mira, galadriel, huggingface, ollama.

Models

Section titled “Models”

Model groups define which LLM an agent uses. Each group has a primary model and optional fallbacks.

models:
  primary:
    main: anthropic/claude-sonnet-4-5-20250514
    fallbacks:
      - openai/gpt-4o
    max_tokens: 8192
    retry:
      max_retries: 10
      initial_backoff_ms: 1000
      backoff_multiplier: 2.0
      max_backoff_ms: 60000
FieldTypeDefaultDescription
mainstringrequiredPrimary model in provider/model-id format
fallbackslist[]Fallback models if the primary fails
max_tokensintegerOverride max tokens for this group
temperaturefloatModel temperature
context_windowintegerOverride context window size
retry.max_retriesinteger10Maximum retry attempts on failure
retry.initial_backoff_msinteger1000 (1s)Initial backoff between retries
retry.backoff_multiplierfloat2.0Exponential backoff multiplier
retry.max_backoff_msinteger60000 (60s)Maximum backoff duration

Sensitive values

Section titled “Sensitive values”

These fields are automatically redacted in logs: auth.encryption_secret, sso.client_secret, voice.twilio_account_sid, voice.twilio_auth_token, and all providers[*].api_key values.