Firefish docs

Deployment Modes

Firefish can start in local development and move toward private production deployment without changing the security model.

Local dev

Use local-only defaults, SQLite, and local runtime settings while evaluating behavior.

python -m uvicorn app.main:app --host 127.0.0.1 --port 8000

Docker

Use the project Docker configuration when you want repeatable local or lab services.

docker compose -f docker/docker-compose.yml up --build

Private/VPC deployment concept

Run the gateway near private apps, private model runtimes, internal retrieval systems, and audit storage. Keep egress and hosted judge settings explicit.

Local-only mode

LOCAL_ONLY_MODE=true keeps hosted LLM judgment inactive unless risk owners deliberately configure external providers.

Environment variables

  • APP_ENV and DEPLOYMENT_PROFILE choose local, lab, or production posture.
  • FIREFISH_MODE and FIREFISH_SCAN_PROFILE tune enforcement style.
  • API_KEYS, DASHBOARD_PASSWORD, and APP_SECRET_KEY protect API and dashboard access.
  • DATABASE_URL points to SQLite for local work or a production database when deployed.

Production safety checks

Production startup checks reject unsafe placeholders, missing auth, accidental public docs, weak dashboard settings, unsupported databases, and risky streaming settings unless explicitly allowed.