Settings System

AuroraSOC uses pydantic-settings for type-safe, validated configuration loaded from environment variables. The settings module at aurorasoc/config/settings.py is the single source of truth for all configuration.

Architecture

Subsystem Configurations

LLMSettings

Controls the AI model provider:

class LLMSettings(BaseSettings):
    model: str = "gpt-4o"
    base_url: str = "https://api.openai.com/v1"
    api_key: str = ""
    temperature: float = 0.1
    max_tokens: int = 4096

    model_config = SettingsConfigDict(env_prefix="AURORA_LLM_")

Variable	Default	Description
AURORA_LLM_MODEL	gpt-4o	Model identifier
AURORA_LLM_BASE_URL	https://api.openai.com/v1	API endpoint
AURORA_LLM_API_KEY	(empty)	API authentication key
AURORA_LLM_TEMPERATURE	0.1	Sampling temperature (lower = more deterministic)
AURORA_LLM_MAX_TOKENS	4096	Maximum response tokens

Why temperature: 0.1? Security analysis requires consistent, deterministic responses. High temperature would produce creative but unreliable analysis.

RedisSettings

class RedisSettings(BaseSettings):
    host: str = "localhost"
    port: int = 6379
    password: str = ""
    db: int = 0

    model_config = SettingsConfigDict(env_prefix="AURORA_REDIS_")

NATSSettings

class NATSSettings(BaseSettings):
    url: str = "nats://localhost:4222"
    stream_name: str = "AURORA"

    model_config = SettingsConfigDict(env_prefix="AURORA_NATS_")

PostgresSettings

class PostgresSettings(BaseSettings):
    host: str = "localhost"
    port: int = 5432
    user: str = "aurora"
    password: str = "aurora"
    database: str = "aurorasoc"

    @property
    def async_url(self) -> str:
        return f"postgresql+asyncpg://{self.user}:{self.password}@{self.host}:{self.port}/{self.database}"

    model_config = SettingsConfigDict(env_prefix="AURORA_PG_")

QdrantSettings

class QdrantSettings(BaseSettings):
    host: str = "localhost"
    port: int = 6333
    collection_prefix: str = "aurora_"

    model_config = SettingsConfigDict(env_prefix="AURORA_QDRANT_")

MQTTSettings

class MQTTSettings(BaseSettings):
    host: str = "localhost"
    port: int = 1883
    username: str = ""
    password: str = ""
    topic_prefix: str = "aurora/sensors"

    model_config = SettingsConfigDict(env_prefix="AURORA_MQTT_")

VaultSettings

class VaultSettings(BaseSettings):
    url: str = "http://localhost:8200"
    token: str = ""
    mount_path: str = "secret"

    model_config = SettingsConfigDict(env_prefix="AURORA_VAULT_")

A2ASettings

Defines ports for all 16 agent services:

class A2ASettings(BaseSettings):
    orchestrator_port: int = 9000
    security_analyst_port: int = 9001
    threat_hunter_port: int = 9002
    incident_responder_port: int = 9003
    threat_intel_port: int = 9004
    network_security_port: int = 9005
    endpoint_security_port: int = 9006
    malware_analyst_port: int = 9007
    forensic_analyst_port: int = 9008
    compliance_analyst_port: int = 9009
    vulnerability_manager_port: int = 9010
    cloud_security_port: int = 9011
    ueba_analyst_port: int = 9012
    web_security_port: int = 9013
    cps_security_port: int = 9014
    report_generator_port: int = 9015

    model_config = SettingsConfigDict(env_prefix="AURORA_A2A_")

ObservabilitySettings

class ObservabilitySettings(BaseSettings):
    otlp_endpoint: str = "http://otel-collector:4317"
    service_name: str = "aurorasoc"
    prometheus_port: int = 9090

    model_config = SettingsConfigDict(env_prefix="AURORA_OTEL_")

Singleton Pattern

Settings are loaded once and cached using @lru_cache:

from functools import lru_cache

@lru_cache()
def get_settings() -> Settings:
    return Settings()

Why @lru_cache? Environment variables don't change during runtime. Parsing and validating settings on every request would waste CPU cycles. The cache ensures settings are parsed exactly once.

Usage in Code

from aurorasoc.config import get_settings

settings = get_settings()

# Access subsystem config
redis_host = settings.redis.host
llm_model = settings.llm.model
pg_url = settings.postgres.async_url

Environment File

For local development, create a .env file:

AURORA_LLM_API_KEY=sk-your-openai-key
AURORA_LLM_MODEL=gpt-4o
AURORA_PG_HOST=localhost
AURORA_PG_PASSWORD=aurora
AURORA_REDIS_HOST=localhost
AURORA_NATS_URL=nats://localhost:4222
AURORA_MQTT_HOST=localhost
AURORA_QDRANT_HOST=localhost
AURORA_JWT_SECRET=your-32-char-secret-here-change-me

Docker Compose Override

In docker-compose.dev.yml, environment variables are set directly on each service. The .env file is used for local (non-Docker) development.