@nano-step/nano-brain 2026.5.3103 → 2026.5.3104
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +47 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -145,6 +145,49 @@ summarization:
|
|
|
145
145
|
concurrency: 3 # parallel map-phase LLM calls
|
|
146
146
|
```
|
|
147
147
|
|
|
148
|
+
### Authentication (VPS / remote deployment)
|
|
149
|
+
|
|
150
|
+
When binding to a non-loopback address, enable auth to protect your memory:
|
|
151
|
+
|
|
152
|
+
```yaml
|
|
153
|
+
server:
|
|
154
|
+
host: 0.0.0.0
|
|
155
|
+
port: 3100
|
|
156
|
+
auth:
|
|
157
|
+
enabled: true
|
|
158
|
+
realm: nano-brain
|
|
159
|
+
users:
|
|
160
|
+
- username: admin
|
|
161
|
+
password_hash: "$2a$10$..." # from: nano-brain auth hash <password>
|
|
162
|
+
tokens:
|
|
163
|
+
- "nbt_..." # from: nano-brain auth token
|
|
164
|
+
bypass_paths:
|
|
165
|
+
- /health
|
|
166
|
+
```
|
|
167
|
+
|
|
168
|
+
Generate credentials:
|
|
169
|
+
|
|
170
|
+
```bash
|
|
171
|
+
# Generate bcrypt hash for Basic Auth
|
|
172
|
+
nano-brain auth hash mypassword
|
|
173
|
+
|
|
174
|
+
# Generate bearer token
|
|
175
|
+
nano-brain auth token
|
|
176
|
+
```
|
|
177
|
+
|
|
178
|
+
Usage examples:
|
|
179
|
+
|
|
180
|
+
```bash
|
|
181
|
+
# Basic Auth
|
|
182
|
+
curl -u admin:mypassword http://host:3100/api/v1/query -d '{"query":"test"}'
|
|
183
|
+
|
|
184
|
+
# Bearer token
|
|
185
|
+
curl -H "Authorization: Bearer nbt_..." http://host:3100/api/v1/query -d '{"query":"test"}'
|
|
186
|
+
|
|
187
|
+
# MCP client with URL-embedded credentials
|
|
188
|
+
# url: http://admin:mypassword@host:3100/mcp
|
|
189
|
+
```
|
|
190
|
+
|
|
148
191
|
### Global ignore patterns (`~/.nano-brain/.nano-brainignore`)
|
|
149
192
|
|
|
150
193
|
The watcher loads a global gitignore-style file at `~/.nano-brain/.nano-brainignore`
|
|
@@ -243,6 +286,8 @@ Large sessions (100K+ tokens) are handled via map-reduce chunking — no session
|
|
|
243
286
|
| `OPENCODE_DB_PATH` | OpenCode single SQLite database path |
|
|
244
287
|
| `OPENCODE_STORAGE_DIR` | OpenCode session directory (legacy) |
|
|
245
288
|
| `NANO_BRAIN_SUMMARIZE_API_KEY` | API key for the summarization LLM provider |
|
|
289
|
+
| `NANO_BRAIN_AUTH_ENABLED` | Enable Basic Auth + Bearer Token (`true`/`false`) |
|
|
290
|
+
| `NANO_BRAIN_AUTH_TOKENS` | Comma-separated bearer tokens |
|
|
246
291
|
| `NANO_BRAIN_*` | Override any config field (e.g., `NANO_BRAIN_SERVER_PORT=3100`) |
|
|
247
292
|
|
|
248
293
|
**Docker example** — run the server in a container against a host PostgreSQL:
|
|
@@ -328,6 +373,8 @@ Workspace is passed in the JSON body for POST, query param for GET.
|
|
|
328
373
|
| `nano-brain logs [-n 50] [-f]` | Tail log file |
|
|
329
374
|
| `nano-brain docker start\|stop\|status` | Docker compose management |
|
|
330
375
|
| `nano-brain status [--json]` | Server status |
|
|
376
|
+
| `nano-brain auth hash <password>` | Generate bcrypt password hash for config |
|
|
377
|
+
| `nano-brain auth token` | Generate random bearer token (`nbt_`-prefixed) |
|
|
331
378
|
| `nano-brain doctor [--json]` | Check prerequisites (config, PostgreSQL, pgvector, Ollama, model) |
|
|
332
379
|
|
|
333
380
|
## MCP Tools
|