ltcai 0.3.1 → 0.4.0

package/latticeai/api/security_dashboard.py

@@ -36,6 +36,8 @@ from fastapi import APIRouter, HTTPException, Query, Request
 from fastapi.responses import Response, StreamingResponse
 from pydantic import BaseModel
 
+from ..core import timezones
+
 logger = logging.getLogger(__name__)
 
 
@@ -304,11 +306,13 @@ def create_security_router(
         report = build_sensitivity_report(history) or {}
         summary = report.get("summary", {})
         sev = summary.get("severity_counts", {}) or {}
-        today = datetime.utcnow().date().isoformat()
+        # item 7: audit timestamp(로컬/설정 시간대)와 동일한 기준으로 "오늘"을 계산한다.
+        today = timezones.today_str()
         today_events = [e for e in events if str(e.get("timestamp", ""))[:10] == today]
 
         return {
-            "generated_at": datetime.utcnow().isoformat() + "Z",
+            "generated_at": timezones.now_iso(),
+            "timezone": timezones.tz_name(),
             "cards": {
                 "events_today": len(today_events),
                 "high_risk_events": int(sev.get("high", 0)),

package/latticeai/core/agent.py

@@ -0,0 +1,453 @@
+"""Agent Runtime — the Discover→Plan→Implement→Verify state machine.
+
+This module is the deep one: a small interface (``AgentDeps`` ports +
+``AgentRuntime.run_to_completion``) over the whole multi-role agent loop
+(planner → executor → critic → rollback → memory). It carries no FastAPI,
+no globals, and no I/O of its own — every collaborator is injected through
+``AgentDeps``.
+
+Two adapters justify the seam:
+
+* production wires ``AgentDeps`` from server.py's ``LLMRouter``, governance
+  map, audit log, and prompts;
+* tests pass fake ports (an LLM that returns canned JSON, a recording tool
+  executor) and drive a full PLAN→EXECUTE→VERIFY→DONE cycle without a server.
+
+HTTP concerns — request parsing, chat-history persistence, response shaping,
+scheduling the background memory update — stay in server.py. This module
+only owns the state machine.
+"""
+
+from __future__ import annotations
+
+import json
+import re
+import subprocess
+from dataclasses import dataclass
+from enum import Enum
+from pathlib import Path
+from typing import Any, Awaitable, Callable, Dict, FrozenSet, List, Optional
+
+from tools import ToolError
+
+
+class AgentState(str, Enum):
+    IDLE             = "IDLE"
+    PLANNING         = "PLANNING"
+    WAITING_APPROVAL = "WAITING_APPROVAL"
+    EXECUTING        = "EXECUTING"
+    VERIFYING        = "VERIFYING"
+    FAILED           = "FAILED"
+    ROLLBACK         = "ROLLBACK"
+    DONE             = "DONE"
+
+
+# Terminal states — the agent loop exits when reaching one of these
+AGENT_TERMINAL_STATES: FrozenSet[AgentState] = frozenset({AgentState.DONE, AgentState.FAILED})
+
+
+class AgentRunContext:
+    """Mutable state carrier passed through all agent phases."""
+    __slots__ = ("state", "plan", "transcript", "retry_count",
+                 "state_history", "corrections", "final_message", "rollback_log",
+                 "executing_model", "reviewing_model")
+
+    def __init__(self) -> None:
+        self.state:           AgentState   = AgentState.IDLE
+        self.plan:            dict         = {}
+        self.transcript:      list         = []
+        self.retry_count:     int          = 0
+        self.state_history:   list         = []
+        self.corrections:     list         = []
+        self.final_message:   str          = ""
+        self.rollback_log:    list         = []
+        self.executing_model: Optional[str] = None
+        self.reviewing_model: Optional[str] = None
+
+
+def extract_action(raw: str) -> Dict:
+    """Parse one JSON action object out of an LLM response (tolerant of fences/prose)."""
+    text = raw.strip()
+    fenced = re.search(r"```(?:json)?\s*(\{.*?\})\s*```", text, flags=re.DOTALL)
+    if fenced:
+        text = fenced.group(1).strip()
+    elif not text.startswith("{"):
+        start = text.find("{")
+        end = text.rfind("}")
+        if start >= 0 and end > start:
+            text = text[start : end + 1]
+
+    try:
+        action = json.loads(text)
+    except json.JSONDecodeError as exc:
+        raise ValueError(f"Agent did not return valid JSON: {exc}") from exc
+
+    if not isinstance(action, dict) or "action" not in action:
+        raise ValueError("Agent JSON must include an action field.")
+    return action
+
+
+@dataclass
+class AgentDeps:
+    """The ports an :class:`AgentRuntime` needs from the outside world.
+
+    Everything the state machine touches is here, so the loop can be exercised
+    against fakes. See module docstring for the two-adapter rationale.
+    """
+
+    # ── LLM port ─────────────────────────────────────────────────────
+    # generate_as(model_id, message, context, max_tokens, temperature) -> str
+    generate_as: Callable[..., Awaitable[Any]]
+    # generate(message, context, max_tokens, temperature) -> str
+    generate: Callable[..., Awaitable[Any]]
+
+    # ── tool port ────────────────────────────────────────────────────
+    execute_tool: Callable[[str, dict], dict]
+    policy_for: Callable[[str, dict], dict]        # name, args -> governance policy
+    risk_level: Callable[[dict], str]              # policy -> "low"|"medium"|"high"
+    check_role: Callable[[str, str], None]         # tool_name, user -> raises if not allowed
+    tool_governance: Dict[str, dict]               # name -> policy (for auto_approve set)
+    file_create_actions: FrozenSet[str]
+
+    # ── context / memory / audit ports ───────────────────────────────
+    recent_chat_context: Callable[..., str]        # (conversation_id=...) -> str
+    clear_history: Callable[[int], dict]
+    knowledge_save: Callable[..., Any]
+    audit: Callable[..., None]                     # (event, **kw) -> None
+
+    # ── prompts + config ─────────────────────────────────────────────
+    planner_prompt: str
+    executor_prompt: str
+    critic_prompt: str
+    memory_updater_prompt: str
+    agent_root: Path
+
+
+class AgentRuntime:
+    """Drives the agent state machine over injected :class:`AgentDeps`."""
+
+    def __init__(self, deps: AgentDeps) -> None:
+        self.deps = deps
+
+    # ── PLAN ─────────────────────────────────────────────────────────
+    async def plan(
+        self, ctx: AgentRunContext, req: Any, lang_hint: str, current_user: str,
+        model_id: Optional[str] = None,
+    ) -> None:
+        """PLAN: Planner role produces a structured plan JSON."""
+        d = self.deps
+        context = (
+            f"{d.planner_prompt}\n\n"
+            f"[LANGUAGE HINT: {lang_hint}]\n"
+            f"Workspace root: {d.agent_root}\n\n"
+            f"User request: {req.message}"
+        )
+        raw = await d.generate_as(
+            model_id,
+            message="Produce a JSON execution plan for this request.",
+            context=context, max_tokens=1024, temperature=0.1,
+        )
+        try:
+            plan = extract_action(str(raw))
+        except ValueError:
+            plan = {
+                "action": "plan", "state": "PLAN",
+                "goal": req.message, "steps": [],
+                "requires_approval": False, "rollback_strategy": "none", "estimated_steps": 1,
+            }
+        ctx.plan = plan
+        ctx.transcript.append({
+            "state": AgentState.PLANNING.value,
+            "goal": plan.get("goal", req.message),
+            "steps": plan.get("steps", []),
+            "requires_approval": plan.get("requires_approval", False),
+            "rollback_strategy": plan.get("rollback_strategy", "none"),
+            "estimated_steps": plan.get("estimated_steps", 1),
+        })
+        ctx.state = AgentState.WAITING_APPROVAL
+
+    # ── APPROVAL ─────────────────────────────────────────────────────
+    def approve(self, ctx: AgentRunContext, current_user: str) -> None:
+        """APPROVAL: Check governance, log decision, auto-approve (future: UI prompt)."""
+        d = self.deps
+        auto_approve_tools = {name for name, p in d.tool_governance.items() if p["auto_approve"]}
+        steps = ctx.plan.get("steps", [])
+        non_auto = [s.get("action") for s in steps if s.get("action") not in auto_approve_tools]
+        requires = ctx.plan.get("requires_approval", False) or bool(non_auto)
+
+        ctx.transcript.append({
+            "state": AgentState.WAITING_APPROVAL.value,
+            "requires_approval": requires,
+            "non_auto_approve_steps": non_auto,
+            "decision": "auto_approved",
+        })
+        d.audit(
+            "agent_approval", user_email=current_user,
+            requires_approval=requires, non_auto_steps=non_auto, decision="auto_approved",
+        )
+        ctx.state = AgentState.EXECUTING
+
+    # ── EXECUTE ──────────────────────────────────────────────────────
+    async def execute(
+        self, ctx: AgentRunContext, req: Any, lang_hint: str,
+        current_user: str, max_steps: int, model_id: Optional[str] = None,
+    ) -> None:
+        """EXECUTE: Executor role calls tools one at a time until final or budget exhausted."""
+        d = self.deps
+        exec_count = sum(1 for s in ctx.transcript if s.get("state") == AgentState.EXECUTING.value)
+        budget = max(1, max_steps - exec_count)
+
+        for _ in range(budget):
+            corrections_hint = (
+                "\n\nCritic corrections from previous attempt:\n"
+                + "\n".join(f"- {c}" for c in ctx.corrections)
+            ) if ctx.corrections else ""
+
+            context = (
+                f"{d.executor_prompt}\n\n"
+                f"[LANGUAGE HINT: {lang_hint}]\n"
+                f"Workspace root: {d.agent_root}\n\n"
+                f"PLAN:\n{json.dumps(ctx.plan, ensure_ascii=False)}\n\n"
+                f"Recent conversation:\n{d.recent_chat_context(conversation_id=req.conversation_id) or '(none)'}\n\n"
+                f"User request: {req.message}{corrections_hint}\n\n"
+                f"Execution transcript:\n{json.dumps(ctx.transcript, ensure_ascii=False, indent=2)}"
+            )
+            raw = await d.generate_as(
+                model_id,
+                message="Execute the next step.",
+                context=context, max_tokens=4096, temperature=req.temperature,
+            )
+            try:
+                action = extract_action(str(raw))
+            except ValueError as exc:
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value, "action": "parse_error",
+                    "raw": str(raw)[:400], "error": str(exc),
+                })
+                break
+
+            name     = action.get("action")
+            thoughts = str(action.get("thoughts") or "")[:600]
+            args     = action.get("args") or {}
+
+            if name == "final":
+                ctx.final_message = action.get("message", "작업을 완료했습니다.")
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value, "action": "final", "thoughts": thoughts,
+                })
+                ctx.state = AgentState.VERIFYING
+                return
+
+            # Loop guard
+            exec_steps = [s for s in ctx.transcript if s.get("state") == AgentState.EXECUTING.value]
+            last = exec_steps[-1] if exec_steps else None
+            if (
+                name in d.file_create_actions and last
+                and last.get("action") == name
+                and (last.get("args") or {}) == args
+                and "result" in last
+            ):
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value, "action": name,
+                    "error": "LOOP_DETECTED: identical action+args repeated — halted.",
+                })
+                break
+
+            if name == "clear_history":
+                result = d.clear_history(args.get("keep_last", 0))
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value, "action": name,
+                    "thoughts": thoughts, "args": args, "result": result,
+                })
+                continue
+
+            policy = d.policy_for(name, args)
+            risk   = d.risk_level(policy)
+
+            if policy["risk"] == "destructive":
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value, "action": name,
+                    "thoughts": thoughts, "args": args, "risk": risk,
+                    "governance": dict(policy),
+                    "error": f"BLOCKED: destructive action '{name}' not permitted in agent mode.",
+                })
+                d.audit(
+                    "agent_blocked", user_email=current_user, source=getattr(req, "source", None) or "agent",
+                    action=name, reason="destructive", governance=dict(policy),
+                )
+                continue
+
+            if not policy["auto_approve"]:
+                d.audit(
+                    "agent_exec", user_email=current_user, source=getattr(req, "source", None) or "agent",
+                    state=AgentState.EXECUTING.value, action=name, risk=risk,
+                    shell=policy["shell"], network=policy["network"],
+                    destructive=policy["destructive"], sandbox=policy["sandbox"],
+                    rollback=policy["rollback"],
+                    args={k: v for k, v in args.items() if k != "content"},
+                )
+
+            try:
+                d.check_role(name, current_user)
+                result = d.execute_tool(name, args)
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value, "action": name,
+                    "thoughts": thoughts, "args": args,
+                    "risk": risk, "governance": dict(policy), "result": result,
+                })
+            except (ToolError, KeyError, TypeError) as exc:
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value, "action": name,
+                    "thoughts": thoughts, "args": args,
+                    "risk": risk, "governance": dict(policy), "error": str(exc),
+                })
+
+        ctx.state = AgentState.VERIFYING
+
+    # ── VERIFY ───────────────────────────────────────────────────────
+    async def verify(
+        self, ctx: AgentRunContext, req: Any, lang_hint: str, current_user: str,
+        max_retry: int = 3, model_id: Optional[str] = None,
+    ) -> None:
+        """VERIFYING: Critic role evaluates transcript → DONE / EXECUTING (retry) / ROLLBACK / FAILED."""
+        d = self.deps
+        context = (
+            f"{d.critic_prompt}\n\n"
+            f"[LANGUAGE HINT: {lang_hint}]\n\n"
+            f"Original request: {req.message}\n"
+            f"Plan goal: {ctx.plan.get('goal', req.message)}\n\n"
+            f"Full transcript:\n{json.dumps(ctx.transcript, ensure_ascii=False, indent=2)}"
+        )
+        raw = await d.generate_as(
+            model_id,
+            message="Review the execution transcript and return your verdict JSON.",
+            context=context, max_tokens=512, temperature=0.1,
+        )
+        try:
+            verdict = extract_action(str(raw))
+        except ValueError:
+            verdict = {"action": "verdict", "verdict": "PASS", "next_state": "DONE",
+                       "reason": "Critic parse failed — assuming pass.", "corrections": [], "confidence": 0.7}
+
+        ctx.corrections = verdict.get("corrections", [])
+        # Normalize legacy verdict next_state strings to current AgentState names
+        raw_next = verdict.get("next_state", "DONE")
+        next_s = {"COMPLETE": "DONE", "RETRY": "EXECUTING"}.get(raw_next, raw_next)
+
+        ctx.transcript.append({
+            "state": AgentState.VERIFYING.value,
+            "verdict":     verdict.get("verdict", "PASS"),
+            "reason":      verdict.get("reason", ""),
+            "corrections": ctx.corrections,
+            "confidence":  verdict.get("confidence", 0.9),
+            "next_state":  next_s,
+        })
+
+        if verdict.get("verdict") == "PASS" or next_s == "DONE":
+            if not ctx.final_message:
+                ctx.final_message = verdict.get("reason", "작업이 완료되었습니다.")
+            ctx.state = AgentState.DONE
+        elif next_s == "ROLLBACK":
+            ctx.state = AgentState.ROLLBACK
+        elif next_s == "EXECUTING":
+            if ctx.retry_count >= max_retry:
+                ctx.final_message = "처리 중 문제가 발생했습니다. 다시 시도해 주세요."
+                ctx.state = AgentState.FAILED
+            else:
+                ctx.retry_count += 1
+                ctx.transcript.append({
+                    "state": AgentState.EXECUTING.value,
+                    "retry_attempt": ctx.retry_count,
+                    "corrections": ctx.corrections,
+                })
+                ctx.state = AgentState.EXECUTING
+        else:
+            ctx.final_message = verdict.get("reason", "검증자가 인식되지 않은 다음 상태를 반환했습니다.")
+            ctx.state = AgentState.FAILED
+
+    # ── ROLLBACK ─────────────────────────────────────────────────────
+    def rollback(self, ctx: AgentRunContext, current_user: str) -> None:
+        """ROLLBACK: attempt git checkout for each edited file, then FAILED."""
+        d = self.deps
+        rolled: List[dict] = []
+        for step in ctx.transcript:
+            if step.get("state") != AgentState.EXECUTING.value:
+                continue
+            gov = step.get("governance", {})
+            if gov.get("rollback") != "git":
+                continue
+            result = step.get("result", {})
+            if not (isinstance(result, dict) and result.get("success")):
+                continue
+            path = result.get("path") or (step.get("args") or {}).get("path", "")
+            if not path:
+                continue
+            try:
+                r = subprocess.run(
+                    ["git", "checkout", "--", path], cwd=str(d.agent_root),
+                    capture_output=True, text=True, timeout=10,
+                )
+                rolled.append({"path": path, "ok": r.returncode == 0, "stderr": r.stderr[:200]})
+            except Exception as exc:
+                rolled.append({"path": path, "ok": False, "error": str(exc)})
+
+        ctx.transcript.append({"state": AgentState.ROLLBACK.value, "rolled_back": rolled})
+        recovered = [r["path"] for r in rolled if r.get("ok")]
+        ctx.final_message = (
+            f"실행 실패로 롤백했습니다. 복구 파일: {recovered}"
+            if recovered
+            else "롤백을 시도했으나 복구할 파일이 없거나 git이 초기화되지 않았습니다."
+        )
+        d.audit("agent_rollback", user_email=current_user, rolled_back=rolled)
+        # Rollback is a recovery from a failed verification — terminal state is FAILED
+        ctx.state = AgentState.FAILED
+
+    # ── MEMORY ───────────────────────────────────────────────────────
+    async def memory_update(self, ctx: AgentRunContext, req: Any, current_user: str) -> None:
+        """Background: Memory Updater role extracts learnings after DONE."""
+        d = self.deps
+        context = (
+            f"{d.memory_updater_prompt}\n\n"
+            f"Completed task: {req.message}\n\n"
+            f"Last 5 transcript steps:\n{json.dumps(ctx.transcript[-5:], ensure_ascii=False)}"
+        )
+        try:
+            raw = await d.generate(
+                message="Extract learnings from this completed task.",
+                context=context, max_tokens=256, temperature=0.1,
+            )
+            mem = extract_action(str(raw))
+            if mem.get("save_to_knowledge") and mem.get("learnings"):
+                d.knowledge_save(
+                    "\n".join(mem["learnings"]),
+                    folder="30_Projects",
+                    title=f"Agent: {req.message[:60]}",
+                )
+        except Exception:
+            pass
+
+    # ── DRIVE LOOP ───────────────────────────────────────────────────
+    async def run_to_completion(
+        self, ctx: AgentRunContext, req: Any, lang_hint: str,
+        current_user: str, max_steps: int, max_retry: int,
+    ) -> None:
+        """Run EXECUTING → VERIFYING → ROLLBACK loop until a terminal state."""
+        while ctx.state not in AGENT_TERMINAL_STATES:
+            ctx.state_history.append(ctx.state.value)
+            if len(ctx.state_history) > 200:
+                ctx.final_message = "에이전트 상태 머신이 최대 반복(200)에 도달해 중단했습니다."
+                ctx.state = AgentState.FAILED
+                break
+
+            if ctx.state == AgentState.EXECUTING:
+                await self.execute(ctx, req, lang_hint, current_user, max_steps,
+                                   model_id=ctx.executing_model)
+            elif ctx.state == AgentState.VERIFYING:
+                await self.verify(ctx, req, lang_hint, current_user, max_retry,
+                                  model_id=ctx.reviewing_model)
+            elif ctx.state == AgentState.ROLLBACK:
+                self.rollback(ctx, current_user)
+            else:
+                ctx.state = AgentState.FAILED
+
+        ctx.state_history.append(ctx.state.value)

package/latticeai/core/audit.py

@@ -9,6 +9,8 @@ from datetime import datetime
 from pathlib import Path
 from typing import Any, Callable, Dict, List, Optional
 
+from . import timezones
+
 _history_lock = threading.Lock()
 
 SENSITIVE_PATTERNS = [
@@ -41,7 +43,8 @@ def append_audit_event(audit_file: Path, event_type: str, **payload) -> None:
     try:
         event = {
             "event_type": event_type,
-            "timestamp": datetime.now().isoformat(),
+            # item 7: 대시보드 "오늘" 계산과 동일한 시간대 기준으로 기록한다.
+            "timestamp": timezones.now_iso(),
             **payload,
         }
         with _history_lock:

package/latticeai/core/config.py

@@ -0,0 +1,178 @@
+"""App-level configuration as a single deep module.
+
+All environment parsing for Lattice AI's *application* settings (mode, host,
+port, feature flags, SSO, auth gating, integrations) lives here behind one
+interface: ``Config.from_env``. Callers read typed attributes off a frozen
+``Config`` instance instead of reaching for ``os.getenv`` in 40 places.
+
+The ``env`` mapping passed to ``from_env`` is the seam:
+
+* production passes ``os.environ`` (the default);
+* tests pass a plain ``dict`` and get a fully-formed ``Config`` with no
+  monkeypatching of the process environment.
+
+Per-request provider credentials (``OPENAI_API_KEY``, ``LMSTUDIO_API_KEY`` …)
+are intentionally *not* here — those belong to the LLM Router's provider
+concept and are read dynamically at call time.
+"""
+
+from __future__ import annotations
+
+import sys
+from dataclasses import dataclass, field
+from pathlib import Path
+from typing import List, Mapping, Optional
+
+from latticeai.core.security import host_is_loopback
+
+
+def _value(env: Mapping[str, str], key: str, default: str = "") -> str:
+    """Mirror the legacy ``env_value``: ``getenv(key) or default or ""`` (no strip)."""
+    return env.get(key) or default or ""
+
+
+def _str(env: Mapping[str, str], key: str, default: str = "") -> str:
+    """Mirror ``os.getenv(key, default)``: default only when the key is absent."""
+    raw = env.get(key)
+    return raw if raw is not None else default
+
+
+def _bool(env: Mapping[str, str], key: str, default: bool = False) -> bool:
+    raw = env.get(key)
+    if raw is None:
+        return default
+    return raw.strip().lower() in {"1", "true", "yes", "on"}
+
+
+def _int(env: Mapping[str, str], key: str, default: int) -> int:
+    raw = env.get(key)
+    if raw is None or not str(raw).strip():
+        return default
+    try:
+        return int(str(raw).strip())
+    except ValueError:
+        return default
+
+
+@dataclass(frozen=True)
+class Config:
+    """Everything a caller must know about app-level settings.
+
+    Construct once at startup via :meth:`from_env`; pass the values onward
+    rather than re-reading the environment.
+    """
+
+    # ── mode / network ──────────────────────────────────────────────
+    app_mode: str
+    is_public: bool
+    host: str
+    port: int
+    network_exposed: bool
+
+    # ── feature flags ───────────────────────────────────────────────
+    enable_telegram: bool
+    enable_graph: bool
+    autoload_models: bool
+    model_idle_unload_seconds: int
+    allow_local_models: bool
+
+    # ── auth / security ─────────────────────────────────────────────
+    require_auth: bool
+    allow_plaintext_api_keys: bool
+    cors_allow_network: bool
+    cors_extra_origins: List[str]
+    rate_limit_enabled: bool
+    open_registration: bool
+    invite_code: str
+    invite_gate_enabled: bool
+    admin_emails: List[str]
+
+    # ── models ──────────────────────────────────────────────────────
+    public_model: str
+    local_model: str
+    local_draft_model: str
+    auto_read_chat_paths: bool
+
+    # ── SSO / OIDC ──────────────────────────────────────────────────
+    sso_discovery_url: str
+    sso_client_id: str
+    sso_client_secret: str
+    sso_redirect_uri: str
+    sso_provider_name: str
+
+    # ── integrations ────────────────────────────────────────────────
+    discord_permission_webhook: str
+    discord_bot_token: str
+    discord_permission_channel: str
+    permission_monitor_secret: str
+
+    # ── paths ───────────────────────────────────────────────────────
+    data_dir: Path
+    static_dir: Path
+
+    @classmethod
+    def from_env(cls, env: Optional[Mapping[str, str]] = None, *, base_dir: Optional[Path] = None) -> "Config":
+        if env is None:
+            import os
+            env = os.environ
+        if base_dir is None:
+            base_dir = Path(__file__).resolve().parent.parent.parent
+
+        app_mode = _value(env, "LATTICEAI_MODE", "local").lower()
+        if app_mode not in {"local", "public"}:
+            app_mode = "local"
+        is_public = app_mode == "public"
+
+        host = _value(env, "LATTICEAI_HOST", "127.0.0.1")
+        port = _int(env, "LATTICEAI_PORT", 4825)
+        network_exposed = not host_is_loopback(host)
+
+        cors_extra = [item.strip() for item in _value(env, "LATTICEAI_CORS_ALLOWED_ORIGINS", "").split(",") if item.strip()]
+        admin_emails = [item.strip().lower() for item in _value(env, "LATTICEAI_ADMIN_EMAILS", "").split(",") if item.strip()]
+
+        public_model = _value(env, "LATTICEAI_PUBLIC_MODEL", _value(env, "LATTICEAI_DEFAULT_MODEL", "openai:gpt-4o-mini"))
+        local_model = _value(env, "LATTICEAI_LOCAL_MODEL", "mlx-community/gemma-4-26b-a4b-it-4bit")
+
+        data_dir = Path(_value(env, "LATTICEAI_DATA_DIR", str(Path.home() / ".ltcai")))
+        static_dir = Path(_value(env, "LATTICEAI_STATIC_DIR", str(base_dir / "static")))
+        if not static_dir.exists():
+            packaged_static = Path(sys.prefix) / "static"
+            if packaged_static.exists():
+                static_dir = packaged_static
+
+        return cls(
+            app_mode=app_mode,
+            is_public=is_public,
+            host=host,
+            port=port,
+            network_exposed=network_exposed,
+            enable_telegram=_bool(env, "LATTICEAI_ENABLE_TELEGRAM", default=not is_public),
+            enable_graph=_bool(env, "LATTICEAI_ENABLE_GRAPH", default=True),
+            autoload_models=_bool(env, "LATTICEAI_AUTOLOAD_MODELS", default=is_public),
+            model_idle_unload_seconds=_int(env, "LATTICEAI_MODEL_IDLE_UNLOAD_SECONDS", 0),
+            allow_local_models=_bool(env, "LATTICEAI_ALLOW_LOCAL_MODELS", default=not is_public),
+            require_auth=_bool(env, "LATTICEAI_REQUIRE_AUTH", default=is_public or network_exposed),
+            allow_plaintext_api_keys=_bool(env, "LATTICEAI_ALLOW_PLAINTEXT_API_KEYS", default=False),
+            cors_allow_network=_bool(env, "LATTICEAI_CORS_ALLOW_NETWORK", default=False),
+            cors_extra_origins=cors_extra,
+            rate_limit_enabled=_str(env, "LATTICEAI_RATE_LIMIT", "1") != "0",
+            open_registration=_bool(env, "LATTICEAI_OPEN_REGISTRATION", default=not network_exposed and not is_public),
+            invite_code=_value(env, "LATTICEAI_INVITE_CODE", "gemma-lattice-ai"),
+            invite_gate_enabled=_bool(env, "LATTICEAI_INVITE_GATE_ENABLED", default=False),
+            admin_emails=admin_emails,
+            public_model=public_model,
+            local_model=local_model,
+            local_draft_model=_value(env, "LATTICEAI_LOCAL_DRAFT_MODEL", ""),
+            auto_read_chat_paths=_bool(env, "LATTICEAI_AUTO_READ_CHAT_PATHS", default=False),
+            sso_discovery_url=_value(env, "OIDC_DISCOVERY_URL", ""),
+            sso_client_id=_value(env, "OIDC_CLIENT_ID", ""),
+            sso_client_secret=_value(env, "OIDC_CLIENT_SECRET", ""),
+            sso_redirect_uri=_value(env, "OIDC_REDIRECT_URI", "http://localhost:4825/auth/sso/callback"),
+            sso_provider_name=_value(env, "OIDC_PROVIDER_NAME", "SSO"),
+            discord_permission_webhook=_value(env, "LATTICEAI_DISCORD_PERMISSION_WEBHOOK", ""),
+            discord_bot_token=_value(env, "LATTICEAI_DISCORD_BOT_TOKEN", ""),
+            discord_permission_channel=_value(env, "LATTICEAI_DISCORD_PERMISSION_CHANNEL", ""),
+            permission_monitor_secret=_value(env, "LATTICEAI_PERMISSION_SECRET", ""),
+            data_dir=data_dir,
+            static_dir=static_dir,
+        )