Skip to main content

​
Configuration

Configure nao for your environment and requirements.

​
Configuration Files

​
nao_config.yaml

Main configuration file in your project root: 
# Project Information
project_name: my-analytics-agent
version: "1.0"

# LLM Configuration
llm:
  provider: openai
  model: gpt-4
  temperature: 0.1
  max_tokens: 4000

# Database Connections
databases:
  - name: production_warehouse
    type: snowflake
    host: account.snowflakecomputing.com
    database: analytics
    schema: public
    user: ${SNOWFLAKE_USER}
    password: ${SNOWFLAKE_PASSWORD}
    warehouse: compute_wh

# Repository Integrations
repositories:
  - name: dbt_project
    url: https://github.com/your-org/dbt-project
    path: models/
    branch: main

# Slack Integration (optional)
slack:
  bot_token: ${SLACK_BOT_TOKEN}
  app_token: ${SLACK_APP_TOKEN}
  channel: analytics-questions

​
Environment Variables

Sensitive configuration via environment variables: 
# LLM Providers
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...

# Database Credentials
SNOWFLAKE_USER=analytics_user
SNOWFLAKE_PASSWORD=...
POSTGRES_PASSWORD=...

# Application Settings
NAO_DEFAULT_PROJECT_PATH=/path/to/project
PORT=5005
NAO_ENV=production
LOG_LEVEL=info

# Optional
DB_URI=postgresql://...           # PostgreSQL for conversation storage (uses SQLite if not set)
BETTER_AUTH_SECRET=...            # Secret key for authentication
SLACK_BOT_TOKEN=xoxb-...          # Slack integration
SLACK_SIGNING_SECRET=...          # Slack signing secret

​
LLM Configuration

​
Supported Providers

OpenAI 
llm:
  provider: openai
  model: gpt-4
  api_key: ${OPENAI_API_KEY}
Anthropic (Claude) 
llm:
  provider: anthropic
  model: claude-3-sonnet-20240229
  api_key: ${ANTHROPIC_API_KEY}
Azure OpenAI 
llm:
  provider: azure-openai
  model: gpt-4
  azure_endpoint: https://your-resource.openai.azure.com/
  api_key: ${AZURE_OPENAI_KEY}
  api_version: "2024-02-01"
Local Models (via Ollama) 
llm:
  provider: ollama
  model: llama2
  base_url: http://localhost:11434

​
Model Parameters

llm:
  provider: openai
  model: gpt-4
  temperature: 0.1          # Lower = more deterministic
  max_tokens: 4000          # Maximum response length
  top_p: 1.0               # Nucleus sampling
  frequency_penalty: 0.0    # Reduce repetition
  presence_penalty: 0.0     # Encourage diversity

​
Database Configuration

​
Connection String Format

Snowflake 
databases:
  - name: snowflake_prod
    type: snowflake
    host: account.region.snowflakecomputing.com
    database: analytics
    schema: public
    user: ${SNOWFLAKE_USER}
    password: ${SNOWFLAKE_PASSWORD}
    warehouse: compute_wh
    role: analyst_role
PostgreSQL 
databases:
  - name: postgres_prod
    type: postgresql
    host: postgres.example.com
    port: 5432
    database: analytics
    user: ${POSTGRES_USER}
    password: ${POSTGRES_PASSWORD}
BigQuery 
databases:
  - name: bigquery_prod
    type: bigquery
    project_id: my-project
    credentials_path: /path/to/service-account.json
    dataset: analytics
Databricks 
databases:
  - name: databricks_prod
    type: databricks
    host: dbc-12345678-9abc.cloud.databricks.com
    http_path: /sql/1.0/warehouses/abc123
    token: ${DATABRICKS_TOKEN}
    catalog: main
    schema: analytics

​
Read-Only Access

Always use read-only database users: 
-- PostgreSQL example
CREATE USER nao_readonly WITH PASSWORD 'secure_password';
GRANT CONNECT ON DATABASE analytics TO nao_readonly;
GRANT USAGE ON SCHEMA public TO nao_readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO nao_readonly;

​
Server Configuration

​
Port and Host

# Default: localhost:5005
PORT=5005
HOST=0.0.0.0  # Listen on all interfaces

​
CORS Settings

For web deployments: 
ALLOWED_ORIGINS=https://nao.yourdomain.com,https://app.yourdomain.com

​
Logging

LOG_LEVEL=info  # debug, info, warning, error
LOG_FORMAT=json # json or text

​
Rate Limiting

Configure in nao_config.yaml: 
rate_limiting:
  enabled: true
  requests_per_minute: 60
  burst: 10

​
Authentication

​
Basic Auth

authentication:
  type: basic
  users:
    - username: analyst
      password_hash: ${ANALYST_PASSWORD_HASH}

​
OAuth 2.0

authentication:
  type: oauth2
  provider: google
  client_id: ${OAUTH_CLIENT_ID}
  client_secret: ${OAUTH_CLIENT_SECRET}
  allowed_domains:
    - yourdomain.com

​
SAML

authentication:
  type: saml
  idp_metadata_url: https://idp.example.com/metadata
  sp_entity_id: nao-analytics

​
Slack Integration

Configure Slack bot integration: 
# In nao_config.yaml
slack:
  bot_token: ${SLACK_BOT_TOKEN}
  signing_secret: ${SLACK_SIGNING_SECRET}
  channel: analytics-questions
Environment variables: 
SLACK_BOT_TOKEN=xoxb-...
SLACK_SIGNING_SECRET=...
This allows your team to ask questions directly in Slack and receive answers from the nao agent.

​
Authentication

​
Better Auth

Configure authentication secret: 
BETTER_AUTH_SECRET=your-secret-key-here
This enables user authentication and session management in the chat interface.

​
Advanced Settings

​
Caching

caching:
  enabled: true
  ttl: 3600  # seconds
  max_size: 1000  # cache entries

​
Query Timeout

query_timeout: 300  # seconds
max_result_rows: 10000

​
Context Refresh

auto_sync:
  enabled: true
  interval: 3600  # seconds
  on_startup: true

​
Security Best Practices

  1. Use Environment Variables for all secrets
  2. Rotate Credentials regularly
  3. Limit Database Permissions to read-only
  4. Enable HTTPS for all external access
  5. Implement Authentication for production
  6. Monitor Access Logs for suspicious activity
  7. Keep nao Updated to latest version

​
Configuration Validation

Test your configuration: 
nao debug
This checks:
  • βœ… Configuration file syntax
  • βœ… Database connectivity
  • βœ… LLM API access
  • βœ… Context file structure
  • βœ… Required environment variables

​
Example Production Config

project_name: company-analytics-agent
version: "2.0"

llm:
  provider: openai
  model: gpt-4
  temperature: 0.0
  max_tokens: 4000

databases:
  - name: warehouse
    type: snowflake
    host: company.snowflakecomputing.com
    database: analytics
    user: ${SNOWFLAKE_USER}
    password: ${SNOWFLAKE_PASSWORD}
    warehouse: analytics_wh
    role: readonly

repositories:
  - name: dbt_docs
    url: https://github.com/company/dbt-project
    path: models/
    branch: main

rate_limiting:
  enabled: true
  requests_per_minute: 120

authentication:
  type: oauth2
  provider: okta
  client_id: ${OKTA_CLIENT_ID}
  client_secret: ${OKTA_CLIENT_SECRET}

logging:
  level: info
  format: json

query_timeout: 300
max_result_rows: 5000

auto_sync:
  enabled: true
  interval: 7200

​
What’s Next?

Chat Interface

Start using your deployed agent

nao Cloud

Or use our managed service