Skip to main content
This section details the bootstrap process for developers and operators, covering the transition from a fresh repository clone to a fully configured and running Palyra environment. The system utilizes a multi-layered configuration strategy and an interactive onboarding wizard to ensure secure defaults across various deployment profiles.

Developer Bootstrap and Environment Validation

Palyra uses a justfile (and a legacy Makefile) to orchestrate developer workflows. The primary entry point for a new developer is the dev target, which enforces environment sanity before building the workspace.

Core Bootstrap Commands

CommandActionImplementation
just doctorRuns strict environment checks.Calls palyra doctor --strict justfile#7-11.
just devFull bootstrap: doctor, UI prep, and build.Enforces doctor before cargo build justfile#16-19.
just protocolValidates and generates Protobuf stubs.Executes scripts in scripts/protocol/ justfile#121-125.
just web-bootstrapMaterializes JS workspace.Executes vp install justfile#30-31.

The Doctor System

The doctor command is a critical diagnostic tool that verifies system dependencies, filesystem permissions, and network accessibility. It must pass with --strict for the dev target to proceed justfile#10-11. Sources: justfile#1-22, Makefile#1-19

Operator Onboarding Wizard

For operators, the palyra onboarding and palyra setup commands initiate an interactive wizard. This wizard abstracts the complexity of generating a valid palyra.toml, configuring the vault, and verifying model provider connectivity.

Onboarding Flow Logic

The wizard operates through a WizardSession that collects a mutation plan crates/palyra-cli/src/commands/operator_wizard.rs#1-6. It supports three primary variants:
  1. Quickstart: Minimal configuration for local evaluation crates/palyra-cli/src/commands/onboarding.rs#34.
  2. Manual: Granular control over every subsystem crates/palyra-cli/src/commands/onboarding.rs#35.
  3. Remote: Optimized for VPS/Server deployments with SSH tunnel or verified HTTPS setup crates/palyra-cli/src/commands/onboarding.rs#36.

Code Entity Mapping: Onboarding Logic

The following diagram maps the CLI command structure to the underlying wizard implementation. Title: Onboarding Command to Code Mapping Sources: crates/palyra-cli/src/commands/onboarding.rs#137-152, crates/palyra-cli/src/commands/operator_wizard.rs#39-44, crates/palyra-cli/src/commands/operator_wizard.rs#112-117

Configuration Schema (palyra.toml)

The palyra.toml file is the source of truth for the daemon. It is mirrored in code by the RootFileConfig struct crates/palyra-common/src/daemon_config_schema.rs#32.

Key Configuration Sections

Configuration Precedence

The load_config function enforces a strict hierarchy of values:
  1. Defaults: Hardcoded in crates/palyra-daemon/src/config/schema.rs crates/palyra-daemon/src/config/load.rs#92-115.
  2. Config File: Values provided in palyra.toml crates/palyra-daemon/src/config/load.rs#121-125.
  3. Environment Variables: Prefixed with PALYRA_ (e.g., PALYRA_DAEMON_PORT) crates/palyra-daemon/src/config/load.rs#4-9.

Secret Handling

Palyra distinguishes between standard configuration and sensitive data. Secrets (API keys, admin tokens) are never stored in the clear if configured via the wizard. They are either: Sources: crates/palyra-daemon/src/config/load.rs#1-18, crates/palyra-common/src/daemon_config_schema.rs#1-52, crates/palyra-daemon/src/config/schema.rs#30-141

Deployment Profiles

The deployment.profile setting determines the runtime’s security posture and network behavior.
ProfileTarget Use CaseDefault BindSecurity Posture
local_desktopLocal dev/Tauri app127.0.0.1Assumes local user trust.
serverShared VPS / Docker0.0.0.0Requires dangerous_remote_bind_ack crates/palyra-common/src/daemon_config_schema.rs#70-79.
remote_agentHeadless worker nodeVariableEnforces mTLS and Vault-backed secrets.
Sources: crates/palyra-common/src/daemon_config_schema.rs#58-68, crates/palyra-daemon/src/config/load.rs#130-141

Model Provider Setup Flow

A critical part of “Getting Started” is the palyra models CLI family, which manages the provider registry.

Provider Discovery and Validation

  1. Set Provider: palyra models set <MODEL_ID> updates the default text model crates/palyra-cli/tests/models_cli.rs#33-45.
  2. Test Connection: The CLI performs a probe against the provider endpoint (e.g., /v1/models) to verify the API key and network egress crates/palyra-cli/src/commands/models.rs#177-182.
  3. Discovery: palyra models discover fetches available models from the remote and caches them in models/provider_checks.json crates/palyra-cli/src/commands/models.rs#39-40.

Data Flow: Provider Configuration

Title: Model Provider Configuration Flow Sources: crates/palyra-cli/src/commands/models.rs#1-10, crates/palyra-daemon/src/model_provider.rs#10-12, crates/palyra-cli/src/commands/operator_wizard.rs#4-6