Struct Config 

pub struct Config {

    pub http_proxy: String,
    pub https_proxy: String,
    pub proxy_auth: Option<ProxyAuth>,
    pub proxy_auth_encrypted: Option<String>,
    pub headless_auth: bool,
    pub provider: String,
    pub defaults: Option<DefaultsConfig>,
    pub providers: ProviderConfigs,
    pub provider_instances: HashMap<String, ProviderInstanceConfig>,
    pub default_provider_instance: Option<String>,
    pub server: ServerConfig,
    pub keyword_masking: KeywordMaskingConfig,
    pub anthropic_model_mapping: AnthropicModelMapping,
    pub gemini_model_mapping: GeminiModelMapping,
    pub hooks: HooksConfig,
    pub tools: ToolsConfig,
    pub skills: SkillsConfig,
    pub env_vars: Vec<EnvVarEntry>,
    pub default_work_area: Option<DefaultWorkAreaConfig>,
    pub access_control: Option<AccessControlConfig>,
    pub features: FeatureFlags,
    pub memory: Option<MemoryConfig>,
    pub mcp: McpConfig,
    pub extra: BTreeMap<String, Value>,
}

Main configuration structure for Bamboo agent

Contains all settings needed to run the agent, including provider credentials, proxy settings, model selection, and server configuration.

Fields

http_proxy: String

HTTP proxy URL (e.g., http://proxy.example.com:8080)

https_proxy: String

HTTPS proxy URL (e.g., https://proxy.example.com:8080)

proxy_auth: Option<ProxyAuth>

Proxy authentication credentials

Note: this is kept in-memory only. On disk we store proxy_auth_encrypted.

proxy_auth_encrypted: Option<String>

Encrypted proxy authentication credentials (nonce:ciphertext)

This is the at-rest storage representation. When present, Bamboo will decrypt it into proxy_auth at load time.

headless_auth: bool

Deprecated: Use providers.copilot.headless_auth instead

provider: String

Default LLM provider to use (e.g., “anthropic”, “openai”, “gemini”, “copilot”)

defaults: Option<DefaultsConfig>

Default model assignments (used when features.provider_model_ref is enabled).

providers: ProviderConfigs

Provider-specific configurations (legacy, single-instance per type).

provider_instances: HashMap<String, ProviderInstanceConfig>

Multi-instance provider configurations keyed by instance id.

When provider_instances is non-empty, the registry and router prefer instance ids as routing keys. Legacy providers / provider fields are still supported for backward compatibility; see [Config::synthesize_legacy_instances].

default_provider_instance: Option<String>

The default provider instance id used when a request does not specify one.

When set, this takes precedence over the legacy provider field.

server: ServerConfig

HTTP server configuration

keyword_masking: KeywordMaskingConfig

Global keyword masking configuration.

Previously persisted in keyword_masking.json (now unified into config.json).

anthropic_model_mapping: AnthropicModelMapping

Anthropic model mapping configuration.

Previously persisted in anthropic-model-mapping.json (now unified into config.json).

gemini_model_mapping: GeminiModelMapping

Gemini model mapping configuration.

Previously persisted in gemini-model-mapping.json (now unified into config.json).

hooks: HooksConfig

Request preflight hooks.

These hooks can inspect and rewrite outgoing requests before they are sent upstream (e.g. image fallback behavior for text-only models).

tools: ToolsConfig

Global tool toggles.

Any tool listed in disabled is omitted from the tool schemas sent to the LLM.

skills: SkillsConfig

Global skill toggles.

Any skill listed in disabled is excluded from skill context construction and cannot be loaded through the skill runtime tools.

env_vars: Vec<EnvVarEntry>

User-managed environment variables injected into Bash tool processes.

Secret entries are encrypted at rest; plaintext values are hydrated in memory.

default_work_area: Option<DefaultWorkAreaConfig>

Default work area used when a session has no explicit active workspace.

access_control: Option<AccessControlConfig>

Access control / password gate configuration.

features: FeatureFlags

Feature flags for incremental rollout.

memory: Option<MemoryConfig>

Memory/background summarization settings.

mcp: McpConfig

MCP server configuration.

Previously persisted in mcp.json (now unified into config.json).

extra: BTreeMap<String, Value>

Extension fields stored at the root of config.json.

This keeps the config forward-compatible and allows unrelated subsystems (e.g. setup UI state) to persist their own keys without getting dropped by typed (de)serialization.

Implementations

impl Config

pub fn new() -> Config

Load configuration from file with environment variable overrides

Configuration loading order:

1. Try loading from config.json ({data_dir}/config.json)
2. Use defaults
3. Apply environment variable overrides (highest priority)

Environment Variables

• BAMBOO_PORT: Override server port
• BAMBOO_BIND: Override bind address
• BAMBOO_DATA_DIR: Override data directory
• BAMBOO_PROVIDER: Override default provider
• BAMBOO_HEADLESS: Enable headless authentication mode
• BAMBOO_MEMORY_PROJECT_PROMPT_INJECTION: Override project durable-memory index prompt injection
• BAMBOO_MEMORY_RELEVANT_RECALL: Override relevant durable-memory recall prompt injection
• BAMBOO_MEMORY_RELEVANT_RECALL_RERANK: Override model-based relevant recall reranking
• BAMBOO_MEMORY_PROJECT_FIRST_DREAM: Override project-first Dream prompt behavior

pub fn from_data_dir(data_dir: Option<PathBuf>) -> Config

Load configuration from a specific data directory

Arguments

• data_dir - Optional data directory path. If None, uses default (BAMBOO_DATA_DIR or ${HOME}/.bamboo)

pub fn get_model(&self) -> Option<String>

Get the effective default model for the currently active provider.

When features.provider_model_ref is enabled, reads from defaults.chat before falling back to legacy provider-specific config.

Note: for most providers this is a required config value (returns None when absent). Copilot has a built-in fallback when no model is configured.

pub fn get_fast_model(&self) -> Option<String>

Get the fast/cheap model for the currently active provider.

When features.provider_model_ref is enabled, reads from defaults.fast before falling back to legacy provider-specific config.

Used for lightweight tasks like title generation and summarization. Falls back to get_model() when no fast_model is configured.

pub fn get_task_summary_model(&self) -> Option<String>

Get the configured task summarization model.

When features.provider_model_ref is enabled, reads from defaults.task_summary before falling back through defaults.memory_background → defaults.fast → defaults.chat.

This is used for conversation/task summarization and context compression.

pub fn get_memory_background_model(&self) -> Option<String>

Get the configured memory/background summarization model.

When features.provider_model_ref is enabled, reads from defaults.memory_background before falling back to legacy config.

Falls back to the provider fast model when no background model is configured or resolves to an empty string.

IMPORTANT: this intentionally does not fall back to the main interaction model. Memory compaction / reflection should be skipped or fail loudly when no background/fast model is configured.

pub fn get_default_work_area_path(&self) -> Option<PathBuf>

Resolve the configured default work area path when present.

This validates that the configured directory exists, but intentionally returns the stable expanded path rather than the platform-specific canonicalized path. On macOS, canonicalize() may rewrite /var/... to /private/var/..., which is correct at the filesystem layer but undesirable as a user-facing/config-derived workspace path.

pub fn get_vision_model(&self) -> Option<String>

Get the vision-capable model for the currently active provider.

Used for image understanding tasks. Falls back to get_model() when no vision_model is configured.

pub fn get_reasoning_effort(&self) -> Option<ReasoningEffort>

Get the default reasoning effort for the currently active provider.

pub fn disabled_tool_names(&self) -> BTreeSet<String>

Get normalized disabled tool names.

pub fn normalize_tool_settings(&mut self)

Normalize tool settings (trim / dedupe / sort).

pub fn disabled_skill_ids(&self) -> BTreeSet<String>

Get normalized disabled skill IDs.

pub fn normalize_skill_settings(&mut self)

Normalize skill settings (trim / dedupe / sort).

pub fn effective_default_provider(&self) -> &str

Return the effective default provider key.

Prefers default_provider_instance when set; falls back to the legacy provider string.

pub fn has_provider_instances(&self) -> bool

Whether provider instances are configured (new multi-instance path).

pub fn hydrate_proxy_auth_from_encrypted(&mut self)

Populate proxy_auth (plaintext) from proxy_auth_encrypted if present.

Many parts of the code rely on proxy_auth being hydrated in-memory so we can re-encrypt deterministically on save without ever persisting plaintext credentials.

pub fn refresh_proxy_auth_encrypted(&mut self) -> Result<(), Error>

Refresh proxy_auth_encrypted from the current in-memory proxy_auth.

This is used both when persisting the config to disk and when generating API responses that should never include plaintext proxy credentials.

pub fn hydrate_provider_api_keys_from_encrypted(&mut self)

pub fn refresh_provider_api_keys_encrypted(&mut self) -> Result<(), Error>

pub fn hydrate_provider_instance_api_keys_from_encrypted(&mut self)

Hydrate plaintext api_key fields on provider instances from their encrypted counterparts.

pub fn refresh_provider_instance_api_keys_encrypted( &mut self, ) -> Result<(), Error>

Re-encrypt all provider instance API keys and write back to api_key_encrypted. Used before persisting to disk.

pub fn hydrate_mcp_secrets_from_encrypted(&mut self)

pub fn refresh_mcp_secrets_encrypted(&mut self) -> Result<(), Error>

pub fn hydrate_env_vars_from_encrypted(&mut self)

Decrypt secret env vars into in-memory plaintext after loading config.

pub fn refresh_env_vars_encrypted(&mut self) -> Result<(), Error>

Re-encrypt secret env vars before persisting to disk.

pub fn sanitize_env_vars_for_disk(&mut self)

Clear plaintext values for secrets before serialization to disk.

pub fn env_vars_as_map(&self) -> HashMap<String, String>

Build a flat map of all env vars with non-empty values (for process injection).

pub fn publish_env_vars(&self)

Update the global env vars cache (called on config load / reload).

pub fn current_env_vars() -> HashMap<String, String>

Read the current env vars snapshot (called by Bash tool at process spawn time).

pub fn current_prompt_safe_env_vars() -> Vec<PromptSafeEnvVarEntry>

Read the current prompt-safe env var snapshot (names + metadata only; no secret values).

pub fn server_addr(&self) -> String

Get the full server address (bind:port)

pub fn save(&self) -> Result<(), Error>

Save configuration to disk

pub fn save_to_dir(&self, data_dir: PathBuf) -> Result<(), Error>

Save configuration to disk under the provided data directory.

Configuration is always stored as {data_dir}/config.json.

Trait Implementations

impl Clone for Config

fn clone(&self) -> Config

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Config

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl Default for Config

fn default() -> Config

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for Config

fn deserialize<__D>( __deserializer: __D, ) -> Result<Config, <__D as Deserializer<'de>>::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for Config

fn serialize<__S>( &self, __serializer: __S, ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.