Advanced Configuration

Fine-tune your CLI experience with environment overrides and exploring the Sovereign security model.

Environment Overrides

For headless CI/CD pipelines or automated scripts, Knaix supports standard environment variables. These bypass the local config file entirely.

KNAIX_TOKEN
Provide your Kovalent Bearer Token directly. Ideal for GitHub Actions or GitLab CI.

KNAIX_API_URL
Override the default production endpoint (e.g. for local development or private VPC proxies).

Sovereign Config Path

Knaix stores its persistent state in ~/.knaix/config.json. Starting in **v0.3.0**, the CLI enforces strict security and reliability patterns:

0o600 Hardening
The CLI automatically sets file permissions to Owner-only. If the config is compromised locally, other users cannot read your tokens.

Atomic Saves
Config updates use the "Write-Sync-Rename" loop. This prevents JSON corruption during system crashes or power failures.

{
  "token": "eyJhbGciOiJIUzI1...",
  "username": "diego",
  "api_url": "https://api.kovalentai.com",
  "default_node_id": "claude-ai-alpha"
}

Performance & Connection Pooling

Knaix is designed for high-concurrency workloads. Every command utilizes a shared **KnaixContext** which warms and Maintains a pool of persistent TLS connections.

Latency Optimization

By reusing TLS sessions and TCP connections, Knaix reduces command overhead by up to 150ms. This is critical for real-time streaming in the REPL session.

Identity-First Security

Knaix uses the PKCE flow for secure OAuth2 authentication. Your organization's identity (Okta, Azure AD, etc.) is verified by the Kovalent Identity Center before any mesh access is granted.

Sovereign AI for Enterprise

For custom VPC deployments or air-gapped installation guides, contact support@kovalentai.com