Configuration

Tuochat is configured through a TOML file, environment variables, and command-line flags. Settings are applied in this order (later wins):

Built-in defaults
Config file
Environment variables
Command-line flags

Config file location

Platform	Default path
Linux	`~/.config/tuochat/config.toml`
macOS	`~/Library/Application Support/tuochat/config.toml`
Windows	`%APPDATA%\tuochat\config.toml`

Override the location with --config PATH or the TUOCHAT_CONFIG environment variable.

Create a starter file with:

tuochat init

View the currently active configuration:

tuochat config
tuochat config json

Environment variables

Variable	Purpose
`TUOCHAT_CONFIG`	Path to config file
`TUOCHAT_CONFIG_DIR`	Override config directory
`TUOCHAT_DATA_DIR`	Override data directory
`TUOCHAT_GITLAB_HOST`	GitLab server URL
`TUOCHAT_GITLAB_TOKEN`	GitLab token
`TUOCHAT_GITLAB_TOKEN_TYPE`	`pat` (default) or `oauth`
`TUOCHAT_OAUTH_APP_ID`	OAuth client/application ID used by `tuochat auth login`
`TUOCHAT_OAUTH_SECRET`	OAuth client secret used by `tuochat auth login`
`TUOCHAT_OAUTH_REDIRECT`	OAuth loopback redirect URI
`TUOCHAT_JIRA_HOST`	Jira host URL
`TUOCHAT_JIRA_DEPLOYMENT`	Jira deployment type: `cloud` or `server`
`TUOCHAT_JIRA_EMAIL`	Jira email for cloud auth
`TUOCHAT_JIRA_TOKEN`	Jira API token
`TUOCHAT_JIRA_PROJECT`	Last-used Jira project key
`XDG_CONFIG_HOME`	XDG base config dir (Linux)
`XDG_DATA_HOME`	XDG base data dir (Linux)

Storing your token in an environment variable is recommended over putting it in the config file, especially on shared machines.

Full config reference

This page focuses on user-facing settings. Setup-managed internal state such as setup_version and chat.tutorial_completed is intentionally omitted.

`[gitlab]`

[gitlab]
host = "https://gitlab.com"
token = "glpat-..."
token_type = "pat"
user_agent = "tuochat/0.8.0"

`[chat]`

[chat]
platform_origin = "tuochat"
default_resource_id = ""

timeout = 120
websocket_welcome_timeout = 20
websocket_subscription_timeout = 20
streaming = true

mask_output = true
dot_timer = false
quiet = false
no_banner = false
blind = false

response_footer_warning_enabled = false
response_footer_warning_text = "Responses may be inaccurate. Verify before use."

generated_file_header_enabled = true
generated_file_header_text = "Generated by Duo {date}. Apply appropriate review to LLM code before use."
safety_check_extension_for_executable_files = true

max_request_chars = 32000
context_window_tokens = 200000
conversation_expiration_days = 0
no_write = false

Notes:

default_resource_id pre-sets the GitLab project/group scope for new conversations.
response_footer_warning_* adds an extra caution line after responses.
generated_file_header_* controls the review header added to extracted files.
/write-here-mode and /approve-writes are currently session toggles exposed through slash commands and GUI buttons. They are not loaded from config.toml.

`[notifications]`

[notifications]
long_request_bell_enabled = true
long_request_bell_seconds = 20

`[personalization]`

[personalization]
enabled = false
name = ""
profession = ""

`[classification]`

[classification]
enabled = false
ask_per_conversation = true
organizations = []
markings = []
max_markings = []

`[records]`

Records settings add retention metadata to saved transcript headers. They do not auto-delete files.

[records]
retention_years = 0
retention_label = ""

`[warn_words]`

[warn_words]
enabled = false
phrases = []

`[picker]`

Interactive list pickers used by commands like /resume, /search, /model, /skill, and /template are configurable:

[picker]
mode = "auto"
list_threshold = 8
prefilter_threshold = 20
page_size = 10

When blind mode is enabled, picker.mode = "auto" is promoted to paged automatically.

`[features]`

[features]
startup_audit = false

`[security]`

[security]
audit_enabled = true

The startup dependency audit only runs when both of the following are true:

features.startup_audit = true
security.audit_enabled = true

It also requires the optional selfcheck extra so pip-audit is available in the environment.

`[web_attach]`

Controls the /web and /web-preview commands.

[web_attach]
enabled = true
https_only = true
public_ip_only = true
tls13_only = false
allowed_ports = [80, 443]
timeout_seconds = 20
max_response_bytes = 2000000
max_attachment_chars = 40000
preview_chars = 4000
engine_order = ["readability", "html2text"]
follow_redirects = true
max_redirects = 5

public_ip_only = true is the default safety posture: loopback, private, multicast, and other non-public addresses are rejected.

`[jira]`

Jira support is optional and requires the jira extra.

[jira]
host = "https://yourcompany.atlassian.net"
deployment = "cloud"
email = "you@example.com"
token = ""
project = ""

For Jira Cloud, email and token are both required.

`[gui]`

[gui]
font_family = ""
font_size = 0
theme = "system"

Built-in themes include system, light, dark, green_terminal, amber_terminal, solarized, and hot_dog_stand.

Checking your configuration

tuochat doctor
tuochat config json

doctor includes the environment-variable snapshot that older docs described as a separate env command.