The “gateway” is the one Go binary you install as
qorven. It’s the HTTP API, the WebSocket hub, the agent loop, the scheduler, the dreamer, and the embedded web UI — all in one process.Lifecycle
Start
qorven start or systemctl start qorven. Binds to the configured ports, connects to Postgres, applies migrations, ready.Status
qorven status: uptime, version, connected clients, active Qors, DB health.Reload config
kill -HUP $(pgrep qorven) — reloads config.toml without dropping connections. Most keys are hot-reloadable; some (listen addresses, encryption key) need a restart.Stop
qorven gateway stop. Graceful: drains WebSockets, cancels in-flight requests, then exits.What happens at boot
Config load
Reads
config.toml. Env vars override. Validates — missing keys or invalid values fail loud.Database connect
Connects to Postgres, checks pgvector extension is present, runs any pending migrations.
Provider registry
Loads provider keys from config.toml AND
provider_keys in the DB. Keys from the DB override config for the same provider.Agent loop
Initialises the loop with hooks: logging, metrics, budget, knowledge, plan-mode, auto-compact, permission.
Configuration
config.toml reference
Every key, what it does, safe defaults.
API vs Web listen
Two ports or one — when and why.
TLS modes
auto (local CA), acme (Let’s Encrypt), custom (BYO cert), off.
Rate limits
IP, tenant, channel, provider.
SSRF allowlist
Controls which hosts
web_fetch can reach.Auth middleware
Tokens, sessions, refresh flow.
Multi-tenant RLS
Postgres row-level security enforcement.
Audit log
Schema + retention.
Runtime
systemd
The unit file, hardening flags, journalctl.
Docker
Single-container deploy with compose.
Reverse proxy
Nginx / Caddy / Traefik in front.
Backup & restore
What to back up, how to restore.
Logging
Where logs go, how to ship them.
Migrations
Schema changes, rollback, zero-downtime.
Where next
config.toml reference
Your primary config file.
Health endpoints
/health, /livez, /readyz — what each means.