Configuration
Jinn reads ~/.jinn/config.yaml. The gateway watches this file and reloads supported runtime configuration after an atomic save.
This minimal public-safe example follows the seeded schema:
jinn: version: "0.26.0"
gateway: port: 7777 host: "127.0.0.1"
engines: default: claude claude: bin: claude model: opus effortLevel: medium codex: bin: codex model: gpt-5.5
connectors: {}portal: {}
logging: file: true stdout: true level: infoTop-level blocks
Section titled “Top-level blocks”jinn.versionis the instance migration marker. Change it throughjinn migrate, not as an upgrade shortcut.gatewayrequiresportandhost. Optional fields includestreaming, file-operation safety switches, authentication switches, anduserHeaderfor a trusted auth proxy.enginesrequiresdefaultand aclaudemapping. Claude and Codex acceptbin,model, optionaleffortLevel, and optional child-effort overrides. Antigravity, Grok, Pi, and Hermes are optional engine mappings.modelsis an optional registry used by selectors and validation. Each engine entry can declare a default, effort mechanism, hidden models, and model capability records.connectorscan contain Slack, Telegram, Discord, WhatsApp, orinstancesfor multiple named connectors.loggingselects file/stdout output and the log level.mcpconfigures built-in browser/search/fetch entries, the Jinn company toolset, and custom stdio or URL servers.sessionssupportsinterruptOnNewMessage, lateral relay hop limits, and Claude rate-limit strategy. The schema also containsmaxDurationMinutesandmaxCostUsd, but current runtime code does not enforce those two fields; do not rely on them as caps.cronconfigures default delivery and slow/failure alert routing. Jobs themselves live incron/jobs.json.portal,context,stt,talk,notifications, andremoteshold UI identity, prompt budget, local speech recognition, Talk voice settings, admin delivery, and remote gateway entries.
Authentication safety
Section titled “Authentication safety”Loopback is the default. Binding a network address enables authentication unless explicitly overridden. Jinn refuses authDisabled: true on a network bind unless insecureAllowUnauthenticatedNetwork: true is also set.
gateway: host: "0.0.0.0" port: 7777 authRequired: trueDo not commit bearer tokens or connector credentials. The gateway token is generated into gateway.json; connector secrets may be stored in local config, and API reads redact configured secret fields.
Validation limits
Section titled “Validation limits”Startup validation is intentionally lightweight: it checks only shapes that would crash the gateway, such as the gateway mapping, numeric port, string host, and required engine mappings. A valid YAML file can still contain an unavailable engine or unusable credential. Confirm behavior with jinn status, the dashboard, and a real session.