Proxy Policy
Proxy policy lives at /etc/q15/proxy/policy.yaml. It defines which secrets to inject into which requests, and how requests are mutated. The proxy gives the agent broad internet access by default — unmatched hosts pass through untouched. Its purpose is credential injection, not access enforcement.
Full example
Section titled “Full example”proxy: no_proxy: - localhost - 127.0.0.1 - ::1 - q15-proxy - q15-exec set_lowercase_proxy_env: true secrets: - github_token rules: - name: github-api match_hosts: - api.github.com env: - name: GH_TOKEN secret: github_token rules: - github-api in: - headerStructure
Section titled “Structure”| Section | Purpose |
|---|---|
proxy.no_proxy |
Hosts that bypass the proxy (internal services, localhost) |
proxy.set_lowercase_proxy_env |
Normalize proxy env vars to lowercase |
proxy.secrets |
List of secret aliases available for injection |
proxy.rules |
Host-matching rules (by name, for reference in env) |
proxy.env |
Environment variable injections — name, secret source, applicable rules, and where to inject (header, env) |
Secret resolution
Section titled “Secret resolution”Secret aliases resolve from either the uppercased alias name as an environment variable, or its _FILE companion:
| Alias | Env var | File variant |
|---|---|---|
github_token |
GITHUB_TOKEN |
GITHUB_TOKEN_FILE |
Secrets never appear in the policy file itself. They are resolved at runtime from the deployment environment.
Design principle
Section titled “Design principle”The proxy keeps a narrow focus: credential injection and request mutation. It does not own agent identity, model selection, or file operations. Those belong to the agent.