Deployment

Deploy Edictum

Two paths to production. Start with the library. Add the console when you need fleet visibility.

Core Library

Zero Infrastructure

pip install edictum
3 lines of code
Zero runtime dependencies
Works offline, no server needed

Best for: single agent, local development, CI/CD pipelines

pip install edictum

Console

Full Visibility

docker compose up
Fleet monitoring, human-in-the-loop approvals, audit feed
PostgreSQL + Redis
Self-hosted on your infrastructure (FSL-1.0-Apache-2.0)

Best for: production fleets, compliance requirements, team visibility

Deploy Console

Architecture

Data flow

Agent

AI Agent

tool call

Enforcement

Edictum Library

verdict

Execution

Tool

optional

Operations

Edictum Console API

PostgreSQL

Redis

SSE push

Dashboard / Slack / Telegram

Agent / Tool

Edictum

Console

Storage

Quick start

Console in five commands

terminalbash

# Clone the console
git clone https://github.com/edictum-ai/edictum-console.git
cd edictum-console

# Start services (Postgres + Redis + Console)
docker compose up -d

# Open the setup wizard in your browser
open http://localhost:8000

# Verify
curl http://localhost:8000/health

response200 OK

{
  "status": "healthy",
  "version": "0.1.0",
  "uptime": 12.4,
  "db": "connected",
  "redis": "connected"
}

Graceful degradation.

Never silent failure.

Scenario	Behavior	Agent Impact
Console unreachable	Fall back to local cache	None if cached
Local cache empty	Fall back to embedded YAML	Reduced coverage
No contracts at all	Deny-all (fail-closed)	All calls blocked
Redis down	Postgres-only mode	SSE delayed
Postgres down	Local-only enforcement	No persistence
Malformed contract pushed	Reject, keep previous	No impact
Invalid contract version	Reject + alert	No impact
Network partition	Local enforcement continues	Full coverage

Observability

Built-in telemetry

OpenTelemetry

Every verdict emits a span with tool name, verdict, contract ID, and latency.

Grafana

Pre-built dashboard JSON available in the edictum-demo repo.

Health check

GET /health returns status, version, uptime, db, and redis.

Structured logs

JSON format, configurable log level.

Notifications

Slack, Telegram, Discord, email, and webhook channels for alerts. Microsoft Teams coming soon.

Splunk

Audit event sink for Splunk. Coming soon.

Configuration

Environment variables

Variable	Required	Description
`DATABASE_URL`	Yes	PostgreSQL connection string
`REDIS_URL`	Yes	Redis connection string
`SECRET_KEY`	Yes	JWT signing key (generate with openssl rand -hex 32)
`EDICTUM_DEFAULT_MODE`	No	Default enforcement mode: enforce or audit (default: enforce)
`EDICTUM_LOG_LEVEL`	No	debug, info, warning, error (default: info)
`EDICTUM_CORS_ORIGINS`	No	Comma-separated allowed origins
`EDICTUM_RATE_LIMIT`	No	Requests per minute per IP (default: 60)

Hosting

Deployment options

Recommended

Docker Compose

Full stack, single command, production-ready.

Railway

One-click deploy template available.

Render

Free tier available. Works with managed PostgreSQL.

Start enforcing contracts today.

pip install edictum

Read the Docs Security Model