You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This ticket documents how EngineX stores sessions, checkpoints, and credentials today, whether a database is required, and when (if ever) to add one — based on product design and pilot deployment model.
Executive summary
Question
Answer
Does EngineX use a database today?
No — filesystem JSON under ~/.engine/
Does each client need to provision a DB for EngineX?
Central OAuth vault, user directory, cross-tenant admin
Phase 2 — private repo
High concurrent writers
Many dashboard users / runtimes without shared-volume locking
Phase 2+
Cross-install analytics
Aggregate runs across many clients from one control plane
Phase 2+
Active-active HA
Multiple nodes without shared filesystem
Phase 2+
Large checkpoint audit trails
Search/list at very high volume
Phase 2+ (or S3 for blobs)
Important: Even with Engine Cloud, runtimes in client VPC can keep local JSON cache on disk; the DB is primarily for the control plane (tenants, users, central vault) — not necessarily replacing every runtime's ~/.engine/.
Open question from #4: Postgres vs filesystem for tenant/user storage in MVP — does not affect OSS per-client VPC pilots.
Default for first pilots: Model A or B — JSON on disk is the intended production store.
Operational requirements (no DB)
Clients / DevOps should provide:
Persistent encrypted volume mounted at ~/.engine or ENGINE_HOME
Backup policy — volume snapshots / replication
ENGINE_CREDENTIAL_KEY for encrypted credentials at rest
Separate installs per client and per environment (dev vs prod)
They should not be asked to:
Provision Postgres/MySQL for EngineX platform state
Share one EngineX install across unrelated clients (OSS has no tenant isolation in one install)
FAQ (client / investor)
Q: Do we need a database?
A: No, for standard self-hosted pilots. Persistent disk is sufficient.
Q: Can we use our existing Postgres?
A: Not for EngineX internals. Only if you build an agent that reads/writes your business data.
Q: How is data isolated between clients?
A: Separate deployments and separate ~/.engine volumes — not a shared multi-tenant DB.
Q: Is JSON a temporary hack?
A: No — it's the deliberate OSS design for single-tenant installs. DB is a Phase 2 consideration for SaaS/control plane.
Q: What about compliance / finance reviews?
A: Data stays in client VPC on encrypted volume; no platform DB to audit. See #13 Section 9 Security Checklist.
Deliverables (this ticket)
Documentation
Link this issue from #13 Section 8 Storage & Backup
Add short "Storage" subsection to public README or ARCHITECTURE doc (when docs are published)
Cross-reference #4 — DB scope limited to Phase 2 SaaS, not OSS pilots
Engineering (Phase 1 — no change required)
Filesystem storage works for pilots — no DB implementation needed
Optional: document ENGINE_HOME and volume sizing guidance in deploy case study
Overview
Type: INFO — Platform storage architecture / decision record
Audience: DevOps, client platform teams, sales, engineering
Related: #4 Multi-Tenant Architecture · #13 Client Deployment Case Study
This ticket documents how EngineX stores sessions, checkpoints, and credentials today, whether a database is required, and when (if ever) to add one — based on product design and pilot deployment model.
Executive summary
~/.engine/~/.engine/Sales one-liner: EngineX runs in your cloud; platform state lives on your encrypted disk. We do not ask you to provision a database for EngineX.
Current storage model (OSS)
EngineX persists all platform state as JSON files on disk. There is no Postgres, SQLite, or other DB adapter in the OSS runtime.
state.json~/.engine/agents/<agent>/sessions/<session_id>/*.json+index.json.../checkpoints/.../runtime_logs/~/.engine/credentials/~/.engine/secrets/credential_key~/.engine/configuration.json~/.engine/skills/Code references:
core/engine/storage/concurrent.py—ConcurrentStorage(file-backed)core/engine/storage/session_store.py—state.jsonper sessioncore/engine/storage/checkpoint_store.py— checkpoint JSON + indexcore/engine/credentials/storage.py—EncryptedFileStoragecore/engine/runner/runner.py— default path~/.engine/agents/<agent_name>/Override root with
ENGINE_HOMEor per-runstorage_path. Still files, not a DB.Per-client cloud deployment (why no DB is needed)
Recommended pilot model (Model A/B from #13):
Each client:
~/.engineorENGINE_HOME)Isolation model: separate deployment + separate disk — not row-level multi-tenancy in one database.
Client backup: snapshot or replicate the
~/.enginevolume (see #13 Section 8).Client database vs EngineX storage (common confusion)
~/.engine/on runtime diskEngineX is not designed as: "Client plugs in Postgres and EngineX uses it as the platform store."
EngineX is designed as: "Client runs EngineX in their cloud on a persistent disk; agents may optionally integrate with their business systems."
Examples today:
log_monitor→ Grafana + Slack APIs (not client SQL)hourly_tracking→ mock tools today; real DB integration would be agent-level custom workWhen JSON/files is enough (keep current design)
No DB required for:
This covers Phase 1 pilots and managed single-tenant hosting (you run one VM per client, each with its own volume).
When a database may be needed (future — not blocking pilots)
Consider a DB (or object store) only when moving to:
Important: Even with Engine Cloud, runtimes in client VPC can keep local JSON cache on disk; the DB is primarily for the control plane (tenants, users, central vault) — not necessarily replacing every runtime's
~/.engine/.Open question from #4: Postgres vs filesystem for tenant/user storage in MVP — does not affect OSS per-client VPC pilots.
Deployment models vs storage
~/.engineDefault for first pilots: Model A or B — JSON on disk is the intended production store.
Operational requirements (no DB)
Clients / DevOps should provide:
~/.engineorENGINE_HOMEENGINE_CREDENTIAL_KEYfor encrypted credentials at restThey should not be asked to:
FAQ (client / investor)
Q: Do we need a database?
A: No, for standard self-hosted pilots. Persistent disk is sufficient.
Q: Can we use our existing Postgres?
A: Not for EngineX internals. Only if you build an agent that reads/writes your business data.
Q: How is data isolated between clients?
A: Separate deployments and separate
~/.enginevolumes — not a shared multi-tenant DB.Q: Is JSON a temporary hack?
A: No — it's the deliberate OSS design for single-tenant installs. DB is a Phase 2 consideration for SaaS/control plane.
Q: What about compliance / finance reviews?
A: Data stays in client VPC on encrypted volume; no platform DB to audit. See #13 Section 9 Security Checklist.
Deliverables (this ticket)
Documentation
Engineering (Phase 1 — no change required)
ENGINE_HOMEand volume sizing guidance in deploy case studyEngineering (Phase 2 — only if #4 proceeds)
~/.engineremains file-based with Cloud sync vs full DB migrationDefinition of done (Phase 1)
Out of scope (Phase 1): Building a database storage backend for OSS single-tenant installs.
Decision record version: 2026-06-28