Environment variables
Use .env.example as the canonical list of supported environment variables.
Web (selected)
Section titled “Web (selected)”NEXT_PUBLIC_API_BASE_URL: base URL for the backend (e.g.http://localhost:8000).NEXT_PUBLIC_GIT_SHA: optional build/version label shown in the sidebar.NEXT_PUBLIC_API_AUTH_TOKEN: optional token used for API calls in non-Clerk modes.NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY: Clerk config for authentication.
API (selected)
Section titled “API (selected)”DATABASE_URL: Postgres connection string for durable v2 endpoints.STORAGE_ROOT: filesystem root for uploads/artefacts.CORS_ORIGINS: allowed origins for the API.ALLOWED_EMAIL_DOMAINS: login/domain whitelist.API_KEY_PEPPER: HMAC pepper for hashing API keys at rest.ALLOW_INSECURE_AUTH: dev escape hatch; do not enable in production.
LLM (Agent + reports)
Section titled “LLM (Agent + reports)”OPENAI_API_KEYLLM_PROVIDER,LLM_MODELLLM_TEMPERATURE,LLM_MAX_TOKENS,LLM_REASONING_EFFORT
TODO: Add a production checklist for configuring env vars via systemd.