Skip to main content

Environment Variables

Set all environment variables in deploy/.env. Required variables must be set before starting services.

Core

VariableRequiredDescription
AISER_EDITIONRequiredSet to enterprise
LICENSE_KEYRequiredEE license key from aicser.com
SECRET_KEYRequiredApp secret. Generate: openssl rand -hex 32
ENCRYPTION_KEYRequiredFernet key for credential encryption. Generate: python3 -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
ENVIRONMENTOptionalDefault: production. Set to development for debug logging

Database (PostgreSQL)

VariableRequiredDefaultDescription
POSTGRES_USERRequiredaiserPostgreSQL username
POSTGRES_PASSWORDRequiredPostgreSQL password
POSTGRES_DBRequiredaiserPostgreSQL database name
POSTGRES_SERVEROptionalpostgresHost — use Docker service name
POSTGRES_PORTOptional5432PostgreSQL port

ClickHouse

VariableRequiredDefaultDescription
CLICKHOUSE_DBOptionalaiser_warehouseClickHouse database name
CLICKHOUSE_USEROptionalaiserClickHouse username
CLICKHOUSE_PASSWORDOptionalaiser_warehouse_passwordClickHouse password
CLICKHOUSE_HOSTOptionalclickhouseHost — use Docker service name
CLICKHOUSE_PORTOptional8123ClickHouse HTTP port

Redis

VariableRequiredDefaultDescription
REDIS_URLOptionalredis://redis:6379Full Redis connection URL
REDIS_HOSTOptionalredisRedis host
REDIS_PORTOptional6379Redis port

AI (Azure OpenAI)

VariableRequiredDescription
AZURE_OPENAI_API_KEYRequired for AIAzure OpenAI API key
AZURE_OPENAI_ENDPOINTRequired for AIEndpoint URL (must end with /)
AZURE_OPENAI_API_VERSIONRequired for AIAPI version, e.g. 2024-02-15-preview
AZURE_OPENAI_DEPLOYMENT_NAMERequired for AIPrimary model deployment name
AZURE_OPENAI_GPT41_API_KEYOptionalSecondary model API key
AZURE_OPENAI_GPT41_ENDPOINTOptionalSecondary model endpoint
AZURE_OPENAI_GPT41_API_VERSIONOptionalSecondary model API version
AZURE_OPENAI_GPT41_DEPLOYMENT_NAMEOptionalSecondary model deployment name. Default: gpt-4.1-mini

Authentication

VariableRequiredDefaultDescription
JWT_SECRET_KEYOptionalJWT signing secret (overrides SECRET_KEY for JWT)
JWT_ALGORITHMOptionalHS256JWT algorithm
JWT_EXPIRY_SECONDSOptional604800Token expiry in seconds (default 7 days)
SUPABASE_URLOptionalSupabase project URL
SUPABASE_SERVICE_ROLE_KEYOptionalSupabase service role key
KEYCLOAK_URLOptionalKeycloak server URL
KEYCLOAK_REALMOptionalKeycloak realm name
KEYCLOAK_CLIENT_IDOptionalKeycloak client ID

Storage

VariableRequiredDefaultDescription
STORAGE_BACKENDOptional(local)Set to s3 or azure for external storage
S3_PROVIDEROptionalawsS3 provider: aws, minio, cloudflare
S3_ENDPOINT_URLOptionalEndpoint URL for non-AWS S3 providers
S3_ACCESS_KEY_IDOptionalS3 access key
S3_SECRET_ACCESS_KEYOptionalS3 secret key
S3_BUCKET_NAMEOptionalS3 bucket name
S3_REGIONOptionalus-east-1S3 region
AZURE_STORAGE_ACCOUNTOptionalAzure storage account name
AZURE_STORAGE_CONTAINEROptionalAzure Blob container name
AZURE_CLIENT_IDOptionalAzure service principal client ID
AZURE_CLIENT_SECRETOptionalAzure service principal secret
AZURE_TENANT_IDOptionalAzure tenant ID

Notifications

VariableRequiredDefaultDescription
TELEGRAM_BOT_TOKENOptionalTelegram bot token from @BotFather
TELEGRAM_BOT_USERNAMEOptionalTelegram bot username
TELEGRAM_WEBHOOK_URLOptionalPublic URL for Telegram webhook

Client build args

These are Docker build arguments in docker-compose.ee.yml, not runtime env vars:

VariableDefaultDescription
NEXT_PUBLIC_API_URLhttp://localhost:8001Public URL of the API server
NEXT_PUBLIC_SUPABASE_URLSupabase project URL (client-side)
NEXT_PUBLIC_SUPABASE_ANON_KEYSupabase anon key (client-side)
NEXT_PUBLIC_KEYCLOAK_URLKeycloak URL (client-side)
NEXT_PUBLIC_KEYCLOAK_REALMKeycloak realm (client-side)
NEXT_PUBLIC_KEYCLOAK_CLIENT_IDKeycloak client ID (client-side)