Skip to main content

Environment Variables

Environment variables for the CORE webapp container.
NameRequiredDefaultDescription
Version
VERSIONNo0.1.12CORE version identifier
Secrets
SESSION_SECRETYesSession encryption secret. Run: openssl rand -hex 16
MAGIC_LINK_SECRETYesMagic link encryption secret. Run: openssl rand -hex 16
ENCRYPTION_KEYYesData encryption key. Run: openssl rand -hex 16
Application & Domains
REMIX_APP_PORTNo3033Application port number
APP_ENVNoproductionApplication environment (development, production)
NODE_ENVNoproductionNode.js environment
APP_ORIGINYeshttp://localhost:3033Application origin URL
LOGIN_ORIGINYeshttp://localhost:3033Login origin URL (usually same as APP_ORIGIN)
API_BASE_URLNoAPP_ORIGINAPI base URL
Database - PostgreSQL
DB_HOSTNolocalhostDatabase host (use container name for Docker)
DB_PORTNo5432Database port
POSTGRES_USERYesdockerPostgreSQL username
POSTGRES_PASSWORDYesdockerPostgreSQL password
POSTGRES_DBYescorePostgreSQL database name
DATABASE_URLYespostgresql://docker:docker@postgres:5432/core?schema=corePostgreSQL connection string
DIRECT_URLYesDATABASE_URLDirect DB connection string for migrations
Database - Neo4j (Memory Graph)
NEO4J_URIYesbolt://neo4j:7687Neo4j connection URI
NEO4J_USERNAMEYesneo4jNeo4j username
NEO4J_PASSWORDYesNeo4j password. Run: openssl rand -hex 16
NEO4J_AUTHYesneo4j/passwordNeo4j authentication (username/password format)
Redis
REDIS_HOSTYesredisRedis host (use container name for Docker)
REDIS_PORTYes6379Redis port
REDIS_TLS_DISABLEDNotrueDisable Redis TLS for local development
Authentication
ENABLE_EMAIL_LOGINNotrueEnable email-based authentication
AUTH_GOOGLE_CLIENT_IDNoGoogle OAuth client ID
AUTH_GOOGLE_CLIENT_SECRETNoGoogle OAuth client secret
AI Providers
OPENAI_API_KEYNoOpenAI API key for memory processing
MODELNogpt-4-turbo-2024-04-09Default language model
EMBEDDING_MODELNotext-embedding-3-smallModel for text embeddings
OLLAMA_URLNohttp://ollama:11434Ollama server URL for local models
Background Jobs
QUEUE_PROVIDERNotriggerQueue provider: “trigger” for Trigger.dev or “bullmq” for BullMQ (Redis-based)
TRIGGER_PROJECT_IDConditionalTrigger.dev project identifier (required only when QUEUE_PROVIDER=trigger)
TRIGGER_SECRET_KEYConditionalTrigger.dev authentication secret (required only when QUEUE_PROVIDER=trigger)
TRIGGER_API_URLConditionalhttp://host.docker.internal:8030Trigger.dev API endpoint (required only when QUEUE_PROVIDER=trigger)
TRIGGER_DBNotriggerDatabase name for Trigger.dev
Telemetry
POSTHOG_PROJECT_KEYNophc_SwfGIzzX5gh5bazVWoRxZTBhkr7FwvzArS0NRyGXm1aPostHog project key for usage analytics
TELEMETRY_ENABLEDNotrueEnable (true) or disable (false) telemetry collection
TELEMETRY_ANONYMOUSNofalseSend anonymous telemetry (true) or include user email (false)
Provider Configuration
GRAPH_PROVIDERNoneo4jGraph database provider: “neo4j”, “falkordb”, or “helix”
VECTOR_PROVIDERNopgvectorVector store provider: “pgvector”, “turbopuffer”, or “qdrant”
MODEL_PROVIDERNovercel-aiModel provider abstraction layer
Reranking
RERANK_PROVIDERNononeReranking provider: “cohere”, “ollama”, or “none”
COHERE_API_KEYNoCohere API key (required when RERANK_PROVIDER=cohere)
COHERE_RERANK_MODELNorerank-english-v3.0Cohere reranking model
COHERE_SCORE_THRESHOLDNo0.3Minimum score threshold for Cohere reranking
OLLAMA_RERANK_MODELNodengcao/Qwen3-Reranker-8B:Q4_K_MOllama reranking model
OLLAMA_SCORE_THRESHOLDNo0.3Minimum score threshold for Ollama reranking
Email / SMTP
EMAIL_TRANSPORTNoEmail transport: “smtp” or “resend”
FROM_EMAILNoSender email address
REPLY_TO_EMAILNoReply-to email address
RESEND_API_KEYNoResend API key (required when EMAIL_TRANSPORT=resend)
RESEND_WEBHOOK_SECRETNoResend webhook signing secret
SMTP_HOSTNoSMTP server hostname
SMTP_PORTNoSMTP server port
SMTP_SECURENoUse TLS for SMTP (true/false)
SMTP_USERNoSMTP authentication username
SMTP_PASSWORDNoSMTP authentication password
Channels
SLACK_SIGNING_SECRETNoSlack app signing secret for webhook verification
TWILIO_ACCOUNT_SIDNoTwilio account SID (required for WhatsApp channel)
TWILIO_AUTH_TOKENNoTwilio auth token (required for WhatsApp channel)
TWILIO_WHATSAPP_NUMBERNoTwilio WhatsApp number (e.g. whatsapp:+14155238886)
Other
EXA_API_KEYNoExa API key for web search capabilities

Security Considerations

Required Secrets

These secrets must be generated and kept secure: 
# Generate secure random secrets
openssl rand -hex 16  # For SESSION_SECRET
openssl rand -hex 16  # For MAGIC_LINK_SECRET  
openssl rand -hex 16  # For ENCRYPTION_KEY
openssl rand -hex 16  # For NEO4J_PASSWORD

Production Recommendations

  • Change all default passwords before deploying to production
  • Use environment-specific secrets - never reuse secrets across environments
  • Store secrets securely - use a secrets manager in production
  • Enable TLS for all database connections in production
  • Restrict CORS origins to your actual domains
  • Use strong authentication - configure OAuth providers for production use

Docker Compose Networks

When using Docker Compose, service names are used as hostnames:
  • postgres for PostgreSQL
  • neo4j for Neo4j
  • redis for Redis
  • ollama for Ollama (if using local models)
For external services (like Trigger.dev), use host.docker.internal to access services running on the host machine.