Complete reference for all environment variables required by the server and client.
.env)| Variable | Required | Description |
|---|---|---|
OPENAI_API_KEY | ✅ | OpenAI API key for GPT-4o, GPT-4o-mini, and embeddings |
SUPABASE_API_URL | ✅ | Supabase REST API URL |
SUPABASE_API_KEY | ✅ | Supabase anon or service role key |
SUPABASE_DATABASE_CONNECTION_STRING | ✅ | PostgreSQL connection string for direct DB access |
REDIS_URL | ✅ | Redis connection URL (e.g., redis://localhost:6379/0) |
CLERK_SECRET_KEY | ✅ | Clerk backend secret key for JWT verification |
CLERK_WEBHOOK_SECRET | ✅ | Secret for verifying Clerk webhook payloads |
AWS_ACCESS_KEY_ID | ✅ | AWS IAM access key for S3 |
AWS_SECRET_ACCESS_KEY | ✅ | AWS IAM secret key for S3 |
AWS_BUCKET_NAME | ✅ | S3 bucket name for file storage |
AWS_REGION | ✅ | AWS region for S3 bucket |
DOMAIN | ✅ | Frontend domain for CORS (e.g., https://opentrace.online) |
TAVILY_API_KEY | ⬜ | Tavily API key for web search (optional, falls back to DuckDuckGo) |
SCRAPINGBEE_API_KEY | ⬜ | ScrapingBee API key for URL crawling (required for URL ingestion) |
.env.local)| Variable | Required | Description |
|---|---|---|
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY | ✅ | Clerk frontend publishable key |
CLERK_SECRET_KEY | ✅ | Clerk backend secret (for server-side auth in Next.js) |
NEXT_PUBLIC_API_URL | ✅ | Backend API URL (e.g., http://localhost:8000) |
Never commit .env or .env.local files to version control. They contain sensitive API keys and secrets.
When running via Docker Compose, certain variables are overridden:
| Variable | Docker Override |
|---|---|
REDIS_URL | redis://redis:6379/0 (container network) |
SUPABASE_API_URL | http://host.docker.internal:54321 |
SUPABASE_DATABASE_CONNECTION_STRING | postgresql://postgres:postgres@host.docker.internal:54322/postgres |
DOMAIN | http://localhost:3000 |