env vars - nself-org/nchat GitHub Wiki
nself-chat (nchat) β Self-hosted messaging platform
This page documents all environment variables used by the nchat frontend, backend, and CI.
| Variable | Required | Default | Description |
|---|---|---|---|
NEXT_PUBLIC_HASURA_GRAPHQL_URL |
Yes | β | Hasura GraphQL endpoint URL |
NEXT_PUBLIC_NHOST_SUBDOMAIN |
Yes | β | Nhost subdomain for Auth/Storage |
NEXT_PUBLIC_NHOST_REGION |
Yes | β | Nhost region |
NEXT_PUBLIC_USE_DEV_AUTH |
No | false |
Enable FauxAuth (dev only) |
NEXT_PUBLIC_ENV |
No | development |
Environment tag (development, staging, production) |
NEXT_PUBLIC_LIVEKIT_URL |
No | β | LiveKit server URL (enables voice/video; requires Ι³Chat bundle) |
NEXT_PUBLIC_AI_ENABLED |
No | false |
Enable AI assistant features (requires Ι³Chat bundle) |
HASURA_ADMIN_SECRET |
CI only | β | Hasura admin secret (build gate check; never exposed to browser) |
| Variable | Required | Default | Description |
|---|---|---|---|
POSTGRES_PASSWORD |
Yes | β | PostgreSQL root password |
HASURA_GRAPHQL_ADMIN_SECRET |
Yes | β | Hasura admin secret |
HASURA_GRAPHQL_JWT_SECRET |
Yes | β | JWT signing secret for Hasura |
NHOST_JWT_SECRET |
Yes | β | Nhost JWT secret |
NHOST_WEBHOOK_SECRET |
Yes | β | Nhost webhook validation secret |
SMTP_HOST |
No | β | SMTP server for transactional email |
SMTP_PORT |
No | 587 |
SMTP port |
SMTP_USER |
No | β | SMTP username |
SMTP_PASS |
No | β | SMTP password |
MINIO_ROOT_USER |
No | β | MinIO root user (object storage) |
MINIO_ROOT_PASSWORD |
No | β | MinIO root password |
LIVEKIT_API_KEY |
No | β | LiveKit API key (Ι³Chat bundle) |
LIVEKIT_API_SECRET |
No | β | LiveKit API secret (Ι³Chat bundle) |
STRIPE_API_KEY |
No | β | Stripe API key (use test key for dev/staging) |
STRIPE_WEBHOOK_SECRET |
No | β | Stripe webhook signing secret |
| Secret | Used by | Description |
|---|---|---|
HASURA_ADMIN_SECRET |
Build, Lighthouse CI | Passes Next.js build gate; no real DB access in CI |
CODECOV_TOKEN |
Unit Tests | Coverage upload to Codecov |
LHCI_GITHUB_APP_TOKEN |
Lighthouse CI | GitHub App token for LHCI status |
TAURI_SIGNING_PRIVATE_KEY |
Desktop Linux | Signs Tauri app bundles |
TAURI_SIGNING_PRIVATE_KEY_PASSWORD |
Desktop Linux | Password for Tauri signing key |
HETZNER_S3_ACCESS_KEY |
Desktop Linux | Hetzner Object Storage access (updater feed) |
HETZNER_S3_SECRET_KEY |
Desktop Linux | Hetzner Object Storage secret |
.env.dev β .env.local β .env.secrets β .env
.env.local and .env.secrets are gitignored. Never commit real secrets.
See backend/.env.example for a full template with all variables documented.