# Application Settings APP_VERSION=1.0.0 APP_NAME=sebastian APP_HOST=0.0.0.0 APP_PORT=3000 APP_EDITION=community # Options: community, enterprise NEXT_PUBLIC_EDITION=community # Options: community, enterprise APP_VERIFY_EMAIL=false APP_ENV=production NODE_ENV=production # Container Image Selection (auto-populated by scripts/set-image-tag.sh) ALGA_IMAGE_TAG=latest NEXTAUTH_SECRET=dummy # Login Captcha (optional, Cloudflare Turnstile) # When both keys are set, sign-in requires a captcha after repeated failed # attempts. Can also be provided via the secret provider as captcha_site_key / # captcha_secret_key. Leave unset to rely on rate limiting alone. # CAPTCHA_SITE_KEY= # CAPTCHA_SECRET_KEY= # Redis Configuration REDIS_HOST=redis REDIS_PORT=6379 # REDIS_PASSWORD is managed via Docker secrets # Database Configuration DB_TYPE=postgres # Required: Must be "postgres" DB_HOST=postgres DB_PORT=5432 DB_NAME=server DB_NAME_SERVER=server DB_NAME_HOCUSPOCUS=hocuspocus # Database Users: # 1. Admin User (postgres): # - Username: postgres (fixed) # - Used for: Database administration, setup, migrations # - Password: Managed via postgres_password secret # - Has full database access POSTGRES_USER=postgres DB_USER_ADMIN=postgres # Required: Admin user for database operations DB_PASSWORD_ADMIN=/run/secrets/postgres_password # Required: Path to admin password secret DB_PASSWORD_SUPERUSER=/run/secrets/postgres_password # Required: Path to superuser password secret DB_PASSWORD_SERVER=/run/secrets/db_password_server # Required: Path to server password secret # 2. Application User (app_user): # - Username: app_user (fixed) # - Used for: Application database access # - Password: Managed via db_password_server secret # - Access controlled by Row Level Security (RLS) DB_USER_SERVER=app_user # 3. Hocuspocus User: # - Username: hocuspocus_user # - Used for: Hocuspocus service database access # - Password: Managed via db_password_hocuspocus secret # - Scoped to the dedicated Hocuspocus database DB_USER_HOCUSPOCUS=hocuspocus_user # Logging Configuration LOG_LEVEL=INFO # Required: One of 'SYSTEM' | 'TRACE' | 'DEBUG' | 'INFO' | 'WARNING' | 'ERROR' | 'CRITICAL' LOG_IS_FORMAT_JSON=false # Required: Boolean LOG_IS_FULL_DETAILS=false # Required: Boolean LOG_ENABLED_FILE_LOGGING=false LOG_DIR_PATH=/path/to/logs LOG_ENABLED_EXTERNAL_LOGGING=false LOG_EXTERNAL_HTTP_HOST= LOG_EXTERNAL_HTTP_PORT= # Secret Provider Configuration # For local dev environments, use env and filesystem only (no vault) SECRET_READ_CHAIN=env,filesystem SECRET_WRITE_PROVIDER=filesystem # Runner Configuration RUNNER_BACKEND=knative RUNNER_BASE_URL=http://runner:8080 # Optional override when using the Docker backend locally RUNNER_DOCKER_HOST=http://localhost:8085 # Accepts absolute URLs or relative paths (e.g., /runner when proxying via Next.js) RUNNER_PUBLIC_BASE=https://runner.example.com RUNNER_SERVICE_TOKEN= LOG_EXTERNAL_HTTP_PATH= LOG_EXTERNAL_HTTP_LEVEL= LOG_EXTERNAL_HTTP_TOKEN= # Hocuspocus Configuration HOCUSPOCUS_PORT=1234 # Browser-facing WebSocket URL for in-app notifications and collaborative editing. # Must be NEXT_PUBLIC_* — this is read by client code and baked in at build time. # In production (non-localhost) the client auto-derives wss:///hocuspocus, # and your reverse proxy must route /hocuspocus to the hocuspocus container on # port 1234 with WebSocket upgrade headers (see docs/getting-started/setup_guide.md). NEXT_PUBLIC_HOCUSPOCUS_URL=ws://localhost:1234 # nm-store Integration (for license management) NM_STORE_URL=http://localhost:3000 # URL of nm-store service TEMPORAL_WEBHOOK_SECRET=your-shared-secret-here # Shared secret for Temporal callbacks ALGA_WEBHOOK_SECRET=your-shared-secret-here # Shared secret for webhook authentication REQUIRE_HOCUSPOCUS=false # Optional: Set to "true" to require hocuspocus # Job Runner Configuration # The job runner type: 'pgboss' (default for CE) or 'temporal' (EE only) JOB_RUNNER_TYPE=pgboss # Whether to fall back to PG Boss if Temporal is unavailable (EE only, default: true) JOB_RUNNER_FALLBACK_TO_PGBOSS=true # App-wide Search # Default false for rollout safety. Set true after the search backfill has completed # so event-bus subscribers begin writing incremental updates to app_search_index. SEARCH_INDEX_LIVE=false # Temporal Configuration (EE only - for job runner) # Address of the Temporal server TEMPORAL_ADDRESS=temporal-frontend.temporal.svc.cluster.local:7233 # Temporal namespace TEMPORAL_NAMESPACE=default # Task queue for generic jobs (separate from workflow-specific queues) TEMPORAL_JOB_TASK_QUEUE=alga-jobs # Stripe Integration (for license purchasing) # Get keys from: Stripe Dashboard → Developers → API keys STRIPE_SECRET_KEY=sk_test_your_secret_key_here NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_your_publishable_key_here STRIPE_WEBHOOK_SECRET=whsec_your_webhook_secret_here # Master billing tenant (Nine Minds organization) MASTER_BILLING_TENANT_ID=your-nine-minds-tenant-uuid-here # Product/Price IDs (create in Stripe Dashboard → Products) # Pro uses a single per-seat recurring price. Quantity equals licensed users. STRIPE_PRO_PRICE_ID=price_pro_per_seat_here # STRIPE_SOLO_BASE_PRICE_ID=price_solo_base_here # Premium uses multi-item subscriptions (base fee + per-user). # STRIPE_PREMIUM_BASE_PRICE_ID=price_premium_base_here # STRIPE_PREMIUM_USER_PRICE_ID=price_premium_per_user_here # Annual prices # STRIPE_PRO_ANNUAL_PRICE_ID=price_pro_per_seat_annual_here # STRIPE_SOLO_BASE_ANNUAL_PRICE_ID=price_solo_base_annual_here # STRIPE_PREMIUM_BASE_ANNUAL_PRICE_ID=price_premium_base_annual_here # STRIPE_PREMIUM_USER_ANNUAL_PRICE_ID=price_premium_per_user_annual_here # Add-on prices # STRIPE_AI_ADDON_PRICE_ID=price_ai_addon_here # STRIPE_AI_ADDON_ANNUAL_PRICE_ID=price_ai_addon_annual_here # STRIPE_TEAMS_ADDON_PRICE_ID=price_teams_addon_here # STRIPE_TEAMS_ADDON_ANNUAL_PRICE_ID=price_teams_addon_annual_here # STRIPE_ENTERPRISE_ADDON_PRICE_ID=price_enterprise_addon_here # STRIPE_ENTERPRISE_ADDON_ANNUAL_PRICE_ID=price_enterprise_addon_annual_here # Early adopters prices (grandfathered customers migrated from preview) # STRIPE_EARLY_ADOPTERS_BASE_PRICE_ID=price_early_adopters_base_here # STRIPE_EARLY_ADOPTERS_USER_PRICE_ID=price_early_adopters_per_user_here # STRIPE_EARLY_ADOPTERS_BASE_ANNUAL_PRICE_ID=price_early_adopters_base_annual_here # STRIPE_EARLY_ADOPTERS_USER_ANNUAL_PRICE_ID=price_early_adopters_per_user_annual_here # AlgaDesk prices (per-user only, no base fee — tenants with product_code='algadesk') # STRIPE_ALGADESK_USER_PRICE_ID=price_algadesk_per_user_here # STRIPE_ALGADESK_USER_ANNUAL_PRICE_ID=price_algadesk_per_user_annual_here # Email Configuration EMAIL_ENABLE=false # Required: Boolean EMAIL_FROM=noreply@example.com # Required: Valid email address EMAIL_HOST=smtp.example.com EMAIL_PORT=587 # Required: Number greater than 0 EMAIL_USERNAME=noreply@example.com # Required: Valid email address # EMAIL_PASSWORD is managed via Docker secrets # Cryptographic Settings # CRYPTO_KEY is managed via Docker secrets CRYPTO_SALT_BYTES=16 CRYPTO_ITERATION=100000 CRYPTO_KEY_LENGTH=64 CRYPTO_ALGORITHM=aes-256-gcm # Authentication Settings NEXTAUTH_URL=http://localhost:3000 # Required: Valid URL NEXTAUTH_SESSION_EXPIRES=86400 # Required: Number greater than 0 # OAuth fallback for MSP SSO (CE + EE): # - Used by NextAuth when tenant-specific provider credentials are not selected/available. # - Also used when domain-based MSP discovery is unresolved (unknown or ambiguous login domain mapping). # - CE MSP login can use these values as app-level fallback for Google/Microsoft SSO. # GOOGLE_OAUTH_CLIENT_ID= # GOOGLE_OAUTH_CLIENT_SECRET= # MICROSOFT_OAUTH_CLIENT_ID= # MICROSOFT_OAUTH_CLIENT_SECRET= # MICROSOFT_OAUTH_TENANT_ID=common # MICROSOFT_OAUTH_AUTHORITY=https://login.microsoftonline.com # Mobile app sign-in (EE only — Cloud and the licensed appliance): # - Not available on the open-source CE edition: CE builds reject the mobile token # exchange and report enabled=false from /api/v1/mobile/auth/capabilities. # - The mobile app signs in against this server via /api/v1/mobile/auth/* and the # /auth/mobile/handoff web flow; NEXTAUTH_URL must be the server's public URL. # - Google and/or Microsoft OAuth credentials (above) must be configured for mobile # sign-in; the capabilities endpoint only advertises configured providers. # - Comma-separated hostnames allowed for mobile sign-in. Leave empty to allow any # host (the app connects to whichever server the user configured). # ALGA_MOBILE_HOST_ALLOWLIST= # Enterprise AI Chat provider configuration (EE only) # Defaults to openrouter when unset or invalid. AI_CHAT_PROVIDER=openrouter # openrouter | vertex # OpenRouter provider (default) OPENROUTER_API_KEY=your-openrouter-api-key OPENROUTER_CHAT_MODEL=minimax/minimax-m2 # Vertex provider (OpenAI-compatible endpoint) VERTEX_PROJECT_ID=your-gcp-project-id VERTEX_LOCATION=us-central1 VERTEX_CHAT_MODEL=glm-5-maas # Optional override for the OpenAI-compatible Vertex endpoint URL. # VERTEX_OPENAPI_BASE_URL=https://us-central1-aiplatform.googleapis.com/v1/projects/your-gcp-project-id/locations/us-central1/endpoints/openapi # Optional ADC credentials file path (for on-prem/non-GKE deployments). # GOOGLE_APPLICATION_CREDENTIALS=/path/to/google-application-credentials.json # Workflow Configuration WORKFLOW_DISTRIBUTED_MODE=true # Enable distributed mode with Redis Streams WORKFLOW_REDIS_STREAM_PREFIX=workflow:events: # Redis stream prefix WORKFLOW_REDIS_CONSUMER_GROUP=workflow-workers # Consumer group name WORKFLOW_REDIS_BATCH_SIZE=10 # Number of events to process in a batch WORKFLOW_REDIS_IDLE_TIMEOUT_MS=60000 # Idle timeout in milliseconds WORKFLOW_WORKER_REPLICAS=2 # Number of worker containers to run # Deployment Settings PROJECT_NAME=sebastian EXPOSE_DB_PORT=5432 EXPOSE_HOCUSPOCUS_PORT=1234 EXPOSE_REDIS_PORT=6379 EXPOSE_SERVER_PORT=3000 IMAP_WEBHOOK_SECRET=replace-with-a-secure-random-string EXPOSE_IMAP_TEST_SMTP_PORT=3025 EXPOSE_IMAP_TEST_IMAP_PORT=3143 EXPOSE_IMAP_TEST_IMAPS_PORT=3993 EXPOSE_IMAP_TEST_HTTP_PORT=8080 # Docker Secrets: # The following sensitive values are managed via Docker secrets: # 1. Database Passwords: # - postgres_password: Admin user password # - db_password_server: Application user password # - db_password_hocuspocus: Hocuspocus service password # 2. Redis Password: # - redis_password # 3. Email Password: # - email_password # 4. Security Keys: # - crypto_key # - token_secret_key # - nextauth_secret # - alga_auth_key # - secret_key # 5. OAuth Credentials: # - google_oauth_client_id # - google_oauth_client_secret # - microsoft_oauth_client_id # - microsoft_oauth_client_secret # Google OAuth - Email Integration (existing) GOOGLE_CLIENT_ID=your-email-app-client-id GOOGLE_CLIENT_SECRET=your-email-app-client-secret # Google OAuth - Calendar Integration (NEW - separate app) GOOGLE_CALENDAR_CLIENT_ID=your-calendar-app-client-id GOOGLE_CALENDAR_CLIENT_SECRET=your-calendar-app-client-secret GOOGLE_CALENDAR_PROJECT_ID=your-calendar-project-id GOOGLE_CALENDAR_REDIRECT_URI=https://yourdomain.com/api/auth/google/calendar/callback # Microsoft OAuth - Email & Calendar Integration (shared app) # NOTE: Do not rely on values in this file for production. The server calls `dotenv.config()` # and the Docker image copies this file into `/app/server/.env`, which can accidentally # configure placeholder values at runtime. Prefer K8s env vars and/or Vault app secrets. # MICROSOFT_CLIENT_ID= # MICROSOFT_CLIENT_SECRET= # MICROSOFT_TENANT_ID=common # MICROSOFT_REDIRECT_URI= # Calendar Webhook Configuration # Removed: Let the code use NEXTAUTH_URL as the fallback webhook base # CALENDAR_WEBHOOK_BASE_URL=https://your-ngrok-domain.ngrok-free.app # Enterprise Edition Gmail Configuration # These are only used when NEXT_PUBLIC_EDITION=enterprise # Hosted Gmail provider settings for simplified configuration EE_GMAIL_CLIENT_ID=your-ee-gmail-client-id EE_GMAIL_PROJECT_ID=your-ee-gmail-project-id EE_GMAIL_REDIRECT_URI=https://api.algapsa.com/api/auth/google/callback # EE_GMAIL_CLIENT_SECRET is managed via filesystem secrets # Enterprise Edition Microsoft Configuration # These are only used when NEXT_PUBLIC_EDITION=enterprise # Hosted Microsoft provider settings for simplified configuration # EE_MICROSOFT_CLIENT_ID= # EE_MICROSOFT_TENANT_ID=common # EE_MICROSOFT_REDIRECT_URI= # EE_MICROSOFT_CLIENT_SECRET is managed via filesystem secrets/Vault (do not inline here) # Deployment Identifier for Observability # Used to identify this deployment in observability tools (Grafana, etc.) # For hosted: Use environment name (e.g., "production", "staging") # For on-premise: Use customer/instance identifier (e.g., "customer-abc", "demo-instance") # DEPLOYMENT_ID= # Usage Statistics # Set to false to opt out of anonymous usage statistics # This data helps us improve the product ALGA_USAGE_STATS=true # Analytics User ID Anonymization # When true (default), user IDs are anonymized for privacy # When false, actual user IDs are used (prefixed with "user_") ANALYTICS_ANONYMIZE_USER_IDS=true # Frontend configuration # NEXT_PUBLIC_ALGA_USAGE_STATS=true # Set to false to disable NEXT_PUBLIC_ANALYTICS_ANONYMIZE_USER_IDS=true # Must match ANALYTICS_ANONYMIZE_USER_IDS for frontend # Instance identification # If not set, a hash of the hostname will be used # INSTANCE_ID= # ============================================================================ # OBSERVABILITY CONFIGURATION (GRAFANA STACK) # ============================================================================ # # IMPORTANT: This is for OPERATIONAL OBSERVABILITY only (performance, errors, traces) # This is completely separate from PostHog usage analytics. # # Two separate systems: # 1. OpenTelemetry → Grafana Alloy → Prometheus/Loki/Tempo (this section) # - Application performance metrics # - Error tracking and traces # - Database query performance # - HTTP request metrics # - System resource utilization # # 2. PostHog (configured separately above) # - Product usage analytics # - User behavior tracking # - Feature usage statistics # - Business intelligence data # # Deployment behavior: # - Hosted: Always enabled for operational monitoring # - On-premise: Opt-in via ALGA_OBSERVABILITY=true environment variable # ============================================================================ # Enable/Disable Observability # Set to true to enable local observability (metrics, logs, traces) # For hosted deployments, this is automatically enabled # For on-premise deployments, this must be explicitly enabled ALGA_OBSERVABILITY=true # OpenTelemetry OTLP Endpoint (Grafana Alloy) # This is where metrics, logs, and traces are sent # Grafana Alloy then routes them to Prometheus, Loki, and Tempo # OTLP_ENDPOINT= # Grafana Stack Endpoints (optional, for dashboard links and direct access) # GRAFANA_ENDPOINT= # PROMETHEUS_ENDPOINT= # LOKI_ENDPOINT= # TEMPO_ENDPOINT= # Logging Configuration for Observability # LOG_LEVEL is already defined above but affects observability logging # Additional observability-specific logging settings: # LOG_INCLUDE_TRACE_CONTEXT=true # Include OpenTelemetry trace context in logs # PostHog Feature Flag Management (EE only) POSTHOG_PERSONAL_API_KEY= POSTHOG_PROJECT_ID= POSTHOG_API_HOST=https://us.posthog.com