Environment variables
Complete reference for configuring Replane via environment variables.
Required variables
BASE_URL
The public URL where Replane is accessible.
BASE_URL=https://replane.example.com
Used for:
- OAuth callback URLs
- Magic link URLs
- Email notifications
SECRET_KEY
Secret key for signing sessions and tokens. Should be at least 32 characters.
SECRET_KEY=your-very-long-random-secret-key-minimum-32-chars
Generate a secure key:
openssl rand -base64 48
Keep this secret. Changing it invalidates all existing sessions.
Database
DATABASE_URL
PostgreSQL connection string.
DATABASE_URL=postgresql://user:password@host:5432/database
With SSL:
DATABASE_URL=postgresql://user:password@host:5432/database?sslmode=require
Individual database variables
Alternative to DATABASE_URL:
DATABASE_USER=replane
DATABASE_PASSWORD=secret
DATABASE_HOST=localhost
DATABASE_PORT=5432
DATABASE_NAME=replane
DATABASE_SSL_CA
Custom SSL certificate for database connection. Required for some cloud databases.
DATABASE_SSL_CA="-----BEGIN CERTIFICATE-----
...certificate content...
-----END CERTIFICATE-----"
DATABASE_MAX_CONNECTIONS
Maximum database connections in the pool.
DATABASE_MAX_CONNECTIONS=10 # Default: 10
Authentication
At least one authentication method must be enabled.
Password authentication
PASSWORD_AUTH_ENABLED=true
Users can sign up and log in with email/password.
Magic links
MAGIC_LINK_ENABLED=true
Requires email configuration. Users receive a login link via email.
GitHub OAuth
GITHUB_CLIENT_ID=your-client-id
GITHUB_CLIENT_SECRET=your-client-secret
Create an OAuth app at GitHub Developer Settings.
Callback URL: {BASE_URL}/api/auth/callback/github
GitLab OAuth
GITLAB_CLIENT_ID=your-client-id
GITLAB_CLIENT_SECRET=your-client-secret
Callback URL: {BASE_URL}/api/auth/callback/gitlab
Google OAuth
GOOGLE_CLIENT_ID=your-client-id
GOOGLE_CLIENT_SECRET=your-client-secret
Create credentials at Google Cloud Console.
Callback URL: {BASE_URL}/api/auth/callback/google
Okta OAuth
OKTA_CLIENT_ID=your-client-id
OKTA_CLIENT_SECRET=your-client-secret
OKTA_ISSUER=https://your-domain.okta.com
Callback URL: {BASE_URL}/api/auth/callback/okta
Email
Required for magic links and notifications.
EMAIL_SERVER
SMTP connection string.
EMAIL_SERVER=smtp://user:[email protected]:587
Individual email variables
Alternative to EMAIL_SERVER:
EMAIL_SERVER_HOST=smtp.example.com
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER=user
EMAIL_SERVER_PASSWORD=password
EMAIL_FROM
From address for outgoing emails.
EMAIL_FROM=[email protected]
# Or with name:
EMAIL_FROM="Replane <[email protected]>"
Access control
DISABLE_REGISTRATION
Disable new user registration entirely.
DISABLE_REGISTRATION=true
When enabled:
- New users cannot sign up via any method (password, OAuth, magic link)
- Existing users can still sign in normally
Useful for private instances or when you want to manage users manually.
ALLOWED_EMAIL_DOMAINS
Restrict registration to specific email domains.
ALLOWED_EMAIL_DOMAINS=example.com,company.com
Users with other email domains cannot sign up.
Server
PORT
HTTP server port.
PORT=8080 # Default: 8080
HEALTHCHECK_PATH
Custom health check endpoint path.
HEALTHCHECK_PATH=/api/health # Default: /api/health
Monitoring
Sentry integration
SENTRY_DSN=https://[email protected]/project
SENTRY_ENVIRONMENT=production
SENTRY_TRACES_SAMPLE_RATE=0.1 # 10% of requests
Example configurations
Minimal (development)
DATABASE_URL=postgresql://postgres:postgres@localhost:5432/replane
BASE_URL=http://localhost:8080
SECRET_KEY=development-secret-key-change-in-production
PASSWORD_AUTH_ENABLED=true
Production with GitHub OAuth
# Database
DATABASE_URL=postgresql://replane:[email protected]:5432/replane
# Application
BASE_URL=https://replane.example.com
SECRET_KEY=your-production-secret-key-at-least-32-characters
# Authentication
PASSWORD_AUTH_ENABLED=true
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret
# Email
EMAIL_SERVER=smtp://user:[email protected]:587
EMAIL_FROM="Replane <[email protected]>"
# Access control
ALLOWED_EMAIL_DOMAINS=example.com
# Monitoring
SENTRY_DSN=https://[email protected]/project
SENTRY_ENVIRONMENT=production
Production with Google OAuth and Magic Links
# Database
DATABASE_URL=postgresql://replane:[email protected]:5432/replane
# Application
BASE_URL=https://replane.example.com
SECRET_KEY=your-production-secret-key-at-least-32-characters
# Authentication
MAGIC_LINK_ENABLED=true
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
# Email (required for magic links)
EMAIL_SERVER_HOST=smtp.gmail.com
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER=[email protected]
EMAIL_SERVER_PASSWORD=your-app-password
EMAIL_FROM="Replane <[email protected]>"
Docker Compose with .env file
services:
replane:
image: replane/replane:latest
env_file: .env
ports:
- '8080:8080'
DATABASE_URL=postgresql://replane:password@postgres:5432/replane
BASE_URL=https://replane.example.com
SECRET_KEY=your-secret-key
PASSWORD_AUTH_ENABLED=true
GITHUB_CLIENT_ID=xxx
GITHUB_CLIENT_SECRET=xxx
EMAIL_SERVER=smtp://user:[email protected]:587
EMAIL_FROM=[email protected]
Validation
Replane validates environment variables on startup. Missing required variables or invalid values cause the application to exit with an error message.
Check logs for configuration errors:
docker compose logs replane | grep -i "error\|config"
Next steps
- Docker Deployment — Deployment guide
- JavaScript SDK — Connect your application
- Quickstart — Get started