.env.example from the repository root to .env and fill in the required
values before starting the server.
Required
PostgreSQL connection string.Format:
postgresql://username:password@host:port/databaseExample: postgresql://ai_review:ai_review@localhost:15432/ai_reviewSecret key used by Better Auth for session signing. Must be at least 32
characters long.
Server
Runtime environment. Accepted values:
development, production, test.Port the API server listens on.
Hostname or IP address the server binds to.
Public URL of the application. Used as the canonical base URL and as the
default value for
APP_URLs and BETTER_AUTH_URL when those are not set
explicitly.Comma-separated list of allowed application URLs used for CORS and redirect
validation. Defaults to
APP_URL when APP_URL is set.Backend API URL used by the web development proxy. Defaults to
APP_URL.Base URL for outbound webhook callbacks (e.g., GitLab/GitHub event
verification replies).
Override the URL Better Auth uses for its endpoints. Defaults to the first
entry in the resolved
APP_URLs list.Display name for the platform. Appears in logs, emails, and notification
messages. Example:
AI Review Platform.Explicit CORS origin override. If not set, CORS is derived from
APP_URLs.Queue
Redis connection URL required by BullMQ for persistent task queues. The server throws an error on startup if this is not set.Example:
redis://localhost:16379AI provider
API key for the Volcengine (Doubao) AI provider. Required for AI-powered code
reviews — Volcengine is the only currently active provider.
Inference endpoint URL for your Volcengine deployment. Required alongside
VOLCENGINE_API_KEY.Maximum number of AI review jobs executed concurrently by the server.
Timeout in minutes for a single review job before it is marked as failed.
OpenAI API key. Parsed by the schema but not active in the current release.
Anthropic Claude API key. Parsed by the schema but not active in the current
release.
Azure OpenAI API key. Parsed by the schema but not active in the current
release.
Azure OpenAI endpoint URL. Parsed by the schema but not active in the current
release.
Vercel AI API key. Parsed by the schema but not active in the current release.
Moonshot API key. Parsed by the schema but not active in the current release.
Runner
Milliseconds after which a Runner that has not sent a heartbeat is considered
offline. Default is 60 000 ms (60 seconds).
Logging
Directory path where log files are written. Example:
./logs.Minimum log level to emit. Accepted values:
error, warn, info, debug.Number of days to retain log files before automatic cleanup.
Backup
Directory path for database backup files. Example:
./backups.When
true, the server runs an automatic database backup daily at 02:00.Number of days to keep backup files before they are deleted.
Metrics
Number of days to retain metrics data. Example:
90.System
Secret key required to call
POST /api/system/reset. Keep this value private;
the endpoint deletes all data.Email address for the initial root user created on first startup. Has no
effect after the root user already exists.
Password for the initial root user created on first startup.
OAuth (optional)
GitHub OAuth application client ID. Reserved for future OAuth login support.
GitHub OAuth application client secret. Reserved for future OAuth login
support.
GitLab OAuth application client ID. Reserved for future OAuth login support.
GitLab OAuth application client secret. Reserved for future OAuth login
support.
Issuer URL for the GitLab instance used for OAuth. Example:
https://gitlab.example.com.