Skip to main content
Copy .env.example to .env and fill in your values before starting the bot. 
cp .env.example .env
Never commit your .env file to version control. It contains secrets that grant full access to your Discord bot, database, and AI provider account.

Required

The bot will not start without these variables.
DISCORD_TOKEN
string
required
Your Discord bot token. Found in the Discord Developer Portal under Bot → Token.
DISCORD_TOKEN=your_discord_bot_token
DISCORD_CLIENT_ID
string
required
Your Discord application (client) ID. Used to deploy slash commands. Found in the Developer Portal under General Information → Application ID.
DISCORD_CLIENT_ID=your_discord_client_id
DATABASE_URL
string
required
PostgreSQL connection string. When using Docker Compose, this is set automatically.
DATABASE_URL=postgresql://postgres:postgres@localhost:5432/volvoxbot
ANTHROPIC_API_KEY
string
required
Anthropic API key for Claude AI features. Required unless you are using OAuth access tokens instead (see CLAUDE_CODE_OAUTH_TOKEN).Standard API keys begin with sk-ant-api03-. Do not set this variable if you are using an OAuth token — the SDK will send conflicting auth headers and the API will reject the request.
ANTHROPIC_API_KEY=your_anthropic_api_key

Optional

These variables are not required for the bot to start, but enable additional functionality or change default behavior.
CLAUDE_CODE_OAUTH_TOKEN
string
OAuth access token for Claude (begins with sk-ant-oat01-). Use this instead of ANTHROPIC_API_KEY when authenticating via OAuth. Do not set both variables at the same time.
CLAUDE_CODE_OAUTH_TOKEN=your_oauth_token
BOT_OWNER_IDS
string
Comma-separated list of Discord user IDs whose accounts bypass all permission checks. Falls back to config.json’s permissions.botOwners array if not set.To find your Discord user ID: go to User Settings → Advanced, enable Developer Mode, then right-click your username and select Copy User ID.
BOT_OWNER_IDS=123456789012345678,987654321098765432
MEM0_API_KEY
string
API key for mem0 long-term user memory. Memory features are disabled when this variable is not set.
MEM0_API_KEY=your_mem0_api_key
PG_POOL_SIZE
number
default:"5"
PostgreSQL connection pool size.
PG_POOL_SIZE=10
REDIS_URL
string
Redis connection URL for session storage. Falls back to in-memory storage when not set.
REDIS_URL=redis://localhost:6379
LOG_LEVEL
string
default:"info"
Logging verbosity. Accepted values: debug, info, warn, error.
LOG_LEVEL=debug
NODE_ENV
string
default:"production"
Node.js environment. Set to development during local development.
NODE_ENV=development
API_BODY_LIMIT
string
default:"100kb"
Maximum request body size accepted by the Express API.
API_BODY_LIMIT=1mb
DATABASE_SSL
boolean
default:"false"
Set to false to disable TLS for local PostgreSQL connections.
DATABASE_SSL=false
DISABLE_PROMPT_CACHING
string
Set to 1 to disable Anthropic prompt caching.
DISABLE_PROMPT_CACHING=1

Web dashboard

These variables are required when running the web dashboard alongside the bot.
DISCORD_CLIENT_SECRET
string
required
Discord OAuth2 client secret. Required for Discord login in the web dashboard. Found in the Developer Portal under OAuth2 → Client Secret.
DISCORD_CLIENT_SECRET=your_discord_client_secret
DISCORD_REDIRECT_URI
string
required
The OAuth2 callback URL Discord redirects to after login. Must match the redirect URI registered in the Developer Portal.
DISCORD_REDIRECT_URI=http://localhost:3001/api/v1/auth/discord/callback
SESSION_SECRET
string
required
Secret used to sign JWT session tokens. Generate a secure value with:
openssl rand -base64 32
NEXTAUTH_SECRET
string
required
Encryption secret for NextAuth.js sessions in the web dashboard. Generate with:
openssl rand -base64 32
NEXTAUTH_URL
string
required
Public URL of the web dashboard. Docker Compose sets this to http://localhost:3000 automatically.
NEXTAUTH_URL=http://localhost:3000
BOT_API_URL
string
required
URL the web dashboard uses to reach the bot’s REST API. Docker Compose sets this automatically.
BOT_API_URL=http://localhost:3001
BOT_API_SECRET
string
required
Shared secret for authenticating requests between the web dashboard and the bot API. Use a long random value.
BOT_API_SECRET=your_bot_api_secret
DASHBOARD_URL
string
required
URL of the web dashboard. Used to configure CORS on the bot API.
DASHBOARD_URL=http://localhost:3000
NEXT_PUBLIC_DISCORD_CLIENT_ID
string
required
Discord client ID exposed to the browser for OAuth2 flows in the web dashboard. Set to the same value as DISCORD_CLIENT_ID.
NEXT_PUBLIC_DISCORD_CLIENT_ID=your_discord_client_id
BOT_API_PORT
number
default:"3001"
Port the bot’s REST API listens on.
BOT_API_PORT=3001

Webhooks

WEBHOOK_SECRET
string
HMAC signing secret for outbound webhook requests. Used to generate the X-Webhook-Signature header. Use a different value from SESSION_SECRET to maintain key separation. Generate with:
openssl rand -base64 32
CONFIG_CHANGE_WEBHOOK_URL
string
URL that receives a POST request whenever the global configuration changes. The request is fire-and-forget with a 5-second timeout.
CONFIG_CHANGE_WEBHOOK_URL=https://example.com/hooks/config-changed
DASHBOARD_WEBHOOK_URL
string
URL that receives a POST request when a guild configuration changes. Used to notify the dashboard of updates. Fire-and-forget, 5-second timeout.
DASHBOARD_WEBHOOK_URL=https://example.com/hooks/dashboard-config-changed

Error monitoring

SENTRY_DSN
string
Sentry DSN that enables error tracking and alerting. When not set, Sentry is disabled.
SENTRY_DSN=https://[email protected]/0
SENTRY_ENVIRONMENT
string
default:"production"
Sentry environment label. Defaults to the value of NODE_ENV.
SENTRY_ENVIRONMENT=staging
SENTRY_TRACES_RATE
number
default:"0.1"
Sentry performance sampling rate, from 0 (disabled) to 1 (100%).
SENTRY_TRACES_RATE=0.25

Build docs developers (and LLMs) love

Get started for freeTalk to us