Skip to main content
XyraPanel uses environment variables for configuration. Copy .env.example to .env and customize the values for your environment.

Application Settings

APP_NAME
string
default:"XyraPanel"
The name of your panel instance. This appears in the UI, emails, and page titles.
NODE_ENV
string
default:"production"
Application environment. Set to production for production deployments or development for local development.
DEBUG
boolean
default:"false"
Enable debug mode for additional logging. Only enable in development.

URLs and Authentication

BETTER_AUTH_URL
string
required
The primary URL where your panel is accessible (e.g., https://panel.example.com).
This must match your actual domain for authentication to work properly.
BETTER_AUTH_TRUSTED_ORIGINS
string
required
Comma-separated list of trusted origins for authentication. Usually matches BETTER_AUTH_URL.
NUXT_PUBLIC_APP_URL
string
required
Public URL for the application. Should match BETTER_AUTH_URL.
PANEL_PUBLIC_URL
string
required
Public-facing URL for the panel (e.g., https://panel.example.com).
PANEL_INTERNAL_URL
string
default:"http://127.0.0.1:3000"
Internal URL for server-to-server communication within Docker or local network.
PORT
number
default:"3000"
Port number the application listens on.
XYRA_PASTE_URL
string
default:"https://paste.xyrapanel.com"
URL for the paste service used for sharing logs and configuration.

Security

BETTER_AUTH_SECRET
string
required
Secret key for authentication and session encryption. Must be at least 32 characters in production.Generate a secure secret:
openssl rand -base64 32
Never use default or weak values like “changeme” in production!

Initial Admin Setup

These variables configure the initial admin account created via POST /api/system/seed.
SEED_SECRET
string
required
Secret key required to access the seed endpoint. Generate with:
openssl rand -base64 32
SEED_ADMIN_EMAIL
string
default:"[email protected]"
Email address for the initial admin account.
SEED_ADMIN_PASSWORD
string
default:"changeme"
Password for the initial admin account.
Change this immediately after first login!
SEED_ADMIN_USERNAME
string
default:"admin"
Username for the initial admin account.
SEED_ADMIN_NAME
string
default:"Admin"
Display name for the initial admin account.

Database

XyraPanel requires PostgreSQL 14 or higher.
DATABASE_URL
string
required
PostgreSQL connection string. Format:
postgresql://username:password@host:port/database
Example:
postgresql://xyra:changeme@postgres:5432/xyrapanel

Docker-Only Variables

These variables configure the PostgreSQL container in docker-compose.yml. They must match the credentials in DATABASE_URL.
DB_USER
string
default:"xyra"
PostgreSQL username for Docker container.
DB_PASSWORD
string
default:"changeme"
PostgreSQL password for Docker container.
DB_NAME
string
default:"xyrapanel"
PostgreSQL database name for Docker container.

PM2 Configuration

Optional PM2 process manager overrides.
INSTANCES
number
default:"max"
Number of PM2 instances to run. Set to 1 for low-memory hosts.
Uncomment this variable only if you need to override the default from ecosystem.config.cjs.
MAX_MEMORY_RESTART
string
default:"1G"
Maximum memory before PM2 restarts the process (e.g., “1G”, “512M”).

HTTP Cache

XyraPanel includes server-side HTTP caching for improved performance.
NUXT_HTTP_CACHE_ENABLED
boolean
default:"true"
Enable or disable HTTP caching.
NUXT_HTTP_CACHE_DEFAULT_MAX_AGE
number
default:"5"
Default cache max-age in seconds for most endpoints.
NUXT_HTTP_CACHE_DEFAULT_SWR
number
default:"15"
Default stale-while-revalidate time in seconds.
NUXT_HTTP_CACHE_DASHBOARD_MAX_AGE
number
default:"10"
Cache max-age for dashboard endpoints (seconds).
NUXT_HTTP_CACHE_DASHBOARD_SWR
number
default:"30"
Stale-while-revalidate time for dashboard (seconds).
NUXT_HTTP_CACHE_ADMIN_DASHBOARD_MAX_AGE
number
default:"10"
Cache max-age for admin dashboard endpoints (seconds).
NUXT_HTTP_CACHE_ADMIN_DASHBOARD_SWR
number
default:"30"
Stale-while-revalidate time for admin dashboard (seconds).
NUXT_HTTP_CACHE_ADMIN_NODE_MAX_AGE
number
default:"5"
Cache max-age for admin node endpoints (seconds).
NUXT_HTTP_CACHE_ADMIN_NODE_SWR
number
default:"15"
Stale-while-revalidate time for admin nodes (seconds).

Request Limits

NUXT_MAX_REQUEST_SIZE_MB
number
default:"10"
Maximum request body size in megabytes.
NUXT_MAX_UPLOAD_SIZE_MB
number
default:"20"
Maximum file upload size in megabytes.

Next Steps

Redis Configuration

Configure Redis for caching and rate limiting

Security Settings

Configure CORS, CSP, and rate limiting

Email Configuration

Set up email notifications

Captcha Setup

Configure captcha providers

Build docs developers (and LLMs) love

Get started for freeTalk to us