Skip to main content
All services are configured through environment variables, validated at startup (packages/env). Anything with a default is optional; everything else is required. apps/server/.env.example mirrors this reference.

Core

VariableRequiredDefaultDescription
DATABASE_URLyesPostgres connection string.
BETTER_AUTH_SECRETyesSession-signing secret, min 32 chars.
BETTER_AUTH_URLyesPublic URL of apps/server (e.g. http://localhost:3000).
CORS_ORIGINyesDashboard origin allowed to call the API (e.g. http://localhost:3001).
CORS_EXTRA_ORIGINSnoAdditional allowed origins, comma/space separated (preview deploys, staging).
PORTno3000Port for apps/server. Usually injected by the host.
NODE_ENVnodevelopmentdevelopment, production, or test.

ClickHouse

VariableDefaultDescription
CLICKHOUSE_URLhttp://localhost:8123ClickHouse HTTP endpoint.
CLICKHOUSE_USERdefaultUsername.
CLICKHOUSE_PASSWORDPassword. Empty is fine while ClickHouse is unreachable from outside your network (the base docker-compose.yml keeps 8123 off the host; the dev override publishes it to localhost); the server logs a warning if it’s empty in production.
CLICKHOUSE_DATABASEfoglampDatabase name.

Ingest (apps/ingest)

VariableDefaultDescription
INGEST_PORT4000Port for the ingest API.
INGEST_FLUSH_INTERVAL_MS1000How often the write buffer flushes to ClickHouse.
INGEST_FLUSH_MAX_ROWS1000Flush early once this many rows are buffered.
INGEST_RATE_LIMIT_RPS100Spans/second budget per API key — a request costs its span count.
INGEST_MAX_BODY_BYTES10485760Max request body in bytes; larger requests get 413 before parsing.
REDIS_URLOptional shared Redis for rate limiting across ingest replicas (e.g. redis://redis:6379). Unset → per-instance in-memory limiting, fine for a single replica.
API_KEY_CACHE_TTL_MS60000In-memory API-key cache TTL.

Cost & pricing

VariableDefaultDescription
OPENROUTER_MODELS_URLhttps://openrouter.ai/api/v1/modelsSource for model pricing.
FOGLAMP_PRICING_FILELocal pricing JSON for air-gapped hosts.

Alerts (apps/server)

VariableDefaultDescription
ALERT_EVAL_INTERVAL_MS60000How often the evaluator sweeps enabled rules.
ALERT_RENOTIFY_MS3600000Re-notify cooldown while a rule stays firing.

Evals & provider keys (apps/server)

Evals score your traces with bring-your-own-key judge models. The whole feature is gated on FOGLAMP_SECRETS_KEY — without it, provider keys can’t be stored and scoring stays off.
VariableDefaultDescription
FOGLAMP_SECRETS_KEYMin 32 chars. AES-256-GCM key encrypting provider API keys at rest. Generate with openssl rand -base64 32. Unset → evals/provider keys disabled.
SCORING_EVAL_INTERVAL_MS60000How often the scoring planner sweeps enabled evals and enqueues jobs.
SCORING_SETTLE_MS60000Spans newer than this aren’t scored yet, so late spans settle first.
EVAL_JUDGE_CONCURRENCY5Max judge LLM calls in flight per eval job.
EVAL_SCORING_BATCH100Max targets scored per eval per planner tick.
EVAL_JUDGE_MAX_INPUT_CHARS200000Char budget for a judge call’s prompt fields; larger payloads are truncated.
EVAL_EXECUTOR_BATCH5Max queued eval jobs the executor claims (and runs) per tick.

Billing — Stripe (optional)

Most self-hosts leave this whole block unset; billing is enabled only when both the secret key and webhook secret are present.
VariableDefaultDescription
STRIPE_SECRET_KEYStripe API secret key.
STRIPE_WEBHOOK_SECRETWebhook signing secret for the Stripe endpoint.
STRIPE_PRICE_ID_PRO_MONTHLYPrice ID for the Pro monthly plan.
STRIPE_PRICE_ID_PRO_ANNUALPrice ID for the Pro annual plan.
QUOTA_WARN_INTERVAL_MS3600000How often orgs are swept for the 90% span-quota warning email.

Foggy — in-app assistant (optional)

Foggy is enabled only when GOOGLE_GENERATIVE_AI_API_KEY is set.
VariableDefaultDescription
GOOGLE_GENERATIVE_AI_API_KEYGemini API key; unset disables Foggy.
FOGGY_MODELgemini-3.1-flash-liteModel used for chat.
FOGGY_DOCS_URLhttps://docs.foglamp.devDocs site Foggy’s docs tool fetches llms.txt / llms-full.txt from.
FOGGY_RPM15Per-user requests/minute.
FOGGY_DAILY_LIMIT200Per-user messages/day.
FOGGY_MAX_STEPS6Max tool-use steps per answer.
FOGGY_MAX_OUTPUT_TOKENS1500Output token cap per answer.
FOGLAMP_API_KEYOptional: dogfood Foggy’s own LLM calls into a Foglamp project.
FOGLAMP_INGEST_URLIngest endpoint for the dogfooding key.

Email (optional)

Enables magic-link login and alert notifications. Without these, password login still works.
VariableDescription
RESEND_API_KEYResend API key.
RESEND_FROM_EMAILFrom address for outbound email.

Google OAuth (optional)

Enabled only when both are present. Set the OAuth redirect URI in the Google Cloud console to <BETTER_AUTH_URL>/api/auth/callback/google.
VariableDescription
GOOGLE_CLIENT_IDOAuth client ID.
GOOGLE_CLIENT_SECRETOAuth client secret.
AUTH_DISABLE_EMAIL_PASSWORDSet to true to turn off email+password sign-in (e.g. Google + magic link only). Default: enabled.

Platform admin (optional)

VariableDescription
PLATFORM_ADMIN_EMAILSComma-separated emails allowed to open the cross-org Platform stats page (instance totals, ingestion volume, ClickHouse storage). Unset: hidden for everyone.

Seed bootstrap

Used once by the seed script. No static defaults — a random password is generated and printed if unset.
VariableDescription
ADMIN_EMAILInitial admin email.
ADMIN_PASSWORDInitial admin password.

Web dashboard (apps/web)

VariableDescription
NEXT_PUBLIC_SERVER_URLPublic URL of apps/server the browser calls.
NEXT_PUBLIC_APP_URLPublic URL of the dashboard itself.
INTERNAL_SERVER_URLOptional in-cluster server URL for SSR requests.