Environment and configuration
Configuration lives in a .env file, copied from .env.example. Values are validated when the app boots, so a missing or malformed value fails fast.
Core
APP_URL: the public URL of your instance.NODE_ENV:developmentorproduction.
Database
DATABASE_URL: the Postgres connection string. Postgres must have the pgvector extension.
Authentication
BETTER_AUTH_SECRET: a strong random secret. Change this for production.BETTER_AUTH_URL: the auth base URL, usually the same asAPP_URL.GOOGLE_CLIENT_ID,GOOGLE_CLIENT_SECRET,GITHUB_CLIENT_ID,GITHUB_CLIENT_SECRET: optional social sign-in. Leave blank for email and password only.
Storage
STORAGE_DRIVER:miniofor the self-host default, ors3for a cloud bucket.S3_ENDPOINT,S3_REGION,S3_BUCKET,S3_ACCESS_KEY,S3_SECRET_KEY,S3_FORCE_PATH_STYLE: the storage connection.
Billing
BILLING_ENABLED:falseon self-host, which makes all quotas unlimited and skips payment processing. TheSTRIPE_*values are only needed if you turn billing on.
Email
EMAIL_PROVIDER:consolelogs email for development,smtpsends through your mail server,resenduses a hosted service.EMAIL_FROM, andSMTP_HOST,SMTP_PORT,SMTP_USER,SMTP_PASSfor SMTP.
AI and stock
AI_VECTOR:pgvector, so AI search uses your Postgres database.STOCK_UNSPLASH_KEY,STOCK_PEXELS_KEY,STOCK_PIXABAY_KEY: optional stock media search keys.
Tenancy
MULTI_TENANT:falsefor a single-organization self-host.
Keep secrets in .env only
Never commit real secrets. Keep them in .env, which is ignored by version control, and rotate anything that leaks.