Complete reference of every configuration option available in DocuGardener.
Tip: Copy .env.example to .env and fill in the values. Variables marked “Yes (prod)” are only required in production deployments — development mode uses safe fallback defaults.
Application
| Variable | Required | Default | Description |
|---|
ENVIRONMENT | No | development | Set to "production" for production deployments. Affects logging level and error detail. |
DEBUG | No | false | Enable debug-level logging across all services. |
SECRET_KEY | Yes (prod) | dev-fallback | Encryption key for stored secrets (e.g. GitHub tokens). Minimum 32 characters in production. |
SINGLE_TENANT_ID | Yes (self-hosted) | — | Tenant UUID for single-tenant mode. All data is scoped to this tenant. |
DEPLOYMENT_MODE | No | client-installed | "saas" or "client-installed". Controls billing UI visibility and feature gating source. |
QUOTA_OVERRIDE | No | — | Set to "unlimited" to disable all plan-based quotas. Recommended for self-hosted installs. |
GitHub App
| Variable | Required | Default | Description |
|---|
GITHUB_APP_ID | Yes | — | Numeric App ID from your GitHub App's developer settings page. |
GITHUB_WEBHOOK_SECRET | Yes | — | Webhook secret configured in your GitHub App. Used to verify webhook payloads. |
GITHUB_PRIVATE_KEY_PATH | Yes | ./secrets/github-app.pem | Path to the .pem private key file generated when creating the GitHub App. |
GITHUB_ID | Yes | — | GitHub OAuth App client ID, used by NextAuth for user authentication. |
GITHUB_SECRET | Yes | — | GitHub OAuth App client secret, used by NextAuth for user authentication. |
LLM Providers
Set LLM_PROVIDER to choose your default provider. Each tenant can override this via the BYOK settings in the dashboard.
| Variable | Required | Default | Description |
|---|
LLM_PROVIDER | Yes | gemini | Default LLM provider: "gemini", "openai", "anthropic", or "ollama". |
GEMINI_API_KEY | If gemini | — | Google AI Studio API key for the Gemini provider. |
GEMINI_MODEL | No | gemini-2.0-flash | Gemini model name to use for analysis. |
OPENAI_API_KEY | If openai | — | OpenAI API key. |
OPENAI_MODEL | No | gpt-4o | OpenAI model name to use for analysis. |
ANTHROPIC_API_KEY | If anthropic | — | Anthropic API key. |
ANTHROPIC_MODEL | No | claude-sonnet-4-6 | Claude model name to use for analysis. |
OLLAMA_BASE_URL | If ollama | http://localhost:11434 | Ollama API endpoint. Use http://host.docker.internal:11434 when running the worker in Docker. |
OLLAMA_MODEL | No | llama3.2 | Ollama model to use for analysis. |
Docker + Ollama: If the analysis worker runs inside Docker but Ollama runs on the host, use http://host.docker.internal:11434 as the Ollama base URL. The worker cannot reach localhost from inside a container.
Database
| Variable | Required | Default | Description |
|---|
DATABASE_URL | Yes | — | PostgreSQL connection string for the analysis plane (FastAPI). Example: postgresql://user:pass@localhost:5433/docugardener |
POSTGRES_PASSWORD | Yes | — | Password for the PostgreSQL superuser. Shared between the postgres container and PgBouncer. Must match the password in SQL_DATABASE_URL. New in SCAL-01 — add this to your .env if upgrading from an earlier release. |
SQL_DATABASE_URL | Yes | — | PostgreSQL connection string used by the Python backend. Must route through PgBouncer (pgbouncer:5432) in Docker Compose, not directly to postgres:5432. PgBouncer runs as a sidecar in the same Docker network and enforces transaction-mode connection pooling. |
REDIS_URL | No | redis://localhost:6379 | Redis connection string used by RQ for job queuing. |
WEAVIATE_URL | No | http://weaviate:8080 | Weaviate vector database endpoint for document embeddings. |
Web / NextAuth
| Variable | Required | Default | Description |
|---|
NEXTAUTH_URL | Yes | — | Full URL of the web application (e.g. https://your-domain.com). Used for OAuth callback URLs. |
NEXTAUTH_SECRET | Yes | — | Random string (32+ characters) used for JWT signing. Generate with: openssl rand -base64 32 |
NEXT_PUBLIC_APP_URL | No | NEXTAUTH_URL | Public-facing app URL used for OAuth callbacks. Defaults to NEXTAUTH_URL if not set. |
NEXT_PUBLIC_DEPLOYMENT_MODE | No | client-installed | "saas" or "client-installed". Baked into the frontend at build time — controls client-side UI branching. |
Analysis
| Variable | Required | Default | Description |
|---|
DRIFT_SCORE_THRESHOLD | No | 30 | Drift score (0-100) above which a finding is flagged. Lower values mean stricter enforcement. |
MAX_PROCESSING_TIME | No | 120 | Maximum seconds a worker job can run before being considered timed out. |
MAX_CHANGED_FILES | No | 50 | Maximum number of changed files per PR to analyse. PRs exceeding this are partially analysed. |
Stripe (SaaS Only)
These variables are only needed if you are running DocuGardener in SaaS mode (DEPLOYMENT_MODE=saas). Self-hosted installations can ignore this section entirely.
| Variable | Required | Default | Description |
|---|
STRIPE_SECRET_KEY | SaaS only | — | Stripe secret key for server-side billing operations. |
STRIPE_PUBLISHABLE_KEY | SaaS only | — | Stripe publishable key for client-side Checkout embeds. |
STRIPE_WEBHOOK_SECRET | SaaS only | — | Stripe webhook signing secret for verifying webhook payloads. |
STRIPE_PRICE_PRO | SaaS only | — | Stripe Price ID for the PRO monthly plan. |
STRIPE_PRICE_TEAM | SaaS only | — | Stripe Price ID for the TEAM monthly plan. |