| title | Environment variables |
|---|---|
| sidebarTitle | Environment variables |
This page provides a detailed reference of all environment variables supported by Sourcebot. If you're just looking to get up and running, we recommend starting with the deployment guides instead.
The following environment variables allow you to configure your Sourcebot deployment.
| Variable | Default | Description |
|---|---|---|
AUTH_CREDENTIALS_LOGIN_ENABLED |
true |
Enables/disables authentication with basic credentials. Username and passwords are stored encrypted at rest within the postgres database. Checkout the auth docs for more info |
AUTH_EMAIL_CODE_LOGIN_ENABLED |
false |
Enables/disables authentication with a login code that's sent to a users email. |
AUTH_SECRET |
Automatically generated at startup if no value is provided. Generated using openssl rand -base64 33 |
Used to validate login session cookies |
AUTH_URL |
- | URL of your Sourcebot deployment, e.g., |
CONFIG_PATH |
- |
The container relative path to the declarative configuration file. See this doc for more info. |
DATA_CACHE_DIR |
$DATA_DIR/.sourcebot |
The root data directory in which all data written to disk by Sourcebot will be located. |
DATA_DIR |
/data |
The directory within the container to store all persistent data. Typically, this directory will be volume mapped such that data is persisted across container restarts (e.g., |
DATABASE_DATA_DIR |
$DATA_CACHE_DIR/db |
The data directory for the default Postgres database. |
DATABASE_URL |
postgresql://postgres@ localhost:5432/sourcebot |
Connection string of your Postgres database. By default, a Postgres database is automatically provisioned at startup within the container. If you'd like to use a non-default schema, you can provide it as a parameter in the database url. You can also use |
EMAIL_FROM_ADDRESS |
- |
The email address that transactional emails will be sent from. See this doc for more info. |
FORCE_ENABLE_ANONYMOUS_ACCESS |
false |
When enabled, anonymous access to the organization will always be enabled |
REQUIRE_APPROVAL_NEW_MEMBERS |
- | When set, controls whether new users require approval before accessing your deployment. If not set, the setting can be configured via the UI. See member approval for more info. |
REDIS_DATA_DIR |
$DATA_CACHE_DIR/redis |
The data directory for the default Redis instance. |
REDIS_URL |
redis://localhost:6379 |
Connection string of your Redis instance. By default, a Redis database is automatically provisioned at startup within the container. |
REDIS_REMOVE_ON_COMPLETE |
0 |
Controls how many completed jobs are allowed to remain in Redis queues |
REDIS_REMOVE_ON_FAIL |
100 |
Controls how many failed jobs are allowed to remain in Redis queues |
REPO_SYNC_RETRY_BASE_SLEEP_SECONDS |
60 |
The base sleep duration (in seconds) for exponential backoff when retrying repository sync operations that fail |
GITLAB_CLIENT_QUERY_TIMEOUT_SECONDS |
600 |
The timeout duration (in seconds) for GitLab client queries |
SMTP_CONNECTION_URL |
- |
The url to the SMTP service used for sending transactional emails. See this doc for more info. |
SOURCEBOT_ENCRYPTION_KEY |
Automatically generated at startup if no value is provided. Generated using openssl rand -base64 24 |
Used to encrypt connection secrets and generate API keys. |
SOURCEBOT_PUBLIC_KEY_PATH |
/app/public.pem |
Sourcebot's public key that's used to verify encrypted license key signatures. |
SOURCEBOT_LOG_LEVEL |
info |
The Sourcebot logging level. Valid values are |
SOURCEBOT_STRUCTURED_LOGGING_ENABLED |
false |
Enables/disable structured JSON logging. See this doc for more info. |
SOURCEBOT_STRUCTURED_LOGGING_FILE |
- | Optional file to log to if structured logging is enabled |
SOURCEBOT_TELEMETRY_DISABLED |
false |
Enables/disables telemetry collection in Sourcebot. See this doc for more info. |
DEFAULT_MAX_MATCH_COUNT |
10000 |
The default maximum number of search results to return when using search in the web app. |
ALWAYS_INDEX_FILE_PATTERNS |
- | A comma separated list of glob patterns matching file paths that should always be indexed, regardless of size or number of trigrams. |
NODE_USE_ENV_PROXY |
0 |
Enables Node.js to automatically use |
HTTP_PROXY |
- | HTTP proxy URL for routing non-SSL requests through a proxy server (e.g., |
HTTPS_PROXY |
- | HTTPS proxy URL for routing SSL requests through a proxy server (e.g., |
NO_PROXY |
- | Comma-separated list of hostnames or domains that should bypass the proxy (e.g., |
SOURCEBOT_EE_AUDIT_LOGGING_ENABLED |
true |
Enables/disables audit logging |
SOURCEBOT_EE_AUDIT_RETENTION_DAYS |
180 |
The number of days to retain audit logs. Audit log records older than this will be automatically pruned daily. Set to |
AUTH_EE_GCP_IAP_ENABLED |
false |
When enabled, allows Sourcebot to automatically register/login from a successful GCP IAP redirect |
AUTH_EE_GCP_IAP_AUDIENCE |
- | The GCP IAP audience to use when verifying JWT tokens. Must be set to enable GCP IAP JIT provisioning |
EXPERIMENT_EE_PERMISSION_SYNC_ENABLED |
false |
Enables permission syncing. |
PERMISSION_SYNC_REPO_DRIVEN_ENABLED |
true |
Enables/disables repo-driven permission syncing. Only applies when |
AUTH_EE_ALLOW_EMAIL_ACCOUNT_LINKING |
true |
When enabled, different SSO accounts with the same email address will automatically be linked. |
| Variable | Default | Description |
|---|---|---|
GITHUB_REVIEW_AGENT_APP_ID |
- |
The GitHub App ID used for review agent authentication. |
GITHUB_REVIEW_AGENT_APP_PRIVATE_KEY_PATH |
- |
The container relative path to the private key file for the GitHub App used by the review agent. |
GITHUB_REVIEW_AGENT_APP_WEBHOOK_SECRET |
- |
The webhook secret for the GitHub App used by the review agent. |
OPENAI_API_KEY |
- |
The OpenAI API key used by the review agent. |
REVIEW_AGENT_API_KEY |
- |
The Sourcebot API key used by the review agent. |
REVIEW_AGENT_AUTO_REVIEW_ENABLED |
false |
Enables/disables automatic code reviews by the review agent. |
REVIEW_AGENT_LOGGING_ENABLED |
true |
Enables/disables logging for the review agent. Logs are saved in |
REVIEW_AGENT_REVIEW_COMMAND |
review |
The command used to trigger a code review by the review agent. |
You can override environment variables from the config file by using the environmentOverrides property. See this doc for more info.