Skip to Content
DocumentationEnvironment

Revornix Environment Variable Guide (Based on This Repo)

This document is organized based on the current repo’s .env.example, api/.env.example, celery-worker/.env.example, web/.env.example, and hot-news/src/config.ts. Unless stated otherwise, example values come from these files.

Store all secret variables in a secure secret manager. Do not commit them to version control.

Common placement: root .env for Docker Compose; api/.env, celery-worker/.env, web/.env, hot-news/.env for running services locally.

1. Core Security and Initialization

VariableExampleDescriptionPrimary scope
OAUTH_SECRET_KEYopenssl rand -hex 32Login session/JWT encryption key; must match in API and workerapi, celery-worker, docker-compose
APIKEY_ENCRYPT_KEYbase64-32bytesBase64-encoded 32-byte master key to encrypt third-party API keysapi, celery-worker
ENGINE_CONFIG_ENCRYPT_KEYbase64-32bytesBase64-encoded 32-byte master key to encrypt engine configurationapi, celery-worker
FILE_SYSTEM_CONFIG_ENCRYPT_KEYbase64-32bytesBase64-encoded 32-byte master key to encrypt file system configurationapi, celery-worker
ROOT_USER_NAMEadminRoot user name for initialization (required by init script)api
ROOT_USER_PASSWORDchange_meRoot user password for initializationapi
ENV (optional)developmentDatabase initialization safety modeapi
ALLOW_DB_RESET (optional)0 / 1Allow running init scripts outside developmentapi

2. Deployment and Access Control

VariableExampleDescriptionPrimary scope
DEPLOY_HOSTSapp.revornix.com,app.revornix.cnAllowed host whitelist (comma-separated)api, celery-worker
OFFICIALFalseOfficial deployment mode switch (True/False string)api, celery-worker

3. Data and Queue Services

VariableExampleDescriptionPrimary scope
POSTGRES_USERrevornixPostgreSQL usernameapi, celery-worker, docker-compose
POSTGRES_PASSWORD12345678PostgreSQL passwordSame as above
POSTGRES_DBrevornixDatabase nameSame as above
POSTGRES_DB_URLpostgresDatabase host (Docker) or localhostapi, celery-worker, alembic
REDIS_URLredisRedis hostapi, celery-worker, docker-compose
REDIS_PORT6379Redis portSame as above
MILVUS_CLUSTER_ENDPOINThttp://milvus-standalone:19530Milvus endpointapi, celery-worker
MILVUS_TOKENroot:MilvusMilvus credentialsSame as above
NEO4J_URIbolt://localhost:7687Neo4j endpointapi, celery-worker
NEO4J_USERneo4jNeo4j usernameSame as above
NEO4J_PASS12345678Neo4j passwordSame as above
HF_ENDPOINThttps://hf-mirror.comHuggingFace Hub mirror entry (optional)docker-compose

4. File System and Object Storage

VariableExampleDescriptionPrimary scope
FILE_SYSTEM_USER_NAMErevornixBuilt-in/MinIO file system accountapi, celery-worker, docker-compose
FILE_SYSTEM_PASSWORD12345678Built-in/MinIO file system passwordSame as above
FILE_SYSTEM_SERVER_PUBLIC_URLhttp://localhost/api/file-servicePublic entry for frontend file access (via Nginx)api, celery-worker, nginx

5. Milvus Dependencies (Etcd / MinIO)

Only required when deploying Milvus via Docker Compose:

VariableExampleDescriptionPrimary scope
ETCD_ENDPOINTShttp://etcd:2379Etcd service endpointdocker-compose
ETCD_AUTO_COMPACTION_MODErevisionEtcd auto-compaction modeSame as above
ETCD_AUTO_COMPACTION_RETENTION1000Etcd revision retention countSame as above
ETCD_QUOTA_BACKEND_BYTES4294967296Etcd storage quotaSame as above
ETCD_SNAPSHOT_COUNT50000Etcd snapshot thresholdSame as above
MILVUS_MINIO_USER_NAMEminioadminMilvus internal MinIO userSame as above
MILVUS_MINIO_PASSWORDminioadminMilvus internal MinIO passwordSame as above

6. Third-Party Login, SMS, and Email

VariableExampleDescriptionPrimary scope
GOOGLE_CLIENT_ID...apps.googleusercontent.comGoogle OAuth client IDapi
GOOGLE_CLIENT_SECRET...Google OAuth client secretapi
GITHUB_CLIENT_ID...GitHub OAuth client IDapi
GITHUB_CLIENT_SECRET...GitHub OAuth client secretapi
WECHAT_WEB_APP_IDwx...WeChat web app IDapi
WECHAT_WEB_APP_SECRET...WeChat web app secretapi
WECHAT_MINI_APP_IDwx...WeChat mini app IDapi
WECHAT_MINI_APP_SECRET...WeChat mini app secretapi
TENCENT_SECRET_ID...Tencent Cloud SMS SecretIdapi, celery-worker
TENCENT_SECRET_KEY...Tencent Cloud SMS SecretKeySame as above
TENCENT_SMS_SDK_APP_ID...Tencent SMS SDK AppIDSame as above
TENCENT_SMS_APP_KEY...Tencent SMS AppKeySame as above
TENCENT_SMS_SIGNSIGNATURESMS signatureSame as above
SMTP_HOSTsmtp.example.comSMTP serverapi, celery-worker
SMTP_PORT465SMTP portSame as above
SMTP_USERNAMEnoreply@example.comSMTP usernameSame as above
SMTP_PASSWORD...SMTP password/app tokenSame as above

7. Observability and Tracing

VariableExampleDescriptionPrimary scope
LANGFUSE_BASE_URLhttps://langfuse.example.comLangfuse base URLapi, celery-worker
LANGFUSE_PUBLIC_KEY...Langfuse public keySame as above
LANGFUSE_SECRET_KEY...Langfuse secret keySame as above
API_SENTRY_ENABLETrueAPI Sentry toggle (True/False)api
API_SENTRY_DSNhttps://...API Sentry DSNapi
WORKER_SENTRY_ENABLETrueWorker Sentry togglecelery-worker
WORKER_SENTRY_DSNhttps://...Worker Sentry DSNcelery-worker

8. Models and Capability Extensions

VariableExampleDescriptionPrimary scope
ALI_DASHSCOPE_EMBEDDING_API_KEY...Aliyun DashScope embedding API keyapi, celery-worker
ALI_DASHSCOPE_EMBEDDING_ONFalseEnable DashScope embedding (True/False)Same as above
OFFICIAL_MODEL_PROVIDER_API_KEY...API key for initializing the official model providerapi, celery-worker
OFFICIAL_MODEL_PROVIDER_BASE_URLhttps://...Base URL for initializing the official model providerSame as above
MINERU_MODEL_SOURCE (optional)modelscopeMinerU model download sourceapi, celery-worker

9. Frontend-Visible Variables (Build-Time Injection)

These variables are injected into the browser or Next build output. Do not place sensitive information here.

VariableExampleDescriptionPrimary scope
NEXT_PUBLIC_API_PREFIXhttp://localhost:8001Base URL for the core backendweb
NEXT_PUBLIC_NOTIFICATION_WS_API_PREFIXws://localhost:8001/notification/wsWebSocket notification URLweb
NEXT_PUBLIC_HOT_NEWS_API_PREFIXhttp://localhost:6688Hot News service URLweb
NEXT_PUBLIC_WECHAT_APP_IDwx...Used to generate WeChat QR loginweb
NEXT_PUBLIC_ALLOW_THIRD_PARTY_AUTHtrue/falseToggle third-party login entryweb
NEXT_PUBLIC_HOSThttp://localhost:3000Public site URL (for share links)web
NEXT_PUBLIC_DEPLOY_HOSTSapp.revornix.com,app.revornix.cnAllowed domain listweb
NEXT_PUBLIC_GA_IDG-XXXXXXXGoogle Analytics IDweb
UNION_PAY_API_PREFIX (optional)https://pay.example.comPayment API prefix (Next build-time injection)web
NEXT_PUBLIC_PAYPAL_CLIENT_ID (optional)...PayPal client IDweb

10. Payments (Optional)

VariableExampleDescriptionPrimary scope
UNION_PAY_URL_PREFIXhttps://pay.example.comBase URL for backend payment callsapi, celery-worker
PAYPAL_API_URLhttps://api-m.sandbox.paypal.comPayPal API URL (sandbox by default)web
PAYPAL_CLIENT_SECRET...PayPal client secretweb

11. Daily Hot Aggregation Service (hot-news)

VariableDefaultDescriptionPrimary scope
PORT6688Service porthot-news
DISALLOW_ROBOTtrueBlock crawlershot-news
CACHE_TTL3600Ranking cache TTL (seconds)hot-news
REQUEST_TIMEOUT6000Upstream request timeout (ms)hot-news
ALLOWED_DOMAIN*Allowed domain wildcardhot-news
ALLOWED_HOSTimsyy.topAllowed top-level hosthot-news
USE_LOG_FILEtrueWrite log filehot-news
RSS_MODEfalseOutput RSS by defaulthot-news
REDIS_HOST127.0.0.1Redis host used by Hot Newshot-news
REDIS_PORT6379Hot News Redis porthot-news
REDIS_PASSWORD""Hot News Redis password (if required)hot-news

Wishing you a smooth deployment. Feel free to share feedback anytime.

Last updated on
WorkflowPrivacy