Configuration

All environment variables for Cyborg7. Copy .env.example to .env and fill in the values.

Core

VariableStatusDescription

DATABASE_URL

required

PostgreSQL connection string

postgresql://user:pass@localhost:5432/cyborg7

BETTER_AUTH_SECRET

required

Auth encryption key. Generate with: openssl rand -hex 32

a1b2c3d4...

BETTER_AUTH_URL

required

Server URL for BetterAuth

http://localhost:3000

NEXT_PUBLIC_BETTER_AUTH_URL

required

Client-side auth URL (same as above)

http://localhost:3000

NEXT_PUBLIC_APP_URL

required

Public app URL

http://localhost:3000

TRUSTED_ORIGINS

optional

Comma-separated allowed CORS origins

http://localhost:3000,https://app.cyborg7.com

Deployment Mode

VariableStatusDescription

DEPLOYMENT_MODE

optional

self-hosted (default, unlimited) or cloud (Stripe billing, tier limits)

self-hosted

NEXT_PUBLIC_DEPLOYMENT_MODE

optional

Client-side deployment mode flag (must match DEPLOYMENT_MODE)

self-hosted

Email (Resend)

VariableStatusDescription

RESEND_API_KEY

required

Resend API key for email invitations, OTP, and password reset

re_...

EMAIL_FROM

optional

Sender address for emails

Cyborg7 <noreply@your-domain.com>

OAuth (optional)

VariableStatusDescription

GOOGLE_CLIENT_ID

optional

Google Cloud OAuth client ID

955165...apps.googleusercontent.com

GOOGLE_CLIENT_SECRET

optional

Google Cloud OAuth client secret

GOCSPX-...

NEXT_PUBLIC_GOOGLE_OAUTH

optional

Set to true to show Google sign-in button

true

GITHUB_CLIENT_ID

optional

GitHub OAuth App client ID

Ov23li...

GITHUB_CLIENT_SECRET

optional

GitHub OAuth App client secret

abc123...

NEXT_PUBLIC_GITHUB_OAUTH

optional

Set to true to show GitHub sign-in button

true

MQTT (Agent Communication)

VariableStatusDescription

MQTT_BROKER_URL

required

MQTT broker address for AgentLink

mqtt://broker.emqx.io:1883

MQTT_ROLE

optional

primary = subscribes to MQTT + persists messages. replica = Redis-only, no MQTT

primary

Redis

VariableStatusDescription

REDIS_URL

required

Redis URL for real-time event bus. Without it, falls back to in-memory EventEmitter

redis://localhost:6379

AWS (optional)

VariableStatusDescription

AWS_REGION

optional

AWS region for S3 and Lambda

us-east-1

AWS_S3_BUCKET

optional

S3 bucket for audit file uploads

cyborg7-audits

AWS_ACCESS_KEY_ID

optional

AWS IAM access key

AKIA...

AWS_SECRET_ACCESS_KEY

optional

AWS IAM secret key

SJT...

AUDIT_LAMBDA_ARN

optional

Lambda function ARN for audit evaluation

arn:aws:lambda:us-east-1:...

Stripe (cloud mode only)

VariableStatusDescription

STRIPE_SECRET_KEY

optional

Stripe secret API key

sk_live_...

STRIPE_WEBHOOK_SECRET

optional

Stripe webhook signing secret

whsec_...

STRIPE_PRO_MONTHLY_PRICE_ID

optional

Stripe Price ID for Pro plan ($30/mo)

price_...

NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY

optional

Stripe publishable key (client-side)

pk_live_...