Core runtime
| Variable | Required | Description |
|---|---|---|
DATABASE_URL | Yes | PostgreSQL connection string |
PORT | No | Admin server port (default fallback is used when unset) |
CMS0_STORAGE_PATH | Recommended | Filesystem path for uploads |
CMS0_BACKUPS_PATH | Recommended | Filesystem path for schema/data backups |
CMS0_BACKUPS_RETENTION | No | Number of retained backups |
CMS0_BUN_RUNTIME | No | Bun runtime override for migration commands |
DRIZZLE_KIT_RUNTIME | No | Custom drizzle-kit runtime override |
Auth and access control
| Variable | Required | Description |
|---|---|---|
BETTER_AUTH_SECRET | Yes | Auth signing/encryption secret |
BETTER_AUTH_URL | Yes | Canonical auth base URL |
TRUSTED_ORIGINS | Yes | Comma-separated trusted origins |
CLIENT_BASE_URL | Yes | Base URL used in auth-generated links |
ADMIN_EMAIL | Recommended | Bootstrap admin email |
ADMIN_PASSWORD | Recommended | Bootstrap admin password |
BUN_PUBLIC_ORG_NAME | No | Default organization label |
BUN_PUBLIC_TEAM_NAME | No | Default team label |
GOOGLE_CLIENT_ID | Optional | Google OAuth client ID |
GOOGLE_CLIENT_SECRET | Optional | Google OAuth client secret |
| Variable | Required | Description |
|---|---|---|
EMAIL_FROM | Recommended | Sender address for transactional/auth emails |
PLUNK_API_KEY | Optional | API key for transactional provider integration |
Client and CLI integration
| Variable | Required | Description |
|---|---|---|
VITE_CMS0_API_BASEURL | Yes (client example) | Base URL used by frontend SDK |
VITE_CMS0_API_KEY | Yes (client example) | API key used by frontend SDK |
CMS0_API_BASEURL | Optional | Base URL used by generated helpers |
CMS0_API_KEY | Optional | API key used by generated helpers |
Public runtime toggles
| Variable | Required | Description |
|---|---|---|
BUN_PUBLIC_AUTH_URL | No | Public auth endpoint for UI/runtime wiring |
BUN_PUBLIC_API | No | Public API endpoint |
BUN_PUBLIC_VALIDATION_MODE | No | Validation mode flag |
BUN_PUBLIC_ENABLE_EMAIL | No | Enable/disable email features |