Environment Variables

Reqcore validates all environment variables at startup using Zod schemas in server/utils/env.ts. If a required variable is missing or invalid, the application crashes immediately with a descriptive error.

Required Variables

These must be set for Reqcore to start:

Variable	Type	Description
`DATABASE_URL`	`string`	PostgreSQL connection string
`BETTER_AUTH_SECRET`	`string`	Session signing key (minimum 32 characters)
`BETTER_AUTH_URL`	`string`	Public URL of the application
`S3_ENDPOINT`	`string`	S3-compatible storage endpoint URL
`S3_ACCESS_KEY`	`string`	Storage access key ID
`S3_SECRET_KEY`	`string`	Storage secret access key
`S3_BUCKET`	`string`	Storage bucket name
`S3_REGION`	`string`	Storage region (e.g., `us-east-1`)

Optional Variables

Storage

Variable	Type	Default	Description
`S3_FORCE_PATH_STYLE`	`boolean`	`true`	Use path-style URLs. Set `true` for MinIO, `false` for AWS S3 / Railway Buckets

Public Site

Variable	Type	Default	Description
`NUXT_PUBLIC_SITE_URL`	`string`	`https://reqcore.com`	Public site URL for SEO, sitemaps, and meta tags

Demo Mode

Variable	Type	Default	Description
`DEMO_ORG_SLUG`	`string`	(empty)	When set, shows a read-only demo banner for this org
`LIVE_DEMO_EMAIL`	`string`	`demo@reqcore.com`	Prefilled email on sign-in page (demo mode)
`LIVE_DEMO_SECRET`	`string`	`demo1234`	Prefilled password on sign-in page (demo mode)

Integrations

Variable	Type	Default	Description
`GOOGLE_CLIENT_ID`	`string`	(empty)	Google OAuth 2.0 Client ID for Google Calendar integration. See Google Calendar Integration for setup instructions.
`GOOGLE_CLIENT_SECRET`	`string`	(empty)	Google OAuth 2.0 Client Secret for Google Calendar integration.
`GITHUB_FEEDBACK_TOKEN`	`string`	(empty)	GitHub Personal Access Token for in-app feedback
`GITHUB_FEEDBACK_REPO`	`string`	(empty)	GitHub repository slug for feedback issues (e.g., `reqcore-inc/reqcore`)
`NUXT_PUBLIC_GISCUS_REPO_ID`	`string`	(empty)	Giscus GitHub repository node ID for comments
`NUXT_PUBLIC_GISCUS_CATEGORY_ID`	`string`	(empty)	Giscus Discussions category node ID for comments

Railway-Specific

These are set automatically by Railway:

Variable	Description
`RAILWAY_ENVIRONMENT_NAME`	Name of the Railway environment (e.g., `production`, `pr-42`)
`RAILWAY_PUBLIC_DOMAIN`	Public domain assigned by Railway
`PORT`	Port assigned by Railway for the service

Local Development (.env)

The setup.sh script generates a .env file with sensible defaults. Example:

# Database
DATABASE_URL=postgresql://reqcore:generated_password@localhost:5432/reqcore

# Authentication
BETTER_AUTH_SECRET=generated_random_string_64_chars
BETTER_AUTH_URL=http://localhost:3000

# Object Storage (MinIO)
S3_ENDPOINT=http://localhost:9000
S3_ACCESS_KEY=minioadmin
S3_SECRET_KEY=generated_password
S3_BUCKET=reqcore
S3_REGION=us-east-1
S3_FORCE_PATH_STYLE=true

# MinIO (Docker Compose)
MINIO_ROOT_USER=minioadmin
MINIO_ROOT_PASSWORD=generated_password

# PostgreSQL (Docker Compose)
POSTGRES_USER=reqcore
POSTGRES_PASSWORD=generated_password
POSTGRES_DB=reqcore

Railway Template Variables

When deploying on Railway, use template variables to reference other services:

DATABASE_URL=${{Postgres.DATABASE_URL}}
S3_ENDPOINT=${{Bucket.ENDPOINT}}
S3_ACCESS_KEY=${{Bucket.ACCESS_KEY_ID}}
S3_SECRET_KEY=${{Bucket.SECRET_ACCESS_KEY}}
S3_BUCKET=${{Bucket.BUCKET}}
S3_REGION=${{Bucket.REGION}}

Security Notes

Never commit .env files to version control — the .gitignore already excludes them
Use setup.sh to generate cryptographically secure secrets
In production, use your platform's secret management (Railway variables, Docker secrets, etc.)
The env utility in server/utils/env.ts is the only sanctioned way to access environment variables in server code

Next Steps

Docker Compose Deployment — Self-hosted deployment
Railway Deployment — Managed cloud deployment
Security — Security boundaries and best practices