General

NEXT_PUBLIC_BASE_URL
required
The base url where this instance is accessible, including the scheme (eg. http:// or https://), the domain name, and optionally a port.
SECRET_PASSWORD
required
A random 32-character secret key used to encrypt user sessions
SUPPORT_EMAIL
required
This email will be shown as the contact email for support queries.
NOREPLY_EMAIL
This email is used as the sender for all transactional emails. If not set, SUPPORT_EMAIL will be used instead.
NOREPLY_EMAIL_NAME
default:"Rallly"
This name is used as the sender name for all transactional emails.
INITIAL_ADMIN_EMAIL
Specifies the email address of the first user who will be eligible to become an administrator. After the application starts, the user with this email address must navigate to /control-panel and click a button to claim their admin role.

Database

DATABASE_URL
required
Postgres database connection string

Email (SMTP)

SMTP_HOST
The host address of your SMTP server
SMTP_PORT
default:"25 or 465"
The port of your SMTP server
SMTP_SECURE
default:"false"
Set to “true” if SSL is enabled for your SMTP connection
SMTP_USER
default:""
The username (if auth is enabled on your SMTP server)
SMTP_PWD
default:""
The password (if auth is enabled on your SMTP server)
SMTP_TLS_ENABLED
default:"false"
Enable TLS for your SMTP connection

Auth

ALLOWED_EMAILS
Comma separated list of email addresses that are allowed to register and login. Wildcard characters are supported. Example: Setting it to *@example.com to allow anyone with a @example.com email address.

Google

GOOGLE_CLIENT_ID
The client ID of your Google application
GOOGLE_CLIENT_SECRET
The client secret of your Google application

Microsoft

MICROSOFT_TENANT_ID
The tenant ID of your Microsoft application
MICROSOFT_CLIENT_ID
The client ID of your Microsoft application
MICROSOFT_CLIENT_SECRET
The client secret of your Microsoft application

Custom SSO (OIDC)

The following must be set for OIDC to work:
  • OIDC_DISCOVERY_URL
  • OIDC_CLIENT_ID
  • OIDC_CLIENT_SECRET
  • OIDC_ISSUER_URL
OIDC_NAME
default:"OpenID Connect"
The display name of your provider as it will be shown on the login page
OIDC_DISCOVERY_URL
URL of the .well-known/openid-configuration endpoint for your OIDC provider
OIDC_ISSUER_URL
URL of the issuer for your OIDC provider. You can get this from your OpenId Configuration endpoint.
OIDC_CLIENT_ID
The client ID of your OIDC application
OIDC_CLIENT_SECRET
The client secret of your OIDC application
OIDC_NAME_CLAIM_PATH
default:"name"
The path to the claim that contains the user’s name
OIDC_EMAIL_CLAIM_PATH
default:"email"
The path to the claim that contains the user’s email address
OIDC_PICTURE_CLAIM_PATH
default:"picture"
The path to the claim that contains the user’s profile picture
Use dot notation in _CLAIM_PATH fields to access nested objects.

Storage (S3)

S3_BUCKET_NAME
The name of your S3 bucket
S3_ACCESS_KEY_ID
The access key ID of your S3 server
S3_SECRET_ACCESS_KEY
The secret access key of your S3 server
S3_ENDPOINT
The endpoint of your S3 server. Can be left empty if using AWS S3.
S3_REGION
The region of your S3 server. Can be left empty if using AWS S3.