Environment Variables

This page documents all environment variables used by Auktiva. Copy .env.example to .env and configure as needed.


cp .env.example .env

Required Variables

These variables must be set for Auktiva to function.

Variable	Description	Example
`DATABASE_URL`	Database connection string	`file:./data/auktiva.db` or `libsql://mydb.turso.io`
`AUTH_SECRET`	Secret key for encrypting sessions. Generate with `openssl rand -base64 32`	`K7gNz...` (32+ chars)
`AUTH_URL`	Base URL of your application	`https://auctions.example.com`

Database

Variable	Required	Description	Example
`DATABASE_URL`	Yes	SQLite file path or Turso URL	`file:./data/auktiva.db`
`DATABASE_AUTH_TOKEN`	Turso only	Turso authentication token	`eyJhbGci...`

SQLite (local):


DATABASE_URL="file:./data/auktiva.db"

Turso (cloud):


DATABASE_URL="libsql://your-database.turso.io"
DATABASE_AUTH_TOKEN="your-turso-auth-token"

Authentication

Variable	Required	Description	Example
`AUTH_SECRET`	Yes	Session encryption key	`openssl rand -base64 32`
`AUTH_URL`	Yes	Application base URL	`https://auctions.example.com`

Always generate a unique AUTH_SECRET for production. Never use example values.

Storage

Variable	Required	Description	Example
`STORAGE_PROVIDER`	No	Storage backend: `local` or `s3`	`local`
`S3_BUCKET`	S3 only	S3 bucket name	`my-auktiva-uploads`
`S3_REGION`	S3 only	AWS region	`us-east-1`
`S3_ACCESS_KEY_ID`	S3 only	AWS access key	`AKIA...`
`S3_SECRET_ACCESS_KEY`	S3 only	AWS secret key	`wJalr...`
`S3_ENDPOINT`	No	Custom S3 endpoint (MinIO, R2)	`https://s3.example.com`
`S3_PUBLIC_URL`	No	Custom public URL for files	`https://cdn.example.com`

Local storage (default):


STORAGE_PROVIDER="local"

S3 storage:


STORAGE_PROVIDER="s3"
S3_BUCKET="my-auktiva-uploads"
S3_REGION="us-east-1"
S3_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
S3_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"

Cloudflare R2:


STORAGE_PROVIDER="s3"
S3_BUCKET="my-bucket"
S3_REGION="auto"
S3_ACCESS_KEY_ID="your-r2-access-key"
S3_SECRET_ACCESS_KEY="your-r2-secret-key"
S3_ENDPOINT="https://ACCOUNT_ID.r2.cloudflarestorage.com"

Email

Variable	Required	Description	Example
`EMAIL_PROVIDER`	No	Email provider: `brevo` or `smtp`	`brevo`
`MAIL_FROM`	No	Sender email address	`noreply@example.com`
`MAIL_FROM_NAME`	No	Sender display name	`Auktiva`
`NEXT_PUBLIC_APP_URL`	No	App URL for email links	`https://auctions.example.com`
`CRON_SECRET`	Production	Secret for cron job authentication	`openssl rand -base64 32`

Brevo Provider

Variable	Required	Description	Example
`BREVO_API_KEY`	Brevo only	Brevo API key from app.brevo.com	`xkeysib-...`


EMAIL_PROVIDER="brevo"
BREVO_API_KEY="xkeysib-your-api-key"
MAIL_FROM="noreply@example.com"
MAIL_FROM_NAME="Auktiva"

SMTP Provider

Variable	Required	Description	Example
`SMTP_HOST`	SMTP only	SMTP server hostname	`smtp.gmail.com`
`SMTP_PORT`	SMTP only	SMTP server port	`587`
`SMTP_SECURE`	No	Use implicit TLS (port 465)	`false`
`SMTP_USER`	No	SMTP username	`user@example.com`
`SMTP_PASSWORD`	No	SMTP password	`app-password`


EMAIL_PROVIDER="smtp"
SMTP_HOST="smtp.gmail.com"
SMTP_PORT="587"
SMTP_SECURE="false"
SMTP_USER="your-email@gmail.com"
SMTP_PASSWORD="your-app-password"
MAIL_FROM="noreply@example.com"

OAuth Providers (Optional)

Google OAuth

Variable	Required	Description	Example
`GOOGLE_CLIENT_ID`	No	Google OAuth client ID	`123456.apps.googleusercontent.com`
`GOOGLE_CLIENT_SECRET`	No	Google OAuth client secret	`GOCSPX-...`

Get credentials from Google Cloud Console .

Redirect URI: https://yourdomain.com/api/auth/callback/google

Microsoft OAuth

Variable	Required	Description	Example
`MICROSOFT_CLIENT_ID`	No	Azure AD application ID	`12345678-1234-...`
`MICROSOFT_CLIENT_SECRET`	No	Azure AD client secret	`abc123...`

Get credentials from Azure Portal .

Redirect URI: https://yourdomain.com/api/auth/callback/azure-ad

reCAPTCHA (Optional)

Variable	Required	Description	Example
`NEXT_PUBLIC_RECAPTCHA_SITE_KEY`	No	reCAPTCHA v2 site key (public)	`6Lc...`
`RECAPTCHA_SECRET_KEY`	No	reCAPTCHA v2 secret key	`6Lc...`

Get keys from Google reCAPTCHA Admin .

Realtime (WebSocket)

Soketi (Self-Hosted)

Variable	Required	Description	Example
`NEXT_PUBLIC_REALTIME_DRIVER`	No	Realtime driver	`soketi`
`NEXT_PUBLIC_SOKETI_APP_KEY`	Soketi	Public app key	`openssl rand -hex 16`
`NEXT_PUBLIC_SOKETI_HOST`	Soketi	Public hostname for browser connections	`auctions.example.com`
`NEXT_PUBLIC_SOKETI_PORT`	No	WebSocket port	`6001`
`NEXT_PUBLIC_SOKETI_USE_TLS`	No	Use WSS (secure WebSocket)	`true`
`SOKETI_APP_ID`	Soketi	App ID for server	`auktiva`
`SOKETI_APP_SECRET`	Soketi	Secret for signing (server-only)	`openssl rand -hex 32`
`SOKETI_HOST`	No	Internal host for server connections	`127.0.0.1`


NEXT_PUBLIC_REALTIME_DRIVER="soketi"
NEXT_PUBLIC_SOKETI_APP_KEY="a1b2c3d4e5f6g7h8"
NEXT_PUBLIC_SOKETI_HOST="auctions.example.com"
NEXT_PUBLIC_SOKETI_PORT="6001"
NEXT_PUBLIC_SOKETI_USE_TLS="true"
SOKETI_APP_ID="auktiva"
SOKETI_APP_SECRET="your-secret-key-here"
SOKETI_HOST="127.0.0.1"

SOKETI_HOST is for server-side connections (internal). NEXT_PUBLIC_SOKETI_HOST is for browser connections (must be publicly accessible).

Pusher (Cloud)

Variable	Required	Description	Example
`NEXT_PUBLIC_REALTIME_DRIVER`	No	Realtime driver	`pusher`
`NEXT_PUBLIC_PUSHER_KEY`	Pusher	Pusher app key	`abc123...`
`NEXT_PUBLIC_PUSHER_CLUSTER`	Pusher	Pusher cluster	`eu`
`PUSHER_APP_ID`	Pusher	Pusher app ID	`123456`
`PUSHER_SECRET`	Pusher	Pusher secret	`xyz789...`


NEXT_PUBLIC_REALTIME_DRIVER="pusher"
NEXT_PUBLIC_PUSHER_KEY="your-pusher-key"
NEXT_PUBLIC_PUSHER_CLUSTER="eu"
PUSHER_APP_ID="123456"
PUSHER_SECRET="your-pusher-secret"

Get credentials from Pusher Dashboard .

Feature Flags

Variable	Required	Default	Description
`ALLOW_OPEN_AUCTIONS`	No	`false`	Allow users to create public auctions
`MAINTENANCE_MODE`	No	`false`	Show maintenance page to all users


ALLOW_OPEN_AUCTIONS="true"
MAINTENANCE_MODE="false"

Complete Example

Development (SQLite + Local Storage)


DATABASE_URL="file:./data/auktiva.db"
AUTH_SECRET="dev-secret-change-in-production"
AUTH_URL="http://localhost:3000"
STORAGE_PROVIDER="local"
ALLOW_OPEN_AUCTIONS="true"

Production (Docker with Soketi)


# Database
DATABASE_URL="file:./data/auktiva.db"
 
# Authentication
AUTH_SECRET="K7gNzX9p2mQ4vR8sT1wY6bC3dF5hJ0kL"
AUTH_URL="https://auctions.example.com"
 
# Storage
STORAGE_PROVIDER="local"
 
# Email
EMAIL_PROVIDER="brevo"
BREVO_API_KEY="xkeysib-your-api-key"
MAIL_FROM="noreply@example.com"
MAIL_FROM_NAME="Auktiva"
NEXT_PUBLIC_APP_URL="https://auctions.example.com"
CRON_SECRET="your-cron-secret"
 
# Realtime
NEXT_PUBLIC_REALTIME_DRIVER="soketi"
NEXT_PUBLIC_SOKETI_APP_KEY="a1b2c3d4e5f6g7h8"
NEXT_PUBLIC_SOKETI_HOST="auctions.example.com"
NEXT_PUBLIC_SOKETI_PORT="6001"
NEXT_PUBLIC_SOKETI_USE_TLS="true"
SOKETI_APP_ID="auktiva"
SOKETI_APP_SECRET="your-soketi-secret"
SOKETI_HOST="soketi"
 
# Features
ALLOW_OPEN_AUCTIONS="false"

Production (Vercel with Turso + S3)


# Database (Turso)
DATABASE_URL="libsql://myapp.turso.io"
DATABASE_AUTH_TOKEN="eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9..."
 
# Authentication
AUTH_SECRET="K7gNzX9p2mQ4vR8sT1wY6bC3dF5hJ0kL"
AUTH_URL="https://auctions.example.com"
 
# Storage (S3)
STORAGE_PROVIDER="s3"
S3_BUCKET="my-auktiva-uploads"
S3_REGION="us-east-1"
S3_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
S3_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
 
# Email
EMAIL_PROVIDER="brevo"
BREVO_API_KEY="xkeysib-your-api-key"
MAIL_FROM="noreply@example.com"
NEXT_PUBLIC_APP_URL="https://auctions.example.com"
CRON_SECRET="your-cron-secret"
 
# Realtime (Pusher for serverless)
NEXT_PUBLIC_REALTIME_DRIVER="pusher"
NEXT_PUBLIC_PUSHER_KEY="your-pusher-key"
NEXT_PUBLIC_PUSHER_CLUSTER="eu"
PUSHER_APP_ID="123456"
PUSHER_SECRET="your-pusher-secret"
 
# Features
ALLOW_OPEN_AUCTIONS="false"

Generating Secrets


# Generate AUTH_SECRET or CRON_SECRET
openssl rand -base64 32
 
# Generate Soketi app key
openssl rand -hex 16
 
# Generate Soketi app secret
openssl rand -hex 32