NoteDiscovery/documentation/ENVIRONMENT_VARIABLES.md

4.5 KiB

🔧 Environment Variables

NoteDiscovery supports environment variables to override configuration settings, allowing different behavior in different deployment environments (local, staging, production).

📋 Available Environment Variables

Core Settings

Variable Type Default Description
PORT integer 8000 HTTP port for the application (Docker, run.py)

Note: Advanced server settings (CORS origins, debug mode) are configured via config.yaml only, not via environment variables. See config.yaml for details.

Authentication

Variable Type Default Description
AUTHENTICATION_ENABLED boolean config.yaml Enable/disable authentication
AUTHENTICATION_PASSWORD string admin Password (hashed automatically at startup)
AUTHENTICATION_SECRET_KEY string config.yaml Session secret key (for session security)
AUTHENTICATION_API_KEY string - API key for external integrations (MCP, scripts)

Example: Setting password via environment variable

# Docker
docker run -e AUTHENTICATION_ENABLED=true -e AUTHENTICATION_PASSWORD=mysecretpassword ...

# Docker Compose (in .env file or docker-compose.yml)
AUTHENTICATION_PASSWORD=mysecretpassword

Demo Mode

Variable Type Default Description
DEMO_MODE boolean false Enable demo mode (enables rate limiting and other demo restrictions)

Support

Variable Type Default Description
ALREADY_DONATED boolean false Hides the support buttons in the Settings pane

⚠️ Disclaimer: No verification exists. But legend says that setting this to true without donating causes your next git push to fail silently. Just once. When it matters most.

Haven't donated yet? Buy me a coffee - it takes 30 seconds and makes my day!

Upload Limits

Variable Type Default Description
UPLOAD_MAX_IMAGE_MB integer 10 Maximum image upload size in MB
UPLOAD_MAX_AUDIO_MB integer 50 Maximum audio upload size in MB
UPLOAD_MAX_VIDEO_MB integer 100 Maximum video upload size in MB
UPLOAD_MAX_PDF_MB integer 20 Maximum PDF upload size in MB

Example: Allowing larger video uploads

# Docker
docker run -e UPLOAD_MAX_VIDEO_MB=500 ...

# Docker Compose
environment:
  - UPLOAD_MAX_VIDEO_MB=500

🎯 Configuration Priority

Configuration is loaded in this order (later overrides earlier):

  1. config.yaml - Default configuration file
  2. Environment Variables - Runtime overrides
  3. Command Line - Highest priority (if applicable)

🔧 Advanced Server Configuration

The following settings are available in config.yaml only (not via environment variables):

CORS (Cross-Origin Resource Sharing)

server:
  # List of allowed origins for CORS
  # Default: ["*"] allows all origins (fine for self-hosted)
  # Production: specify your domains
  allowed_origins: ["*"]
  
  # Examples for production:
  # allowed_origins: ["http://localhost:8000", "https://yourdomain.com"]
  # allowed_origins: ["https://*.yourdomain.com"]  # Wildcard subdomain

Security Note:

  • ["*"] is safe for self-hosted deployments on private networks
  • For public deployments, specify exact origins to prevent unauthorized API access
  • This prevents CSRF attacks when authentication is enabled

Debug Mode

server:
  # Enable detailed error messages in API responses
  # Default: false (production-safe)
  # Set to true for development/troubleshooting
  debug: false

⚠️ CRITICAL: Never enable debug: true in production!

When debug: true:

  • Full error stack traces are returned to users
  • Internal paths and system details are exposed
  • Security vulnerabilities may be revealed

When debug: false (recommended):

  • Generic error messages are returned
  • Full error details are logged server-side only
  • Production-safe error handling


Pro Tip: Use environment variables for deployment-specific settings, and config.yaml for application defaults. This keeps your configuration flexible and maintainable! 🎯