Nudgra OSS reads environment variables from .env locally and from the app.environment section in docker-compose.yml in the recommended production setup.
Local baseline
Copy .env.example to .env, then start from this local shape:
Production baseline
In production, these values must match your public domain:
Set the Google and Meta values after you configure Google OAuth and Meta / Instagram setup.
Secret values
Generate BETTER_AUTH_SECRET, TOKEN_ENCRYPTION_KEY, and META_VERIFY_TOKEN with OpenSSL:
Or generate them with Node:
Do not rotate BETTER_AUTH_SECRET or TOKEN_ENCRYPTION_KEY after real users or Instagram accounts are connected. Stored OAuth and Instagram tokens depend on those secrets.
Operator access
Use OPERATOR_EMAIL_ALLOWLIST to limit who can sign in to the dashboard:
The source app also supports NUDGRA_ALLOWED_EMAILS as a backwards-compatible alias. Prefer OPERATOR_EMAIL_ALLOWLIST in new deployments.
Postgres and jobs
The recommended Docker Compose deployment sets the app database URL to the internal Postgres service:
For production, change the Postgres password in docker-compose.yml and update DATABASE_URL to match.
pg-boss uses the PG_BOSS_SCHEMA schema, which defaults to pgboss.