Environment Variables
All configuration is in .env. Copy .env.example to .env and fill in values.
Required
| Variable |
Description |
DB_MASTER_PASSWORD |
Master password for credential encryption (AES-256-GCM). Never loses this — it's the key to all stored secrets |
AIDE_DB_URL |
PostgreSQL connection URL for the main aide database. Example: postgresql://aide:password@postgres:5432/aide |
Database
| Variable |
Default |
Description |
BRAIN_DB_URL |
— |
PostgreSQL URL for the 2nd Brain database (needs pgvector extension). Example: postgresql://brain:password@postgres:5432/brain |
BRAIN_DB_PASSWORD |
— |
PostgreSQL password for the brain user (used in docker-compose variable substitution) |
BRAIN_MCP_KEY |
— |
API key for the Brain MCP server endpoint at /brain-mcp/sse. Generate: openssl rand -hex 32 |
Server
| Variable |
Default |
Description |
PORT |
8080 |
TCP port the server listens on |
TIMEZONE |
Europe/Oslo |
Timezone for displaying dates and scheduling cron jobs. All timestamps are stored in UTC |
AI provider defaults
These provide initial defaults. After first run, configure providers via Settings → General.
| Variable |
Default |
Description |
DEFAULT_PROVIDER |
anthropic |
Provider to use by default: anthropic, openrouter, or openai. Overridden by system:default_provider in the DB |
DEFAULT_MODEL |
(empty) |
Default model ID. Empty = use provider's own default |
DEFAULT_CHAT_MODEL |
(empty) |
Model pre-selected in the chat UI. Supports provider:model format (e.g. anthropic:claude-sonnet-4-6) |
Note: API keys (ANTHROPIC_API_KEY, etc.) are no longer read from .env after the first run. They are stored encrypted in the database via Settings → Credentials.
Runtime limits
These are the initial defaults. They can be overridden live in Settings → General → Runtime Limits without restarting.
| Variable |
Default |
Description |
MAX_TOOL_CALLS |
20 |
Maximum tool calls per agent run. Overridable per-agent in the Agents UI |
MAX_AUTONOMOUS_RUNS_PER_HOUR |
10 |
Rate limit for scheduled agent runs per hour |
Priority order for runtime limits
- Per-agent
max_tool_calls column in the database
system:max_tool_calls credential (set via Settings UI)MAX_TOOL_CALLS in .env- Hardcoded default (20)
Notes
- Variables that start with
system: are stored in the credentials table, not .env
- All API keys should be set via the Settings UI after first run (they are encrypted in the DB)
.env is never committed to git (it's in .gitignore)- The
.env file is loaded from the project root (one directory above server/)