The Oopsie server is configured via environment variables.
Core settings
| Variable | Default | Description |
|---|
APP_ENV | prod | Symfony environment |
APP_SECRET | — | Application secret (change in production) |
DATABASE_URL | — | PostgreSQL connection string |
JWT authentication
| Variable | Description |
|---|
JWT_SECRET_KEY | Path to private key PEM file |
JWT_PUBLIC_KEY | Path to public key PEM file |
JWT_PASSPHRASE | Passphrase for the JWT keys |
JWT keys are auto-generated on first startup if not present.
Storage
| Variable | Default | Description |
|---|
STORAGE_ADAPTER | local | local or s3 |
STORAGE_LOCAL_PATH | /data/attachments | Local storage directory |
STORAGE_S3_BUCKET | — | S3 bucket name |
STORAGE_S3_REGION | — | S3 region |
STORAGE_S3_KEY | — | S3 access key |
STORAGE_S3_SECRET | — | S3 secret key |
STORAGE_S3_ENDPOINT | — | Custom S3 endpoint (for compatible services) |
Reverse proxy (Caddy)
Caddy handles HTTPS termination and subdomain routing. Configure via environment variables:
| Variable | Default | Description |
|---|
API_DOMAIN | http://api.localhost | API subdomain. Use https://api.example.com for auto HTTPS |
DASHBOARD_DOMAIN | http://app.localhost | Dashboard subdomain. Use https://app.example.com for auto HTTPS |
When using https:// domains, Caddy automatically obtains and renews TLS certificates via Let's Encrypt.
Dashboard
| Variable | Default | Description |
|---|
NEXT_PUBLIC_API_URL | http://api.localhost/api/v1 | API URL used by the dashboard (injected at runtime) |
Other
| Variable | Default | Description |
|---|
CORS_ALLOW_ORIGIN | * | CORS allowed origins (regex). Set to match your dashboard domain in production |
OOPSIE_VERSION | 1.0.0 | Current version (for update check) |