Configuration
Core environment variables supported by SculptOps.
SculptOps is configured with environment variables. In Docker Compose deployments, define them in your deployment environment or in a git-ignored .env file.
Core
| Variable | Required | Description |
|---|---|---|
| DATABASE_URL | Yes | PostgreSQL connection string. |
| AUTH_SECRET | Yes | Random secret used by Auth.js for session signing. |
| AUTH_URL | Yes in production | External base URL of the app. |
| ENCRYPTION_KEY | Yes | 64-character hex key used to encrypt stored secrets. |
| NEXT_PUBLIC_APP_URL | Yes in production | External app URL used for user-facing links. |
| NEXT_PUBLIC_APP_NAME | No | Display name shown in parts of the UI. |
Danger
Never commit
AUTH_SECRET or ENCRYPTION_KEY. Store production values in your deployment secret manager.Ansible execution
| Variable | Default | Description |
|---|---|---|
| ANSIBLE_DOCKER_IMAGE | cytopia/ansible:latest | Container image used for Ansible runs. |
| ANSIBLE_DOCKER_NETWORK | bridge | Docker network used by execution containers. |
| ANSIBLE_EXECUTION_TIMEOUT | 1800 | Maximum execution duration in seconds. |
| ANSIBLE_MAX_MEMORY | 2g | Memory limit for an execution container. |
| ANSIBLE_MAX_CPUS | 4 | CPU limit for an execution container. |
| ANSIBLE_MAX_PIDS | 512 | PID limit for an execution container. |
Outbound security
| Variable | Default | Description |
|---|---|---|
| ALLOW_PRIVATE_OUTBOUND | false | Allow outbound callbacks to private IP ranges. Enable only for trusted internal deployments. |
| ALLOW_INSECURE_OUTBOUND_HTTP | false | Allow non-HTTPS outbound callback URLs. Not recommended for production. |
Community library
| Variable | Required | Description |
|---|---|---|
| COMMUNITY_API_URL | No | URL of the community API. Leave unset to disable community features. |
| COMMUNITY_SUBMIT_KEY | If community is enabled | Submit key shared with the community API. |