> ## Documentation Index
> Fetch the complete documentation index at: https://docs.equa.cc/llms.txt
> Use this file to discover all available pages before exploring further.

# Environments and Configuration

> Environment variables, configuration, and deployment targets

# Environments and Configuration

## Deployment Environments

| Environment | Frontend URL                                 | API URL                                                                                                             | Database                 |
| ----------- | -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------ |
| Development | `http://localhost:8080`                      | `http://localhost:3000`                                                                                             | Local PostgreSQL (:5432) |
| Staging     | `https://staging.app.equa.cc`                | Same-origin `/api/v1` via the staging SPA host; any direct staging API hostname must be verified separately         | Staging PostgreSQL       |
| Production  | `https://app.equa.cc` (current interim host) | Same-origin `/api/v1` via the SPA host and nginx proxy; direct `api.equa.cc` usage is a separate host-level concern | Production PostgreSQL    |

## Local Development Port Map

Source: `equa-start-dev` skill, verified against package.json scripts and service configs.

| Port  | Service                                 | Repository               | Command                                                         |
| ----- | --------------------------------------- | ------------------------ | --------------------------------------------------------------- |
| 3000  | equa-server (Express backend API)       | `equa-server`            | `yarn start:dev`                                                |
| 3001  | command-center-so (Next.js dev)         | `command-center-so`      | `npm run dev` (runs `next dev -p 3001`; open `/command-center`) |
| 3333  | equa-patternlib (Next.js dev, optional) | `equa-patternlib-nextjs` | `npm run dev` (runs `next dev -p 3333`)                         |
| 3337  | equa-docs (Mintlify dev preview)        | `equa-docs`              | `npm run dev` (runs `mintlify dev --port 3337`)                 |
| 5432  | PostgreSQL (Docker)                     | `equa-server`            | `docker-compose up -d`                                          |
| 6006  | Storybook (component library)           | `equa-patternlib-nextjs` | `npm run storybook`                                             |
| 8080  | equa-web (Webpack dev server)           | `equa-web`               | `yarn start`                                                    |
| 9222  | Comet-Bridge CDP (Comet browser)        | `Comet-Bridge`           | `comet session start`                                           |
| 18789 | equabot Gateway (WebSocket)             | `equabot`                | `node scripts/run-node.mjs --dev gateway --port 18789`          |
| 18791 | equabot Browser Control                 | `equabot`                | (started with gateway)                                          |
| 19792 | Equanaut API (Hetzner/local)            | External                 | FastAPI server                                                  |

<Warning>
  Port 3000 is reserved for equa-server. The command-center-so `npm run dev` script binds to port 3001 (`next dev -p 3001`). The equa-patternlib `npm run dev` script binds to port 3333 (`next dev -p 3333`). Equa Docs binds to port 3337 to avoid that patternlib conflict. Never run other services on port 3000.
</Warning>

## Backend Environment Variables

Source: `equa-server/modules/api/src/server.ts`, `equa-server/modules/persistence/src/site/connecting.ts`, `equa-server/modules/auth/src/`

### Database

| Variable                  | Default    | Description                                  |
| ------------------------- | ---------- | -------------------------------------------- |
| `DATABASE_TYPE`           | `postgres` | Database type                                |
| `DATABASE_HOST`           | —          | Database hostname                            |
| `DATABASE_USERNAME`       | —          | Database user                                |
| `DATABASE_PASSWORD`       | —          | Database password                            |
| `DATABASE_NAME`           | —          | Database name                                |
| `DATABASE_SCHEMA`         | —          | Database schema                              |
| `DATABASE_LOGS`           | —          | Comma-separated logging options              |
| `DATABASE_MAX_QUERY_TIME` | —          | Slow query threshold                         |
| `DATABASE_SYNC`           | —          | Set to `false` to disable schema sync in dev |

### Server

| Variable               | Default                  | Description                    |
| ---------------------- | ------------------------ | ------------------------------ |
| `PORT`                 | `3000`                   | Express server port            |
| `NODE_ENV`             | —                        | `development` or `production`  |
| `API_SSL`              | —                        | Enable HTTPS                   |
| `SSL_PRIVATE_KEY_PATH` | —                        | Path to SSL private key        |
| `SSL_PUBLIC_KEY_PATH`  | —                        | Path to SSL certificate        |
| `LOG_ERRORS`           | `true`                   | Enable error logging           |
| `APP_URL`              | `https://localhost:8080` | Frontend URL (for email links) |

### Authentication

| Variable                           | Default   | Description                          |
| ---------------------------------- | --------- | ------------------------------------ |
| `API_SESSION_SECRET`               | —         | Express session secret               |
| `API_SESSION_MAX_AGE`              | `2520000` | Session max age in ms (\~42 minutes) |
| `GOOGLE_OAUTH_CLIENT_ID`           | —         | Google OAuth client ID               |
| `TWO_FACTOR_PRIVATE_KEY`           | —         | 2FA encryption key                   |
| `MAGIC_LINK_EXPIRY_MINUTES`        | `15`      | Magic link token expiry              |
| `EMAIL_VERIFICATION_LIMIT_SECONDS` | `1800`    | Email verification rate limit        |
| `REGISTRATION_IP_LIMIT`            | `20`      | Max registrations per IP             |

### Email / Notifications

| Variable             | Default     | Description                         |
| -------------------- | ----------- | ----------------------------------- |
| `EMAIL_TRANSPORTER`  | —           | `dev`, `smtp`, or default (AWS SES) |
| `SMTP_HOST`          | —           | SMTP server hostname                |
| `SMTP_PORT`          | —           | SMTP port                           |
| `SMTP_SECURE`        | —           | Use TLS                             |
| `SMTP_USER`          | —           | SMTP username                       |
| `SMTP_PASS`          | —           | SMTP password                       |
| `AWS_SES_REGION`     | `us-east-1` | SES region                          |
| `FROM_EMAIL_NAME`    | —           | Sender display name                 |
| `FROM_EMAIL_ADDRESS` | —           | Sender email address                |
| `GLOBAL_BCC`         | —           | BCC address for all emails          |

### File Storage

| Variable                      | Default | Description             |
| ----------------------------- | ------- | ----------------------- |
| `AWS_S3_UPLOAD_SIZE_LIMIT_MB` | `10`    | Max upload size in MB   |
| `STATIC_FILE_URL`             | —       | Static file serving URL |

### Integrations

| Variable                     | Default | Description                     |
| ---------------------------- | ------- | ------------------------------- |
| `MS_AUTH_CLIENT_ID`          | —       | Microsoft OAuth client ID       |
| `MS_AUTH_TENANT_ID`          | —       | Microsoft tenant ID             |
| `MS_AUTH_SECRET`             | —       | Microsoft OAuth secret          |
| `MS_AUTH_ENABLED`            | —       | Enable Microsoft integration    |
| `GOOGLE_DRIVE_CLIENT_ID`     | —       | Google Drive OAuth client ID    |
| `GOOGLE_DRIVE_CLIENT_SECRET` | —       | Google Drive OAuth secret       |
| `GOOGLE_DRIVE_REDIRECT_URI`  | —       | Google Drive OAuth redirect     |
| `GOOGLE_DRIVE_ENABLED`       | —       | Enable Google Drive integration |
| `ANTHROPIC_API_KEY`          | —       | Claude API key for Equanaut     |

## Frontend Environment Variables

Source: `equa-web/webpack.config.js` (DefinePlugin)

| Variable             | Default                    | Description                                                                                                                                                                                                          |
| -------------------- | -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `API_URL`            | `/api/v1`                  | Backend API base URL                                                                                                                                                                                                 |
| `CAPTCHA_SITE_KEY`   | —                          | **Required.** reCAPTCHA v2 site key. Without it, auth forms will not render the CAPTCHA widget (hardcoded test key removed in PR #493). Get from [Google reCAPTCHA console](https://www.google.com/recaptcha/admin). |
| `EQUANAUT_API_URL`   | `/equanaut-api`            | Equanaut AI API URL                                                                                                                                                                                                  |
| `EQUANAUT_MODEL`     | `claude-sonnet-4-20250514` | Default AI model                                                                                                                                                                                                     |
| `API_PROXY_URL`      | `http://localhost:3000`    | Dev proxy target for `/api`                                                                                                                                                                                          |
| `EQUANAUT_PROXY_URL` | `http://localhost:19792`   | Dev proxy target for `/equanaut-api`                                                                                                                                                                                 |

<Note>
  The production browser build does not hardcode a Cloud Run hostname. `API_URL` defaults to `/api/v1`, and the committed nginx config proxies `/api/` to the Railway-hosted backend target.
</Note>

## Comet-Bridge Environment Variables

Source: `Comet-Bridge/comet-mcp/src/index.ts`, `Comet-Bridge/scripts/lifecycle-sync.mjs`

| Variable                 | Default                                                    | Description                                                                        |
| ------------------------ | ---------------------------------------------------------- | ---------------------------------------------------------------------------------- |
| `COMET_CC_LIFECYCLE_URL` | `http://localhost:3001/command-center/api/comet/lifecycle` | Lifecycle sync endpoint URL (overrides default for non-standard CC-SO deployments) |

See [Comet Browser — Environment overrides](/tools/comet-browser#environment-overrides) for the full Comet-Bridge variable list.
