Dory Docs
Deploy

Dory Environment Variables

Dory deployment behavior is controlled by environment variables. Treat production values as secrets and do not commit them to source control or bake them into public images.

Required Variables

VariablePurposeExample
DS_SECRET_KEYRuntime secret used by application security features.openssl rand -base64 32
BETTER_AUTH_SECRETBetter Auth secret.openssl rand -hex 32
BETTER_AUTH_URLPublic base URL users open.https://dory.example.com

BETTER_AUTH_URL must match the browser-facing URL, or login, callback, invitation, and email links can break.

Application Database

Dory stores its own workspace data in an application database. This is separate from the external databases you connect and query through Dory.

VariablePurpose
DB_TYPEApplication database provider. Use pglite for local file storage or postgres for production Postgres. Defaults to pglite.
PGLITE_DB_PATHPGlite file path. In Docker, keep this under a mounted directory such as /app/data/dory.
DATABASE_URLPostgres connection string when DB_TYPE=postgres.
POSTGRES_URLAlternative Postgres connection string if DATABASE_URL is not set.
POSTGRES_CONNECTION_STRINGAlternative Postgres connection string if the other Postgres URL variables are not set.
POSTGRES_SSLSet to true when the Postgres server requires SSL.
POSTGRES_SSL_REJECT_UNAUTHORIZEDSet to false only when you intentionally need to skip certificate verification.
POSTGRES_MAX_CONNECTIONSOptional Postgres pool size limit.

PGlite example:

DB_TYPE=pglite
PGLITE_DB_PATH=/app/data/dory

Postgres example:

DB_TYPE=postgres
DATABASE_URL=postgres://dory:strong_password@postgres.example.com:5432/dory
POSTGRES_SSL=true
POSTGRES_SSL_REJECT_UNAUTHORIZED=true
POSTGRES_MAX_CONNECTIONS=10

For Docker deployments using PGlite, mount /app/data to a persistent Docker volume or host directory.

AI Variables

VariablePurpose
DORY_AI_PROVIDERProvider key such as openai, anthropic, google, qwen, xai, meta, or openai-compatible.
DORY_AI_MODELModel name.
DORY_AI_API_KEYProvider API key.
DORY_AI_URLProvider or compatible endpoint base URL.

Auth and Login

VariablePurpose
NEXT_PUBLIC_REQUIRE_EMAIL_VERIFICATIONRequire email verification after sign-up unless set to false.
TRUSTED_ORIGINSComma-separated trusted origins for auth and MCP origin checks.
DORY_INIT_USER_EMAILEmail for the bootstrapped initial user.
DORY_INIT_USER_PASSWORDPassword for the bootstrapped initial user.
GITHUB_CLIENT_ID / GITHUB_CLIENT_SECRETGitHub OAuth login.
GOOGLE_CLIENT_ID / GOOGLE_CLIENT_SECRETGoogle OAuth login.

Email

VariablePurpose
RESEND_API_KEYResend API key for verification, reset, and invitation emails.
EMAIL_FROMVerified sender address.

Production Advice

  • Generate strong random values for DS_SECRET_KEY and BETTER_AUTH_SECRET.
  • Do not rotate auth and encryption secrets casually after deployment.
  • Use HTTPS in BETTER_AUTH_URL.
  • Use persistent storage for PGlite or managed backups for Postgres.
  • Store .env through your secret management process.
  • Rotate AI keys, OAuth secrets, email keys, and database credentials deliberately.

Deploy Dory with Docker

Run Dory with Docker and configure ports, secrets, init users, AI providers, and persistent data.

Dory Auth and SSO Configuration

Plan email login, email verification, GitHub login, Google login, user provisioning, and offboarding for Dory team deployments.

On this page

Dory Environment VariablesRequired VariablesApplication DatabaseAI VariablesAuth and LoginEmailProduction AdviceRelated Docs