Skip to main content

Configuration

Cobblr is configured with environment variables, set in your .env for a self-hosted install. Most have sensible defaults; the ones below are the ones you actually reach for. See Self-hosting for the setup and the privacy controls.

Secrets (set these)

VarWhat it is
POSTGRES_PASSWORDPostgres password (match it in DATABASE_URL).
JWT_SECRETSigns login sessions. Generate with openssl rand -hex 32.
TENANT_CREDS_ENCRYPTION_KEYEncrypts stored per-workspace credentials. Any strong secret, 16+ characters (e.g. openssl rand -hex 32). Back it up; losing it is unrecoverable.

Access

VarDefaultEffect
PUBLIC_SIGNUP_ENABLEDoff in prodAllow self-service account signup. Turn on to create your first account, then off.
SUPERADMIN_EMAILSemptyComma-separated operator emails that get the admin console.
CORS_ALLOWED_ORIGINSreflect-any in devAllowed web origins in production.

AI

VarDefaultEffect
COBBLR_AI_ENABLEDtrueMaster switch for built-in AI features. With no provider key nothing is called; set false to guarantee no outbound AI.

Scanning

Barcode scanning contacts third-party product catalogs. Each provider is switchable and takes its own key. Full table in Self-hosting -> Privacy.

VarDefaultEffect
COBBLR_SCAN_EXTERNAL_LOOKUPSonMaster switch. false means no third-party barcode calls.
COBBLR_SCAN_GOUPC_API_KEYemptyUse go-upc's official API.
COBBLR_SCAN_UPCITEMDB_KEYemptyUse your upcitemdb paid quota.

Marketplace

VarDefaultEffect
COBBLR_EXTENSIONS_URLCobblr's public catalogPoint the marketplace at your own catalog instead.
COBBLR_ROOT_PUBKEYemptyPublic key used to verify signed extensions.

Email (optional)

Magic-link and invite delivery. Pick a provider with COBBLR_AUTH_EMAIL_PROVIDER and set its keys (COBBLR_AUTH_SMTP_*, or a Mailgun / Resend / Postmark key). Unset means links are shown in the app instead of emailed. Setup walkthrough: Self-hosting -> Email.

(This is the common subset. A full variable list will follow.)