Configuration
Environment variables, Docker Compose settings, and logging configuration for ArchiJAM.
Configuration
All runtime configuration is set via environment variables in the .env file at the root of the repository.
Environment variables
Required
| Variable | Description |
|---|---|
DATABASE_URL | Full PostgreSQL connection string. Default: postgresql://archigantt:archigantt@db:5432/archigantt |
SESSION_SECRET | Random string used to sign session cookies. Generate with openssl rand -base64 48. |
NEXT_PUBLIC_APP_URL | Public-facing URL of the app (e.g. https://gantt.yourfirm.com). Used for redirects and webhook URLs. |
Optional
| Variable | Default | Description |
|---|---|---|
NODE_ENV | production | Set to development for local development with hot reload. |
LOG_LEVEL | info | Controls log verbosity. Options: error, warn, info, debug. |
PORT | 3000 | Port the Next.js server listens on inside the container. |
Example .env
DATABASE_URL=postgresql://archigantt:archigantt@db:5432/archigantt
SESSION_SECRET=your-long-random-secret-here
NEXT_PUBLIC_APP_URL=https://gantt.yourfirm.com
NODE_ENV=production
LOG_LEVEL=infoDocker Compose settings
The default docker-compose.yml defines two services:
app service
app:
build: .
ports:
- "3000:3000"
env_file: .env
depends_on:
- db
volumes:
- ./data/uploads:/app/data/uploads
security_opt:
- apparmor=unconfined # required for Proxmox LXC
restart: unless-stoppedTo change the external port, modify the left side of the ports mapping:
ports:
- "8080:3000" # serve on port 8080 insteaddb service
db:
image: postgres:16
environment:
POSTGRES_USER: archigantt
POSTGRES_PASSWORD: archigantt
POSTGRES_DB: archigantt
volumes:
- archigantt_db_data:/var/lib/postgresql/data
security_opt:
- apparmor=unconfined
restart: unless-stoppedTo use an external database, remove the db service and depends_on block, then update DATABASE_URL to point to your external PostgreSQL instance.
Reverse proxy (HTTPS)
ArchiJAM itself does not terminate TLS. Place a reverse proxy in front of port 3000.
nginx example
server {
listen 443 ssl;
server_name gantt.yourfirm.com;
ssl_certificate /etc/ssl/certs/yourfirm.crt;
ssl_certificate_key /etc/ssl/private/yourfirm.key;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}After setting up the proxy, update NEXT_PUBLIC_APP_URL and restart the app container.
Caddy example
gantt.yourfirm.com {
reverse_proxy localhost:3000
}Caddy handles TLS automatically via Let's Encrypt.
Session settings
Sessions are stored in the PostgreSQL database (not in memory or Redis). Each session is valid for 14 days from creation. Expired sessions are cleaned up automatically on each requireAuth() call.
Sessions are identified by an archigantt_sid cookie set as httpOnly, SameSite=Lax. No JWT is used.
To invalidate all active sessions (e.g. after rotating SESSION_SECRET), delete all rows from the sessions table:
DELETE FROM sessions;Logging
Application logs go to stdout/stderr. View them with:
docker compose logs -f appLog levels in order of verbosity: error → warn → info → debug. Setting LOG_LEVEL=debug will log all SQL queries and API request details.
For persistent log storage, configure your host's Docker logging driver or pipe stdout to a log collector.
Database migrations
Schema migrations are applied automatically on every container start via drizzle-kit push (idempotent). No manual migration steps are needed during normal updates.
To apply migrations manually:
docker compose exec app npx drizzle-kit pushTo inspect the current schema:
docker compose exec db psql -U archigantt -d archigantt -c "\dt"