QAID Docs

Configuration Reference

Complete reference of environment variables for self-hosted QAID.

QAID is configured entirely through environment variables in a .env file inside your install directory (default ~/qaid/.env). The installer writes a working .env for you with the values you provide and generates the secrets — this page documents every variable you can subsequently edit.

Required

The installer prompts for some and auto-generates the rest. Everything below is already in your ~/qaid/.env after a fresh install.

Set from install prompts

VariableDescription
CADDY_SITE_ADDRESSPublic site address — your domain (e.g. qaid.example.com) for production, or http://localhost for evaluation. Caddy uses this both as its site address and as the cue for auto-HTTPS: any value that isn't http://localhost triggers Let's Encrypt.
FRONTEND_URLPublic URL the backend uses for OAuth redirects and email links. Derived from your domain answer (https://<your-domain> or http://localhost).
QAID_LICENSE_KEYYour QAID license key (provided by your administrator). Used at first boot to auto-activate; cached afterwards.
ANTHROPIC_API_KEYYour Anthropic API key (sk-ant-…). You can also leave this blank at install and set it later in Admin → Settings.

Auto-generated by the installer

Written once at install time. Do not regenerate these on an existing install — JWT/session changes log every user out, and changing POSTGRES_PASSWORD breaks database authentication (the bundled Postgres only honors it on first boot).

VariableGenerator
JWT_SECRETopenssl rand -hex 32
JWT_REFRESH_SECRETopenssl rand -hex 32
SESSION_SECRETopenssl rand -hex 32
POSTGRES_PASSWORDopenssl rand -hex 16

License (advanced)

QAID_LICENSE_KEY is in Required above. The variable below is an optional override most customers never need.

VariableDescription
QAID_LICENSE_SERVER_URLURL of the QAID license verification service. The installer sets the correct default for you — override only if your administrator has provided a private license-server endpoint.

Proxy and TLS

The installer ships QAID with Caddy as the bundled reverse proxy and writes a Caddyfile to ~/qaid/. TLS modes (auto-HTTPS, your own cert, or bring-your-own external proxy) are configured by editing ~/qaid/Caddyfile and ~/qaid/docker-compose.yml directly — see TLS and HTTPS options for the concrete edits.

CADDY_SITE_ADDRESS (in Required) is the only Caddy-related variable in .env.

Database

Bundled PostgreSQL (default)

VariableDefaultDescription
POSTGRES_DBqaidDatabase name
POSTGRES_USERqaidDatabase user
POSTGRES_PASSWORD(required)Database password
POSTGRES_POOL_SIZE20Connection pool size

External PostgreSQL

If you'd rather use managed PostgreSQL (RDS, Cloud SQL, etc), set:

VariableDescription
DATABASE_URLFull connection string: postgresql://user:pass@host:5432/db

For Amazon RDS, append ?sslmode=require&uselibpqcompat=true to avoid SSL certificate errors.

AI

VariableDescription
ANTHROPIC_API_KEYYour Anthropic API key for AI features. You can set this here or configure it later in Admin → Settings.

QAID uses your Anthropic key directly — usage shows up on your own Anthropic invoice with no markup. See AI Costs for typical monthly ranges.

Server

VariableDefaultDescription
PORT3001Backend server port (internal, not exposed)
QAID_DATA_DIR/app/dataDirectory inside the container for runtime files (screenshots, snapshots, etc.). The installer mounts the qaid-data Docker volume at this path.

OAuth (optional)

Enable single sign-on by configuring OAuth providers. Both Google and GitHub are supported.

VariableDescription
GOOGLE_CLIENT_IDGoogle OAuth client ID
GOOGLE_CLIENT_SECRETGoogle OAuth client secret
GITHUB_CLIENT_IDGitHub OAuth client ID
GITHUB_CLIENT_SECRETGitHub OAuth client secret

OAuth redirect URLs follow the pattern https://your-domain.com/api/auth/callback/{provider}.

Chrome extension (optional)

If you publish a custom Chrome extension for recording, configure these:

VariableDescription
NEXT_PUBLIC_CHROME_EXTENSION_IDExtension ID (visible in chrome://extensions)
NEXT_PUBLIC_CHROME_STORE_URLPublic URL where users can install the extension
ALLOWED_EXTENSION_IDSComma-separated list of extension IDs allowed to communicate with the server

Performance tuning (optional)

VariableDefaultDescription
QAID_MAX_CONCURRENT_BROWSERS3Maximum simultaneous browser instances for test execution. Increase for faster runs if you have spare RAM.
QAID_ANTHROPIC_TIMEOUT_MS60000Timeout for AI calls in milliseconds

Email (optional)

Used for invitations and notifications. If not configured, those features are disabled but the rest of QAID works fine.

VariableDescription
SMTP_HOSTSMTP server hostname
SMTP_PORTSMTP server port (typically 587 for TLS)
SMTP_USERSMTP username
SMTP_PASSWORDSMTP password
SMTP_FROM"From" address for outbound mail

Reloading config

After editing .env, recreate the affected service:

# Most config changes affect the backend
docker compose up -d --force-recreate qaid-server

# Or restart everything
docker compose down && docker compose up -d

Database connection changes (DATABASE_URL, POSTGRES_*) require a full restart.

Deploy to AWS

Production-grade QAID deployment on AWS using Terraform. Covers sizing, DNS, TLS, and cost estimates.

First-Run Setup

Create your admin account, activate your license, and add your Anthropic API key after installing QAID.

On this page

RequiredSet from install promptsAuto-generated by the installerLicense (advanced)Proxy and TLSDatabaseBundled PostgreSQL (default)External PostgreSQLAIServerOAuth (optional)Chrome extension (optional)Performance tuning (optional)Email (optional)Reloading config