.

, and every variable in must appear here. enforces this on commit and in CI. To omit a variable on purpose, add it to the allowlist inside .

---

1. Required Secrets
• 2. Storage & Database
• 3. Network & Ports
• 4. Security & Authentication
• 5. Input Sanitization & PII Protection
• 6. Tool & Routing Policies
• 7. URLs & Cloud Sync
• 8. Outbound Proxy
• 9. CLI Tool Integration
• 10. Internal Agent & MCP Integrations
• 11. OAuth Provider Credentials
• 12. Provider User-Agent Overrides
• 13. CLI Fingerprint Compatibility
• 14. API Key Providers
• 15. Timeout Settings
• 16. Logging
• 17. Memory Optimization
• 18. Pricing Sync
• 19. Model Sync (Dev)
• 20. Provider-Specific Settings
• 21. Proxy Health
• 22. Debugging
• 23. GitHub Integration
• 24. Skills Sandbox (v3.8.0+)
• Deployment Scenarios
• Audit: Removed / Dead Variables

---

must be set before the first run. Without them, the application will either refuse to start or operate with insecure defaults.

	Yes	(none)		.
	Yes	(none)		.
	Yes			default — kept obviously insecure to force a change). Change before first use. After login, change via Dashboard → Settings → Security.
	Yes (production)	(unset)		REQUIRED in production — when unset, all WS bridge requests are rejected. Generate with .

# Generate all four secrets at once:
echo "JWT_SECRET=$(openssl rand -base64 48)"
echo "API_KEY_SECRET=$(openssl rand -hex 32)"
echo "INITIAL_PASSWORD=$(openssl rand -base64 16)"
echo "OMNIROUTE_WS_BRIDGE_SECRET=$(openssl rand -base64 32)"

files with real secrets to version control. The already excludes , but verify before pushing.

---

SQLite (via ) for all persistence. These variables control data location, encryption, and lifecycle.

	(empty = disabled)		.
		,
			, skips the automatic database backup that runs before migrations on every startup.
	(unset)		Legacy alias for . Accepted as a fallback when the primary variable is absent.
	(unset)		Legacy alias (Base64-encoded form) accepted as a fallback. Decoded automatically before use.
	(unset)		.
			to force the DB healthcheck loop on, even when it would normally be skipped (e.g., short-lived tasks).
			to skip the native-runtime warm-up during . Useful in CI/headless installs where sqlite is already built.
	(auto-detect)
	(default in code)
	(default in code)

Local development	.
Docker	+ mount a volume at .
Encrypted at rest	+ keep backups of the key! Losing it = losing data.
CI/Testing	— ephemeral, no encryption needed.

---

	(unset)		proxy API on this separate port.
	(unset)
	(unset)		when running inside Electron or other wrappers.
	(default in )	/ Next.js 16	and . Set to on Windows or when running into native binding incompatibilities.
			when set.
			for hermetic tests.

---

			.
			flag on session cookies. Must be when running behind HTTPS.
			, all proxy requests must include a valid API key.
	(empty)
			column is null. Default (unset/empty/malformed) keeps the legacy 1000/day, 5000/week, 20000/month windows. Set explicitly to to opt out (unlimited). Any positive integer N enables N/day, 5N/week, 20N/month. Zod-validated; invalid values log a warning and use the legacy default.
	(10 MB)
			value. Restrict for production.
			REQUIRED for self-hosted providers (LM Studio, Ollama, vLLM, Llamafile, Triton, SearXNG). When , the dashboard rejects validation of local URLs.

# Production security minimum:
AUTH_COOKIE_SECURE=true        # Requires HTTPS
REQUIRE_API_KEY=true           # Authenticate all proxy calls
ALLOW_API_KEY_REVEAL=false     # Never expose keys in UI
CORS_ORIGIN=https://your.domain.com
MAX_BODY_SIZE_BYTES=5242880    # 5 MB limit

---

			= log only, = reject request with 400, = strip suspicious patterns.
	(unset)		— same behavior.

			= mask PII, = log only, = drop entire response.

Enterprise compliance	, , ,
Monitoring only	, — logs but never blocks
Personal use

---

			= only listed tools, = all except listed, = no restrictions.
			.

---

			.
	(empty)
			Must match your public URL behind reverse proxy.
	(empty)		.
	(unset)		.
	(unset)		). Set this when OpenWebUI or another relay reaches OmniRoute by an internal URL but the user's browser must fetch images from a LAN, tunnel, or public origin. Do not include .
	(6 min)
			. Lower on memory-constrained hosts; raise if image generation is heavy and clients race the 30-minute TTL.
	(unset)		and .
	(unset)		. Falls back when the primary variable is unset.
	(unset)

must be set to your public URL (e.g., ). Without this, OAuth callbacks will fail because the redirect_uri won't match.

---

	(unset)
	(unset)
	(unset)		).
	(unset)

SOCKS5 through SSH tunnel	,
Corporate HTTP proxy	, ,
Anti-fingerprint	— requires (included)

---

			= search system PATH; = use explicit paths only.
	(unset)
	(unset)		, ).

# Mount host binaries into the container and tell OmniRoute where they are:
CLI_EXTRA_PATHS=/host-cli/bin
CLI_CONFIG_HOME=/root
CLI_ALLOW_CONFIG_WRITES=true
CLI_CLAUDE_BIN=/host-cli/bin/claude

) helpers

CLI binary's own behavior (not the sidecar detection above).

	(system)		, ). Overrides system locale env vars (LC_ALL, LC_MESSAGES).
	(unset)		to forward server stdout/stderr to the terminal in supervised mode. Equivalent to flag on .
	(unset)		header. Auto-generated in task 8.12.
			to print retry/backoff diagnostics to stderr during CLI commands.
	(unset)		packages). Defaults to when unset.

---

	(unset)
	(unset)
	(unset)		.
	(all)		, , , , , , , , , .
			, , .
			, , .
	(unset)		to override the test heuristic.
			.
			.
			is rejected.
	(enabled)		to bypass the Redis-backed API-key auth cache (forces DB reads).
			by bootstrap script after initial setup. Controls setup wizard visibility.
	(unset)

	(unset)
	(unset)		.
	(unset)		.
	(unset)		.

---

localhost development. For remote deployments, register your own at each provider's developer console.

		.
		.
		when no per-connection credential is available. Optional.
		). Resolved by .
		with redirect URI and scopes . Falls back to .
		.
		. Falls back to .
		. Used when the variant is unset.
		consumed by .
		consumed by .
		.
		token to send as on . Required when Blackbox enforces token matching; otherwise OmniRoute falls back to a random UUID. See issue #2252.
		self-loop or any OpenAI-compat endpoint (Gemini OpenAI-compat, OpenRouter). Issue #2232.

Google OAuth (Antigravity, Gemini CLI) credentials only work on localhost. For remote servers:

Google Cloud Console → Credentials
3. .

---

header sent to each upstream provider. This is dynamically resolved at runtime by the executor base class:

Source: →

any provider using the pattern . The executor dynamically constructs the env var name.

---

Source: ,

		all providers at once.

	(captured default)

---

Preferred setup: Dashboard → Providers → Add API Key.

entries for Groq, xAI, Mistral, Perplexity, Together AI, Fireworks, Cerebras, Cohere, Nebius, and Qianfan were removed in v3.8.0 because the runtime no longer reads them — those providers rely exclusively on Dashboard / / the encrypted DB. See the Audit: Removed / Dead Variables section at the bottom of this document for the migration path.

---

milliseconds. Centralized resolution in .

	(unset)	and defaults.
		bridge requests.
		when is unset.
		).
		).

Long-running code generation	(15 min)
Fast-fail for production API
Extended thinking models	(5 min between chunks)

---

.

		, , , .
		(human-readable) or (structured).
		).
		, , , or plain bytes.
		SQLite table before pruning.
		.
		.
		SQLite table before pruning.
	(1 min)	re-checks the active log file size.
		skips size-based truncation. Debug only.

---

	(Docker) / system default	.
	(2 MB)
	(5 min)
	(4 MB)
	(30 min)

		without a hash. Use only in controlled local development.

OMNIROUTE_MEMORY_MB=128
PROMPT_CACHE_MAX_SIZE=20
PROMPT_CACHE_MAX_BYTES=524288        # 512 KB
SEMANTIC_CACHE_MAX_SIZE=25
SEMANTIC_CACHE_MAX_BYTES=1048576     # 1 MB
STREAM_HISTORY_MAX=10

---

	(24h)

---

	(24h)

---

	(24h)
	(unset)	,
	(unset)	,	is not set.
	(unset)
			binary.
	(5 min)
	(empty)

is only for third-party relays that accept Claude Code clients exclusively. OmniRoute rewrites requests so those relays accept them. If you only want to use Claude Code CLI, or you are not sure what these relays are, keep this disabled and add a regular Anthropic-compatible provider instead.

---

	(2 min)
	(unset)		// to force on, // to force off.
			.

---

verbose output and may leak sensitive data. Never enable in production.

	(unset)		to enable verbose Cursor executor logs (decoded SSE chunks, etc.).
	(unset)		.
	(unset)		.
	(probed)
	(unset)
	)		to silence.
	(unset)		to log Responses API SSE→JSON translation details.
	(unset)		to enable E2E test mode (relaxed auth, test hooks).

---

	(unset)		format.
	(unset)		scope.
	(unset)		and consumed by cloud agent helpers in .

---

JWT_SECRET=$(openssl rand -base64 48)
API_KEY_SECRET=$(openssl rand -hex 32)
INITIAL_PASSWORD=dev123
PORT=20128
NODE_ENV=development

JWT_SECRET=<generated>
API_KEY_SECRET=<generated>
INITIAL_PASSWORD=<generated>
STORAGE_ENCRYPTION_KEY=<generated>
DATA_DIR=/data
PORT=20128
API_PORT=20129
NODE_ENV=production
AUTH_COOKIE_SECURE=true
REQUIRE_API_KEY=true
NEXT_PUBLIC_BASE_URL=https://omniroute.example.com
BASE_URL=http://localhost:20128
OMNIROUTE_MEMORY_MB=512
CORS_ORIGIN=https://your-frontend.example.com

JWT_SECRET=test-jwt-secret-for-ci
API_KEY_SECRET=test-api-key-secret-for-ci
INITIAL_PASSWORD=testpass
NODE_ENV=production
OMNIROUTE_DISABLE_BACKGROUND_SERVICES=true
APP_LOG_TO_FILE=false

JWT_SECRET=<generated>
API_KEY_SECRET=<generated>
STORAGE_ENCRYPTION_KEY=<generated>
PORT=20128
AUTH_COOKIE_SECURE=true
REQUIRE_API_KEY=true
NEXT_PUBLIC_BASE_URL=https://omniroute.example.com
BASE_URL=http://127.0.0.1:20128
CORS_ORIGIN=https://omniroute.example.com
ENABLE_TLS_FINGERPRINT=true
CLI_COMPAT_ALL=1

---

) executes user-defined automations in a sandboxed environment.

	(10 s)
	(falls back to )		to allow multi-step workflows.
	(1 MB)
	(250 KB)
			/ to allow outbound network from inside the sandbox. Defaults to isolated for safety.
	(empty)
	(built-in default)

opens an egress path from arbitrary skill code. Pair with and a strict /proxy policy in shared deployments.

---

	(production host)
	(unset)
			to disable upstream TLS verification (development only).
	(auto-detect)		binary.
	(auto-detect)		daemon binary.
	(unset)
			disables age-based pruning.
	(unset)

---

, , , and . Leave every value below unset in production deployments.

			, , ) for the Playwright runner.
			intact).
	(auto)
	(tmpdir)
			to preserve the smoke data directory after the run.
			to stream Electron logs to stdout during the run.
	(PATH lookup)

(the command). All five variables are unset by default — set them in only on machines that should be able to run the docs translator.

	(unset)
	(unset)
	(unset)		or .

---

but have no runtime references in the current codebase. They have been removed:

	.
	(Kimi Coding uses OAuth, not a CLI binary).
/
/ / / / / / / /	/ encrypted DB.
	/ (see §22).
	— its toggle has no effect.

	Value
			as default
			as default