Configuration

Paquetier is configured entirely through environment variables, all prefixed with PAQUETIER_.

Server

Variable	Default	Description
PAQUETIER_SERVER_ADDR	:8080	Address and port the server listens on
PAQUETIER_PUBLIC_URL	http://localhost:8080	The public-facing URL of the instance
PAQUETIER_ROOT_PATH	—	Root path for reverse proxy sub-path deployments
PAQUETIER_LOG_LEVEL	info	Log level: trace, debug, info, warn, error
PAQUETIER_ENABLE_SWAGGER	true	Enable the Scalar-powered API documentation at /api/v1/docs

Database

Variable	Default	Description
PAQUETIER_DATABASE_DSN	—	Database connection string. Use postgresql://... for production. If unset, falls back to SQLite.

Storage (S3)

Variable	Default	Description
PAQUETIER_S3_ENDPOINT	—	S3-compatible endpoint
PAQUETIER_S3_BUCKET	—	Default bucket name
PAQUETIER_S3_ACCESS_KEY	—	S3 access key
PAQUETIER_S3_SECRET_KEY	—	S3 secret key
PAQUETIER_S3_SSL	true	Use HTTPS for S3 connections
PAQUETIER_S3_REGION	—	S3 region
PAQUETIER_S3_FORCE_PROXY	false	Stream downloads through the server instead of S3 presigned redirects

Authentication

Variable	Default	Description
PAQUETIER_JWT_SECRET	—	Required. Secret key for signing JWT tokens. Must be stable across restarts.
PAQUETIER_SESSION_EXPIRES	72h	JWT session token duration
PAQUETIER_LOCAL_AUTH	true	Enable username/password authentication
PAQUETIER_REGISTRATION_OPEN	true	Allow new user registration

OAuth2

Variable	Default	Description
PAQUETIER_OAUTH2_CLIENT_ID	—	OAuth2 client ID
PAQUETIER_OAUTH2_CLIENT_SECRET	—	OAuth2 client secret
PAQUETIER_OAUTH2_AUTH_URL	—	OAuth2 authorization endpoint
PAQUETIER_OAUTH2_TOKEN_URL	—	OAuth2 token endpoint
PAQUETIER_OAUTH2_REDIRECT_URL	—	OAuth2 redirect URL

Build System

Variable	Default	Description
PAQUETIER_R_PATH	R	Path to the R binary
PAQUETIER_BUILD_LOG_DIR	build-logs	Directory for storing build logs

Admin

Variable	Default	Description
PAQUETIER_LOCAL_STORAGE_POLICY	all	Who can create local filesystem storage connections: all or admin_only