Environment Variables
Complete reference for all environment variables accepted by La Suite Meet's components.
Django Backend
Core
| Variable |
Required |
Default |
Description |
DJANGO_SETTINGS_MODULE |
Yes |
— |
Must be meet.settings. App will not start without it. |
DJANGO_CONFIGURATION |
Yes |
— |
Production, Demo, or Development |
DJANGO_SECRET_KEY |
Yes |
— |
50+ character random string for cryptographic signing |
DJANGO_ALLOWED_HOSTS |
Yes |
— |
Comma-separated list of allowed hostnames |
DJANGO_CSRF_TRUSTED_ORIGINS |
Yes |
— |
Comma-separated list of trusted HTTPS origins |
PYTHONPATH |
No |
— |
Set to /app in production |
MEET_BASE_URL |
No |
— |
Full public URL (e.g., https://visio.example.com) |
ALLOW_UNREGISTERED_ROOMS |
No |
False |
Allow unauthenticated room creation |
Database
| Variable |
Required |
Default |
Description |
DB_HOST |
Yes |
— |
PostgreSQL hostname |
DB_PORT |
No |
5432 |
PostgreSQL port |
DB_NAME |
Yes |
— |
Database name |
DB_USER |
Yes |
— |
Database user |
DB_PASSWORD |
Yes |
— |
Database password |
Redis
| Variable |
Required |
Default |
Description |
REDIS_URL |
Yes |
— |
Full Redis URL (e.g., redis://redis:6379/0) |
SESSION_ENGINE |
No |
cache backend |
Django session storage backend |
OIDC / Authentication
| Variable |
Required |
Default |
Description |
OIDC_RP_CLIENT_ID |
Yes |
— |
OIDC client ID |
OIDC_RP_CLIENT_SECRET |
Yes |
— |
OIDC client secret |
OIDC_RP_SIGN_ALGO |
No |
RS256 |
Token signing algorithm |
OIDC_RP_SCOPES |
No |
openid email |
Requested OIDC scopes |
OIDC_OP_JWKS_ENDPOINT |
Yes |
— |
OIDC JWKS URL |
OIDC_OP_AUTHORIZATION_ENDPOINT |
Yes |
— |
OIDC authorization URL |
OIDC_OP_TOKEN_ENDPOINT |
Yes |
— |
OIDC token exchange URL |
OIDC_OP_USER_ENDPOINT |
Yes |
— |
OIDC userinfo URL |
OIDC_OP_LOGOUT_ENDPOINT |
No |
— |
OIDC logout URL |
OIDC_REDIRECT_ALLOWED_HOSTS |
No |
— |
JSON list of allowed redirect origins |
LOGIN_REDIRECT_URL |
No |
/ |
Redirect after successful login |
LOGIN_REDIRECT_URL_FAILURE |
No |
/ |
Redirect after failed login |
LOGOUT_REDIRECT_URL |
No |
/ |
Redirect after logout |
LiveKit
| Variable |
Required |
Default |
Description |
LIVEKIT_API_KEY |
Yes |
— |
LiveKit API key (must match server config) |
LIVEKIT_API_SECRET |
Yes |
— |
LiveKit API secret (must match server config) |
LIVEKIT_API_URL |
Yes |
— |
Public LiveKit URL — returned to browser clients AND used for server API calls. Must be https://livekit.example.com (not the Docker-internal address). |
LIVEKIT_FORCE_WSS_PROTOCOL |
No |
False |
Force WSS in the URL returned to clients |
LIVEKIT_VERIFY_SSL |
No |
True |
Verify SSL certificate for LiveKit API calls |
LIVEKIT_TOKEN_TTL |
No |
3600 |
LiveKit JWT TTL in seconds |
LIVEKIT_EGRESS_ENCODING_VIDEO_CODEC |
No |
H264 |
Recording video codec: H264, VP8, VP9 |
LIVEKIT_EGRESS_ENCODING_AUDIO_CODEC |
No |
OPUS |
Recording audio codec |
Object Storage (S3 / Garage)
Required for recording functionality.
| Variable |
Required |
Default |
Description |
AWS_S3_ENDPOINT_URL |
For recording |
— |
S3-compatible endpoint URL |
AWS_S3_ACCESS_KEY_ID |
For recording |
— |
S3 access key |
AWS_S3_SECRET_ACCESS_KEY |
For recording |
— |
S3 secret key |
AWS_STORAGE_BUCKET_NAME |
For recording |
— |
S3 bucket for media files |
AWS_S3_REGION_NAME |
No |
us-east-1 |
S3 region |
AWS_S3_SECURE_ACCESS |
No |
True |
Use HTTPS (False for local Garage) |
STORAGE_WEBHOOK_AUTH_TOKEN |
For recording |
— |
Bearer token for the Garage/S3 webhook |
Email
| Variable |
Required |
Default |
Description |
DJANGO_EMAIL_HOST |
No |
localhost |
SMTP server hostname |
DJANGO_EMAIL_PORT |
No |
25 |
SMTP port |
DJANGO_EMAIL_HOST_USER |
No |
— |
SMTP username |
DJANGO_EMAIL_HOST_PASSWORD |
No |
— |
SMTP password |
DJANGO_EMAIL_USE_TLS |
No |
False |
Enable STARTTLS |
DJANGO_EMAIL_USE_SSL |
No |
False |
Enable SSL (mutually exclusive with TLS) |
DJANGO_EMAIL_FROM |
No |
— |
From address for outgoing emails |
DJANGO_EMAIL_BRAND_NAME |
No |
— |
Brand name in email templates |
DJANGO_EMAIL_LOGO_IMG |
No |
— |
Logo URL for email templates |
Frontend feature flags
| Variable |
Required |
Default |
Description |
FRONTEND_CUSTOM_CSS_URL |
No |
— |
URL to a custom CSS file |
FRONTEND_SILENCE_LIVEKIT_DEBUG |
No |
False |
Suppress LiveKit debug logs |
FRONTEND_IS_SILENT_LOGIN_ENABLED |
No |
True |
Enable silent OIDC token refresh |
FRONTEND_IDLE_DISCONNECT_WARNING_DELAY |
No |
— |
Seconds before idle disconnect warning |
FRONTEND_EXTERNAL_HOME_URL |
No |
— |
Custom URL for the home button |
FRONTEND_USE_PROCONNECT_BUTTON |
No |
False |
Show ProConnect login button (French gov) |
FRONTEND_USE_FRENCH_GOV_FOOTER |
No |
False |
Show French government footer |
RECORDING_ENABLE_FILE_UPLOAD |
No |
False |
Enable in-meeting file uploads |
RECORDING_FILE_UPLOAD_MAX_COUNT |
No |
5 |
Max files per user per session |
Security & Monitoring
| Variable |
Required |
Default |
Description |
SENTRY_DSN |
No |
— |
Sentry DSN for error tracking |
SENTRY_ENVIRONMENT |
No |
— |
Sentry environment label |
Summary Service
| Variable |
Required |
Description |
REDIS_URL |
Yes |
Redis URL for Celery broker |
AWS_S3_ENDPOINT_URL |
Yes |
S3 endpoint to download recordings |
AWS_S3_ACCESS_KEY_ID |
Yes |
S3 access key |
AWS_S3_SECRET_ACCESS_KEY |
Yes |
S3 secret key |
AWS_STORAGE_BUCKET_NAME |
Yes |
S3 bucket |
MEET_API_URL |
Yes |
Meet backend URL for callbacks |
MEET_API_TOKEN |
Yes |
Token for Meet backend authentication |
STT_BACKEND |
No |
STT backend: whisper or kyutai |
WHISPER_MODEL |
No |
Whisper model size (e.g., large-v3) |
LLM_API_URL |
No |
LLM API endpoint (OpenAI-compatible) |
LLM_API_KEY |
No |
LLM API key |
LLM_MODEL |
No |
LLM model identifier |