Configuration
Meet is configured via environment variables. This page documents all settings for a simple Docker Compose deployment.
Environment file
Create a .env file (or env.d/ directory structure) alongside your compose.yml. A minimal setup requires variables for the Django backend, the frontend build, LiveKit, and your OIDC provider.
Django backend variables
Core
| Variable |
Required |
Example |
Description |
DJANGO_SETTINGS_MODULE |
Yes |
meet.settings |
Required. Python path to settings module. The app will not start without this. |
DJANGO_CONFIGURATION |
Yes |
Production |
Configuration class. Use Production for production. |
DJANGO_SECRET_KEY |
Yes |
<random 50+ char string> |
Django secret key. Generate with openssl rand -hex 32. |
DJANGO_ALLOWED_HOSTS |
Yes |
meet.example.com |
Comma-separated list of allowed hostnames. |
DJANGO_CSRF_TRUSTED_ORIGINS |
Yes |
https://meet.example.com |
Trusted origins for CSRF. |
DJANGO_SETTINGS_MODULE |
No |
meet.settings |
Python path to settings module. |
Database
| Variable |
Required |
Example |
Description |
DB_HOST |
Yes |
postgresql |
PostgreSQL hostname. |
DB_PORT |
No |
5432 |
PostgreSQL port. |
DB_NAME |
Yes |
meet |
Database name. |
DB_USER |
Yes |
meet |
Database user. |
DB_PASSWORD |
Yes |
<password> |
Database password. |
Redis
| Variable |
Required |
Example |
Description |
REDIS_URL |
Yes |
redis://redis:6379/0 |
Redis connection URL. |
OIDC / Authentication
| Variable |
Required |
Example |
Description |
OIDC_OP_JWKS_ENDPOINT |
Yes |
https://auth.example.com/realms/meet/protocol/openid-connect/certs |
OIDC JWKS endpoint for token verification. |
OIDC_OP_AUTHORIZATION_ENDPOINT |
Yes |
https://auth.example.com/realms/meet/protocol/openid-connect/auth |
OIDC authorization endpoint. |
OIDC_OP_TOKEN_ENDPOINT |
Yes |
https://auth.example.com/realms/meet/protocol/openid-connect/token |
OIDC token endpoint. |
OIDC_OP_USER_ENDPOINT |
Yes |
https://auth.example.com/realms/meet/protocol/openid-connect/userinfo |
OIDC userinfo endpoint. |
OIDC_RP_CLIENT_ID |
Yes |
meet |
OIDC client ID registered with your provider. |
OIDC_RP_CLIENT_SECRET |
Yes |
<client secret> |
OIDC client secret. |
OIDC_RP_SIGN_ALGO |
No |
RS256 |
Token signing algorithm (default: RS256). |
LOGIN_REDIRECT_URL |
No |
/ |
URL to redirect to after successful login. |
LOGOUT_REDIRECT_URL |
No |
/ |
URL to redirect to after logout. |
LiveKit
| Variable |
Required |
Example |
Description |
LIVEKIT_API_KEY |
Yes |
myapikey |
LiveKit API key. Must match the LiveKit server config. |
LIVEKIT_API_SECRET |
Yes |
<secret> |
LiveKit API secret. Must match the LiveKit server config. |
LIVEKIT_API_URL |
Yes |
wss://livekit.example.com |
Both the backend API URL and the WebSocket URL returned to browser clients. Must be the public WSS URL. Do not use the internal Docker hostname (http://livekit:7880) — browsers cannot resolve it. |
Storage (for recording)
| Variable |
Required |
Example |
Description |
AWS_S3_ENDPOINT_URL |
For recording |
http://garage:3900 |
S3-compatible endpoint URL. |
AWS_S3_ACCESS_KEY_ID |
For recording |
meet |
S3 access key. |
AWS_S3_SECRET_ACCESS_KEY |
For recording |
<secret> |
S3 secret key. |
AWS_STORAGE_BUCKET_NAME |
For recording |
meet-media-storage |
S3 bucket name for media files. |
AWS_S3_SECURE_ACCESS |
No |
True |
Use HTTPS for S3 (set False for local Garage). |
Email
| Variable |
Required |
Example |
Description |
EMAIL_HOST |
No |
smtp.example.com |
SMTP server hostname. |
EMAIL_PORT |
No |
587 |
SMTP port. |
EMAIL_HOST_USER |
No |
meet@example.com |
SMTP username. |
EMAIL_HOST_PASSWORD |
No |
<password> |
SMTP password. |
EMAIL_USE_TLS |
No |
True |
Enable STARTTLS. |
DEFAULT_FROM_EMAIL |
No |
meet@example.com |
From address for outgoing emails. |
Frontend build variables
These are set at build time via Docker build args (not runtime env vars):
| Variable |
Required |
Example |
Description |
VITE_API_BASE_URL |
Yes |
https://meet.example.com |
URL of the Django backend. |
VITE_APP_TITLE |
No |
Meet |
Application title shown in the browser tab. |
VITE_LIVEKIT_URL |
Yes |
wss://meet.example.com:7880 |
LiveKit WebSocket URL for the frontend. |
LiveKit server configuration
LiveKit is configured via a YAML file (not environment variables). See LiveKit configuration.
Generating secrets
# Django secret key
openssl rand -hex 32
# LiveKit API key and secret
openssl rand -hex 16 # for the key
openssl rand -hex 32 # for the secret
Example .env file
# Django
DJANGO_CONFIGURATION=Production
DJANGO_SECRET_KEY=your-very-long-random-secret-key-here
DJANGO_ALLOWED_HOSTS=meet.example.com
DJANGO_CSRF_TRUSTED_ORIGINS=https://meet.example.com
# Database
DB_HOST=postgresql
DB_NAME=meet
DB_USER=meet
DB_PASSWORD=change-me
# Redis
REDIS_URL=redis://redis:6379/0
# OIDC
OIDC_OP_JWKS_ENDPOINT=https://auth.example.com/realms/meet/protocol/openid-connect/certs
OIDC_OP_AUTHORIZATION_ENDPOINT=https://auth.example.com/realms/meet/protocol/openid-connect/auth
OIDC_OP_TOKEN_ENDPOINT=https://auth.example.com/realms/meet/protocol/openid-connect/token
OIDC_OP_USER_ENDPOINT=https://auth.example.com/realms/meet/protocol/openid-connect/userinfo
OIDC_RP_CLIENT_ID=meet
OIDC_RP_CLIENT_SECRET=change-me
# LiveKit
LIVEKIT_API_KEY=myapikey
LIVEKIT_API_SECRET=change-me
LIVEKIT_API_URL=wss://livekit.example.com