Docker Self-Hosting
Deploy Tymeslot using Docker and Docker Compose. Perfect for VPS hosting, home servers, or any environment with Docker support.
Complete reference for all Tymeslot environment variables — required settings, defaults, and examples.
Technical Product Builder & AI Developer
SECRET_KEY_BASE
Required
64+ character secret used for session encryption and signing. Generate with the command shown in the example.
Default: none ·
Example: openssl rand -base64 64 | tr -d '\\n'
PHX_HOST
Required
Your domain name without the protocol prefix.
Default: none ·
Example: tymeslot.yourdomain.com
PORT
Optional
HTTP port for the application server to listen on.
Default: 4000 ·
Example: 4000
DEPLOYMENT_TYPE
Optional
Deployment variant. Set to docker
or cloudron
to control deployment-specific behaviour.
Default: auto-detected ·
Example: docker
REGISTRATION_ENABLED
Optional
Set to false
to disable new user registration on this instance.
Default: true ·
Example: false
PASSWORD_AUTH_ENABLED
Optional
Set to false
to disable email/password login entirely. The login form, sign-up page, and password reset flow are hidden; only OAuth login is available. Useful for SSO-only deployments where all users must authenticate through an identity provider.
Default: true ·
Example: false
LISTEN_IP
Optional
IP address to bind the HTTP server. Default ::
enables IPv4+IPv6 dual-stack.
Default: :: ·
Example: 0.0.0.0
URL_SCHEME
Optional
Request scheme used in generated URLs. Set to https
for production.
Default: https ·
Example: https
WS_ALLOWED_ORIGINS
Optional
Comma-separated list of origins allowed to open WebSocket connections.
Default: derived from PHX_HOST ·
Example: tymeslot.yourdomain.com,app.example.com
DATABASE_HOST
Optional
PostgreSQL server hostname.
Default: localhost ·
Example: db.internal
DATABASE_PORT
Optional
PostgreSQL server port.
Default: 5432 ·
Example: 5432
POSTGRES_DB
Optional
Database name.
Default: tymeslot ·
Example: tymeslot
POSTGRES_USER
Optional
Database user.
Default: tymeslot ·
Example: tymeslot
POSTGRES_PASSWORD
Required
Database password.
Default: none ·
Example: a_secure_password
DATABASE_POOL_SIZE
Optional
PostgreSQL connection pool size. Reduce for resource-constrained environments.
Default: 60 ·
Example: 20
EMAIL_ADAPTER
Optional
Email delivery method. Use smtp
or postmark. Defaults to
smtp
if not set.
Default: smtp ·
Example: smtp
EMAIL_ADAPTER, SMTP_*, or
EMAIL_FROM_*
variables. Set
EMAIL_ADAPTER
explicitly only if you want to use a different provider.
EMAIL_FROM_NAME
Required
Sender display name shown in email clients.
Default: none ·
Example: Your Company
EMAIL_FROM_ADDRESS
Required
Sender email address.
Default: none ·
Example: hello@yourdomain.com
EMAIL_SUPPORT_ADDRESS
Optional
Support contact email. Defaults to
EMAIL_FROM_ADDRESS
if not set.
Default: EMAIL_FROM_ADDRESS ·
Example: support@yourdomain.com
SMTP_HOST
Optional
Required for SMTP adapter. SMTP server hostname.
Default: none ·
Example: smtp.gmail.com
SMTP_PORT
Optional
SMTP server port. Use 587 for STARTTLS (recommended) or 465 for SMTPS.
Default: 587 ·
Example: 587
SMTP_USERNAME
Optional
Required for SMTP adapter. SMTP authentication username.
Default: none ·
Example: hello@yourdomain.com
SMTP_PASSWORD
Optional
Required for SMTP adapter. SMTP authentication password or app password.
Default: none ·
Example: your_smtp_password
POSTMARK_API_KEY
Optional
Required for Postmark adapter. Server API token from your Postmark dashboard.
Default: none ·
Example: your-server-api-token
ENABLE_GOOGLE_AUTH
Optional
Set to true
to show a "Sign in with Google" button on the login page.
Default: false ·
Example: true
GOOGLE_CLIENT_ID
Optional
Required to use Google Login, Google Calendar, or Google Meet. OAuth client ID from Google Cloud Console.
Default: none ·
Example: 123456-abc.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET
Optional
Required to use Google features. OAuth client secret from Google Cloud Console.
Default: none ·
Example: GOCSPX-your-secret
GOOGLE_STATE_SECRET
Optional
Required to use Google features. Random secret for OAuth CSRF state verification.
Default: none ·
Example: openssl rand -hex 32
OUTLOOK_CLIENT_ID
Optional
Required to use Outlook Calendar or Microsoft Teams. Azure app Application (client) ID.
Default: none ·
Example: your-azure-app-client-id
OUTLOOK_CLIENT_SECRET
Optional
Required to use Microsoft features. Azure app client secret value.
Default: none ·
Example: your-client-secret-value
OUTLOOK_STATE_SECRET
Optional
Required to use Microsoft features. Random secret for OAuth CSRF state verification.
Default: none ·
Example: openssl rand -hex 32
ENABLE_GITHUB_AUTH
Optional
Set to true
to show a "Sign in with GitHub" button on the login page.
Default: false ·
Example: true
GITHUB_CLIENT_ID
Optional
Required for GitHub Login. OAuth app client ID from GitHub Developer settings.
Default: none ·
Example: your_client_id
GITHUB_CLIENT_SECRET
Optional
Required for GitHub Login. OAuth app client secret.
Default: none ·
Example: your_client_secret
ENABLE_OAUTH_AUTH
Optional
Set to true
to show an "SSO" button on the login page.
Default: false ·
Example: true
OAUTH_*
variables. Set
ENABLE_OAUTH_AUTH=false
to disable SSO entirely.
OAUTH_CLIENT_ID
Optional
OAuth 2.0 client ID registered with your identity provider.
Default: none ·
Example: tymeslot
OAUTH_CLIENT_SECRET
Optional
OAuth 2.0 client secret from your identity provider.
Default: none ·
Example: your-client-secret
OAUTH_PROVIDER_URL
Optional
Base URL of your identity provider. Used as the OAuth 2.0
site
parameter.
Default: none ·
Example: https://idp.example.com
OAUTH_AUTHORIZE_URL
Optional
Full URL of the authorization endpoint.
Default: none ·
Example: https://idp.example.com/authorize
OAUTH_TOKEN_URL
Optional
Full URL of the token endpoint.
Default: none ·
Example: https://idp.example.com/token
OAUTH_USERINFO_URL
Optional
Full URL of the userinfo endpoint. Must return a JSON object with a
sub
claim (or id/user_id if
OAUTH_ALLOW_ID_FALLBACK
is enabled).
Default: none ·
Example: https://idp.example.com/userinfo
OAUTH_SCOPE
Optional
Space-separated list of OAuth scopes to request.
Default: openid email profile ·
Example: openid email profile groups
OAUTH_ALLOW_ID_FALLBACK
Optional
Set to true
to accept id
or user_id
claims when the IdP does not return a standard sub
claim. Only enable this for non-OIDC providers.
Default: false ·
Example: true
RECAPTCHA_SITE_KEY
Optional
Required to enable reCAPTCHA. v3 site key from Google reCAPTCHA admin console.
Default: none ·
Example: 6Le-your-site-key
RECAPTCHA_SECRET_KEY
Optional
Required to enable reCAPTCHA. v3 secret key from Google reCAPTCHA admin console.
Default: none ·
Example: 6Le-your-secret-key
RECAPTCHA_SIGNUP_ENABLED
Optional
Enable reCAPTCHA score verification on the signup form.
Default: false ·
Example: true
RECAPTCHA_SIGNUP_MIN_SCORE
Optional
Minimum reCAPTCHA score (0.0–1.0) required to pass signup. Higher is more strict.
Default: 0.3 ·
Example: 0.5
RECAPTCHA_BOOKING_ENABLED
Optional
Enable reCAPTCHA score verification on booking forms.
Default: false ·
Example: true
RECAPTCHA_BOOKING_MIN_SCORE
Optional
Minimum reCAPTCHA score required to submit a booking.
Default: 0.3 ·
Example: 0.3
RECAPTCHA_EXPECTED_HOSTNAMES
Optional
Comma-separated list of hostnames from which reCAPTCHA tokens are accepted. Prevents token replay attacks.
Default: none ·
Example: tymeslot.yourdomain.com
TELEGRAM_BOT_TOKEN
Optional
Bot token from @BotFather. Setting this variable enables shared bot mode — all three Telegram variables must be set together. The application refuses to start if the token is set but the other two are missing.
Default: none ·
Example: 123456789:ABCdef...
TELEGRAM_BOT_USERNAME
Optional
Username of the bot (without the @
prefix). Required when TELEGRAM_BOT_TOKEN
is set.
Default: none ·
Example: MyTymeslotBot
TELEGRAM_WEBHOOK_SECRET
Optional
Random secret passed to Telegram's setWebhook
API and verified on every incoming webhook call. Required when
TELEGRAM_BOT_TOKEN
is set.
Default: none ·
Example: openssl rand -hex 32
TELEGRAM_ENABLED
Optional
Set to true
to enable Telegram in own-bot mode (each user supplies their own bot token and chat ID). Only effective when
TELEGRAM_BOT_TOKEN
is not
set — setting the token automatically enables shared bot mode regardless of this flag.
Default: false ·
Example: true
HTTPS_PROXY
Optional
Route HTTPS outbound requests through this proxy. Also accepts lowercase https_proxy.
Default: none ·
Example: http://proxy.corp.com:3128
HTTP_PROXY
Optional
Route HTTP outbound requests through this proxy. Also accepts lowercase http_proxy.
Default: none ·
Example: http://proxy.corp.com:3128
NO_PROXY
Optional
Comma-separated list of hosts, IP addresses, or CIDR ranges that bypass the proxy. Also accepts lowercase no_proxy.
Default: none ·
Example: localhost,127.0.0.1,10.0.0.0/8
DNS_CLUSTER_QUERY
Optional
DNS query used for Erlang cluster node discovery in multi-node deployments.
Default: none ·
Example: tymeslot.internal
SECRET_KEY_BASE, PHX_HOST, POSTGRES_PASSWORD, and email configuration (EMAIL_FROM_NAME, EMAIL_FROM_ADDRESS, and SMTP or Postmark credentials). All other variables have defaults or are feature-specific.
For a Docker deployment you need five variables to start the application:
SECRET_KEY_BASE
— required for session signing
PHX_HOST
— your public domain name
POSTGRES_PASSWORD
— the only truly required database variable; hostname, name, and user all have defaults
EMAIL_FROM_NAME
and
EMAIL_FROM_ADDRESS
— required for outbound email
Plus credentials for your chosen email adapter — SMTP variables if using the default adapter, or
POSTMARK_API_KEY
if using Postmark.
Run either of these commands and paste the output as the variable value:
mix phx.gen.secret
— requires an Elixir installation
openssl rand -base64 64 | tr -d '\n'
— works on any system with OpenSSL
The value must be at least 64 characters long. Never reuse a value across environments and never commit it to version control.
Yes. Docker Compose automatically loads a
.env
file placed in the same directory as your docker-compose.yml. Variables defined there are substituted into the Compose file and passed to containers.
In production, prefer your platform's secret management — Cloudron's environment panel, Railway's variables UI, or a secrets manager — rather than committing a
.env
file to your repository.
Tymeslot's Docker deployment uses individual variables (DATABASE_HOST, POSTGRES_DB, etc.) rather than a single connection URL. If you are on Cloudron, the platform injects its own
CLOUDRON_POSTGRESQL_*
variables automatically — you do not need to set any database variables manually.
If your hosting platform provides a single URL and you need to break it apart, the standard PostgreSQL format is:
postgres://username:password@hostname:5432/database_name
Environment variables are read at startup only. A running container retains the values it was started with regardless of any later changes to your
.env
file or platform configuration.
Restart the container after every environment variable change:
docker-compose restart tymeslot
(or a full
docker-compose up -d
to pick up changes to the Compose file itself).
Deploy Tymeslot using Docker and Docker Compose. Perfect for VPS hosting, home servers, or any environment with Docker support.
One-click installation on Cloudron. Automated backups, SSL certificates, and updates handled automatically.
One-click deploy on Railway. Postgres is provisioned and wired automatically — your instance is live in minutes with no server management.