Configuration File All configuration is done through the .env file in the root directory. Start by copying the example:
Required Variables These variables must be set for Tesslate Studio to function.
SECRET_KEY Secret key for JWT token signing and session encryption.
Generate: python -c "import secrets; print(secrets.token_urlsafe(32))"
Example: SECRET_KEY=your-generated-secret-key-here
LITELLM_MASTER_KEY Master key for LiteLLM proxy authentication.
Generate: python -c "import secrets; print('sk-' + secrets.token_urlsafe(32))"
Example: LITELLM_MASTER_KEY=sk-your-litellm-master-key
AI Provider API Keys At least one AI provider API key is required for Tesslate Studio to generate code.
OpenAI
Anthropic
Google
Azure OpenAI
OPENAI_API_KEY=sk-your-openai-key
Supports GPT-5, GPT-4, and GPT-3.5 models. ANTHROPIC_API_KEY=sk-your-anthropic-key
Supports Claude 3.5 and Claude 3 models. GOOGLE_API_KEY=your-google-api-key
Supports Gemini Pro and Gemini Flash models. AZURE_API_KEY=your-azure-key AZURE_API_BASE=https://your-resource.openai.azure.com AZURE_API_VERSION=2024-02-15-preview
Optional Variables Application Settings APP_DOMAIN
string
default: "studio.localhost"
Domain where Tesslate Studio is hosted.
# Local development APP_DOMAIN=studio.localhost # Production APP_DOMAIN=studio.yourcompany.com
Protocol for accessing the application. Options: http, https
# Local APP_PROTOCOL=http # Production with SSL APP_PROTOCOL=https
FRONTEND_URL
string
default: "http://studio.localhost"
Full URL where the frontend is accessible.
FRONTEND_URL=https://studio.yourcompany.com
Database Configuration PostgreSQL connection string in asyncpg format.
# Docker default (no change needed) DATABASE_URL=postgresql+asyncpg://tesslate:tesslate_password@postgres:5432/tesslate_db # External managed database DATABASE_URL=postgresql+asyncpg://admin:[email protected] :5432/tesslate
PostgreSQL username (Docker only).
POSTGRES_PASSWORD
string
default: "tesslate_password"
PostgreSQL password (Docker only).
Change the default password in production environments!
POSTGRES_DB
string
default: "tesslate_db"
PostgreSQL database name (Docker only).
LiteLLM Configuration LITELLM_DEFAULT_MODELS
string
default: "gpt-5o-mini,claude-3-haiku,gemini-pro"
Comma-separated list of default AI models.
# Use only GPT-5 models LITELLM_DEFAULT_MODELS=gpt-5o,gpt-5o-mini # Mix of providers LITELLM_DEFAULT_MODELS=gpt-5o-mini,claude-3-haiku,gemini-flash
Initial API budget per user in USD.
# $50 initial budget LITELLM_INITIAL_BUDGET=50.0
LITELLM_PROXY_URL
string
default: "http://litellm:4000"
LiteLLM proxy endpoint URL.
# External LiteLLM instance LITELLM_PROXY_URL=http://litellm.yourcompany.com:4000
Deployment Mode Container orchestration system to use. Options: docker, kubernetes
# Local development with Docker + Traefik DEPLOYMENT_MODE=docker # Production with Kubernetes DEPLOYMENT_MODE=kubernetes
Docker mode uses Docker Compose with Traefik for subdomain routing. Kubernetes mode uses K8s with NGINX Ingress and supports auto-scaling.
Application Domain APP_DOMAIN
string
default: "localhost"
Domain where Tesslate Studio is hosted (without protocol).
Full URL with protocol for OAuth redirects.
# Local development APP_DOMAIN=localhost APP_BASE_URL=http://localhost # Production APP_DOMAIN=studio.yourcompany.com APP_BASE_URL=https://studio.yourcompany.com
Auto-Seeding Automatically seed database with agents and templates on startup.
# Enable auto-seeding (recommended) AUTO_SEED_DATABASE=true # Disable for manual control AUTO_SEED_DATABASE=false
What gets seeded:
4 marketplace agents (Stream Builder, Full Stack Agent, etc.)
3 project templates (Next.js, Vite+React+FastAPI, Vite+React+Go)
6 open-source customizable agents
OAuth Configuration Configure OAuth providers for social login and integrations.
GitHub OAuth app client ID.
GitHub OAuth app client secret.
GITHUB_OAUTH_REDIRECT_URI
Callback URL for GitHub OAuth.
GITHUB_CLIENT_ID=your-github-client-id GITHUB_CLIENT_SECRET=your-github-client-secret GITHUB_OAUTH_REDIRECT_URI=https://studio.yourcompany.com/auth/github/callback
Google OAuth client secret.
GOOGLE_OAUTH_REDIRECT_URI
Callback URL for Google OAuth.
GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com GOOGLE_CLIENT_SECRET=your-google-client-secret GOOGLE_OAUTH_REDIRECT_URI=https://studio.yourcompany.com/auth/google/callback
Stripe Billing (Optional) Configure Stripe for subscription billing and marketplace payments.
Stripe publishable key for frontend.
Webhook signing secret for Stripe events.
STRIPE_SECRET_KEY=sk_live_your-stripe-secret-key STRIPE_PUBLISHABLE_KEY=pk_live_your-stripe-publishable-key STRIPE_WEBHOOK_SECRET=whsec_your-webhook-secret STRIPE_PREMIUM_PRICE_ID=price_your-premium-plan-id
S3 Storage (Kubernetes Only) Required for Kubernetes deployments using the S3 Sandwich pattern.
S3_BUCKET_NAME
string
default: "tesslate-projects"
S3 bucket name for project storage.
S3 endpoint URL. Leave empty for AWS S3, set for MinIO or DigitalOcean Spaces.
S3_REGION
string
default: "us-east-1"
S3 region for signature calculation.
# AWS S3 S3_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE S3_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY S3_BUCKET_NAME=tesslate-projects S3_REGION=us-east-1 # DigitalOcean Spaces S3_ENDPOINT_URL=https://nyc3.digitaloceanspaces.com S3_BUCKET_NAME=your-space-name S3_REGION=nyc3 # MinIO (local development) S3_ENDPOINT_URL=http://minio:9000 S3_BUCKET_NAME=tesslate-projects
Kubernetes Settings Configuration for Kubernetes deployments.
Docker image for user project containers.
Kubernetes secret name for private registry authentication.
K8S_STORAGE_CLASS
string
default: "tesslate-block-storage"
Kubernetes storage class for PVCs.
Enable S3 Sandwich pattern for project storage.
# Production (DigitalOcean) K8S_DEVSERVER_IMAGE=registry.digitalocean.com/your-registry/tesslate-devserver:latest K8S_IMAGE_PULL_SECRET=your-registry-secret K8S_STORAGE_CLASS=do-block-storage # AWS EKS K8S_DEVSERVER_IMAGE=123456789.dkr.ecr.us-east-1.amazonaws.com/tesslate-devserver:latest K8S_IMAGE_PULL_SECRET=ecr-credentials K8S_STORAGE_CLASS=gp3 # Minikube (local) K8S_DEVSERVER_IMAGE=tesslate-devserver:latest K8S_IMAGE_PULL_SECRET= K8S_STORAGE_CLASS=standard
Logging Application logging level. Options: DEBUG, INFO, WARNING, ERROR, CRITICAL
# Development LOG_LEVEL=DEBUG # Production LOG_LEVEL=INFO
Production Configuration Recommended settings for production deployments:
# Security SECRET_KEY=<strong-random-key> LITELLM_MASTER_KEY=sk-<strong-random-key> # Domain APP_DOMAIN=studio.yourcompany.com APP_PROTOCOL=https FRONTEND_URL=https://studio.yourcompany.com # Database (use managed service) DATABASE_URL=postgresql+asyncpg://user:[email protected] :5432/tesslate # Logging LOG_LEVEL=INFO # Auto-seed (optional in production) AUTO_SEED_DATABASE=false
Local AI Models (Ollama) To use local AI models with Ollama:
Configure LiteLLM
LITELLM_DEFAULT_MODELS=ollama/llama2
Configuration Examples Minimal Setup (Free)
Development
Production
SECRET_KEY=<generated> LITELLM_MASTER_KEY=sk-<generated> # No paid API keys - use local models LITELLM_DEFAULT_MODELS=ollama/llama2
Troubleshooting
Problem: SECRET_KEY is missing or invalid.Solution: Generate a new key and update .env:python -c "import secrets; print(secrets.token_urlsafe(32))"
Database connection failed
Problem: PostgreSQL is not accessible.Solution: # Check if postgres container is running docker compose ps postgres # Restart database docker compose restart postgres # Check logs docker compose logs postgres
Problem: Missing or invalid AI provider API key.Solution:
Verify key in .env has no extra spaces
Test key with provider directly
Restart orchestrator:
docker compose restart orchestrator
Next Steps 
