Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Tymeslot/tymeslot/llms.txt

Use this file to discover all available pages before exploring further.

Tymeslot is configured entirely through environment variables. The repository ships with a .env.example file that acts as a canonical template — copy it to .env, fill in the values you need, and leave commented-out optional variables at their defaults. Shell environment variables always win over .env values, so any variable you set in your container runtime or orchestrator takes precedence automatically.
cp .env.example .env
# Then edit .env with your values

Required settings

These three variables must be set before Tymeslot will start. The application raises a hard error at boot if any of them is missing.
SECRET_KEY_BASE
string
required
Signing and encryption key for cookies, tokens, and other secrets. Must be at least 64 characters. Generate with:
openssl rand -base64 64 | tr -d '\n'
PHX_HOST
string
required
Your public domain name, e.g. tymeslot.yourdomain.com. Used to build absolute URLs in emails, OAuth redirect URIs, and calendar webhook callbacks. Do not include a scheme or trailing slash.
POSTGRES_PASSWORD
string
required
Password for the PostgreSQL user. For the embedded database this can be any strong value; for an external database it must match the credentials of the pre-existing user. Generate with:
openssl rand -base64 32 | tr -d '\n'
DATA_ENCRYPTION_KEY
string
Dedicated AES-256-GCM key for encrypting credentials at rest, independent of SECRET_KEY_BASE. Setting it lets you rotate SECRET_KEY_BASE without making stored calendar tokens, CalDAV passwords, and API keys undecryptable. Generate with:
openssl rand -base64 48 | tr -d '\n'
Once set it must stay stable across restarts. After adding it to an existing install, run the re-encryption sweep described in the Data Encryption guide.Default: key derived from SECRET_KEY_BASE (a startup warning is logged if this is unset).

Application settings

PORT
integer
default:"4000"
TCP port the Phoenix HTTP server listens on inside the container.
LISTEN_IP
string
default:"::"
IP address the HTTP server binds to. Common values:
ValueBehaviour
::All IPv4 and IPv6 interfaces (default)
0.0.0.0All IPv4 interfaces only
127.0.0.1Localhost only — use this behind a reverse proxy
URL_SCHEME
string
default:"https"
URL scheme for generated links. Set to http only for local or internal deployments without TLS. Production deployments should leave this at https.
WS_ALLOWED_ORIGINS
string
Comma-separated list of origins allowed to open a LiveView WebSocket connection. Defaults to origins derived from PHX_HOST (both http:// and https:// variants plus localhost:4000). Override when you serve the app under multiple hostnames.Example: https://yourdomain.com,https://www.yourdomain.com
REGISTRATION_ENABLED
boolean
default:"true"
Set to false to disable new user registration. Applies to all authentication methods including SSO and social login.
PASSWORD_AUTH_ENABLED
boolean
default:"true"
Set to false to disable email/password authentication entirely. Useful when you want users to log in exclusively via SSO or social login. Disable registration alongside this (REGISTRATION_ENABLED=false) to create a fully SSO-only instance.
DNS_CLUSTER_QUERY
string
DNS SRV query for multi-node Erlang clustering. Leave unset for single-node deployments (the default for most self-hosters).

Database settings

DATABASE_HOST
string
default:"localhost"
PostgreSQL hostname. When set to localhost or 127.0.0.1, Tymeslot uses the embedded PostgreSQL that runs inside the Docker container. Any other value tells the container to skip starting embedded PostgreSQL and connect to the external host instead.
DATABASE_PORT
integer
default:"5432"
PostgreSQL port.
POSTGRES_DB
string
default:"tymeslot"
PostgreSQL database name.
POSTGRES_USER
string
default:"tymeslot"
PostgreSQL username.
DATABASE_POOL_SIZE
integer
default:"60"
Ecto database connection pool size. The runtime default is 60, which is sized to support Tymeslot’s background job concurrency (Oban workers). Raise it for very high-traffic deployments and ensure your PostgreSQL max_connections stays above this value — the embedded PostgreSQL defaults to max_connections=100, leaving headroom for administrative connections.

Email configuration

EMAIL_ADAPTER
string
default:"test"
Email delivery backend. Valid values:
ValueBehaviour
testSilently discards all mail — default, not suitable for production
smtpDeliver via SMTP using the SMTP_* variables below
postmarkDeliver via Postmark API using POSTMARK_API_KEY
EMAIL_FROM_NAME
string
default:"Tymeslot"
Sender display name shown in recipients’ email clients.
EMAIL_FROM_ADDRESS
string
default:"hello@tymeslot.app"
Sender email address. Set this to an address on your own domain for production deployments.
EMAIL_SUPPORT_ADDRESS
string
Support contact address shown in email footers. Defaults to EMAIL_FROM_ADDRESS when unset.
EMAIL_CONTACT_RECIPIENT
string
Recipient address for contact-form submissions. Defaults to EMAIL_FROM_ADDRESS when unset.
POSTMARK_API_KEY
string
Postmark server API key. Required when EMAIL_ADAPTER=postmark. Sign up at postmarkapp.com.
SMTP_HOST
string
SMTP server hostname, e.g. smtp.gmail.com. Required when EMAIL_ADAPTER=smtp.
SMTP_PORT
integer
default:"587"
SMTP server port. 587 (STARTTLS) is the standard value for most providers.
SMTP_USERNAME
string
SMTP authentication username. Required when EMAIL_ADAPTER=smtp.
SMTP_PASSWORD
string
SMTP authentication password or app-specific password. Required when EMAIL_ADAPTER=smtp.

OAuth integrations

These credentials power calendar sync and video conferencing integrations. They are required only when users connect the corresponding integration; leave them unset to disable those options in the UI.
GOOGLE_CLIENT_ID
string
Google OAuth 2.0 client ID. Enables Google Calendar sync and Google Meet video. Create credentials at console.cloud.google.com. Redirect URI: https://yourdomain.com/auth/google/callback
GOOGLE_CLIENT_SECRET
string
Google OAuth 2.0 client secret.
GOOGLE_STATE_SECRET
string
Random string used as a CSRF state parameter for the Google OAuth flow. Self-generated — not provided by Google. Generate with openssl rand -base64 32.
OUTLOOK_CLIENT_ID
string
Microsoft Azure app registration client ID. One app covers both Outlook Calendar and Microsoft Teams. Register at portal.azure.com → Microsoft Entra ID → App registrations. Add both redirect URIs:
  • https://yourdomain.com/auth/outlook/calendar/callback
  • https://yourdomain.com/auth/teams/video/callback
OUTLOOK_CLIENT_SECRET
string
Microsoft Azure app client secret value (from Certificates & secrets).
OUTLOOK_STATE_SECRET
string
Random string used as a CSRF state parameter for the Microsoft OAuth flow. Self-generated — not provided by Microsoft. Generate with openssl rand -base64 32.

Calendar sync webhooks

WEBHOOK_BASE_URL
string
Public HTTPS base URL that Google and Microsoft use to deliver real-time calendar change notifications (Google push channels and Outlook Graph subscriptions). Format: https://tymeslot.yourdomain.com — scheme and host only, no trailing slash.When unset, calendar sync falls back to polling every 15 minutes. Only set this when the host is reachable from the public internet over HTTPS; providers perform a validation handshake against this URL during registration.
ALLOW_PRIVATE_IPS_FOR_CALENDAR
boolean
default:"false"
Allow CalDAV and self-hosted video integrations whose hostname resolves to a private, loopback, or link-local address. In production, outbound requests to such hosts are blocked as SSRF protection. Set to true if you self-host your CalDAV server (e.g. Nextcloud, Radicale) or video provider on a private network. This switch does not affect webhook delivery — see ALLOW_PRIVATE_IPS_FOR_WEBHOOKS.
ALLOW_PRIVATE_IPS_FOR_WEBHOOKS
boolean
default:"false"
Allow outbound webhook deliveries to URLs whose hostname resolves to a private, loopback, or link-local address. In production these are blocked as SSRF protection. Set to true only if you deliberately route webhooks to internal services. Deliberately separate from ALLOW_PRIVATE_IPS_FOR_CALENDAR so relaxing calendar SSRF does not silently open webhooks to internal hosts.

Social authentication

ENABLE_GOOGLE_AUTH
boolean
default:"false"
Enable Google login and signup. Requires GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET. Setting this to false still allows users to connect Google Calendar — social auth and calendar integration are independent.
ENABLE_GITHUB_AUTH
boolean
default:"false"
Enable GitHub login and signup. Requires GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET.
GITHUB_CLIENT_ID
string
GitHub OAuth app client ID. Required when ENABLE_GITHUB_AUTH=true. Create an OAuth App at GitHub → Settings → Developer settings. Callback URL: https://yourdomain.com/auth/github/callback
GITHUB_CLIENT_SECRET
string
GitHub OAuth app client secret. Required when ENABLE_GITHUB_AUTH=true.
ENABLE_OAUTH_AUTH
boolean
default:"false"
Enable generic OAuth 2.0 / OIDC login for SSO with providers such as Keycloak, Authentik, or Lemonldap::NG. All OAUTH_* variables below become required when this is true.
OAUTH_CLIENT_ID
string
Generic OAuth 2.0 / OIDC client ID. Required when ENABLE_OAUTH_AUTH=true.
OAUTH_CLIENT_SECRET
string
Generic OAuth 2.0 / OIDC client secret. Required when ENABLE_OAUTH_AUTH=true.
OAUTH_PROVIDER_URL
string
Base URL of your identity provider, e.g. https://keycloak.example.com. Required when ENABLE_OAUTH_AUTH=true.
OAUTH_AUTHORIZE_URL
string
Authorization endpoint. Must be HTTPS. Required when ENABLE_OAUTH_AUTH=true.
OAUTH_TOKEN_URL
string
Token endpoint. Must be HTTPS. Required when ENABLE_OAUTH_AUTH=true.
OAUTH_USERINFO_URL
string
Userinfo endpoint. Must be HTTPS. Required when ENABLE_OAUTH_AUTH=true.
OAUTH_SCOPE
string
default:"openid email profile"
Space-separated OAuth scopes to request.
OAUTH_ALLOW_ID_FALLBACK
boolean
default:"false"
Accept id or user_id as the subject claim when the IdP omits sub. Enable only for non-OIDC providers that do not return a sub claim.

reCAPTCHA v3

RECAPTCHA_SITE_KEY
string
Public reCAPTCHA v3 site key used in the browser. Required when RECAPTCHA_SIGNUP_ENABLED=true or RECAPTCHA_BOOKING_ENABLED=true. Sign up at google.com/recaptcha/admin.
RECAPTCHA_SECRET_KEY
string
Private reCAPTCHA v3 secret key used server-side for score verification. Required when either reCAPTCHA feature flag is enabled.
RECAPTCHA_SIGNUP_ENABLED
boolean
default:"false"
Enable reCAPTCHA v3 protection on the signup form.
RECAPTCHA_BOOKING_ENABLED
boolean
default:"false"
Enable reCAPTCHA v3 protection on the booking form.
RECAPTCHA_SIGNUP_MIN_SCORE
float
default:"0.3"
Minimum reCAPTCHA score to accept a signup submission as human. Range 0.0 (likely bot) to 1.0 (likely human).
RECAPTCHA_BOOKING_MIN_SCORE
float
default:"0.3"
Minimum reCAPTCHA score to accept a booking submission as human.
RECAPTCHA_SIGNUP_ACTION
string
default:"signup_form"
reCAPTCHA action name used for signup form verification.
RECAPTCHA_BOOKING_ACTION
string
default:"booking_form"
reCAPTCHA action name used for booking form verification.
RECAPTCHA_EXPECTED_HOSTNAMES
string
Comma-separated list of hostnames to validate in the reCAPTCHA response. Leave unset to skip hostname validation.

HTTP/HTTPS proxy

HTTP_PROXY
string
Outbound proxy for HTTP requests. Format: http://[user:password@]host:port. Both HTTP_PROXY and http_proxy are supported; uppercase takes precedence.
HTTPS_PROXY
string
Outbound proxy for HTTPS requests. Format: http://[user:password@]host:port. Applies to all external API calls: Google Calendar, Microsoft Graph, CalDAV, OAuth, and webhook deliveries.
NO_PROXY
string
Comma-separated hosts, domains, or CIDRs to bypass the proxy. Supports wildcards (*.internal.com) and CIDR notation (10.0.0.0/8).Example: localhost,127.0.0.1,*.internal.company.com,10.0.0.0/8

Telegram notifications

TELEGRAM_ENABLED
boolean
default:"false"
Enable the Telegram notification integration in own-bot mode. When enabled, users can connect their personal Telegram bot to receive booking notifications by supplying their own bot token and chat ID.

Slack notifications

SLACK_ENABLED
boolean
default:"false"
Enable Slack notification integration in webhook-URL mode. When true and no SLACK_CLIENT_ID is provided, users can paste an Incoming Webhook URL from their own Slack app.
SLACK_CLIENT_ID
string
Slack App client ID for OAuth mode. Setting this enables Slack notifications and activates the “Add to Slack” OAuth button in the dashboard. Create a Slack App at api.slack.com/apps with scopes chat:write, chat:write.public, channels:read, groups:read, team:read. Redirect URL: <your-domain>/api/slack/oauth/callback
SLACK_CLIENT_SECRET
string
Slack App client secret. Required alongside SLACK_CLIENT_ID to activate full OAuth mode.

Admin alerts

ADMIN_ALERTS_ENABLED
boolean
default:"false"
Enable operational admin alerts delivered by email. When enabled, Tymeslot emails ADMIN_ALERT_EMAIL on events such as webhook processing failures, integration health issues, and background job errors. Both this flag and ADMIN_ALERT_EMAIL must be set for delivery.
ADMIN_ALERT_EMAIL
string
Recipient address for admin alert emails. Required when ADMIN_ALERTS_ENABLED=true.Example: admin@yourdomain.com

Booking analytics

ANALYTICS_SALT_SECRET
string
Secret that keys the cookie-less daily visitor fingerprint. Required only when booking analytics is enabled (config :tymeslot, :booking_analytics_enabled, true). The app fails fast at boot if analytics is enabled and this variable is missing.Generate once and keep constant across deployments — changing it re-hashes the same visitor and double-counts uniques:
openssl rand -base64 48 | tr -d '\n'

Stripe payments

STRIPE_SECRET_KEY
string
Stripe secret API key. Required when MEETING_PAYMENTS_ENABLED=true. Enables paid booking sessions via Stripe Connect.
STRIPE_WEBHOOK_SECRET
string
Stripe webhook signing secret for verifying incoming webhook events. Recommended when Stripe is enabled; without it, webhook signature verification is disabled (a warning is logged at startup).
STRIPE_CONNECT_WEBHOOK_SECRET
string
Stripe Connect webhook signing secret, separate from the platform webhook secret. Used to verify events from connected accounts.
MEETING_PAYMENTS_ENABLED
boolean
default:"false"
Opt in to the meeting payments feature. Requires STRIPE_SECRET_KEY and STRIPE_CONNECT_WEBHOOK_SECRET.
MEETING_PAYMENTS_DEFAULT_COUNTRY
string
Default two-letter ISO country code for Stripe Connect onboarding, e.g. us. When unset, users select their country during onboarding.
MEETING_PAYMENTS_APPLICATION_FEE_BP
integer
default:"0"
Platform application fee in basis points (100 = 1%). Range 010000. Defaults to 0 so no platform cut is taken unless the operator explicitly sets a value.

Build docs developers (and LLMs) love