Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/gnmyt/Nexterm/llms.txt

Use this file to discover all available pages before exploring further.

Nexterm reads its configuration from environment variables at startup. Most variables have sensible defaults, but ENCRYPTION_KEY is required and has no default — the server will refuse to start without it.

Variables

ENCRYPTION_KEY
string
required
Key used to encrypt stored passwords, SSH private keys, and passphrases at rest. There is no default. The server throws an error and exits if this is not set.You can supply the key directly as an environment variable, or place it in a Docker secret at /run/secrets/encryption_key.Generate a strong key with:
openssl rand -hex 32
Do not lose this key. All stored credentials are encrypted with it and cannot be recovered without it.
SERVER_PORT
number
default:"6989"
The port the HTTP server listens on. Change this if port 6989 conflicts with another service on your host.
SERVER_PORT=8080
HTTPS_PORT
number
default:"5878"
The port the HTTPS server listens on when SSL certificates are present in data/certs. Has no effect if cert.pem and key.pem are absent.See the SSL guide for certificate setup.
HTTPS_PORT=8443
CONTROL_PLANE_PORT
number
default:"7800"
TCP port used for communication between the server and engine components. Only relevant in split server/engine deployments. Both the server and the engine configuration must agree on this port.
CONTROL_PLANE_PORT=7800
NODE_ENV
string
default:"development"
Runtime mode for the Node.js process.
ValueBehavior
productionServes the compiled web client from the dist/ directory
developmentReturns a 500 error page for all non-API routes; intended for local development with a separate frontend dev server
Always set NODE_ENV=production when running Nexterm for real users. The development mode does not serve the web interface.
AI_SYSTEM_PROMPT
string
System prompt injected into AI feature requests. Customize this to constrain or guide the AI assistant for your environment.
AI_SYSTEM_PROMPT="You are a Linux command generator assistant."
If not set, the AI feature uses its built-in default behavior.
LOG_LEVEL
string
default:"system"
Controls how much detail the server writes to its log output. Accepts one of the following values:
ValueDescription
systemStartup messages, connection events, and critical errors only (default)
infoGeneral operational messages
verboseDetailed request and event tracing
debugFull debug output including internal state
warnWarnings and errors only
errorErrors only
LOG_LEVEL=info

Summary table

VariableRequiredDefaultDescription
ENCRYPTION_KEYYesCredential encryption key
SERVER_PORTNo6989HTTP server port
HTTPS_PORTNo5878HTTPS server port
CONTROL_PLANE_PORTNo7800Engine communication port
NODE_ENVNodevelopmentRuntime mode
AI_SYSTEM_PROMPTNoAI feature system prompt
LOG_LEVELNosystemLog verbosity

Docker Compose example

The following docker-compose.yml snippet shows a typical production configuration with all variables set explicitly: 
services:
  nexterm:
    image: nexterm/aio:latest
    environment:
      ENCRYPTION_KEY: "your-32-byte-hex-key"
      SERVER_PORT: 6989
      NODE_ENV: production
      LOG_LEVEL: info
    network_mode: host
    restart: always
    volumes:
      - nexterm:/app/data

volumes:
  nexterm:
To use a Docker secret instead of an environment variable for ENCRYPTION_KEY, place the key value in a file at /run/secrets/encryption_key inside the container. Nexterm will read it automatically.

Build docs developers (and LLMs) love

Get started for freeTalk to us