Environment variables

Exhaustive list of environment variables recognized by arka-deck. Source of truth: .env.example at the root and effective reads at boot.

Web server

Variable	Default	Description
`ARKA_DECK_WEB_PORT`	`3117`	HTTP server port
`ARKA_DECK_WEB_HOST`	`127.0.0.1` (or `0.0.0.0` if `--lan`)	Bind address
`ARKA_DECK_WEB_LAN`	`0`	Enables LAN mode if `1`, `true` or `yes` (priority 2, see CLI)
`ARKA_DECK_LOG`	`info`	Fastify log level (`fatal`/`error`/`warn`/`info`/`debug`/`trace`/`silent`)
`ARKA_DECK_RATE_LIMIT_MAX`	`300`	Rate limit ceiling / minute

Variable	Default	Description
`ARKA_DECK_HOME`	`~/.arka-deck/`	Override the global user folder

Variable	Default	Description
`ARKA_DECK_CORTEX_URL`	`https://public.arkalabs.app`	Cortex endpoint for the catalogue (read-only)
`ARKA_DECK_CORTEX_MCP_URL`	`https://mcp.public.arkalabs.app`	Cortex MCP endpoint for agents
`ARKA_DECK_CORTEX_RUNTIME_URL`	(unset, loopback fallback)	Dedicated Cortex runtime endpoint
`CORTEX_LITE_URL`	(unset, loopback fallback)	Local Cortex Lite endpoint — legacy

By default, the ARKA_DECK_CORTEX_URL, ARKA_DECK_CORTEX_MCP_URL and ARKA_DECK_CORTEX_RUNTIME_URL overrides accept only:

Any other host is refused. To bypass in development:

ARKA_DECK_CORTEX_ALLOW_UNSAFE_URL=1

This variable must never be set in production.

Variable	Description
`ARKA_DECK_NOTION_OAUTH_CLIENT_ID`	Notion OAuth client ID (first-party integration)
`ARKA_DECK_NOTION_OAUTH_CLIENT_SECRET`	Notion OAuth client secret

OAuth variables are only needed if you use the Notion OAuth flow (not if you use an internal integration token).

Variable	Description
`PLAYWRIGHT_BASE_URL`	Base URL for Playwright tests (default `http://127.0.0.1:3117`)

Put overrides in .env.local (never in a versioned .env).
Never commit an API key.
For persistent secrets, use the Settings → Providers UI rather than an environment variable (AES-256-GCM encryption).
Check .env.example at the root for the maintained list.