Documentation

Reference for env vars, roles, and operations.

Environment Variables

Email backend (Graph / Gmail / SMTP) and SMTP credentials are configured at runtime in Admin → Authentication → Email, not via env. Same for Entra/Google enable toggles — env vars below only supply the credentials.

Variable	Required	Default	Description
POSTGRES_PASSWORD	yes	—	Postgres password
SESSION_SECRET	yes	—	Random 32+ char string
FRONTEND_URL	yes	—	Public base URL
COOKIE_SECURE	yes	true	Set `true` behind HTTPS
PORT	no	3001	Backend port (internal)
APP_INTERNAL_PORT	no	8090	Bound on `127.0.0.1`
UPLOADS_DIR	no	/data/uploads	In-container path
MAX_UPLOAD_MB	no	50	Per-attachment limit
COMPOSE_PROJECT_NAME	no	dir name	Pin volume prefix when renaming the install directory
AZURE_TENANT_ID	opt	—	Entra tenant
AZURE_CLIENT_ID	opt	—	Entra app ID
AZURE_CLIENT_SECRET	opt	—	Entra client secret
AZURE_REDIRECT_URI	opt	—	Must match App Registration
GOOGLE_CLIENT_ID	opt	—	Google OAuth client
GOOGLE_CLIENT_SECRET	opt	—	Google OAuth secret
MAIL_FROM	opt	—	Sender address (Graph backend only)

User Roles

Admin

Full access. Manage users, projects, branding, auth, statuses.

Manager

Manage tickets in assigned projects. Assign work, change status.

Submitter

Open tickets, comment, attach files. Cannot reassign.

Viewer

Read-only. Useful for stakeholders and exec dashboards.

Roles can be overridden per project — e.g., a Submitter on most projects who's a Manager on one.

Operations

Update to a new release

cd resolvd
git pull
docker compose up -d --build

View logs

docker compose logs -f backend
docker compose logs -f nginx

Reset a forgotten admin password

docker exec -it resolvd-backend node scripts/reset-password.js <email>

Wipe everything (start fresh)

docker compose down -v
rm -rf data/uploads/*

Troubleshooting

▸Cookies aren't being set / login redirects loop

Almost always a TLS / proxy header issue. Make sure your proxy forwards X-Forwarded-Proto and that COOKIE_SECURE=true matches whether you're actually serving HTTPS.

▸Entra login fails with AADSTS50011

Redirect URI in your App Registration doesn't exactly match AZURE_REDIRECT_URI. Check trailing slashes and protocol.

▸413 Request Entity Too Large on attachments

Bump client_max_body_size (nginx) or max_size (Caddy) to at least MAX_UPLOAD_MB.