Configuration
Diskus is designed to be highly configurable. You can configure global server behavior using Environment Variables, and control per-site behavior directly from the Admin Dashboard.
Environment Variables
Environment variables are set on the server where you deploy the Backend API.
Required Variables
| Variable | Description |
|---|
JWT_SECRET | A secure, random string used to sign authentication tokens. In production, using a weak default secret will cause the server to refuse to start. |
Optional Server Variables
| Variable | Default | Description |
|---|
DATABASE_PATH | sqlite.db | The absolute or relative path to the SQLite database file. |
PORT | 3000 | The port the backend API listens on. |
NODE_ENV | development | Standard Node environment variable. Set to production to enable strict CORS and security checks. |
Access Control Variables
| Variable | Default | Description |
|---|
DASHBOARD_ORIGIN | * (in dev) | A comma-separated list of allowed origins that can access the Admin API (e.g., https://admin.yourdomain.com). Prevents unauthorized cross-origin requests. |
ALLOW_REGISTRATION | false | Diskus allows the very first user to register as an admin. After that, registration is locked. Set this to true to allow additional users to register admin accounts. |
Email Notifications
| Variable | Default | Description |
|---|
RESEND_API_KEY | None | Your global Resend API key for sending email notifications. (Note: Users can also set personal API keys inside the dashboard). |
RESEND_SENDER_EMAIL | onboarding@resend.dev | The default email address used to send notifications (e.g., noreply@yourdomain.com). |
Special Modes
| Variable | Default | Description |
|---|
DEMO_MODE | false | Set to true to enable “Read-Only” mode for the admin dashboard. Useful for public live demos. Visitors can still post comments, but dashboard users cannot delete or modify data. |
SEED_DB | false | Used in Docker deployments to auto-seed the database with dummy data on startup. |
Site-Specific Settings
In addition to global server variables, Diskus provides per-site settings that can be configured directly from the Admin Dashboard. Navigate to the Websites tab and click the settings icon for a specific domain.
Authentication Mode
- Guest & Login Allowed (Default): Anyone can comment. Guests only need to provide a name and email.
- Login Required: Disables guest commenting. Users must create an account and verify their identity to comment.
Moderation Mode
- Require Moderation (Default): All new comments are placed in a “Pending” queue and will not appear on your website until an admin manually approves them.
- Auto-Approve: Comments appear instantly. (Honeypot anti-spam measures still apply).
Interface Settings
- Comments Limit: The initial number of root-level comments to load when the widget initializes. Users can load more by clicking the “Load more” button. (Default: 10)
- Email Notifications: Toggle whether the site owner should receive an email every time a new comment is posted on this specific domain.
Diskus