Environment Variables
Tide Commander is configured via environment variables. Create a .env file at the repo root (copy .env.example as a starting point) or export variables in your shell before running tide-commander start.
Server variables
| Variable | Default | Description |
|---|---|---|
PORT | 5174 | Backend HTTP/WebSocket server port |
HOST | 127.0.0.1 | Backend bind address. 127.0.0.1 means localhost-only. |
VITE_PORT | 5173 | Vite dev server port (development mode only) |
TIDE_SERVER | http://localhost:$PORT | Server URL used by agent hooks for internal API calls |
LISTEN_ALL_INTERFACES | (unset) | Set to 1 to bind on 0.0.0.0 — makes Tide Commander reachable on your LAN |
Authentication
| Variable | Default | Description |
|---|---|---|
AUTH_TOKEN | (unset) | Static token required in the X-Auth-Token header for all HTTP and WebSocket connections. Generate a strong random value: openssl rand -hex 32 |
When AUTH_TOKEN is set, every API request and WebSocket upgrade must include the header:
curl -H "X-Auth-Token: YOUR_TOKEN" http://localhost:5174/api/agentsHTTPS / TLS
| Variable | Default | Description |
|---|---|---|
HTTPS | (unset) | Set to 1 to serve the backend over HTTPS and WSS |
TLS_KEY_PATH | ~/.tide-commander/certs/localhost-key.pem | Private key for the backend TLS certificate |
TLS_CERT_PATH | ~/.tide-commander/certs/localhost.pem | Certificate for the backend TLS |
DEV_HTTPS | (unset) | Set to 1 to run the Vite dev server over HTTPS |
DEV_TLS_KEY_PATH | (unset) | Private key for the Vite dev HTTPS server |
DEV_TLS_CERT_PATH | (unset) | Certificate for the Vite dev HTTPS server |
See HTTPS & Auth for step-by-step setup using mkcert or your own CA.
Using a .env file
Create .env at the project root:
PORT=5174HOST=0.0.0.0LISTEN_ALL_INTERFACES=1AUTH_TOKEN=your-secret-token-hereHTTPS=1TLS_KEY_PATH=~/.tide-commander/certs/localhost-key.pemTLS_CERT_PATH=~/.tide-commander/certs/localhost.pemTide Commander loads this file automatically on startup. When running via bunx, pass variables inline:
PORT=8080 AUTH_TOKEN=mytoken bunx tide-commanderOr export them first:
export PORT=8080export AUTH_TOKEN=mytokentide-commander startCLI flags vs environment variables
Most environment variables have equivalent CLI flags for one-off usage without a .env file:
tide-commander --port 8080 --host 0.0.0.0tide-commander --listen-all --port 8080tide-commander --https --tls-key ./certs/key.pem --tls-cert ./certs/cert.pemtide-commander --auth-token mytokentide-commander --generate-auth-token # prints a new token and exitsCLI flags take precedence over environment variables when both are set.