Configuration
A Custos deployment is configured through environment variables and a small set of runtime settings. This page is the operator’s map of that surface.
Secrets
Section titled “Secrets”These are injected at runtime and never baked into the image:
| Variable | Role |
|---|---|
EZPDS_SIGNING_KEY_MASTER_KEY | Master key (64 hex chars = 32 bytes) — the AES-256-GCM key that encrypts all at-rest signing material: every account’s repo signing key, the server’s OAuth signing key, the JWT secret, and the node identity. |
EZPDS_ADMIN_TOKEN | Bearer token guarding the admin/operator endpoints. |
Runtime
Section titled “Runtime”| Variable | Role |
|---|---|
PORT | Injected by the platform; the server binds it. |
EZPDS_PUBLIC_URL | The externally reachable origin of the PDS. |
EZPDS_AVAILABLE_USER_DOMAINS | Domains users may claim handles on. |
The authoritative list is the PDS configuration type in the codebase; the table above is the operator-facing subset. The generated version (see the note above) will make this list exhaustive and drift-proof.