chore: update .env and compose files

[hiitsrob]

Pull Request Check List

Resolves: #1327

• Added tests for changed code.
  No tests needed - documentation and configuration changes only
• Updated documentation for changed code.
  The .env.example itself is the documentation

Description:

Improve Docker deployment experience by making .env.example more user-friendly and refactoring docker-compose.yml to use environment variables.

Changes:

• .env.example improvements:
  • Add usage instructions explaining how to use the file
  • Reorganize into clear sections with "Required Settings" at the top
  • Comment out optional settings (showing defaults) so users only need to configure what they actually need
  • Add missing settings: stream, indexer, notifications, post processing, debrid_link
• docker-compose.yml refactor:
  • Use env_file: .env to automatically load environment variables
  • Replace hardcoded paths/credentials with ${VAR:-default} syntax
  • Add required variable validation with ${VAR:?set in .env} for critical settings
  • Separate database config into individual components (DB_USER, DB_PASSWORD, DB_NAME, DB_HOST, DB_PORT)
  • Add helpful comments about directory permissions
• Bug fix: Use RIVEN_API_KEY instead of API_KEY in generate_api_key() for consistency with the RIVEN_ prefix pattern used by the settings manager

Summary by CodeRabbit

• Chores

  • Configuration now uses commented placeholders; many settings must be manually enabled by uncommenting.
  • Docker setup updated: image, security/capacity settings, env-file usage, credential sourcing, and volume handling improved; frontend and media services disabled by default.
  • Standardized an API key environment variable name.

• Documentation

  • Added top-of-file usage guidance, a "Required Settings" section, and notes on precedence and ownership.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (1)

• chore

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Example environment file and Docker Compose were changed to use commented placeholders and env-substitution for secrets/paths; several runtime defaults were removed from .env.example; docker-compose.yml now references .env and protects secrets; code now reads RIVEN_API_KEY instead of API_KEY.

Changes

Cohort / File(s)	Summary
Environment example \.env\.example	Many active defaults turned into commented placeholders; added usage/provenance section; introduced "Required Settings" region; features require uncommenting to enable (logging, cache, updaters, scrapers, ranking, etc.)
Docker Compose docker-compose\.yml	riven image -> spoked/riven:dev; env_file: .env added; added cap_add and security_opt, increased shm_size; environment block converted to key:value with env substitution; volumes and paths driven by env vars (ownership notes); riven_postgres credentials now required via ${VAR:?set in .env} and data volume env-driven; frontend/jellyfin blocks commented/placeholdered
Runtime code src/program/utils/__init__\.py	generate_api_key() now reads RIVEN_API_KEY (replaced API_KEY) and log message updated; key-length logic unchanged

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant User as Developer (edits .env)
  participant Docker as Docker Compose
  participant Riven as riven container
  participant Postgres as riven_postgres container

  Note over User,Docker: Deployment changes require .env edits and docker-compose env substitution
  User->>Docker: docker compose up
  Docker->>Riven: inject env vars from .env (env_file) and environment mappings
  Docker->>Postgres: inject DB creds from ${RIVEN_BACKEND_DB_*}
  alt Missing required env
    Postgres-->>Docker: healthcheck fails / startup blocked
    Riven-->>Docker: logs error about missing services or no updaters enabled
  else Env provided
    Postgres->>Postgres: initialize DB at ${RIVEN_DB_DATA}
    Riven->>Riven: read RIVEN_API_KEY and other RIVEN_* vars
    Riven->>Postgres: connect using provided DB host/creds
    Riven-->>User: service healthy
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• Gaisberg
• dreulavelle

🐰 I hopped through .env with care,
Commented seeds now nestle there,
Docker reads the lines you write,
Keys renamed to shine just right,
A tiny hop for cleaner light. ✨

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description comprehensively covers changes, includes linked issue resolution, and explains why tests/docs updates aren't needed for this config-only PR.
Linked Issues check	✅ Passed	Changes align with issue #1327 requirements: corrected variable names (RIVEN_API_KEY), documented settings, refactored docker-compose.yml for env vars, and added validation.
Out of Scope Changes check	✅ Passed	All changes directly address issue #1327 objectives: environment variable alignment, docker-compose refactoring, and API key consistency improvements.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Title check	✅ Passed	The title accurately describes the main changes: updating .env and docker-compose files for better configuration management.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

docker-compose.yml (1)

49-53: Consider adding user flag to pg_isready for reliability.

The healthcheck now uses pg_isready without specifying a user. While this may work (it defaults to the connection user), explicitly specifying the user would be more reliable and clear.

🔎 Suggested improvement

         healthcheck:
-            test: ["CMD-SHELL", "pg_isready"]
+            test: ["CMD-SHELL", "pg_isready -U ${RIVEN_BACKEND_DB_USER}"]
             interval: 10s
             timeout: 5s
             retries: 5

Note: This would require the environment variable to be available in the healthcheck context, which it should be given the environment section in lines 40-44.

📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between e90d22b and 15b656a.

📒 Files selected for processing (3)

• .env.example
• docker-compose.yml
• src/program/utils/__init__.py

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-12-14T14:03:08.790Z

Learnt from: joemckie
Repo: rivenmedia/riven PR: 1288
File: src/program/services/library_profile_matcher.py:51-51
Timestamp: 2025-12-14T14:03:08.790Z
Learning: In Python 3.13+, built-in generic alias constructors like list[str]() and dict[str, int]() are valid. When reviewing Python files (any .py in the repo), allow using generic aliases in type hints (e.g., list[str], dict[str, int]) and, if constructing empty containers, use the generic form (e.g., my_list = list[str]()). Ensure code targets Python 3.13+ and that dependencies or tooling in the repo support the new syntax.

Applied to files:

• src/program/utils/__init__.py

📚 Learning: 2025-12-14T14:04:01.100Z

Learnt from: joemckie
Repo: rivenmedia/riven PR: 1288
File: src/program/services/downloaders/__init__.py:66-66
Timestamp: 2025-12-14T14:04:01.100Z
Learning: In Python 3.13 and newer, parameterized generic instantiation syntax such as dict[K, V]() or list[T]() is valid. Do not flag these constructions as errors in code reviews or static analysis for this repository. Ensure tooling (linters/mypy's config) targets Python >= 3.13, so this syntax is allowed across Python files.

Applied to files:

• src/program/utils/__init__.py

🪛 dotenv-linter (4.0.0)

.env.example

[warning] 17-17: [UnorderedKey] The RIVEN_BACKEND_DB_PASSWORD key should go before the RIVEN_BACKEND_DB_USER key

(UnorderedKey)

---

[warning] 17-17: [ValueWithoutQuotes] This value needs to be surrounded in quotes

(ValueWithoutQuotes)

---

[warning] 18-18: [TrailingWhitespace] Trailing whitespace detected

(TrailingWhitespace)

---

[warning] 18-18: [UnorderedKey] The RIVEN_BACKEND_DB_NAME key should go before the RIVEN_BACKEND_DB_PASSWORD key

(UnorderedKey)

---

[warning] 19-19: [TrailingWhitespace] Trailing whitespace detected

(TrailingWhitespace)

---

[warning] 19-19: [UnorderedKey] The RIVEN_BACKEND_DB_HOST key should go before the RIVEN_BACKEND_DB_NAME key

(UnorderedKey)

---

[warning] 20-20: [TrailingWhitespace] Trailing whitespace detected

(TrailingWhitespace)

---

[warning] 20-20: [UnorderedKey] The RIVEN_BACKEND_DB_PORT key should go before the RIVEN_BACKEND_DB_USER key

(UnorderedKey)

---

[warning] 42-42: [UnorderedKey] The PGID key should go before the PUID key

(UnorderedKey)

🔇 Additional comments (8)

.env.example (2)

1-10: LGTM: Clear usage instructions.

The introductory documentation effectively explains the workflow, precedence rules, and the relationship between environment variables and settings.json.

---

55-456: LGTM: Comprehensive optional settings documentation.

The conversion of all optional settings to commented templates with defaults achieves the PR objective of making the configuration more user-friendly. Users can now see all available options without accidentally enabling features they don't need.

The coverage includes all the feature areas mentioned in the PR objectives: logging, filesystem cache, stream settings, updaters, downloaders, content sources, indexer, scrapers, ranking, notifications, post-processing, and logger personalization.

docker-compose.yml (5)

3-3: Verify the :dev image tag is intentional.

The image has been changed from spoked/riven:latest to spoked/riven:dev. Using a dev tag in the default docker-compose.yml example could expose users to unstable builds. Consider whether this should be :latest or a specific version tag instead.

Is this change intentional for the default configuration, or should it be reverted to :latest?

---

6-22: LGTM: Well-structured environment variable configuration.

The addition of env_file: .env combined with environment variable substitution using ${VAR:-default} and ${VAR:?set in .env} provides excellent security and flexibility. The RIVEN_DATABASE_HOST composition from multiple validated components is particularly robust.

---

28-32: LGTM: Clear volume configuration with helpful documentation.

The ownership notes and environment-driven volume paths improve the user experience significantly. The use of :rshared,z mount options is correct for FUSE filesystem propagation and SELinux contexts.

---

37-48: LGTM: Database credentials properly secured.

Moving PostgreSQL credentials from hardcoded values to validated environment variables significantly improves security. The ownership notes and default volume path provide good guidance for users.

---

55-67: LGTM: Example services provide helpful reference.

The commented-out frontend and Jellyfin services serve as useful templates for users who want to integrate these components. The Jellyfin example correctly references the RIVEN_HOST_MOUNT_PATH variable with :rslave mount propagation.

src/program/utils/__init__.py (1)

30-43: Environment variable migration to RIVEN_API_KEY is complete.

The change from the API_KEY environment variable to RIVEN_API_KEY is correctly implemented. The codebase contains no legacy references to the old environment variable name—only the updated RIVEN_API_KEY is used.

[dreulavelle]

Nice. Not sure why jellyfin was here to begin with, it didn't belong here.

We should probably create a docker-compose-full.yml to show a full example of what a stack could look like. With the backend, frontend, postgres and plex.

[dreulavelle]

On second thought, we could just do that with this compose file. Users can remove the services they don't need from it..

[AquaHorizonGaming]

Just use docker compose profiles!

[dreulavelle]

Just use docker compose profiles!

I didn't realize profiles existed, but yeah that could work too.

[hiitsrob]

I added examples for Jellyfin, Overseerr, and Zilean with docker compose profiles for each.

[dreulavelle]

I've added a few comments.

[dreulavelle]

Please be sure to look over the env's as well just to be safe.