What you run
A Scopy instance has four main runtime pieces:
Optional semantic code search uses Qdrant. Without Qdrant, Scopy can still review pull requests using diffs, repository files, symbol context and text search.
Required external services
Before a production deployment, prepare:- A GitHub App for repository access, webhook delivery, and pull request comments.
- Google OAuth credentials for user sign-in.
- An OpenRouter API key or Vercel AI Gateway API key for review model calls.
- A PostgreSQL database.
- Public HTTPS URLs for the web app and API.
Deployment model
The included Dockerfiles build production-style containers for the web app and API. The API container can run either the HTTP API or the worker process, depending on the command. In production, run at least:- One web process.
- One API process.
- One worker process.
- One PostgreSQL database.
Production checklist
- Set stable public URLs in
BETTER_AUTH_URL,FRONTEND_URL,VITE_API_BASE_URL, andVITE_WEB_BASE_URL. - Use a long random
BETTER_AUTH_SECRET. - Configure GitHub App id, slug, OAuth client credentials, private key, and webhook secret.
- Configure
OPENROUTER_API_KEYorAI_GATEWAY_API_KEYand choose review models. - Apply Drizzle and Graphile Worker migrations.
- Route GitHub webhooks to the API.
- Ensure the worker can reach GitHub, the selected AI provider, PostgreSQL, and optional Qdrant.
- Persist
REVIEW_WORKDIRandREVIEW_RUNS_DIRif you need review workspaces or debug artifacts to survive restarts.
Next steps
- Use Local setup to run Scopy locally.
- Use Configuration to prepare environment variables.
- Read How self-hosted Scopy works for the runtime and review flow.

