Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.opendot.ai/llms.txt

Use this file to discover all available pages before exploring further.

OpenDot includes a root render.yaml Blueprint for a Render preview deployment. It creates:
  • opendot-web: static Vite console.
  • opendot-api: Docker web service for the platform API.
  • opendot-runtime: Docker web service for realtime voice sessions.
The API service runs database migrations as its Render pre-deploy command.

Database

Use Supabase Postgres for the first Render deployment: 
POSTGRES_URI=<supabase postgres connection string>
POSTGRES_SSL=true
OpenDot still owns product data in app_users, user preferences, SDK API keys, agents, pipelines, devices, device activation requests, device credentials, runtime session tokens, device state, and deployments. Supabase Auth owns sign-in without making auth.users the product data table.

Required Render values

The Blueprint marks secrets and deployment-specific URLs as sync: false. Fill them in the Render dashboard during Blueprint creation: 
POSTGRES_URI=<supabase postgres connection string>
SUPABASE_URL=https://<project-ref>.supabase.co
SUPABASE_JWT_SECRET=
DEEPGRAM_API_KEY=...
OPENAI_API_KEY=...
VITE_SUPABASE_URL=https://<project-ref>.supabase.co
VITE_SUPABASE_ANON_KEY=<supabase anon key>
VITE_PLATFORM_API_URL=https://<opendot-api>.onrender.com/api
VITE_RUNTIME_HTTP_URL=https://<opendot-runtime>.onrender.com
VITE_RUNTIME_WS_URL=wss://<opendot-runtime>.onrender.com/voice
OPENDOT_RUNTIME_INTERNAL_SECRET=<shared api/runtime secret>
OPENDOT_RUNTIME_PUBLIC_HTTP_URL=https://<opendot-runtime>.onrender.com
OPENDOT_RUNTIME_PUBLIC_WS_URL=wss://<opendot-runtime>.onrender.com/voice
PLATFORM_API_INTERNAL_URL=https://<opendot-api>.onrender.com/api
Leave SUPABASE_JWT_SECRET empty unless the Supabase project still uses legacy HS256 JWT signing.

Auth posture

The Render Blueprint uses: 
PLATFORM_AUTH_REQUIRED=true
OPENDOT_LOCAL_AUTH_DISABLED=true
That makes Supabase the Render identity provider. For email/password signup without email verification, disable email confirmations in the Supabase Auth settings for the preview project. The forgot-password, Google, and GitHub controls are present in the UI but are not wired yet.

Runtime exposure

The runtime verifies browser voice-session tokens and device credentials with the platform API before accepting /voice or /ws connections. Use the same OPENDOT_RUNTIME_INTERNAL_SECRET on opendot-api and opendot-runtime. For public previews, keep provider-key quotas tight and point OPENDOT_RUNTIME_PUBLIC_HTTP_URL / OPENDOT_RUNTIME_PUBLIC_WS_URL at the deployed runtime URL.