[BUG]: COPILOT_API_KEY not being passed #1324
Description
Describe the bug
When self-hosting Sim Studio via the provided docker-compose.prod.yml, the Copilot API key is not applied to the backend even if it is added to .env. As a result, the Copilot panel always returns “Unauthorized request” until the COPILOT_API_KEY is explicitly injected into the simstudio service environment.
Additionally, the default compose file includes some hard-coded localhost values for BETTER_AUTH_URL and NEXT_PUBLIC_APP_URL, which cause the backend to reject requests when using a custom domain.
To Reproduce
Steps to reproduce the behavior:
- Clone the repo and deploy using
docker compose -f docker-compose.prod.yml up -d. - Generate a Copilot API key at https://sim.ai/ → Settings → Copilot.
- Add the key to
.envasCOPILOT_API_KEY=sk-sim-copilot-xxxx. - Restart the stack and open the Copilot panel in the self-hosted UI.
- Try sending a message — observe the “Unauthorized” error.
Expected behavior
The backend should automatically read COPILOT_API_KEY from .env and authenticate Copilot requests without manual override edits. The default compose file should also honor custom domains via TRUSTED_ORIGINS/NEXT_PUBLIC_APP_URL.
Screenshots
(Include screenshot of the Copilot panel showing “Unauthorized request” and relevant logs:
[ERROR] [UsageManagement] Failed to get usage limit info … Unauthorized.)
Additional context
-
Environment: Debian 12 VM on Proxmox, Docker CE 28.x, Compose v2.39.
-
The issue is resolved by:
- Adding
COPILOT_API_KEY=${COPILOT_API_KEY}to thesimstudio.environmentsection, e.g. viadocker-compose.override.yml. - Ensuring
.envcontainsNEXT_PUBLIC_APP_URL=https://your.domain.
- Adding
-
After these changes, Copilot works as expected.