M
MegaVault
DashboardGitHub
Documentation

Environment Variables

Complete reference for configuring MegaVault through environment variables across development, staging, and production environments.

Table of Contents

Environment Overview

MegaVault uses environment variables for configuration management, allowing secure and flexible deployment across different environments without code changes.

Configuration Management

Centralized settings

  • ✅ Environment-specific configs
  • ✅ Secure secret management
  • ✅ Runtime configuration
  • ✅ Feature toggles

Security Best Practices

Safe configuration

  • ✅ No secrets in code
  • ✅ Environment isolation
  • ✅ Credential rotation
  • ✅ Access control

Deployment Flexibility

Multi-environment support

  • ✅ Development setup
  • ✅ Staging environment
  • ✅ Production deployment
  • ✅ Testing configurations
💡

Environment File Location

Environment variables can be set in .env.local for development or through your deployment platform's environment configuration.

Core Variables

Essential environment variables required for basic MegaVault operation.

Core Application Variables
# Application Configuration
NODE_ENV=production                    # Environment mode: development, production, test
PORT=3000                             # Server port (default: 3000)
HOSTNAME=0.0.0.0                      # Server hostname
APP_URL=https://your-domain.com       # Full application URL

# Next.js Configuration
NEXTAUTH_URL=https://your-domain.com  # NextAuth.js callback URL
NEXTAUTH_SECRET=your-super-secure-secret-key-here-minimum-32-chars
NEXT_PUBLIC_APP_NAME="MegaVault"      # Public app name
NEXT_PUBLIC_APP_VERSION="1.0.0"      # Public app version

Variable Descriptions

VariableRequiredDescription
NODE_ENVYesSets application mode and enables/disables certain features
NEXTAUTH_SECRETYesSecret key for JWT signing (minimum 32 characters)
NEXTAUTH_URLProductionFull URL for authentication callbacks
PORTNoServer port number (defaults to 3000)

Database Configuration

Redis database connection and performance settings for session storage and caching.

Redis Database Variables
# Redis Configuration
REDIS_URL=redis://localhost:6379/0                    # Basic Redis connection
# OR for secured Redis with authentication:
REDIS_URL=rediss://username:password@host:port/0      # SSL Redis with auth

# Redis Connection Pool Settings
REDIS_MAX_RETRIES=3                   # Maximum retry attempts
REDIS_RETRY_DELAY=1000               # Retry delay in milliseconds
REDIS_CONNECT_TIMEOUT=10000          # Connection timeout in milliseconds
REDIS_COMMAND_TIMEOUT=5000           # Command timeout in milliseconds
REDIS_MAX_CONNECTIONS=10             # Maximum connection pool size

# Redis Performance Settings
REDIS_ENABLE_OFFLINE_QUEUE=false     # Disable offline queue for production
REDIS_LAZY_CONNECT=true              # Enable lazy connection
REDIS_KEEP_ALIVE=30000               # Keep-alive interval in milliseconds

Redis URL Formats

  • Local: redis://localhost:6379/0
  • Password Auth: redis://:password@host:6379/0
  • User Auth: redis://username:password@host:6379/0
  • SSL/TLS: rediss://username:password@host:6380/0
  • Redis Cloud: rediss://username:password@endpoint:port/0
⚠️

Production Redis Security

Always use SSL/TLS (rediss://) and authentication for production Redis instances. Never expose Redis directly to the internet.

Storage Configuration

Cloudflare R2 or S3-compatible storage configuration for file storage and management.

Storage Variables
# Cloudflare R2 Configuration (Recommended)
R2_ACCOUNT_ID=your-cloudflare-account-id-here
R2_ACCESS_KEY_ID=your-r2-access-key-id
R2_SECRET_ACCESS_KEY=your-r2-secret-access-key
R2_BUCKET_NAME=megavault-storage
R2_ENDPOINT=https://your-account-id.r2.cloudflarestorage.com
R2_PUBLIC_URL=https://your-custom-domain.com     # Optional custom domain

# Alternative: AWS S3 Configuration
# AWS_REGION=us-east-1
# AWS_ACCESS_KEY_ID=your-aws-access-key
# AWS_SECRET_ACCESS_KEY=your-aws-secret-key
# AWS_S3_BUCKET=megavault-s3-bucket
# AWS_S3_ENDPOINT=https://s3.amazonaws.com        # Optional custom endpoint

# Storage Settings
STORAGE_MAX_FILE_SIZE=104857600       # 100MB in bytes
STORAGE_ALLOWED_TYPES=image/*,application/pdf,text/*,application/msword,application/vnd.openxmlformats-officedocument.wordprocessingml.document
STORAGE_ENABLE_THUMBNAILS=true       # Enable thumbnail generation
STORAGE_THUMBNAIL_SIZES=150,300,600  # Thumbnail sizes in pixels
STORAGE_CDN_URL=https://cdn.your-domain.com  # Optional CDN URL for faster delivery

Storage Provider Setup

Cloudflare R2 (Recommended)

  • 1. Create Cloudflare account
  • 2. Enable R2 storage service
  • 3. Create storage bucket
  • 4. Generate API tokens
  • 5. Configure CORS policy
  • 6. Set custom domain (optional)

AWS S3 Alternative

  • 1. Create AWS account
  • 2. Create S3 bucket
  • 3. Create IAM user
  • 4. Attach S3 permissions
  • 5. Generate access keys
  • 6. Configure bucket policy

Security Configuration

Security-related environment variables for authentication, encryption, and access control.

Security Variables
# Authentication Security
JWT_SECRET=your-jwt-secret-key-minimum-64-characters-for-security
JWT_EXPIRY=24h                        # JWT token expiration time
REFRESH_TOKEN_EXPIRY=7d               # Refresh token expiration time
SESSION_TIMEOUT=1h                    # User session timeout

# Password Security
BCRYPT_ROUNDS=12                      # Password hashing rounds (10-15 recommended)
PASSWORD_MIN_LENGTH=8                 # Minimum password length
PASSWORD_REQUIRE_SPECIAL=true         # Require special characters
PASSWORD_REQUIRE_NUMBERS=true         # Require numbers
PASSWORD_REQUIRE_UPPERCASE=true       # Require uppercase letters

# Rate Limiting
RATE_LIMIT_WINDOW=900000             # Rate limit window in milliseconds (15 minutes)
RATE_LIMIT_MAX=100                   # Maximum requests per window
RATE_LIMIT_AUTH_MAX=5                # Authentication attempts per window
RATE_LIMIT_UPLOAD_MAX=10             # File uploads per window

# CORS Configuration
CORS_ORIGIN=https://your-domain.com,https://www.your-domain.com
CORS_CREDENTIALS=true                 # Allow credentials in CORS
CORS_MAX_AGE=86400                   # CORS preflight cache time

# Content Security Policy
CSP_DEFAULT_SRC='self'               # Default source directive
CSP_SCRIPT_SRC='self' 'unsafe-inline' # Script source directive
CSP_STYLE_SRC='self' 'unsafe-inline' # Style source directive
CSP_IMG_SRC='self' data: https:      # Image source directive

Security Best Practices

  • Strong Secrets: Use cryptographically secure random strings for all secrets
  • Regular Rotation: Rotate API keys and secrets regularly
  • Environment Isolation: Use different secrets for each environment
  • Access Control: Limit who can access environment variables
  • Secure Storage: Use secure secret management services in production

Monitoring Configuration

Configure logging, metrics, and error tracking for system monitoring and debugging.

Monitoring Variables
# Error Tracking (Sentry)
SENTRY_DSN=https://your-sentry-dsn-here@sentry.io/project-id
SENTRY_ENVIRONMENT=production         # Sentry environment name
SENTRY_RELEASE=1.0.0                 # Application release version
SENTRY_SAMPLE_RATE=1.0               # Error sampling rate (0.0 to 1.0)
SENTRY_TRACES_SAMPLE_RATE=0.1        # Performance monitoring sample rate

# Logging Configuration
LOG_LEVEL=info                       # Logging level: error, warn, info, debug
LOG_FORMAT=json                      # Log format: json, pretty
LOG_FILE_ENABLED=true                # Enable file logging
LOG_FILE_PATH=/var/log/megavault/app.log
LOG_MAX_SIZE=10M                     # Maximum log file size
LOG_MAX_FILES=5                      # Maximum number of log files

# Metrics and Analytics
METRICS_ENABLED=true                 # Enable metrics collection
METRICS_PORT=9090                    # Metrics endpoint port
ANALYTICS_ENABLED=true               # Enable user analytics
PERFORMANCE_MONITORING=true          # Enable performance monitoring

# Health Check Configuration
HEALTH_CHECK_ENABLED=true            # Enable health check endpoint
HEALTH_CHECK_PATH=/api/health        # Health check endpoint path
HEALTH_CHECK_INTERVAL=30000          # Health check interval in milliseconds

Monitoring Integrations

Error Tracking

  • Sentry for error monitoring
  • Real-time error alerts
  • Performance monitoring
  • Release tracking

Logging

  • Structured JSON logging
  • Multiple log levels
  • File rotation
  • Remote log shipping

Metrics

  • Application metrics
  • Custom business metrics
  • Performance indicators
  • Health monitoring

Development Configuration

Environment variables specific to development and testing environments.

Development Variables
# Development Mode Settings
NODE_ENV=development
DEBUG=megavault:*                    # Enable debug logging
HOT_RELOAD=true                      # Enable hot reloading
SOURCE_MAPS=true                     # Generate source maps

# Development Database
REDIS_URL=redis://localhost:6379/1   # Use different Redis database for dev

# Development Storage (can use local or test bucket)
R2_BUCKET_NAME=megavault-dev         # Development bucket
STORAGE_MAX_FILE_SIZE=52428800       # 50MB for development

# Development Security (less strict)
BCRYPT_ROUNDS=4                      # Faster hashing for development
RATE_LIMIT_MAX=1000                  # Higher rate limits for testing
JWT_EXPIRY=7d                        # Longer expiry for convenience

# Testing Configuration
JEST_TIMEOUT=30000                   # Jest test timeout
TEST_DATABASE_URL=redis://localhost:6379/2  # Separate test database
MOCK_STORAGE=true                    # Use mock storage in tests
DISABLE_RATE_LIMITING=true           # Disable rate limiting in tests

# Development Tools
DEVTOOLS_ENABLED=true                # Enable development tools
API_DOCS_ENABLED=true                # Enable API documentation
PLAYGROUND_ENABLED=true              # Enable API playground

Development vs Production

SettingDevelopmentProduction
NODE_ENVdevelopmentproduction
BCRYPT_ROUNDS4-612-15
RATE_LIMIT_MAX1000100
LOG_LEVELdebuginfo

Deployment Environments

Example environment configurations for different deployment scenarios.

Vercel Deployment

Vercel Environment Variables
# Set via Vercel Dashboard or Vercel CLI
vercel env add NODE_ENV production
vercel env add NEXTAUTH_URL https://your-app.vercel.app
vercel env add NEXTAUTH_SECRET your-secret-key
vercel env add REDIS_URL rediss://username:password@host:port/0
vercel env add R2_ACCOUNT_ID your-account-id
vercel env add R2_ACCESS_KEY_ID your-access-key
vercel env add R2_SECRET_ACCESS_KEY your-secret-key
vercel env add R2_BUCKET_NAME your-bucket-name

Docker Environment

docker-compose.yml Environment
version: '3.8'
services:
  megavault:
    image: megavault:latest
    environment:
      - NODE_ENV=production
      - PORT=3000
      - NEXTAUTH_URL=https://your-domain.com
      - NEXTAUTH_SECRET=${NEXTAUTH_SECRET}
      - REDIS_URL=redis://redis:6379/0
      - R2_ACCOUNT_ID=${R2_ACCOUNT_ID}
      - R2_ACCESS_KEY_ID=${R2_ACCESS_KEY_ID}
      - R2_SECRET_ACCESS_KEY=${R2_SECRET_ACCESS_KEY}
      - R2_BUCKET_NAME=${R2_BUCKET_NAME}
    env_file:
      - .env.production
    ports:
      - "3000:3000"
    depends_on:
      - redis

  redis:
    image: redis:7-alpine
    volumes:
      - redis_data:/data
    command: redis-server --requirepass ${REDIS_PASSWORD}

volumes:
  redis_data:

Environment File Templates

.env.example
# Copy this file to .env.local and fill in your values

# Core Configuration
NODE_ENV=development
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your-nextauth-secret-minimum-32-characters

# Database
REDIS_URL=redis://localhost:6379/0

# Storage (Choose one)
# Cloudflare R2
R2_ACCOUNT_ID=
R2_ACCESS_KEY_ID=
R2_SECRET_ACCESS_KEY=
R2_BUCKET_NAME=
R2_ENDPOINT=

# OR AWS S3
# AWS_REGION=
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# AWS_S3_BUCKET=

# Security
JWT_SECRET=your-jwt-secret-key-minimum-64-characters
BCRYPT_ROUNDS=12

# Optional: Monitoring
SENTRY_DSN=
LOG_LEVEL=info

# Optional: Custom Settings
STORAGE_MAX_FILE_SIZE=104857600
RATE_LIMIT_MAX=100
💡

Environment Validation

MegaVault validates required environment variables on startup and provides helpful error messages for missing or invalid configurations.

Related Administration Topics

Storage Configuration →

Detailed storage setup and management

Redis Setup →

Redis installation and configuration

Monitoring →

System monitoring and alerting setup

← Back to Admin Overview

System administration overview