Environment Variables

The .env file is used to configure the application. Below is a detailed explanation of the environment variables required for the application to function properly.

The .env.example file contains a complete list of variables to help you set up your environment. You can download and rename it as .env.

All variables must be provided unless explicitly marked as optional.

Site Configuration

SITE_URL

• Description: The base URL of your site.
• Default: http://localhost:3000
• Usage: Set this to your domain URL without a trailing slash. Examples:
  • SITE_URL=https://www.yourdomain.com
  • SITE_URL=http://192.168.1.100
  • SITE_URL=http://test.local:3000 (with port numbers if applicable)

Database Configuration

POSTGRES_DB

• Description: The name of the PostgreSQL database.
• Default: wapydev

POSTGRES_USER

• Description: The username for the PostgreSQL database.
• Default: wapydev

POSTGRES_PASSWORD

• Description: The password for the PostgreSQL database.
• Default: Automatically generated by the ./scripts/setup.sh script if not provided.
• Guide: Run openssl rand -base64 32 to generate a secure password.

DATABASE_URL

• Description: The connection URL for the PostgreSQL database.
• Default: Pre-configured based on the default docker-compose.yml setup.

Email Configuration

The following variables are used to configure the email server for handling authentication emails, email notifications and contact form submissions.

EMAIL_SERVER_USER

• Description: The username for the email server.
• Default: None

EMAIL_SERVER_PASSWORD

• Description: The password for the email server.
• Default: None

EMAIL_SERVER_HOST

• Description: The hostname of the email server.
• Default: None
• Example: smtp.example.com

EMAIL_SERVER_PORT

• Description: The port used by the email server.
• Default: 587 (commonly used for SMTP with STARTTLS)
• Example: 465 (commonly used for SMTP with SSL)

EMAIL_FROM

• Description: The email address used as the sender for outgoing emails.
• Default: None
• Example: no-reply@yourdomain.com

EMAIL_CONTACT_EMAIL

• Description: The email address where contact form submissions will be sent.
• Default: None
• Example: contact@yourdomain.com

Authentication Configuration

The following variables are used to configure the authentication system.

AUTH_SECRET

• Description: The secret key used for authentication. This is critical for securing user sessions.
• Default: Automatically generated by the ./scripts/setup.sh script if not provided.
• Example: a1b2c3d4e5f6g7h8i9j0
• Guide: Run openssl rand -base64 32 to generate a secure password.

DISABLE_USER_REGISTRATION

• Description: The URL of the authentication endpoint. This is automatically derived from the SITE_URL variable.
• Default: false
• Example: true or false
• Guide: Disable New User Registration

Github Configuration

The following variables are optional and only required if you want to enable Github login for your application.

GITHUB_CLIENT_ID

• Description: The client ID for the Github OAuth application.
• Default: None
• Guide: How to register your Github app

GITHUB_CLIENT_SECRET

• Description: The client secret for the Github OAuth application.
• Default: None
• Guide: How to register your Github app

Google Configuration

The following variables are optional and only required if you want to enable Google login for your application.

GOOGLE_CLIENT_ID

• Description: The client ID for the Google OAuth application.
• Default: None

GOOGLE_CLIENT_SECRET

• Description: The client secret for the Google OAuth application.
• Default: None

Generic OAuth Configuration

The following variables are required if you want to enable Keycloak, Authentik or other generic OAuth login for your application.

GENERIC_AUTH_PROVIDER

• Description: The name of the OAuth2/OpenID client.
• Default: None
• Example: keycloak or authentik

GENERIC_AUTH_CLIENT_ID

• Description: The client ID for the OAuth2/OpenID client.
• Default: None
• Guide: Integration guide

GENERIC_AUTH_CLIENT_SECRET

• Description: The client secret for the OAuth2/OpenID client.
• Default: None
• Guide: Integration guide

GENERIC_AUTH_ISSUER

• Description: The issuer URL for your OAuth2/OpenID provider.
  Must include the realm or application path, e.g. http://localhost:8080/realms/myrealm for Keycloak or http://localhost:9000/application/o/<slug>/ for Authentik.
• Default: None
• Guide: Integration guide

Push Notifications

The following variables are optional and only required if you want to enable push notifications for your application.

NEXT_PUBLIC_VAPID_PUBLIC_KEY

• Description: The public key for the Web Push API, used to send push notifications to users.
• Default: Automatically generated by the ./scripts/setup.sh script if not provided.
• Guide: Run npx --yes web-push generate-vapid-keys --json to generate keys and copy publicKey field.

VAPID_PRIVATE_KEY

• Description: The private key for the Web Push API, used to authenticate push notifications.
• Default: Automatically generated by the ./scripts/setup.sh script if not provided.
• Guide: Run npx --yes web-push generate-vapid-keys --json to generate keys and copy privateKey field.

Subscription Secret

The following variable is required for signing subscription-related data.

SUBSCRIPTION_JWT_SECRET

• Description: The secret key used for signing subscription-related JWTs (JSON Web Tokens).
• Default: Automatically generated by the ./scripts/setup.sh script if not provided.
• Guide: Run openssl rand -base64 32 to generate a secure password.