Environment Variables
Complete list of environment variables required for the backend API.
Required Variables
Database
DB_URL="postgresql://user:password@host:port/database"
PostgreSQL connection string.
Server Configuration
PORT=3000
NODE_ENV=development # or 'production'
JWT Authentication
JWT_SECRET=your-super-secret-jwt-key-here
Used for signing and verifying JWT tokens.
AWS S3 Configuration
AWS_ACCESS_KEY_ID=your-aws-access-key
AWS_SECRET_ACCESS_KEY=your-aws-secret-key
AWS_REGION=af-south-1
AWS_S3_BUCKET=theplugg-storage
Used for file uploads (profile photos, documents, etc.).
BulkSMS Configuration
BULKSMS_TOKEN_ID=your-token-id
BULKSMS_TOKEN_SECRET=your-token-secret
BULKSMS_BASIC_AUTH=Authorization: Basic base64encoded
Used for sending SMS messages (OTP codes, notifications).
OneSignal Configuration
ONESIGNAL_APP_ID=your-onesignal-app-id
ONESIGNAL_API_KEY=your-onesignal-api-key
Used for push notifications.
CORS Configuration
CORS_ALLOWED_ORIGINS=http://localhost:3001,http://localhost:4000,https://thepluggnamibia.com
Comma-separated list of allowed origins for CORS.
API Key (Admin Routes)
API_KEY=your-secure-admin-api-key
Used to authenticate admin API requests.
Optional Variables
Database Connection Pool (Prisma)
If not specified, Prisma uses defaults:
- Connection limit: number of CPU cores + 1
- Connection timeout: 10 seconds
Security Notes
- Never commit
.envfiles to version control - Use different secrets for development and production
- Rotate secrets regularly
- Use strong, random values for
JWT_SECRETandAPI_KEY