Environment Variables
Configuration is managed per environment (development, staging, production). Copy each app’s .env.example file and fill in values before starting. The tables below mirror the example files committed in this repository.
Best practices:
- Don’t commit real secrets or API keys to version control.
- Use different keys per environment.
- Rotate keys if they might be compromised.
API (apps/api/.env)
| Variable | Description |
|---|---|
NODE_ENV | Runtime environment (development, production) |
PORT | HTTP port the API listens on in local development (3002 in the example file) |
API_URL | Public base URL of the API |
DATABASE_URL | PostgreSQL connection string |
DATABASE_SSL | Enable SSL for the database connection |
DATABASE_LOGGING | Enable Prisma/database query logging |
DB_POOL_MIN / DB_POOL_MAX | Minimum and maximum database pool size |
REDIS_HOST / REDIS_PORT | Redis host and port |
REDIS_PASSWORD | Redis password (leave empty if none) |
REDIS_DB / REDIS_KEY_PREFIX | Redis database index and cache prefix |
JWT_SECRET | Secret used to sign JWTs (required in production) |
JWT_EXPIRES_IN | JWT expiry (e.g. 7d) |
API_KEY_EXPIRATION | API key expiry (e.g. 365d) |
DEFAULT_NETWORK | Default blockchain network (for example amoy) |
AMOY_RPC_URL / POLYGON_RPC_URL | Polygon testnet and mainnet RPC endpoints |
SEPOLIA_RPC_URL / ETHEREUM_RPC_URL | Ethereum testnet and mainnet RPC endpoints |
PRIVATE_KEY | Deployer wallet private key for contract interactions |
MEMBERSHIP_FACTORY_* | Membership factory addresses per network |
LOYALTY_TOKEN_* | Loyalty token addresses per network |
TOKENTRAXX_STORE_* | Store contract addresses per network |
PRODUCT_FACTORY | Product factory address used by the API |
GAS_LIMIT / GAS_PRICE | Default gas configuration for blockchain writes |
MAX_FEE_PER_GAS / MAX_PRIORITY_FEE_PER_GAS | Optional EIP-1559 gas overrides |
IPFS_GATEWAY | IPFS gateway used for hosted metadata/assets |
PINATA_API_KEY / PINATA_SECRET_KEY | Pinata credentials for IPFS uploads |
LOG_LEVEL / LOG_FORMAT | Application logging level and formatter |
TENANT_WALLET_ENC_KEY | 64-character hex key for encrypting tenant wallet private keys |
PLATFORM_URL | URL of the Platform app |
STORE_URL | URL of the Storefront app |
CORS_ORIGINS | Comma-separated allowed CORS origins |
RATE_LIMIT_* | Per-window API rate-limit settings |
Platform (apps/platform/.env.local)
| Variable | Description |
|---|---|
NEXT_PUBLIC_API_URL | Base URL of the API service (e.g. http://localhost:3002) |
NEXT_PUBLIC_STORE_URL | Storefront base URL used for platform deep links |
NEXT_PUBLIC_PRIVY_APP_ID | Privy app ID for embedded wallet and auth |
NEXT_PUBLIC_LP_TOKEN_ADDRESS | LP/loyalty token contract address (optional) |
Storefront (apps/storefront/.env.local)
| Variable | Description |
|---|---|
NEXT_PUBLIC_API_URL | Base URL of the API service |
NEXT_PUBLIC_PLATFORM_URL | Platform base URL used by storefront admin redirects |
NEXT_PUBLIC_ROOT_DOMAIN | Root domain used for tenant routing (for example ttconnect.xyz) |
NEXT_PUBLIC_API_KEY | API key for server-to-storefront requests |
NEXT_PUBLIC_PRIVY_APP_ID | Privy app ID for embedded wallet and auth |
NEXT_PUBLIC_SQUARE_APPLICATION_ID | Square application ID for card payments |
NEXT_PUBLIC_SQUARE_LOCATION_ID | Square location ID for card payments |
NEXT_PUBLIC_LP_TOKEN_ADDRESS | LP/loyalty token contract address (optional) |
NEXT_PUBLIC_CW3_STORE_URL | External CW3 store link shown for qualifying storefronts (optional) |
Last updated on