Backend Environment Variables
Configure in backend/.env
Database
| Variable | Required | Default | Description |
|---|
DATABASE_URL | Yes | - | PostgreSQL connection string |
DATABASE_MAX_CONNECTIONS | No | 20 | Max database connections |
DATABASE_MIN_CONNECTIONS | No | 5 | Min database connections |
DATABASE_URL=postgresql://postgres:password@localhost:5432/wryft
DATABASE_MAX_CONNECTIONS=20
DATABASE_MIN_CONNECTIONS=5
Redis (Optional)
| Variable | Required | Default | Description |
|---|
REDIS_URL | No | - | Redis connection string |
REDIS_URL=redis://localhost:6379
Redis is optional but recommended for production. Improves performance by caching user sessions and guild data.
Storage (MinIO/S3)
| Variable | Required | Default | Description |
|---|
S3_ENDPOINT | Yes | - | MinIO/S3 endpoint URL |
S3_ACCESS_KEY | Yes | - | Access key ID |
S3_SECRET_KEY | Yes | - | Secret access key |
S3_BUCKET | Yes | - | Bucket name |
S3_REGION | No | us-east-1 | AWS region |
S3_ENDPOINT=http://localhost:9000
S3_ACCESS_KEY=minioadmin
S3_SECRET_KEY=minioadmin
S3_BUCKET=wryft
S3_REGION=us-east-1
Server
| Variable | Required | Default | Description |
|---|
PORT | No | 3001 | Backend server port |
ALLOWED_ORIGINS | No | * | CORS allowed origins (comma-separated) |
JWT_SECRET | Yes | - | Secret key for JWT tokens |
PORT=3001
ALLOWED_ORIGINS=https://wryft.chat,https://www.wryft.chat
JWT_SECRET=your-super-secret-key-change-this-in-production
In production, set ALLOWED_ORIGINS to your domain and use a strong random JWT_SECRET
Frontend Environment Variables
Configure in wryft-web/.env
API Configuration
| Variable | Required | Default | Description |
|---|
VITE_API_URL | Yes | - | Backend API URL |
VITE_WS_URL | Yes | - | WebSocket URL |
VITE_API_URL=http://localhost:3001/api
VITE_WS_URL=ws://localhost:3001
VITE_API_URL=https://api.wryft.chat/api
VITE_WS_URL=wss://api.wryft.chat
Docker Environment
Configure in docker-compose.yml or .env file
PostgreSQL
POSTGRES_USER=postgres
POSTGRES_PASSWORD=your-password
POSTGRES_DB=wryft
MinIO
MINIO_ROOT_USER=minioadmin
MINIO_ROOT_PASSWORD=minioadmin
Change default MinIO credentials in production!
Redis
REDIS_PASSWORD=your-redis-password
Environment Templates
Development
backend/.env
DATABASE_URL=postgresql://postgres:wryft2024@localhost:5432/wryft
REDIS_URL=redis://localhost:6379
S3_ENDPOINT=http://localhost:9000
S3_ACCESS_KEY=minioadmin
S3_SECRET_KEY=minioadmin
S3_BUCKET=wryft
PORT=3001
JWT_SECRET=dev-secret-key-not-for-production
VITE_API_URL=http://localhost:3001/api
VITE_WS_URL=ws://localhost:3001
Production
backend/.env
DATABASE_URL=postgresql://wryft_user:STRONG_PASSWORD@db.example.com:5432/wryft
REDIS_URL=redis://:REDIS_PASSWORD@redis.example.com:6379
S3_ENDPOINT=https://s3.amazonaws.com
S3_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE
S3_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
S3_BUCKET=wryft-production
S3_REGION=us-east-1
PORT=3001
ALLOWED_ORIGINS=https://wryft.chat,https://www.wryft.chat
JWT_SECRET=RANDOM_64_CHARACTER_STRING_GENERATED_SECURELY
VITE_API_URL=https://api.wryft.chat/api
VITE_WS_URL=wss://api.wryft.chat
Security Best Practices
Strong Passwords
Use random 32+ character passwords
JWT Secret
Generate with: openssl rand -hex 32
CORS
Restrict to your domain in production
HTTPS
Always use HTTPS in production
Generating Secrets
# JWT Secret
openssl rand -hex 32
# Database Password
openssl rand -base64 32
# MinIO Keys
openssl rand -hex 20 # Access Key
openssl rand -hex 40 # Secret Key
Validation
Check your configuration:
# Backend
cd backend
cargo check
# Frontend
cd wryft-web
npm run build
Next Steps
