Skip to content

environment-variables.md

Latest commit

 

History

History
226 lines (174 loc) · 6.39 KB

environment-variables.md

File metadata and controls

226 lines (174 loc) · 6.39 KB

Environment Variables

Configuration reference for LogisticsX Docker deployment.

Docker Compose Environment (.env)

The .env file in src/Aspire/Logistics.Aspire.AppHost/aspire-output/ configures all services.

Container Images and Ports

API_IMAGE="ghcr.io/suxrobgm/logistics-app/api:latest"
ADMIN_APP_IMAGE="ghcr.io/suxrobgm/logistics-app/admin:latest"
IDENTITY_SERVER_IMAGE="ghcr.io/suxrobgm/logistics-app/identity:latest"
MIGRATOR_IMAGE="ghcr.io/suxrobgm/logistics-app/migrator:latest"

API_PORT=7000
IDENTITY_SERVER_PORT=7001
ADMIN_APP_PORT=7002
Variable Description
*_IMAGE Docker image references for each service
API_PORT Port for the API service (default: 7000)
IDENTITY_SERVER_PORT Port for the Identity Server (default: 7001)
ADMIN_APP_PORT Port for the Admin App (default: 7002)

Database (External PostgreSQL)

Production uses an external (installed) PostgreSQL instance instead of a containerized one.

ConnectionStrings__MasterDatabase="Host=localhost;Port=5432;Database=master_logisticsx;Username=postgres;Password=your-secure-password"
ConnectionStrings__DefaultTenantDatabase="Host=localhost;Port=5432;Database=default_logisticsx;Username=postgres;Password=your-secure-password"
Variable Description
ConnectionStrings__MasterDatabase Full connection string for the master database
ConnectionStrings__DefaultTenantDatabase Full connection string for the default tenant database

Stripe Integration

Stripe__SecretKey="sk_live_xxx"
Stripe__WebhookSecret="whsec_xxx"
STRIPE_API_KEY="sk_live_xxx"
Variable Description
Stripe__SecretKey Stripe API secret key
Stripe__WebhookSecret Webhook signature verification secret
STRIPE_API_KEY Used by Stripe CLI for webhook forwarding

Google reCAPTCHA (Optional)

GoogleRecaptcha__SiteKey="your-site-key"
GoogleRecaptcha__SecretKey="your-secret-key"

Resend Email

Resend__ApiKey="re_your_api_key_here"
Resend__SenderEmail="noreply@logisticsx.app"
Resend__SenderName="LogisticsX"
Variable Description
Resend__ApiKey Resend API key from resend.com dashboard
Resend__SenderEmail Sender email address (must be from a verified domain)
Resend__SenderName Display name for the sender

Mapbox (Optional)

Mapbox__AccessToken="pk.xxx"

LLM API (Optional — AI Dispatch)

Llm__Providers__Anthropic__ApiKey="sk-ant-xxx"
Variable Description
Llm__Providers__Anthropic__ApiKey Anthropic API key for AI dispatch agent
Llm__Providers__OpenAi__ApiKey OpenAI API key (alternative provider)
Llm__Providers__DeepSeek__ApiKey DeepSeek API key (alternative provider)
Llm__DefaultProvider Default LLM provider: Anthropic, OpenAi, DeepSeek, Glm (default: Anthropic)

TMS Portal (Runtime)

The TMS portal Docker image uses runtime environment variable substitution for secrets. These are injected at container startup via the entrypoint script.

# Mapped from Mapbox__AccessToken in docker-compose.yaml
MAPBOX_TOKEN="pk.xxx"
Variable Description
MAPBOX_TOKEN Mapbox public access token for maps

Database Migrator

SuperAdmin__Email="admin@example.com"
SuperAdmin__Password="YourSecurePassword123#"
SuperAdmin__FirstName="Admin"
SuperAdmin__LastName="Admin"
TenantsDatabaseConfig__DatabasePassword="your-secure-tenant-db-password"
Variable Description
SuperAdmin__* Initial super admin account credentials (synced on each run)
TenantsDatabaseConfig__DatabasePassword Password used when creating new tenant databases

ASP.NET Core

ASPNETCORE_ENVIRONMENT="Production"

Complete .env Example

# Container Images and Ports
API_IMAGE="ghcr.io/suxrobgm/logistics-app/api:latest"
ADMIN_APP_IMAGE="ghcr.io/suxrobgm/logistics-app/admin:latest"
IDENTITY_SERVER_IMAGE="ghcr.io/suxrobgm/logistics-app/identity:latest"
MIGRATOR_IMAGE="ghcr.io/suxrobgm/logistics-app/migrator:latest"

API_PORT=7000
IDENTITY_SERVER_PORT=7001
ADMIN_APP_PORT=7002

# Database (external PostgreSQL)
ConnectionStrings__MasterDatabase="Host=localhost;Port=5432;Database=master_logisticsx;Username=postgres;Password=your-secure-password"
ConnectionStrings__DefaultTenantDatabase="Host=localhost;Port=5432;Database=default_logisticsx;Username=postgres;Password=your-secure-password"

# Stripe
Stripe__SecretKey="sk_live_xxx"
Stripe__WebhookSecret="whsec_xxx"

# Super Admin and Tenant Database
SuperAdmin__Email="admin@yourdomain.com"
SuperAdmin__Password="YourSecurePassword123#"
SuperAdmin__FirstName="Admin"
SuperAdmin__LastName="Admin"
TenantsDatabaseConfig__DatabasePassword="your-secure-tenant-db-password"

# Resend (Email)
Resend__ApiKey="re_your_api_key_here"
Resend__SenderEmail="noreply@logisticsx.app"
Resend__SenderName="LogisticsX"

# Optional: Mapbox
Mapbox__AccessToken="pk.xxx"

# Optional: LLM API (AI Dispatch)
Llm__Providers__Anthropic__ApiKey="sk-ant-xxx"

API Configuration (appsettings.json)

For local development, configure src/Presentation/Logistics.API/appsettings.json:

Database Connections

{
  "ConnectionStrings": {
    "MasterDatabase": "Host=localhost;Port=5432;Database=master_logisticsx;Username=postgres;Password=password",
    "DefaultTenantDatabase": "Host=localhost;Port=5432;Database=default_logisticsx;Username=postgres;Password=password"
  },
  "TenantsDatabaseConfig": {
    "DatabaseNameTemplate": "{tenant}_logisticsx",
    "DatabaseHost": "localhost",
    "DatabaseUserId": "postgres",
    "DatabasePassword": "password"
  }
}

Identity Server

{
  "IdentityServer": {
    "Authority": "http://localhost:7001",
    "Audience": "logisticsx.api",
    "ValidIssuers": [
      "http://localhost:7001",
      "https://localhost:7001",
      "https://id.yourdomain.com",
      "http://identity-server:7001"
    ]
  }
}

Stripe

{
  "Stripe": {
    "SecretKey": "sk_test_...",
    "WebhookSecret": "whsec_..."
  }
}

Security Notes

  1. Never commit secrets to version control
  2. Use different credentials for dev/staging/production
  3. Rotate secrets regularly
  4. Use strong passwords (16+ characters)
  5. The .env file should have restricted permissions (chmod 600)