Configuration Reference
All configuration is done via environment variables.
API Server
| Variable | Default | Description |
|---|---|---|
PORT | 8080 | HTTP server port |
DATABASE_URL | postgres://fs:fsdev@localhost:5432/featuresignals | PostgreSQL connection string |
JWT_SECRET | (development default) | JWT signing secret — must be changed in production |
TOKEN_TTL_MINUTES | 60 | Access token lifetime |
REFRESH_TTL_HOURS | 168 | Refresh token lifetime (7 days) |
LOG_LEVEL | info | debug, info, warn, error |
CORS_ORIGIN | http://localhost:3000 | Comma-separated allowed CORS origins |
DASHBOARD_URL | http://localhost:3000 | Flag Engine public URL |
Flag Engine
| Variable | Default | Description |
|---|---|---|
NEXT_PUBLIC_API_URL | http://localhost:8080 | API server URL (used by browser) |
Caution: NEXT_PUBLIC_API_URL must be accessible from the user's browser. In production, use the public API URL.
Example
bash
export DATABASE_URL="postgres://fs:strongpass@db.example.com:5432/featuresignals?sslmode=require"
export JWT_SECRET="$(openssl rand -hex 32)"
export CORS_ORIGIN="https://app.example.com,https://docs.example.com"
export PORT=8080
export LOG_LEVEL=info