Configuration Reference
Complete reference for all environment variables used by the someli-api application.
Loading Mechanism
Central file: conf.js loads variables via dotenv and exports them for use across the application.
Some modules also read process.env directly (noted below). The application expects a .env file in the project root.
Where the ~72 env vars actually live
| Source |
Count |
Referenced in conf.js (the central loader) |
46 |
Referenced in dashboard/conf.js (the sub-app's loader) |
5 |
Referenced directly via process.env.* in worker / route files (not via conf.*) |
~21 |
| Total unique env vars referenced across the codebase |
~72 |
The ~21 directly-referenced ones include IMPACT_* (in routes/auth.js), TOKEN_HEADER_KEY (in methods.js and middlewares/auth.js), and a handful of others. Adopting a single canonical loader (so every env var goes through conf.js) is on the cleanup list.
Database Configuration
| Variable |
Required |
Description |
connectionLimit |
Yes |
Database connection pool size |
host |
Yes |
MySQL/MariaDB host address |
user |
Yes |
Database username |
password |
Yes |
Database password |
dbPort |
Yes |
Database port (typically 3306) |
database |
Yes |
Database name |
debug |
No |
Enable database debug logging |
Server Configuration
| Variable |
Required |
Default |
Description |
port |
Yes |
— |
HTTP server port |
NODE_ENV |
No |
development |
Environment mode (development, production) |
Usage: NODE_ENV controls auth middleware behavior in dashboard/routes/index.js (auth bypassed in dev mode) and logging levels.
Authentication & Security
| Variable |
Required |
Description |
JWT_SECRET_KEY |
Yes |
Secret key for signing JWT tokens |
SESSION_SECRET |
No |
Express session secret (default: "change-me") |
TOKEN_HEADER_KEY |
Yes |
Header name for Bearer token extraction |
Used by: middlewares/auth.js, helper/tokenGenerator.js, routes/partnerAuth.js
Email Service (SendGrid)
| Variable |
Required |
Description |
SENDGRID_API_KEY |
Yes |
SendGrid API key for transactional email |
FROM |
Yes |
Default sender email address |
AWS S3 Storage
| Variable |
Required |
Description |
AWS_ACCESS_KEY |
Yes |
AWS IAM access key ID |
AWS_SECRET_ACCESS_KEY |
Yes |
AWS IAM secret access key |
S3_Bucket_Name |
Yes |
Primary S3 bucket name |
S3_Path |
Yes |
Primary S3 key prefix/path |
S3_Region |
Yes |
Primary bucket AWS region |
S3_Bucket_Name2 |
Yes |
Secondary S3 bucket name |
S3_Path2 |
Yes |
Secondary S3 key prefix/path |
S3_Region2 |
Yes |
Secondary bucket AWS region |
S3_Bucket_Url2 |
Yes |
Secondary bucket base URL |
S3_Path_RAG |
No |
S3 path for RAG document storage |
S3_Path_BNI |
No |
S3 path for BNI data |
Two-bucket architecture: Primary bucket stores media/templates; secondary bucket stores user uploads and generated content.
Google Cloud Services
| Variable |
Required |
Description |
CLOUD_BUCKET_NAME |
Yes |
GCS bucket for RAG/knowledge base files |
CLOUD_PROJECT_ID |
Yes |
Google Cloud project ID |
CLOUD_LOCATION |
Yes |
GCP region (e.g., us-central1) |
GCS_PATH |
No |
GCS object path prefix |
GCS_SECRET_NAME |
No |
Secret Manager secret name for credentials |
DISPLAY_NAME |
No |
Display name for GCP RAG corpus |
GOOGLE_API_KEY |
Yes |
Google Generative AI (Gemini) API key |
AI & Content Generation
| Variable |
Required |
Description |
OPENAI_API_KEY |
Yes |
OpenAI API key (GPT models) |
LEONARDO_KEY |
Yes |
Leonardo AI API key (image generation) |
AWS_BEDROCK_KEY |
Yes |
AWS Bedrock access key |
AWS_BEDROCK_SECRET |
Yes |
AWS Bedrock secret key |
AWS_BEDROCK_MODEL |
Yes |
Default Bedrock model ID (Llama/Claude/Nova) |
AWS_BEDROCK_REGION |
Yes |
AWS Bedrock region |
| Variable |
Required |
Description |
PEXELS_API_KEY |
No |
Pexels stock image API key |
PIXABAY_API_KEY |
No |
Pixabay stock image API key |
SERP_API_KEY |
No |
SerpAPI key for web/image search (used in helper/webScraping.js) |
| Variable |
Required |
Description |
FACEBOOK_APP_ID |
Yes |
Facebook/Meta App ID |
FACEBOOK_APP_SECRET |
Yes |
Facebook/Meta App Secret |
LINKEDIN_CLIENT_ID |
Yes |
LinkedIn OAuth 2.0 client ID |
LINKEDIN_CLIENT_SECRET |
Yes |
LinkedIn OAuth 2.0 client secret |
TIKTOK_CLIENT_ID |
Yes |
TikTok OAuth client key |
TIKTOK_CLIENT_SECRET |
Yes |
TikTok OAuth client secret |
Note: Google, GitHub, and Twitter OAuth credentials are configured within middlewares/passport.js — check that file for additional OAuth env vars if needed.
Payment Processing (Paddle)
Production
| Variable |
Required |
Description |
PADDLE_API_KEY |
Yes |
Paddle production API key |
PADDLE_WEBHOOK_KEY |
Yes |
Paddle webhook signature verification key |
PADDLE_WEBHOOK_KEY1 |
No |
Alternative webhook key (multi-webhook support) |
PADDLE_API_DOMAIN |
Yes |
Paddle API base URL |
PADDLE_ENV |
Yes |
Paddle environment identifier |
Sandbox/Test
| Variable |
Required |
Description |
PADDLE_TEST_API_KEY |
No |
Sandbox API key |
PADDLE_TEST_WEBHOOK_KEY |
No |
Sandbox webhook key |
PADDLE_TEST_API_DOMAIN |
No |
Sandbox API domain |
PADDLE_TEST_ENV |
No |
Sandbox environment identifier |
Application URLs
| Variable |
Required |
Description |
APP_URL |
Yes |
Frontend application URL (used for OAuth redirects) |
API_URL |
Yes |
API base URL (used for self-referencing callbacks) |
NOTIFY_URL |
No |
Notification/webhook callback URL |
PUBLISH_KEY |
No |
Key for publish notification auth |
Role-Based Access Control
| Variable |
Required |
Description |
ACCOUNT_MANAGER |
Yes |
Role ID for account manager role |
DESIGNER |
Yes |
Role ID for designer role |
USER_MEMBER |
Yes |
Role ID for standard user/member role |
Used in: routes/auth.js for role-based endpoint access control.
Third-Party Integrations
| Variable |
Required |
Description |
IMPACT_ACCOUNT_SID |
No |
Impact.com partner account SID |
IMPACT_AUTH_TOKEN |
No |
Impact.com auth token |
IMPACT_BASE_URL |
No |
Impact.com API base URL (default: https://api.impact.com) |
CHASKIQ_SECRET |
No |
Chaskiq customer support platform secret |
SUPPORT_URL_EXPIRY_MIN |
No |
Support URL token expiry in minutes |
| Variable |
Required |
Default |
Description |
CREDENTIALS_CACHE_DURATION |
No |
3600000 (1 hour) |
Duration to cache GCP credentials (ms) |
REQUEST_TIMEOUT |
No |
30000 (30s) |
HTTP request timeout for Cloud RAG (ms) |
File Naming
| Variable |
Required |
Description |
prefix |
Yes |
Prefix for generated file names and IDs (e.g., S3 object keys) |
CONF_PATH |
No |
Path to additional config files (used by dashboard services) |
Summary
| Category |
Count |
| Database |
7 |
| Server |
2 |
| Authentication & Security |
3 |
| Email |
2 |
| AWS S3 |
11 |
| Google Cloud |
7 |
| AI & Content Generation |
6 |
| Image & Media APIs |
3 |
| Social Media OAuth |
6 |
| Payment (Paddle) |
9 |
| Application URLs |
4 |
| RBAC |
3 |
| Third-Party |
5 |
| Caching & Performance |
2 |
| File Naming |
2 |
| Total |
~72 |
Environment-Specific Notes
- Development:
NODE_ENV=development disables auth on dashboard routes and enables verbose logging.
- Production: Requires all "Required" variables. Missing critical vars (DB, AWS, JWT) will cause startup failure.
- Dashboard services (
dashboard/services/job_*.js) use CONF_PATH to load config from an alternate location.
- Job files create their own database connections using the same DB variables from
conf.js.