.env file explained

Version Date Notes By
0.3 2022-05-04 Added many missing variables BRB
0.2 2020-01-21 Added comment on DB_PORT JFM
0.1 2017-11-03 Initial release FPA

Example structure

APP_ENV=production
APP_SYSTEM=linux
APP_DEBUG=false
APP_KEY=
APP_NAME="SGI V10 XXXX"
APP_CLIENT_NAME="WeMake"
#APP_TRUSTED_PROXIES="127.0.0.1" # allowed proxies origins, multiple values allowed, comma separated
APP_BACKEND_URL=http://wemake-sgi-backend.devel
APP_FRONTEND_URL=http://wemake-sgi.devel
APP_EXTERNAL_FORMS_URL="${APP_FRONTEND_URL}"
APP_TIMEZONE=Europe/Lisbon
APP_LOCALE=pt
APP_FALLBACK_LOCALE=en
APP_BACKEND_LOCALE=pt
APP_AUTH_PROVIDER=eloquent
APP_AUTH_EXTERNAL_PROVIDER_TTL_MINUTES_CONVERSION=60
APP_AUTH_IDENTIFIER=username
APP_AUTH_DUPLICATED_EMAILS=false
APP_NOTIFY_INTERNAL_COMMUNICATIONS_BY_MAIL=false
APP_SCHEDULE_DAILY_AT=null

LOG_CHANNEL=daily
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=homestead
DB_USERNAME=homestead
DB_PASSWORD=secret
DB_SUPPORTS_OFFSET=true

#DB_CONNECTION=oracle
#DB_HOST=127.0.0.1
#DB_PORT=1521
#DB_SERVICE_NAME=xe
#DB_DATABASE=homestead
#DB_USERNAME=homestead
#DB_PASSWORD=secret
#DB_SUPPORTS_OFFSET=true

#CONSENTS_DB_CONNECTION=mysql
#CONSENTS_DB_HOST=127.0.0.1
#CONSENTS_DB_PORT=3306
#CONSENTS_DB_DATABASE=homestead
#CONSENTS_DB_USERNAME=homestead
#CONSENTS_DB_PASSWORD=secret
#CONSENTS_DB_SUPPORTS_OFFSET=true

BROADCAST_DRIVER=redis
CACHE_DRIVER=redis
FILESYSTEM_DISK=local
QUEUE_CONNECTION=redis
SESSION_DRIVER=redis
SESSION_LIFETIME=120

REDIS_CLIENT=phpredis
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
REDIS_DB=0
REDIS_CACHE_DB=1
REDIS_PREFIX=

MAIL_ENABLED=true
MAIL_MAILER=smtp
MAIL_HOST=mailtrap.io
MAIL_PORT=2525
MAIL_FROM_ADDRESS=null
MAIL_FROM_NAME=null
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_STREAM_SSL_VERIFY_PEER=true

LDAP_LOGGING=false
LDAP_AUTO_CONNECT=true
LDAP_ACCOUNT_PREFIX=null
LDAP_ACCOUNT_SUFFIX=null
LDAP_HOSTS="corp-dc1.corp.acme.org corp-dc2.corp.acme.org"
LDAP_PORT=389
LDAP_TIMEOUT=5
LDAP_BASE_DN=dc=corp,dc=acme,dc=org
LDAP_USERNAME=null
LDAP_PASSWORD=null
LDAP_USE_SSL=false
LDAP_USE_TLS=false
LDAP_CONNECTION=default
LDAP_PASSWORD_SYNC=false
LDAP_LOGIN_FALLBACK=false
LDAP_GROUP_SCOPE=null
LDAP_AUTH_IDENTIFIER=samaccountname
LDAP_EMAIL_IDENTIFIER=userprincipalname
LDAP_EMAIL_IDENTIFIER_FALLBACK=mail
LDAP_WINDOWS_AUTHENTICATION_SERVER_KEY="AUTH_USER"
LDAP_WINDOWS_AUTHENTICATION_ENABLED=false
LDAP_SYNC_ROLES=false

WKHTML_PDF_BINARY="/usr/local/bin/wkhtmltopdf"
WKHTML_IMG_BINARY="/usr/local/bin/wkhtmltoimage"
WKHTML_PDF_TIMEOUT=60
WKHTML_IMG_TIMEOUT=60

# wemake or wesecure
PDF_REPORT_FOOTER="wemake"

# the list of socialite providers, delimited by comma
SOCIALITE_PROVIDERS=null
# repeat the settings below for each provider
SOCIALITE_PROVIDER_XXXXXXXX_CLIENT_ID=null
SOCIALITE_PROVIDER_XXXXXXXX_CLIENT_SECRET=null
SOCIALITE_PROVIDER_XXXXXXXX_REDIRECT_URL=null

SENTRY_LARAVEL_DSN=null

LICENSES_NUMBER=0

JWT_SECRET=
JWT_TTL=720

BUILD_INFORMATION="<build-information>"
VERSION="<version>"

WORD_TO_PDF_CONVERTER_PATH=null

# this is a temporary setting for INL specific font
WORD_STRUCTURE_BLADE_FONT="Foundry Gridnik Regular"

NOCAPTCHA_SUPPORTED=false
NOCAPTCHA_SITEKEY="<google-reCaptcha-key>"
NOCAPTCHA_SECRET="<google-reCaptcha-secret>"

ANONYMOUS_OCCURRENCES_EXTERNAL_FORM_URL_HOST_IF=
ANONYMOUS_OCCURRENCES_EXTERNAL_FORM_URL_HOST_THEN=
ANONYMOUS_OCCURRENCES_EXTERNAL_FORM_URL_HOST_ELSE=

# the legislation api endpoint and login credentials
LEGISLATION_BACKEND_URL="<legislation_url>"
LEGISLATION_EMAIL="<external_integration_user>"
LEGISLATION_PASSWORD="<external_integration_password>"

# conditionally show/hide the "old" Risk resources from the OHS and EMS modules
OCCUPATIONAL_HEALTH_AND_SAFETY_USES_OLD_RISK=true
ENVIRONMENTAL_MANAGEMENT_SYSTEM_USES_OLD_RISK=true

DOCUMENTS_MODULE_INCLUDE_WATERMARK_ON_UNFINISHED_DOCUMENTS=true
DOCUMENTS_MODULE_IMPORTER_JOB_CLASS=null
DOCUMENTS_MODULE_IMPORTER_CLASS=null
DOCUMENTS_MODULE_TEMPLATE_EXPORTER_CLASS=null

ENTITIES_IMPORTER_JOB_CLASS=null

# git root command
ROOT_COMMAND_GIT=git

# clean up backups
CLEAN_UP_KEEP_ALL_BACKUPS_FOR_DAYS=7
CLEAN_UP_KEEP_DAILY_BACKUPS_FOR_DAYS=16
CLEAN_UP_KEEP_WEEKLY_BACKUPS_FOR_WEEKS=8
CLEAN_UP_KEEP_MONTHLY_BACKUPS_FOR_MONTHS=4
CLEAN_UP_KEEP_YEARLY_BACKUPS_FOR_YEARS=1
CLEAN_UP_DELETE_OLDEST_BACKUPS_WHEN_USING_MORE_MEGABYTES_THAN=5000

FILESYSTEM_DISKS_LOCAL_ROOT_PATH=null
FILESYSTEM_DISKS_BACKUP_FILES_ROOT_PATH=null
FILESYSTEM_DISKS_CLIENT_FILES_ROOT_PATH=null
FILESYSTEM_DISKS_TEMP_FILES_ROOT_PATH=null
FILESYSTEM_DISKS_TEMPLATES_ROOT_PATH=null
FILESYSTEM_DISKS_CLIENT_BACKUPS_ROOT_PATH=null
FILESYSTEM_DISKS_PUBLIC_ROOT_PATH=null

# Copy to env and set if pdf merger is in a non standard location
# I.E.: not in 'vendor/bin/PDFMerger'
PDF_MERGER_LOCATION=null

# Activity logger
ACTIVITY_LOGGER_ENABLED=false
ACTIVITY_LOGGER_DELETE_RECORDS_OLDER_THAN_DAYS=365

Environment variables explained

Variable Description Available options
APP_ENV Defines the application environment development / testing / production
APP_SYSTEM Defines the application "operating" system linux / win
APP_DEBUG Defines the whether the application is in debug mode true / false
APP_KEY Defines the application key used to hash/encrypt stuff. Must be generated executing php artisan key:generate
APP_NAME Defines de application name
APP_BACKEND_URL Defines the application backend base url. It is used to generate urls to backend endpoints
APP_FRONTEND_URL Defines the application frontend base url. It is used to generate urls to frontend endpoints
APP_EXTERNAL_FORMS_BACKEND_URL Defines the application external backend base url. It is used to generate urls to backend external forms endpoints
APP_EXTERNAL_FORMS_FRONTEND_URL Defines the application external frontend base url. It is used to generate urls to frontend external forms endpoints
APP_TIMEZONE Defines the application timezone See here
APP_LOCALE Defines the application default locale. It will be overridden by the locale defined in frontend pt / en / ...
APP_FALLBACK_LOCALE Defines the application default fallback locale. If a translation is not found in the main language, the application will use this as a fallback pt / en / ...
APP_BACKEND_LOCALE Defines the application backend locale. It will be used when translating notifications / messages text for example pt / en / ...
APP_AUTH_PROVIDER Defines the application authentication provider eloquent / adldap
APP_NOTIFY_INTERNAL_COMMUNICATIONS_BY_MAIL Defines whether the application must notify internal communications by email true / false
DB_CONNECTION Defines the database default connection name mysql / sqlsrv / pgsql / sqlite
DB_HOST Defines the database host
DB_PORT Defines the database port
DB_DATABASE Defines the database name
DB_USERNAME Defines the database username
DB_PASSWORD Defines the database password
BROADCAST_DRIVER Defines the default brodcast driver used by the framework when an event needs to be broadcast redis / pusher / log
CACHE_DRIVER Defines the default cache connection that gets used while using the caching library redis / memcached / file / database / array / apc
FILESYSTEM_DISK Defines the default file disk local
QUEUE_CONNECTION Defines the default queue driver redis / sqs / beanstalkd / database / sync / null
SESSION_DRIVER Defines the default session driver that will be used on requests redis / memcached / file / database / cookie / array / apc
SESSION_LIFETIME Defines the number of minutes that the session will be allowed to remain idle before it expires
REDIS_HOST Defines the redis database host
REDIS_PASSWORD Defines the redis database password
REDIS_PORT Defines the redis database port Sometimes for SQL Server you must leave this blank
REDIS_DB Defines the redis database number (index) 0 - 15
REDIS_CACHE_DB Defines the redis database cache number (index) 1 - 16
MAIL_MAILER Defines the default mail driver smtp / sendmail / mailgun / mandrill / ses / sparkpost / log / array
MAIL_HOST Defines the host address of the SMTP server used by de application
MAIL_PORT Defines the SMTP port used by de application
MAIL_FROM_ADDRESS Defines the default email address for all emails sent by the application
MAIL_FROM_NAME Defines the default name for all emails sent by the application
MAIL_USERNAME Defines the SMTP authentication username, if applicable
MAIL_PASSWORD Defines the SMTP authentication password, if applicable
MAIL_ENCRYPTION Defines the SMTP authentication username, if applicable tls / ssl
SENTRY_PRIVATE_DSN Defines the sentry private data source name
SENTRY_PUBLIC_DSN Defines the sentry public data source name
LDAP_ACCOUNT_SUFFIX Defines a suffix that will be appended to adldap authenticating users usernames
LDAP_CONTROLLERS Defines the array of servers located on the network that serve Active Directory. Must be separated with a space
LDAP_BASEDN Defines the base distinguished name where the adldap queries will be performed
LDAP_ADMIN_ACCOUNT_SUFFIX Defines a suffix that will be appended to the "administrator" account when connecting to the AD server
LDAP_ADMIN_USERNAME Defines the "administrator" username used to connect to the AD server
LDAP_ADMIN_PASSWORD Defines the "administrator" password used to connect to the AD server
LDAP_LOGIN_FALLBACK Defines if it is allowed to login as a user located on the local database if active directory authentication fails true / false
LDAP_PASSWORD_SYNC Defines if the users AD passwords shall be synced with the local database true / false
PDF_REPORT_FOOTER Defines the PDF reports' default footer wemake / wesecure
LICENSES_NUMBER Defines the application licenses number, or, by another words, the number of active users at the same time. When this number is reached, no more users can be created / activated
JWT_TTL Defines the length of time (in minutes) that the json web token will be valid for
FILESYSTEM_DISKS_LOCAL_ROOT_PATH Defines the root path for file storage, should point towards external storage path if that exists comment if no external storage directory / string file path
FILESYSTEM_DISKS_BACKUP_FILES_ROOT_PATH Defines the path for backup-files storage, should point towards external's path if that exists comment if no external storage directory / string file path
FILESYSTEM_DISKS_CLIENT_FILES_ROOT_PATH Defines the path for files storage, should point towards external's path if that exists comment if no external storage directory / string file path
FILESYSTEM_DISKS_TEMP_FILES_ROOT_PATH Defines the path for temp-files storage, should point towards external's path if that exists comment if no external storage directory / string file path
FILESYSTEM_DISKS_TEMPLATES_ROOT_PATH Defines the path for templates storage, should point towards internal backend storage path comment if no external storage directory / string file path
FILESYSTEM_DISKS_CLIENT_BACKUPS_ROOT_PATH Defines the path for backups storage, should point towards external's path if that exists comment if no external storage directory / string file path
FILESYSTEM_DISKS_PUBLIC_ROOT_PATH Defines the path for public storage, should point towards external's path if that exists comment if no external storage directory / string file path
ACTIVITY_LOGGER_ENABLED Defines whether the activity logs are being recorded or not true / false
ACTIVITY_LOGGER_DELETE_RECORDS_OLDER_THAN_DAYS Defines the length of time that logs are kept for
NOCAPTCHA_SUPPORTED Defines whether ReCaptcha is enabled or not true / false
NOCAPTCHA_SITEKEY Defines the ReCaptcha site key
NOCAPTCHA_SECRET Defines the ReCaptcha secret