Home / Environment Setup

Environment Setup

Configure your .env file for different environments

Overview

The .env file contains all configuration variables for your Mongo My Admin installation. Copy .env.example to .env and configure each section according to your environment.

cp .env.example .env
nano .env  # or use your preferred editor

Security Warning

Never commit your .env file to version control. It contains sensitive credentials. The .env.example file is safe to commit as a template.

Server Configuration

Server & URLs

PORT Server port. Default: 6008 Optional
NODE_ENV Environment mode: development or production Required
SAAS_ADMIN_URL Full URL to SaaS admin panel (for CORS and emails). Example: https://yourdomain.com/saas Optional
COMPANY_ADMIN_URL Full URL to company admin panel. Example: https://yourdomain.com Optional
API_BASE_URL Base URL for API. Example: https://yourdomain.com Optional 
# Server Configuration
PORT=6008
NODE_ENV=production

# URLs (for production)
SAAS_ADMIN_URL=https://yourdomain.com/saas
COMPANY_ADMIN_URL=https://yourdomain.com
API_BASE_URL=https://yourdomain.com

MongoDB Database

MongoDB Connection

MONGODB_URI MongoDB connection string with authentication Required

Connection String Formats

Local MongoDB

MONGODB_URI=mongodb://localhost:27017/mongo_saas

MongoDB with Authentication

MONGODB_URI=mongodb://username:password@localhost:27017/mongo_saas?authSource=admin

MongoDB Atlas (Cloud)

MONGODB_URI=mongodb+srv://username:password@cluster0.xxxxx.mongodb.net/mongo_saas?retryWrites=true&w=majority

Remote MongoDB Server

MONGODB_URI=mongodb://username:password@192.168.1.100:27017/mongo_saas?authSource=admin

MongoDB User Permissions

The MongoDB user needs these roles for full functionality:

  • readWriteAnyDatabase - Create/manage databases
  • dbAdminAnyDatabase - Database administration
  • userAdminAnyDatabase - Create database users

JWT & Security

Authentication Secrets

JWT_SECRET Secret key for signing JWT tokens. Use a strong random string (32+ chars) Required
JWT_REFRESH_SECRET Secret key for refresh tokens. Different from JWT_SECRET Required
JWT_EXPIRES_IN Access token expiration. Default: 1h Optional
JWT_REFRESH_EXPIRES_IN Refresh token expiration. Default: 7d Optional
API_KEY_SECRET Secret for encrypting sensitive data. Must be 32 characters for AES-256 Required
DB_USER_ENCRYPTION_KEY Key for encrypting database user passwords. 32 characters Required 
# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key-min-32-chars
JWT_REFRESH_SECRET=your-refresh-secret-different-key
JWT_EXPIRES_IN=1h
JWT_REFRESH_EXPIRES_IN=7d

# Encryption Keys (exactly 32 characters)
API_KEY_SECRET=12345678901234567890123456789012
DB_USER_ENCRYPTION_KEY=abcdefghijklmnopqrstuvwxyz123456

Generate Strong Secrets

Use a secure random generator for production secrets:

node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"

Payment Gateway Configuration

Razorpay

PAYMENT_DEFAULT_MODE Default payment mode: test or live Optional
RAZORPAY_TEST_KEY_ID Razorpay test mode Key ID Optional
RAZORPAY_TEST_KEY_SECRET Razorpay test mode Key Secret Optional
RAZORPAY_LIVE_KEY_ID Razorpay live mode Key ID Optional
RAZORPAY_LIVE_KEY_SECRET Razorpay live mode Key Secret Optional 
# Payment Configuration
PAYMENT_DEFAULT_MODE=test

# Razorpay - Test Mode
RAZORPAY_TEST_KEY_ID=rzp_test_xxxxxxxxxxxxx
RAZORPAY_TEST_KEY_SECRET=xxxxxxxxxxxxxxxxxxxx

# Razorpay - Live Mode
RAZORPAY_LIVE_KEY_ID=rzp_live_xxxxxxxxxxxxx
RAZORPAY_LIVE_KEY_SECRET=xxxxxxxxxxxxxxxxxxxx

# PhonePe - Test Mode
PHONEPE_TEST_MERCHANT_ID=your_test_merchant_id
PHONEPE_TEST_SALT_KEY=your_test_salt_key
PHONEPE_TEST_SALT_INDEX=1
PHONEPE_TEST_API_URL=https://api-preprod.phonepe.com/apis/pg-sandbox

# PhonePe - Live Mode
PHONEPE_LIVE_MERCHANT_ID=your_live_merchant_id
PHONEPE_LIVE_SALT_KEY=your_live_salt_key
PHONEPE_LIVE_SALT_INDEX=1
PHONEPE_LIVE_API_URL=https://api.phonepe.com/apis/hermes

# Paytm - Test Mode
PAYTM_TEST_MERCHANT_ID=your_test_merchant_id
PAYTM_TEST_MERCHANT_KEY=your_test_merchant_key
PAYTM_TEST_WEBSITE=WEBSTAGING
PAYTM_TEST_API_URL=https://securegw-stage.paytm.in

# Paytm - Live Mode
PAYTM_LIVE_MERCHANT_ID=your_live_merchant_id
PAYTM_LIVE_MERCHANT_KEY=your_live_merchant_key
PAYTM_LIVE_WEBSITE=DEFAULT
PAYTM_LIVE_API_URL=https://securegw.paytm.in

Email Configuration

Mail Provider

MAIL_PROVIDER Email provider: smtp, sendgrid, mailgun, or ses Required
MAIL_FROM_NAME Sender display name Required
MAIL_FROM_EMAIL Sender email address Required

SMTP Configuration

MAIL_PROVIDER=smtp
MAIL_FROM_NAME=Mongo My Admin
MAIL_FROM_EMAIL=noreply@yourdomain.com

SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_SECURE=false
SMTP_USER=your-email@gmail.com
SMTP_PASSWORD=your-app-password

SendGrid Configuration

MAIL_PROVIDER=sendgrid
MAIL_FROM_NAME=Mongo My Admin
MAIL_FROM_EMAIL=noreply@yourdomain.com

SENDGRID_API_KEY=SG.xxxxxxxxxxxxxxxxxxxxxxxx

AWS SES Configuration

MAIL_PROVIDER=ses
MAIL_FROM_NAME=Mongo My Admin
MAIL_FROM_EMAIL=noreply@yourdomain.com

AWS_SES_REGION=ap-south-1
AWS_SES_ACCESS_KEY=AKIAXXXXXXXXXXXXXXXX
AWS_SES_SECRET_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Frontend Variables

Variables prefixed with NEXT_PUBLIC_ are exposed to the browser.

Client-Side Variables

NEXT_PUBLIC_API_URL API URL for frontend. Default: /api/v1 (relative path recommended) Optional
NEXT_PUBLIC_APP_NAME Application name displayed in UI Optional
NEXT_PUBLIC_RAZORPAY_KEY_ID Razorpay public key for frontend checkout Optional 
# Frontend Variables
NEXT_PUBLIC_API_URL=/api/v1
NEXT_PUBLIC_APP_NAME=Mongo My Admin
NEXT_PUBLIC_APP_VERSION=1.0.0
NEXT_PUBLIC_RAZORPAY_KEY_ID=rzp_test_xxxxxxxxxxxxx

Complete .env Example

Here's a complete production-ready .env file:

# ═══════════════════════════════════════════════════════════════
# MONGO MY ADMIN - PRODUCTION ENVIRONMENT
# ═══════════════════════════════════════════════════════════════

# Server
PORT=6008
NODE_ENV=production

# URLs
SAAS_ADMIN_URL=https://yourdomain.com/saas
COMPANY_ADMIN_URL=https://yourdomain.com
API_BASE_URL=https://yourdomain.com

# MongoDB
MONGODB_URI=mongodb+srv://admin:password@cluster0.xxxxx.mongodb.net/mongo_saas

# JWT Authentication
JWT_SECRET=your-64-character-super-secret-jwt-key-for-production-use
JWT_REFRESH_SECRET=your-different-64-char-refresh-secret-key-here
JWT_EXPIRES_IN=1h
JWT_REFRESH_EXPIRES_IN=7d

# Encryption Keys (32 characters each)
API_KEY_SECRET=12345678901234567890123456789012
DB_USER_ENCRYPTION_KEY=abcdefghijklmnopqrstuvwxyz123456

# Frontend
NEXT_PUBLIC_API_URL=/api/v1
NEXT_PUBLIC_APP_NAME=Mongo My Admin
NEXT_PUBLIC_APP_VERSION=1.0.0
NEXT_PUBLIC_RAZORPAY_KEY_ID=rzp_live_xxxxxxxxxxxxx

# Payment
PAYMENT_DEFAULT_MODE=live
RAZORPAY_LIVE_KEY_ID=rzp_live_xxxxxxxxxxxxx
RAZORPAY_LIVE_KEY_SECRET=xxxxxxxxxxxxxxxxxxxx

# Email (SMTP)
MAIL_PROVIDER=smtp
MAIL_FROM_NAME=Mongo My Admin
MAIL_FROM_EMAIL=noreply@yourdomain.com
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_SECURE=false
SMTP_USER=your-email@gmail.com
SMTP_PASSWORD=your-app-password

You're Ready!

After configuring your .env file, build and start the application:

npm run build && npm start