Environment Variables

Environment Variables Reference

Complete reference untuk semua environment variables yang dibutuhkan Merq.

Backend Variables

Application

Variable	Description	Required	Default
`SERVER_PORT`	Server port	Yes	`8080`
`APP_ENV`	Environment (development/production)	Yes	`development`
`ADMIN_BASE_URL`	Web dashboard URL	No	-
`APP_BASE_URL`	Mobile app URL	No	-

Database (PostgreSQL)

Variable	Description	Required	Default
`DB_HOST`	Database host	Yes	`localhost`
`DB_PORT`	Database port	Yes	`5432`
`DB_USER`	Database user	Yes	-
`DB_PASSWORD`	Database password	Yes	-
`DB_NAME`	Database name	Yes	-
`DB_SSLMODE`	SSL mode (disable/require)	No	`disable`
`DB_TIMEZONE`	Database timezone	No	`Asia/Jakarta`

Redis (Caching)

Variable	Description	Required	Default
`REDIS_HOST`	Redis host	Yes	`localhost`
`REDIS_PORT`	Redis port	Yes	`6379`
`REDIS_PASSWORD`	Redis password	No	(empty)
`REDIS_DB`	Redis database number	No	`0`

JWT Authentication

Variable	Description	Required	Default
`JWT_SECRET`	JWT signing key (min 32 chars)	Yes	-
`JWT_EXPIRY_HOURS`	Access token expiry	No	`24`
`JWT_REFRESH_EXPIRY_DAYS`	Refresh token expiry	No	`30`

Typesense (Full-text Search)

Variable	Description	Required	Default
`TYPESENSE_HOST`	Typesense host	No	`localhost`
`TYPESENSE_PORT`	Typesense port	No	`8108`
`TYPESENSE_API_KEY`	API key for Typesense	No	-
`TYPESENSE_PROTOCOL`	Protocol (http/https)	No	`http`

Firebase (Push Notifications)

Variable	Description	Required	Default
`FIREBASE_CREDENTIALS_FILE`	Path to service account JSON	No	-

DigitalOcean Spaces (File Storage)

Variable	Description	Required	Default
`DO_SPACES_KEY`	Spaces access key	No	-
`DO_SPACES_SECRET`	Spaces secret key	No	-
`DO_SPACES_BUCKET`	Bucket name	No	-
`DO_SPACES_ENDPOINT`	Spaces endpoint URL	No	-
`DO_SPACES_REGION`	Spaces region	No	`sgp1`

Email Providers

Resend (Primary)

Variable	Description	Required	Default
`RESEND_API_KEY`	Resend API key	No	-
`RESEND_SENDER_EMAIL`	Sender email address	No	-

Plunk (Fallback 1)

Variable	Description	Required	Default
`PLUNK_API_KEY`	Plunk API key	No	-
`PLUNK_SENDER_EMAIL`	Sender email address	No	-

Mailersend (Fallback 2)

Variable	Description	Required	Default
`MAILERSEND_API_KEY`	Mailersend API key	No	-
`MAILERSEND_SENDER_EMAIL`	Sender email address	No	-

Generic Email

Variable	Description	Required	Default
`MAIL_FROM`	Default from email	No	-

Initial Setup (Seeder)

Variable	Description	Required	Default
`SU_NAME`	Super admin name	No	-
`SU_EMAIL`	Super admin email	No	-
`SU_PASSWORD`	Super admin password	No	-
`SU_PHONE`	Super admin phone	No	-
`WS_NAME`	Initial workspace name	No	-
`WS_DESCRIPTION`	Workspace description	No	-
`WS_SLUG`	Workspace slug	No	-

Deployment Flags

Variable	Description	Required	Default
`RUN_MIGRATION`	Run goose SQL migrations on startup	No	`false`
`RUN_SEEDER`	Run seeder on startup	No	`false`
`RUN_AUTO_MIGRATION`	Run GORM AutoMigrate on startup (dev/emergency only — never use in production)	No	`false`

Local Development

Variable	Description	Required	Default
`ENV_FILE`	Path to env file (used by `scripts/` and `cmd/goose`)	No	`.env`

Web Dashboard Variables

Variable	Description	Required	Default
`VITE_API_BASE_URL`	Backend API URL	Yes	-
`VITE_GOOGLE_API_KEY`	Google Maps API key	No	-
`VITE_SECURE_LOCAL_STORAGE_HASH_KEY`	Encryption key (32 chars)	Yes	-
`VITE_SECURE_LOCAL_STORAGE_PREFIX`	Storage key prefix	No	`merq_`
`VITE_APP_ENV`	Environment	No	`development`
`VITE_APP_NAME`	Application name	No	`Merq Admin`

Mobile App Variables

Variable	Description	Required	Default
`API_BASE_URL`	Backend API URL	Yes	-
`STORAGE_ENC_KEY`	MMKV encryption key (32 chars)	Yes	-
`GOOGLE_MAPS_API_KEY`	Google Maps API key (Android)	No	-
`APP_ENV`	Environment	No	`development`
`APP_NAME`	Application name	No	`Merq Field Force`

Quick Reference by Environment

Development (.env.local)

# Backend
SERVER_PORT=8080
DB_HOST=localhost
DB_PORT=5432
DB_USER=postgres
DB_PASSWORD=postgres
DB_NAME=merq_development
REDIS_HOST=localhost
REDIS_PORT=6379
JWT_SECRET=dev-secret-key-min-32-characters

# Web
VITE_API_BASE_URL=http://localhost:8080/api

# Mobile
API_BASE_URL=http://localhost:8080/api
STORAGE_ENC_KEY=dev_storage_key_32_characters

Production

# Backend
SERVER_PORT=8080
APP_ENV=production
DB_HOST=postgres
DB_USER=merq
DB_PASSWORD=<secure-password>
DB_NAME=merq_production
REDIS_HOST=redis
JWT_SECRET=<secure-random-32+-chars>
TYPESENSE_HOST=typesense
TYPESENSE_API_KEY=<api-key>
FIREBASE_CREDENTIALS_FILE=/app/firebase/service-account.json
DO_SPACES_KEY=<key>
DO_SPACES_SECRET=<secret>
RESEND_API_KEY=<key>

# Web
VITE_API_BASE_URL=https://api.yourdomain.com/api
VITE_SECURE_LOCAL_STORAGE_HASH_KEY=<secure-key>

# Mobile
API_BASE_URL=https://api.yourdomain.com/api
STORAGE_ENC_KEY=<secure-key>

Security Notes

Never commit .env files to version control
Rotate secrets regularly, especially after team member changes
Use strong passwords (min 16 characters, mixed case, numbers, symbols)
JWT_SECRET should be at least 32 random characters
Production values should be stored in secure secret management (Notion + Dokploy env vars)