NeXuS

Environment Variables

All NeXuS services are configured via environment variables loaded from a shared .env file.

Required Variables

Database Passwords

POSTGRES_PASSWORD=your-secure-password
MONGODB_PASSWORD=your-secure-password
REDIS_PASSWORD=your-secure-password

These are used by both the database containers and the application services that connect to them.

JWT Secret

JWT_SECRET=your-jwt-secret-min-32-chars

Used by the Auth Service to sign and verify JWT tokens. Must be at least 32 characters.

Optional Variables

Cloudflare Integration

CLOUDFLARE_API_TOKEN=your-api-token
CLOUDFLARE_ZONE_ID=your-zone-id

Required for DNS management features. The API token needs Zone:DNS:Edit permissions.

Grafana

GRAFANA_PASSWORD=admin-password

Sets the Grafana admin password. Default username is admin.

MCP Server Authentication

CF_SERVICE_TOKEN_ID=your-service-token-id
CF_SERVICE_TOKEN_SECRET=your-service-token-secret

Cloudflare Service Token credentials for MCP endpoint authentication. If not set, the MCP endpoint accepts unauthenticated requests.

Service Ports

PORT=4000           # API Gateway
AUTH_PORT=6000      # Auth Service
MCP_PORT=5001       # MCP Server

Default ports are used if not specified.

Database Connection

POSTGRES_HOST=nexus-postgres
POSTGRES_PORT=5432
POSTGRES_DB=nexus
POSTGRES_USER=seb

Defaults are configured for the Docker Compose environment.

Frontend

NEXT_PUBLIC_API_URL=https://api.sebhosting.com
NEXT_PUBLIC_AUTH_URL=https://auth.sebhosting.com

Full Example .env

# ── Database Passwords ────────────────────
POSTGRES_PASSWORD=change-me-in-production
MONGODB_PASSWORD=change-me-in-production
REDIS_PASSWORD=change-me-in-production

# ── JWT ───────────────────────────────────
JWT_SECRET=change-me-to-a-secure-random-string-min-32-chars

# ── Cloudflare ────────────────────────────
CLOUDFLARE_API_TOKEN=your-cloudflare-api-token
CLOUDFLARE_ZONE_ID=your-cloudflare-zone-id

# ── Grafana ───────────────────────────────
GRAFANA_PASSWORD=your-grafana-admin-password

# ── MCP Authentication ────────────────────
CF_SERVICE_TOKEN_ID=your-cf-service-token-id
CF_SERVICE_TOKEN_SECRET=your-cf-service-token-secret

# ── Frontend ──────────────────────────────
NEXT_PUBLIC_API_URL=https://api.sebhosting.com
NEXT_PUBLIC_AUTH_URL=https://auth.sebhosting.com

:::warning Never commit .env files to version control. The .env file should be listed in .gitignore. :::

This site is open source. Improve this page.