| description | icon |
|---|---|
Here you can see all available environment variables of the Control Plane. |
sliders-up |
Check the WunderGraph Cosmo repository for a default configuration.
| Environment variable | Description | Default | Required | Description | Default | Value | Required | Default |
|---|---|---|---|---|---|---|---|---|
| HOST | The host of the server | localhost | false | false | ||||
| DATABASE_URL | The connection URL of the database. | postgresql://postgres:changeme@localhost:5432/controlplane | true | The name of the federated graph that the router represent | "" | String | true | "" |
| PORT | The port on which the controlplane runs. | 3001 | true | The token that permits the router to communicate with the contolplane and export metrics. | "" | String (Generated from federated-graph create-token) | true | "" |
| ALLOWED_ORIGINS | The controlplane url. | http://localhost:3000 | true | The URL of the controlplane. | http://localhost:3001 | String | false | http://localhost:3001 |
| LOG_LEVEL | Configures the log level. | info | true | The server address | localhost:3002 | String | false | localhost:3002 |
| DEBUG_SQL | Configures the logs of SQL. | false | true | The name of your router service | | String | false | wundergraph-cosmo-router |
| CLICKHOUSE_DSN | The connection URL of clickhouse. | "" | true | The headers to be sent to the OTEL collector | "" | String or comma-separated for multiple values | false | Origin,Content-Length,Content-Type |
| AUTH_REDIRECT_URI | The authorized redirect URLs. | http://localhost:3001/v1/auth/callback | true | Allowed CORS Headers | | String or comma-separated for multiple values | false | Origin,Content-Length,Content-Type |
| WEB_BASE_URL | The URL of studio. | "" | true | Allowed CORS Origins | * | String or comma-separated for multiple values | false | * |
| AUTH_JWT_SECRET | The JWT secret used for verifying and signing JWTs. (32 characters) | "" | true | Allowed CORS Methods | | String or comma-separated for multiple values | false | HEAD,GET,POST |
| OPENAI_API_KEY | The api key of OPEN API | "" | true | Allowed CORS Credential mode | false | Boolean | false | false |
| KC_LOGIN_REALM | The realm of the login credentials. | "master" | false | false | ||||
| KC_REALM | The keycloak realm of your Client. | "" | true | false | ||||
| KC_CLIENT_ID | The keycloak client ID. | "" | true | false | ||||
| KC_ADMIN_USER | The admin username. | "" | true | false | ||||
| KC_ADMIN_PASSWORD | The admin password. | "" | true | false | ||||
| KC_API_URL | The URL to your keycloak API endpoint. Used internally for administration. | "" | true | false | ||||
| KC_FRONTEND_URL | The public URL of your keycloak instance. Used for redirects. | "" | true | false | ||||
| WEBHOOK_URL | The endpoint to which you want to fire platform webhooks | "" | false | false | ||||
| WEBHOOK_SECRET | The secret key to verify webhook requests | "" | false | false | ||||
| DB_URL | Postgres connection string | "" | true | false | ||||
| DB_CERT_PATH | Path to certificate file | "" | false | false | ||||
| DB_CA_PATH | Path to the CA file | "" | false | false | ||||
| DB_KEY_PATH | Path to the private key file | "" | false | false | ||||
| GITHUB_APP_CLIENT_ID | GitHub App client id | "" | false | false | ||||
| GITHUB_APP_CLIENT_SECRET | GitHub App client secret | "" | false | false | ||||
| GITHUB_APP_ID | GitHub App id | "" | false | false | ||||
| GITHUB_APP_PRIVATE_KEY | Private key of your GitHub App | "" | false | false | ||||
| GITHUB_APP_WEBHOOK_SECRET | Webhook secret of your GitHub App | "" | false | false | ||||
| SLACK_APP_CLIENT_ID | Slack app client id | "" | false | false | ||||
| SLACK_APP_CLIENT_SECRET | Slack app client secret | "" | false | false | ||||
| S3_STORAGE_URL | URL to your s3 storage provider (either include credentials or use S3_ACCESS_KEY_ID and S3_SECRET_ACCESS_KEY) | "" | true | false | ||||
| S3_REGION | The region to be used for the s3 bucket. | "auto" | false | false | ||||
| S3_ENDPOINT | The endpoint to be used falls back to url.Origin. | "" | false | false | ||||
| S3_ACCESS_KEY_ID | Access key id for the bucket. (AWS_ACCESS_KEY_ID) | "" | false | false | ||||
| S3_SECRET_ACCESS_KEY | Secress Access key for the bucket. (AWS_SECRET_ACCESS_KEY) | "" | false | false | ||||
| S3_FORCE_PATH_STYLE | Used to enforce path style url resolution. | true | false | false | ||||
| SMTP_ENABLED | Enable the smtp integration | false | false | false | ||||
| SMTP_USERNAME | Smtp username | "" | false | false | ||||
| SMTP_PASSWORD | Smtp password | "" | false | false | ||||
| SMTP_PORT | The port the smtp server listens to | false | false | |||||
| SMTP_HOST | The host to connect to | "" | false | false | ||||
| SMTP_SECURE | Defines if the connection should use SSL | false | false | |||||
| SMTP_REQUIRE_TLS | Forces the client to use STARTTLS | false | false | |||||
| STRIPE_SECRET_KEY | Stripe secret | "" | false | false | ||||
| STRIPE_WEBHOOK_SECRET | Stripe webhook secret | "" | false | false | ||||
| DEFAULT_PLAN | Based on your custom plans, the name of the default plan | "" | false | false |