Skip to main content

Overview

CompanyFlow uses environment variables for configuration. The application loads variables from a .env file in development and from system environment variables in production.

Configuration Loading

The application uses godotenv to load the .env file. From config/config.go:15: 
if err := godotenv.Load(); err != nil {
    log.Println("No .env file found, using environment variables")
}
If no .env file is found, the application will use system environment variables. This is the recommended approach for production deployments.

Required Environment Variables

1

Create .env File

Create a .env file in the root directory of your project:
touch .env
Never commit your .env file to version control. Add it to .gitignore to prevent accidental commits.
2

Configure Database Variables

Add your PostgreSQL database configuration:
.env
DB_HOST=localhost
DB_PORT=5432
DB_USER=your_database_user
DB_PASSWORD=your_database_password
DB_NAME=companyflow
DB_SSLMODE=disable
DB_HOST
string
required
PostgreSQL server hostname or IP address
DB_PORT
string
required
PostgreSQL server port (default: 5432)
DB_USER
string
required
Database user with access to the CompanyFlow database
DB_PASSWORD
string
required
Password for the database user
DB_NAME
string
required
Name of the database (default: companyflow)
DB_SSLMODE
string
required
SSL mode for database connection. Options: disable, require, verify-ca, verify-full
3

Configure Server Variables

Add server configuration:
.env
PORT=8080
CORS_ORIGIN=http://localhost:3000
PORT
string
default:"8080"
Port number for the HTTP server
CORS_ORIGIN
string
default:"http://localhost:3000"
Allowed origin for CORS requests. Set to your frontend application URL.
4

Configure Authentication

Add JWT secret for authentication:
.env
JWT_SECRET=your_jwt_secret_key
JWT_SECRET
string
required
Secret key for signing JWT tokens. Use a strong, random string.
Generate a secure JWT secret using a cryptographically secure random generator. Never use simple strings like “secret” or “password”.
Generate a secure JWT secret:
openssl rand -base64 64

Complete Configuration Example

Here’s a complete .env file example: 
# Database Configuration
DB_HOST=localhost
DB_PORT=5432
DB_USER=companyflow_user
DB_PASSWORD=dev_password_123
DB_NAME=companyflow
DB_SSLMODE=disable

# Server Configuration
PORT=8080
CORS_ORIGIN=http://localhost:3000

# Authentication
JWT_SECRET=your_generated_secret_key_here

Environment Variable Validation

CompanyFlow validates required environment variables at startup. From config/config.go:50: 
func mustGetEnv(key string) string {
    value := os.Getenv(key)
    if value == "" {
        log.Fatalf("Missing required environment variable: %s", key)
    }
    return value
}
If any required variable is missing, the application will fail to start with a clear error message.

CORS Configuration

The CORS middleware is configured in main.go:46. It allows:
  • Origin: Specified in CORS_ORIGIN (default: http://localhost:3000)
  • Methods: GET, POST, PUT, DELETE, OPTIONS
  • Headers: Content-Type, Authorization
  • Credentials: Enabled

Multiple CORS Origins

To support multiple origins, you’ll need to modify the CORS middleware in main.go:44. Example: 
allowedOrigins := []string{
    "http://localhost:3000",
    "https://app.yourcompany.com",
    "https://staging.yourcompany.com",
}

origin := r.Header.Get("Origin")
for _, allowed := range allowedOrigins {
    if origin == allowed {
        w.Header().Set("Access-Control-Allow-Origin", origin)
        break
    }
}

Testing Environment Variables

For testing, you can create a separate .env.test file:
.env.test
DB_HOST=localhost
DB_PORT=5432
DB_USER=companyflow_test
DB_PASSWORD=test_password
DB_NAME=companyflow_test
DB_SSLMODE=disable
PORT=8081
CORS_ORIGIN=http://localhost:3000
JWT_SECRET=test_jwt_secret
Load it before running tests: 
export $(cat .env.test | xargs) && go test ./...

Production Deployment

Never use .env files in production. Use your platform’s environment variable configuration instead.

Platform-Specific Configuration

# Use --env-file or -e flags
docker run -e DB_HOST=localhost \
  -e DB_PORT=5432 \
  -e DB_USER=companyflow \
  -e DB_PASSWORD=password \
  -e DB_NAME=companyflow \
  -e DB_SSLMODE=require \
  -e PORT=8080 \
  -e CORS_ORIGIN=https://app.com \
  -e JWT_SECRET=secret \
  companyflow:latest

Troubleshooting

Missing Environment Variable Error

If you see this error: 
Missing required environment variable: DB_HOST
Ensure your .env file exists and contains all required variables.

.env File Not Loading

If your .env file isn’t being loaded:
  1. Verify the file is named exactly .env (not .env.txt)
  2. Ensure it’s in the root directory where you run go run main.go
  3. Check file permissions: chmod 644 .env

CORS Errors

If you see CORS errors in the browser:
  1. Verify CORS_ORIGIN matches your frontend URL exactly (including protocol)
  2. Ensure the frontend is making requests to the correct API URL
  3. Check that preflight OPTIONS requests are being handled

Next Steps

After configuring environment variables:
  1. Set up your database
  2. Run database migrations
  3. Test your configuration

Build docs developers (and LLMs) love

Get started for freeTalk to us