Skip to main content

Overview

The server configuration controls how the MTB Backend API listens for incoming requests and manages application security. Configuration is defined in config/server.ts and controlled through environment variables.

Server Settings

Host and Port

HOST
string
default:"0.0.0.0"
The hostname or IP address the server will bind to. Use 0.0.0.0 to listen on all network interfaces, or 127.0.0.1 for localhost only.
PORT
integer
default:"1337"
The port number the server will listen on for HTTP requests.
# Listen on localhost only
HOST=127.0.0.1
PORT=1337
In production environments, it’s common to use 0.0.0.0 as the host to allow the server to accept connections from any network interface. A reverse proxy like NGINX typically handles external traffic.

Application Keys

Security Keys

APP_KEYS
array
required
Array of secret keys used for signing and encrypting sessions, cookies, and other security-sensitive data. Required for production deployments.
Application keys are critical for security. Never commit them to version control or share them publicly. Generate strong, random keys for production environments.

Generating App Keys

App keys should be long, random strings. You can generate them using various methods: 
# Generate a random key using OpenSSL
openssl rand -base64 32

Setting App Keys

Provide multiple keys as a comma-separated list in your .env file:
.env
APP_KEYS=key1base64encoded==,key2base64encoded==,key3base64encoded==,key4base64encoded==
Multiple keys enable key rotation. The first key is used for signing new data, while the others are used to validate existing signatures during rotation periods.

Configuration Example

export default ({ env }) => ({
  host: env('HOST', '0.0.0.0'),
  port: env.int('PORT', 1337),
  app: {
    keys: env.array('APP_KEYS'),
  },
});

Environment-Specific Configuration

Development

For local development:
.env
HOST=127.0.0.1
PORT=1337
APP_KEYS=developmentKeyOnly==

Staging

For staging environments:
.env
HOST=0.0.0.0
PORT=1337
APP_KEYS=stagingKey1==,stagingKey2==,stagingKey3==,stagingKey4==

Production

For production deployments:
.env
HOST=0.0.0.0
PORT=1337
APP_KEYS=prodKey1==,prodKey2==,prodKey3==,prodKey4==
Always use different application keys for each environment. Never reuse development keys in production.

Deployment Considerations

Reverse Proxy Setup

When deploying behind a reverse proxy (NGINX, Apache, etc.):
.env
# Server listens on internal network interface
HOST=0.0.0.0
PORT=1337
Your reverse proxy configuration should forward requests to localhost:1337.

Container Deployment

For Docker or containerized deployments:
.env
# Listen on all interfaces inside the container
HOST=0.0.0.0
PORT=1337
Map the container port to your host:
Docker
docker run -p 80:1337 -e HOST=0.0.0.0 -e PORT=1337 your-image

Port Binding

Ports below 1024 typically require root privileges on Unix-like systems. Consider using a reverse proxy or port forwarding instead of binding directly to ports like 80 or 443.

Troubleshooting

Server Won’t Start

If the server fails to start:
  1. Check if the port is already in use: 
    lsof -i :1337
  2. Verify APP_KEYS is set: 
    echo $APP_KEYS
  3. Check host binding permissions:
    • Use 127.0.0.1 for localhost testing
    • Ensure you have permission to bind to the specified interface

Cannot Connect to Server

If you cannot connect to the server:
  1. Verify the server is running: 
    curl http://localhost:1337
  2. Check firewall rules:
    • Ensure the port is not blocked
    • Verify network security groups (cloud deployments)
  3. Confirm host binding:
    • 127.0.0.1 only accepts localhost connections
    • 0.0.0.0 accepts connections from any interface

Build docs developers (and LLMs) love

Get started for freeTalk to us