Overview
CONFOR uses environment variables to configure database connections, authentication, worker processes, and export limits. This page documents all available environment variables and their usage.Create a
.env file in your project root based on the examples below. Never commit sensitive values to version control.Core Configuration
Database
PostgreSQL connection string used by Prisma ORM.Format:
postgresql://USER:PASSWORD@HOST:PORT/DATABASEExample: postgresql://postgres:postgres@localhost:5432/app_devAuthentication
Secret key for signing and encrypting JWT tokens in NextAuth v5.Generation: Run
openssl rand -base64 32 to generate a secure secret.Example: your-super-secret-key-here-minimum-32-charsThe canonical URL of your application (used for OAuth callbacks).Default: Auto-detected in most casesExample:
http://localhost:3000 (development) or https://confor.yourdomain.com (production)Public-facing application URL accessible from the client side.Example:
http://localhost:3000Runtime Environment
Node.js environment mode.Options:
development, production, testDefault: developmentWorker Configuration
Geospatial Worker
The geospatial worker processes shapefile imports, recalculates Level 4 surfaces, and handles geometry variations.Polling interval in milliseconds for the worker scheduler.Default:
4000 (4 seconds)Production recommendation: 5000Maximum number of import jobs processed per worker cycle.Default:
5Production recommendation: 500 (when using PM2 or dedicated worker server)Maximum number of recalculation jobs processed per worker cycle.Default:
10Production recommendation: 200Maximum number of variation jobs processed per worker cycle.Default:
15Production recommendation: 300Execute a single worker cycle and exit (useful for testing).Default:
falseExample: trueOptional secret for securing worker API endpoints.Example:
worker-secret-keyExport Limits
These variables control the maximum number of records that can be exported to Excel format from different modules.Environment File Examples
Security Best Practices
Recommendations
- Use strong secrets: Generate
NEXTAUTH_SECRETwithopenssl rand -base64 32 - Separate environments: Use different databases and secrets for development, staging, and production
- Rotate secrets: Regularly rotate authentication secrets in production
- Limit access: Restrict database user permissions to only what’s needed
- Monitor workers: Set appropriate batch sizes based on your server capacity
Troubleshooting
Database connection fails
Database connection fails
Symptoms:
Error: P1001: Can't reach database serverSolutions:- Verify PostgreSQL is running:
docker compose psorpg_isready - Check
DATABASE_URLformat is correct - Ensure database exists:
psql -U postgres -c "\l" - Verify network connectivity and firewall rules
- Check PostgreSQL logs for authentication errors
NextAuth authentication errors
NextAuth authentication errors
Symptoms:
[auth][error] JWTSessionError: Read more at https://errors.authjs.devSolutions:- Ensure
NEXTAUTH_SECRETis set and at least 32 characters - Verify
NEXTAUTH_URLmatches your application URL - Clear browser cookies and try again
- Check that
trustHost: trueis set in NextAuth config for production
Worker not processing jobs
Worker not processing jobs
Symptoms: Import jobs stuck in PENDING stateSolutions:
- Verify worker is running:
pm2 statusor check process list - Check worker logs:
pm2 logs confor-geo-worker - Ensure
DATABASE_URLis accessible from worker process - Verify batch sizes are not set to 0
- Check database for locked transactions:
SELECT * FROM pg_locks;
Export fails with timeout
Export fails with timeout
Symptoms: Large exports timeout or fail to completeSolutions:
- Reduce
*_EXPORT_MAX_LIMITvalues - Add pagination to your export queries
- Increase server timeout settings
- Consider implementing background export jobs
- Add indexes to frequently queried columns
Environment variables not loading
Environment variables not loading
Symptoms:
undefined values or default fallbacks being usedSolutions:- Verify
.envfile is in project root directory - Restart development server:
npm run dev - Check for typos in variable names (case-sensitive)
- For Next.js public variables, ensure they start with
NEXT_PUBLIC_ - Rebuild application:
npm run build
Variable Reference Table
| Variable | Type | Required | Default | Description |
|---|---|---|---|---|
DATABASE_URL | string | Yes | - | PostgreSQL connection string |
NEXTAUTH_SECRET | string | Yes | - | NextAuth JWT signing secret |
NEXTAUTH_URL | string | No | Auto-detected | Application canonical URL |
NEXT_PUBLIC_APP_URL | string | No | - | Public-facing app URL |
NODE_ENV | string | No | development | Runtime environment |
GEO_WORKER_INTERVAL_MS | number | No | 4000 | Worker polling interval (ms) |
GEO_IMPORT_BATCH_SIZE | number | No | 5 | Import jobs per cycle |
GEO_RECALC_BATCH_SIZE | number | No | 10 | Recalc jobs per cycle |
GEO_VARIATION_BATCH_SIZE | number | No | 15 | Variation jobs per cycle |
GEO_WORKER_RUN_ONCE | boolean | No | false | Single cycle execution |
GEO_WORKER_SECRET | string | No | - | Worker API endpoint secret |
FOREST_BIOLOGICAL_ASSET_EXPORT_MAX_LIMIT | number | No | 5000 | Bio asset export limit |
FOREST_CONFIG_EXPORT_MAX_LIMIT | number | No | 5000 | Forest config export limit |
FOREST_PATRIMONY_EXPORT_MAX_LIMIT | number | No | 5000 | Patrimony export limit |
GENERAL_CONFIG_EXPORT_MAX_LIMIT | number | No | 5000 | General config export limit |
ORGANIZATIONS_EXPORT_MAX_LIMIT | number | No | 5000 | Organizations export limit |
ROLES_EXPORT_MAX_LIMIT | number | No | 5000 | Roles export limit |
USERS_EXPORT_MAX_LIMIT | number | No | 5000 | Users export limit |
Next Steps
Database Setup
Configure PostgreSQL and run migrations
Worker Setup
Set up geospatial processing workers