Skip to main content
The backend uses a .env file for configuration, which is automatically loaded at startup using godotenv/autoload. Copy backend/.env.example to backend/.env and configure the values for your environment.

Core Configuration

APP_ENV
string
required
Application environment mode. Used to determine the MongoDB database name ({APP_ENV}-backend) and control environment-specific behavior.Common values:
  • development - Local development
  • staging - Staging environment
  • production - Production environment
The EnvIsProd() helper function checks if this equals "production".
PORT
string
required
Port number for the HTTP server to listen on.Example: 8080
Never commit your .env file to version control. It should be included in .gitignore.

Database Configuration

MONGODB_URI
string
required
MongoDB connection string. Can be a local MongoDB instance or a cloud provider like MongoDB Atlas.Examples:The application will ping the database on startup to verify the connection.
REDIS_URL
string
Redis connection string for caching and session storage.Example: redis://localhost:6379
While defined in the configuration, Redis integration may require additional implementation for session management.

Security

SESSION_KEY
string
required
Secret key used for session management and signing. Should be a long, random string.
Use a cryptographically secure random string in production. Never use a predictable value or commit this to version control.
Generate a secure key:
openssl rand -base64 32

Payment Integration (Paypack)

PAYPACK_CLIENT_ID
string
Client ID for Paypack payment gateway integration. Required if using mobile money payment features.Used for authenticating with the Paypack API at https://payments.paypack.rw/api/auth/agents/authorize.
Keep this credential secure. Do not expose in client-side code or commit to version control.
PAYPACK_CLIENT_SECRET
string
Client secret for Paypack payment gateway. Required if using Paypack features.Enables functionality:
  • Cash-in (collecting payments)
  • Cash-out (disbursements)
  • Transaction status polling
This is a sensitive credential. Treat it like a password and never expose it publicly.

Email Integration (Plunk)

USE_PLUNK
string
API key for Plunk email service (https://useplunk.com). Despite the name suggesting a boolean, this should contain your Plunk API key.Used by the SendEmailWithPlunk() function to send transactional emails.
Store this securely. API keys should never be committed to version control.

Notifications (Telegram)

TELEGRAM_BOT_ID
string
Telegram bot token for sending notifications. Obtain from @BotFather on Telegram.Format: 123456:ABC-DEF1234ghIkl-zyx57W2v1u123ew11
TELEGRAM_CHAT_ID
string
Telegram chat ID where the bot should send messages. Can be a user ID, group ID, or channel ID.Used by the SendTelegramMessage() function for real-time notifications and alerts.

Example Configuration

Here’s a complete example .env file for local development: 
APP_ENV=development
MONGODB_URI=mongodb://localhost:27017
PORT=8080
SESSION_KEY=your-secure-random-session-key-here
REDIS_URL=redis://localhost:6379

# Optional: Payment integration
PAYPACK_CLIENT_ID=
PAYPACK_CLIENT_SECRET=

# Optional: Email service
USE_PLUNK=

# Optional: Telegram notifications
TELEGRAM_BOT_ID=
TELEGRAM_CHAT_ID=

Accessing Environment Variables

Environment variables are accessed through helper functions in backend/configs/env.go: 
import "backend/configs"

// Core configuration
env := configs.AppEnv()              // Get APP_ENV
isProd := configs.EnvIsProd()        // Check if production
port := configs.EnvPort()            // Get PORT

// Database
mongoURI := configs.EnvMongoURI()    // Get MONGODB_URI
redisURL := configs.GetRedisUrl()    // Get REDIS_URL

// Security
sessionKey := configs.GetSessionKey() // Get SESSION_KEY

// Integrations
paypackID := configs.GetPaypackId()       // Get PAYPACK_CLIENT_ID
paypackSecret := configs.GetPaypackSecret() // Get PAYPACK_CLIENT_SECRET
plunkKey := configs.GetPlunkKey()          // Get USE_PLUNK
telegramBot := configs.TelegramBotId()     // Get TELEGRAM_BOT_ID
telegramChat := configs.TelegramChatID()   // Get TELEGRAM_CHAT_ID

Security Best Practices

  1. Never commit the .env file to version control
  2. Use different values for each environment (development, staging, production)
  3. Rotate secrets regularly, especially SESSION_KEY and API credentials
  4. Use environment-specific API keys (test keys for development, production keys for production)
  5. Restrict access to production environment variables
  6. Use a secrets management service in production (AWS Secrets Manager, HashiCorp Vault, etc.)

Build docs developers (and LLMs) love

Get started for freeTalk to us