← Back to Docs Home

Environment Variables

This document lists all environment variables used across QNSP services.

Environment Variables

This document lists all environment variables used across QNSP services.

Web Portal (apps/web)

Authentication & Access

  • WEB_EDGE_GATEWAY_URL - Edge Gateway URL (required)
  • WEB_PLATFORM_API_TOKEN - Platform API access token (optional)
  • WEB_TENANT_SERVICE_URL - Tenant Service URL (optional, derived from edge-gateway)
  • WEB_BILLING_SERVICE_URL - Billing Service URL (optional, derived from edge-gateway)
  • WEB_AUTH_SERVICE_URL - Auth Service URL (optional, derived from edge-gateway)
  • WEB_VAULT_SERVICE_URL - Vault Service URL (optional, derived from edge-gateway)
  • WEB_STORAGE_SERVICE_URL - Storage Service URL (optional, derived from edge-gateway)
  • WEB_SEARCH_SERVICE_URL - Search Service URL (optional, derived from edge-gateway)
  • WEB_KMS_SERVICE_URL - KMS Service URL (optional, derived from edge-gateway)
  • WEB_AI_ORCHESTRATOR_URL - AI Orchestrator URL (optional, derived from edge-gateway)
  • WEB_OBSERVABILITY_SERVICE_URL - Observability Service URL (optional, derived from edge-gateway)
  • WEB_AUDIT_SERVICE_URL - Audit Service URL (optional, derived from edge-gateway)
  • WEB_ACCESS_CONTROL_SERVICE_URL - Access Control Service URL (optional, derived from edge-gateway)
  • WEB_SECURITY_MONITORING_SERVICE_URL - Security Monitoring Service URL (optional, derived from edge-gateway)
  • WEB_OBSERVABILITY_OTLP_ENDPOINT - OTLP endpoint for metrics (optional)

Invite and access gate (optional)

  • TP_GATE_JWT_SECRET - JWT secret for preview invite tokens (required)
  • TP_GATE_PASS - Optional access code for preview signup (optional)
  • PREVIEW_TOKEN_TTL_DAYS - Preview token time-to-live in days (default: 14)
  • SALES_EMAIL - Sales team email for preview signup notifications (default: qnsp-sales@cuilabs.io)
  • CLOUD_PORTAL_URL - Cloud portal URL for redirect (default: https://cloud.qnsp.cuilabs.io)

Email (SMTP)

  • SMTP_HOST - SMTP server host (required)
  • SMTP_PORT - SMTP server port (default: 465)
  • SMTP_SECURE - Use SSL/TLS (default: true)
  • SMTP_USER - SMTP username (required)
  • SMTP_PASSWORD - SMTP password (required)
  • EMAIL_FROM_ADDRESS - From email address (default: qnsp-noreply@cuilabs.io)

Observability

  • WEB_OBSERVABILITY_METRICS_INTERVAL_MS - Metrics collection interval (default: 60000)
  • WEB_OBSERVABILITY_METRICS_TIMEOUT_MS - Metrics timeout (default: 15000)

Cloud Portal (apps/cloud)

Service URLs

  • WEB_EDGE_GATEWAY_URL - Edge Gateway URL (required)
  • WEB_TENANT_SERVICE_URL - Tenant Service URL (optional, derived from edge-gateway)
  • WEB_BILLING_SERVICE_URL - Billing Service URL (optional, derived from edge-gateway)
  • WEB_AUTH_SERVICE_URL - Auth Service URL (optional, derived from edge-gateway)

Invite and access gate (optional)

  • TP_GATE_JWT_SECRET - JWT secret for preview invite tokens (required)
  • CLOUD_PORTAL_URL - Cloud portal base URL (default: https://cloud.qnsp.cuilabs.io)

Billing Service (apps/billing-service)

Database

  • BILLING_DATABASE_URL - PostgreSQL connection string (required)
  • BILLING_DATABASE_SSL - SSL mode for database connection (default: prefer)
  • BILLING_DATABASE_MAX_CONNECTIONS - Max pool connections (default: 20)
  • BILLING_DATABASE_IDLE_TIMEOUT_MS - Idle timeout in ms (default: 30000)

Stripe

  • STRIPE_SECRET_KEY - Stripe API secret key (optional)
  • STRIPE_WEBHOOK_SECRET - Stripe webhook secret (optional)
  • STRIPE_PUBLISHABLE_KEY - Stripe publishable key (optional)

AWS Marketplace

  • AWS_MARKETPLACE_PRODUCT_CODE - AWS Marketplace product code (optional)
  • AWS_MARKETPLACE_REGION - AWS region for Marketplace (default: us-east-1)

Admin

  • ADMIN_TOKEN - Admin access token for provisioning (optional)

Tier Sync

  • TIER_SYNC_CANARY_TENANT_ID - Canary tenant for sync verification (optional)
  • TIER_SYNC_ALERT_CONFIG - JSON config for sync alerts (optional)

Cron Jobs

Invite Signup Expiry Handling

  • BILLING_SERVICE_URL - Billing Service URL (required)
  • GRACE_PERIOD_DAYS - Grace period in days after expiry (default: 7)

Invite Signup Reminder Emails

  • BILLING_SERVICE_URL - Billing Service URL (required)
  • SMTP_HOST - SMTP server host (required)
  • SMTP_PORT - SMTP server port (default: 465)
  • SMTP_SECURE - Use SSL/TLS (default: true)
  • SMTP_USER - SMTP username (required)
  • SMTP_PASSWORD - SMTP password (required)
  • EMAIL_FROM_ADDRESS - From email address (default: qnsp-noreply@cuilabs.io)
  • CLOUD_PORTAL_URL - Cloud portal URL (default: https://cloud.qnsp.cuilabs.io)

Common Service Variables

Logging

  • LOG_LEVEL - Log level (default: info)
  • OTLP_ENDPOINT - OpenTelemetry endpoint (optional)

Service Configuration

  • PORT - Service port (varies by service)
  • HOST - Service host (default: 0.0.0.0)
  • NODE_ENV - Environment (development, staging, production)

Security Notes

  • Never commit secrets to version control
  • Use environment-specific secrets (dev, staging, prod)
  • Rotate secrets regularly
  • Use least-privilege access for service accounts
  • Enable audit logging for sensitive operations

See Also