Environment Variables
All environment-specific settings are stored in the .env file. Never commit this file to version control.
Core Laravel Settings
APP_NAME="CertiLock Storage"
APP_ENV=local # local | staging | production
APP_KEY=base64:... # Generated by php artisan key:generate
APP_DEBUG=true # false in production
APP_URL=https://dash.scottsdalemint.test
Database
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=certilock_storage
DB_USERNAME=root
DB_PASSWORD=secret
If you also have a separate WooCommerce database connection (for the WooCommerce sync target), add a
DB_WOOCOMMERCE_*group and reference it inconfig/database.php.
AWS / S3 (CertiLock Images)
AWS_ACCESS_KEY_ID=...
AWS_SECRET_ACCESS_KEY=...
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=certilock-storage
AWS_USE_PATH_STYLE_ENDPOINT=false
CertiLock images are stored under the CertiLock-Files/ prefix inside the S3 bucket, using the naming convention {SERIAL_NUMBER}_SS.JPG.
nFusion API
# Key name that stores the actual API token for each nFusion tenant.
# The value in the database is the *name* of this env var, not the token itself.
NFUSION_RETAIL_API_TOKEN="Bearer xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
NFUSION_DEALERS_API_TOKEN="Bearer xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
The
NFusionServicereadsenv($tenant->api_token)at runtime — theapi_tokencolumn stores the env var name, not the raw secret.
nFusion Config (config/nfusion.php)
NFUSION_TIMEOUT=20 # HTTP request timeout in seconds
Algolia (Sync Targets)
For each Algolia sync target, the middleware reads prefixed environment variables. The prefix is configured per sync target in the admin panel (default ALGOLIA).
ALGOLIA_APP_ID=XXXXXXXXXX
ALGOLIA_ADMIN_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ALGOLIA_INDEX_NAME=products
For a separate dealers Algolia index:
DEALERS_ALGOLIA_APP_ID=XXXXXXXXXX
DEALERS_ALGOLIA_ADMIN_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
DEALERS_ALGOLIA_INDEX_NAME=dealer_products
HTTP Sync Targets
Each HTTP sync target can read its bearer token from an env var. The variable name is configured per target in the admin panel.
HTTP_SYNC_AUTH_TOKEN="Bearer my-secret-token"
WooCommerce Webhook
RETAIL_WEBHOOK_SECRET=your_woocommerce_webhook_secret
Used by WooCommerceProductUpdateController to verify the x-wc-webhook-signature header on incoming product-update webhooks.
ShipStation
SHIPSTATION_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
SHIPSTATION_API_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Queue
QUEUE_CONNECTION=redis # redis | database | sync
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
Healthcheck
Each nFusion tenant can have a healthcheck URL pinged after a successful sync:
NFUSION_TENANT_HEALTHCHECK_URL=https://hc-ping.com/your-uuid
The URL is stored per-tenant in the database and pinged by PriceSyncService.
Updating .env Variables
Changing a .env variable alone will NOT update the live site. You must redeploy the environment for changes to take effect.
Via Command Line
All commands are done via vapor
Step 1: Audit .env
vapor env:pull [environment]
Creates a file named .env.[environment] (e.g., .env.staging) so you can verify existing keys. It will not overwrite your local .env.
Step 2: Change
Make your changes to the downloaded file.
vapor env:push [environment]
What it does: Sends the new value directly to the Ymir API.
Step 3: Re-deploy
Re-deploy the [environment] where .env variables were updated.
Once done, delete any local copies of .env.[environment] to keep environment variables secure.
Via Vapor UI
- Navigate: Log into Vapor, select your Project, and choose the Environment.
- Edit: Click the Environment Variables tab, update your keys, and click Save.
- Deploy: Go to the Deployments tab and trigger a new deployment to make the changes live.