Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Ahondev/portfolio-v2/llms.txt

Use this file to discover all available pages before exploring further.

The WP SSR framework is configured entirely through environment variables loaded from a .env file in the project root. This keeps secrets out of version control and makes environment-specific behaviour explicit. Copy .env.example to .env, fill in the required values, and restart PHP-FPM or your web server — no code changes needed.

Database

DB_NAME
string
required
The name of the MySQL / MariaDB database. Must exist before WordPress is installed.
DB_NAME='my_wordpress_db'
DB_USER
string
required
The database user that WordPress will connect as. Grant SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER on the target database.
DB_USER='wp_user'
DB_PASSWORD
string
required
Password for DB_USER. Leave empty only for local development environments where the database socket has no password.
DB_PASSWORD='s3cr3t'
DB_HOST
string
default:"localhost"
Hostname (and optional port) of the database server. Omit this variable to use the default localhost.
DB_HOST='db.example.com:3307'
DB_PREFIX
string
default:"wp_"
Table prefix applied to all WordPress database tables. Change this from the default wp_ for security or to run multiple WordPress installations in the same database.
DB_PREFIX='mysite_'
DATABASE_URL
string
A full DSN as an alternative to the individual DB_* variables. When present, it overrides DB_NAME, DB_USER, DB_PASSWORD, and DB_HOST. Useful for PaaS providers that expose a single connection string.
DATABASE_URL='mysql://db_user:db_pass@db_host:3306/db_name'
When DATABASE_URL is set, the individual DB_NAME, DB_USER, DB_PASSWORD, and DB_HOST variables are not required. The framework will parse the DSN automatically via parse_url() in config/application.php.

WordPress

WP_ENV
string
required
Controls which environment overlay is loaded from config/environments/{WP_ENV}.php. Accepted values: development, staging, production. Defaults to production if not set.
ValueDebugIndexingFile Mods
development✅ Enabled❌ Blocked✅ Allowed
staging❌ Off❌ Blocked❌ Blocked
production❌ Off✅ Allowed❌ Blocked
WP_ENV='production'
WP_HOME
string
required
The full public URL of the site, including scheme (https://). WordPress uses this as the canonical home URL. Do not include a trailing slash.
WP_HOME='https://example.com'
WP_SITEURL
string
The URL where WordPress core is installed. In this Bedrock-based setup it is automatically derived as ${WP_HOME}/wp in .env.example — you rarely need to override it manually.
WP_SITEURL="${WP_HOME}/wp"

Framework-Specific

TELEGRAM_BOT_TOKEN
string
API token for the Telegram Bot used to deliver contact-form notifications. Obtain one from @BotFather on Telegram. Required only if the Telegram notification feature is enabled in your service layer.
TELEGRAM_BOT_TOKEN='7123456789:AAF_xyz...'
TELEGRAM_CHAT_ID
string
The Telegram chat or channel ID where contact notifications are sent. Use a negative ID for group chats or channels (e.g. -100123456789).
TELEGRAM_CHAT_ID='123456789'
WEB_RENDER_TOKEN
string
Bearer token sent to api.ahon.dev when triggering SSG (Static Site Generation) pre-rendering. Required when using the SSG → Generate All Pages workflow in WP Admin or the POST /api/v1/ssg/all REST endpoint.
WEB_RENDER_TOKEN='tok_live_xxxxxxxxxxxxxxxx'
HEALTH_ENDPOINT_TOKEN
string
Secret token that protects the /health monitoring endpoint from unauthenticated access. Generate a cryptographically-random value — see it-tools.tech/token-generator.
HEALTH_ENDPOINT_TOKEN='a9f3d2...'

WordPress Security Keys & Salts

All eight salt variables below are required for WordPress to securely encrypt cookies and authentication tokens. Generate a unique set at roots.io/salts.html.
Never reuse salts across environments or check them into version control. Rotating salts immediately invalidates all active login sessions.
AUTH_KEY
string
required
Used to sign authentication cookies.
SECURE_AUTH_KEY
string
required
Used to sign secure (HTTPS-only) authentication cookies.
LOGGED_IN_KEY
string
required
Used to sign the logged-in cookie.
NONCE_KEY
string
required
Used when generating nonces.
AUTH_SALT
string
required
Salt for AUTH_KEY.
SECURE_AUTH_SALT
string
required
Salt for SECURE_AUTH_KEY.
LOGGED_IN_SALT
string
required
Salt for LOGGED_IN_KEY.
NONCE_SALT
string
required
Salt for NONCE_KEY.
A complete set looks like this in .env: 
# Generate fresh values at https://roots.io/salts.html
AUTH_KEY='put your unique phrase here'
SECURE_AUTH_KEY='put your unique phrase here'
LOGGED_IN_KEY='put your unique phrase here'
NONCE_KEY='put your unique phrase here'
AUTH_SALT='put your unique phrase here'
SECURE_AUTH_SALT='put your unique phrase here'
LOGGED_IN_SALT='put your unique phrase here'
NONCE_SALT='put your unique phrase here'

Environment Overlays

The config/application.php base configuration is always loaded first. After applying its defaults, the framework requires config/environments/{WP_ENV}.php if it exists:
Enables full debug output, query saving, and script debugging. Also allows file modifications from the admin (installing plugins/themes). Search engine indexing is blocked via DISALLOW_INDEXING.
// config/environments/development.php
Config::define('SAVEQUERIES', true);
Config::define('WP_DEBUG', true);
Config::define('WP_DEBUG_DISPLAY', true);
Config::define('WP_DEBUG_LOG', env('WP_DEBUG_LOG') ?? true);
Config::define('WP_DISABLE_FATAL_ERROR_HANDLER', true);
Config::define('SCRIPT_DEBUG', true);
Config::define('DISALLOW_INDEXING', true);

ini_set('display_errors', '1');

// Enable plugin and theme updates and installation from the admin
Config::define('DISALLOW_FILE_MODS', false);
You can also create a .env.local file alongside .env for machine-specific overrides. The dotenv loader merges .env.local on top of .env when both exist, leaving the base .env clean for team-wide defaults.

Build docs developers (and LLMs) love

Get started for freeTalk to us