Skip to main content
This guide covers all environment variables needed to configure Don Palito Jr. Variables are grouped by service for easier management.

Server Configuration

NODE_ENV
string
required
Application environment modeExample: production or developmentControls CORS settings, static file serving, and other environment-specific behaviors.
PORT
number
default:"3000"
Server port numberExample: 3000The port on which the backend server will listen. Defaults to 3000 if not specified.

Database Configuration

DB_URL
string
required
MongoDB connection stringExample: mongodb+srv://username:password@cluster.mongodb.net/donpalitojr?retryWrites=true&w=majorityFull MongoDB connection URL. For production, use MongoDB Atlas. The connection is established in backend/src/config/db.js.
Never commit your MongoDB credentials to version control. Use environment variables for all sensitive data.

Authentication (Clerk)

Don Palito Jr uses Clerk for authentication. You need to create a Clerk account and application at clerk.com.
CLERK_PUBLISHABLE_KEY
string
required
Clerk publishable API keyExample: pk_test_... or pk_live_...Public key used by frontend applications to initialize Clerk.
CLERK_SECRET_KEY
string
required
Clerk secret API keyExample: sk_test_... or sk_live_...Secret key used by backend to verify authentication tokens. Keep this secure.
CLERK_WEBHOOK_SECRET
string
required
Clerk webhook signing secretExample: whsec_...Used to verify webhook requests from Clerk for user sync operations. Found in your Clerk dashboard under Webhooks.
The backend listens for Clerk webhooks at /api/webhooks/clerk to sync user data with MongoDB. Configure this endpoint in your Clerk dashboard.

Background Jobs (Inngest)

Inngest handles background job processing for user synchronization and email sending.
INNGEST_SIGNING_KEY
string
required
Inngest signing key for secure event processingExample: signkey-prod-...Get this from your Inngest dashboard at inngest.com. The Inngest endpoint is exposed at /api/inngest.

File Storage (Cloudinary)

Cloudinary is used for product image uploads and management.
CLOUDINARY_CLOUD_NAME
string
required
Your Cloudinary cloud nameExample: dxyz123abcFound in your Cloudinary dashboard.
CLOUDINARY_API_KEY
string
required
Cloudinary API keyExample: 123456789012345API credentials from Cloudinary dashboard.
CLOUDINARY_API_SECRET
string
required
Cloudinary API secretExample: abcdefghijklmnopqrstuvwxyzSecret key for Cloudinary API authentication. Keep this secure.
The Cloudinary SDK is configured in backend/src/config/cloudinary.js:
import { v2 as cloudinary } from "cloudinary";
import { ENV } from "./env.js";

cloudinary.config({
  cloud_name: ENV.CLOUDINARY_CLOUD_NAME,
  api_key: ENV.CLOUDINARY_API_KEY,
  api_secret: ENV.CLOUDINARY_API_SECRET,
});

Email Service

Email sending is handled through Nodemailer with Gmail SMTP.
ADMIN_EMAIL
string
required
Gmail address for sending emailsExample: yourbusiness@gmail.comThe Gmail account used to send welcome emails and order notifications.
EMAIL_PASSWORD
string
required
Gmail app passwordExample: abcd efgh ijkl mnopUse an App Password, not your regular Gmail password. Generate one at Google Account Security.
For production, enable 2-factor authentication on your Gmail account and use App Passwords instead of your regular password.

Payment Processing (Stripe)

Stripe handles all payment transactions.
STRIPE_SECRET_KEY
string
required
Stripe secret keyExample: sk_test_... or sk_live_...Backend secret key for processing payments. Use test keys for development and live keys for production.
STRIPE_PUBLISHABLE_KEY
string
required
Stripe publishable keyExample: pk_test_... or pk_live_...Public key used by frontend to initialize Stripe checkout.
STRIPE_WEBHOOK_SECRET
string
required
Stripe webhook signing secretExample: whsec_...Used to verify webhook events from Stripe. Configure webhook endpoint at /api/payment/webhook in your Stripe dashboard.
The payment webhook at /api/payment/webhook uses raw body parsing as required by Stripe. See backend/src/server.js:61-71 for the implementation.

Application Branding

These variables customize the application’s appearance and business information.
APP_NAME
string
required
Application display nameExample: Don Palito JrUsed in emails and throughout the application.
LOGO_URL
string
URL to your company logoExample: https://res.cloudinary.com/yourcloud/image/upload/logo.pngUsed in email templates and branding.
COMPANY_NAME
string
required
Legal company nameExample: Don Palito Jr S.A.S.Used in invoices and receipts.
COMPANY_NIT
string
required
Tax identification numberExample: 900123456-7Company tax ID used in invoices.
COMPANY_ADDRESS
string
required
Company physical addressExample: Calle 123 #45-67Used in invoices and order documentation.
COMPANY_CITY
string
required
Company cityExample: Bogotá, ColombiaCity where the business is located.
COMPANY_PHONE
string
required
Company contact phone numberExample: +57 300 123 4567Customer service phone number.

Client Configuration

CLIENT_URL
string
required
Frontend application URLExample: https://www.donpalitojr.com or http://localhost:5173Used for CORS configuration in production. In production mode, only this origin is allowed. In development, multiple localhost ports are permitted.
The server configures CORS differently based on environment:
const corsOptions = {
  origin: ENV.NODE_ENV === "production" 
    ? ENV.CLIENT_URL  
    : function (origin, callback) {
        const allowedOrigins = [
          'http://localhost:5173',  // Admin panel
          'http://localhost:5174',  // Frontend
          'http://localhost:8081',  // Expo metro
          // ... more development origins
        ];
        // Allow expo:// URLs for mobile development
        if (origin.startsWith('exp://')) {
          return callback(null, true);
        }
      },
  credentials: true,
  methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
};
See backend/src/server.js:26-57 for full implementation.

Example .env File

Create a .env file in the backend/ directory: 
# Server
NODE_ENV=production
PORT=3000

# Database
DB_URL=mongodb+srv://user:password@cluster.mongodb.net/donpalitojr

# Clerk Authentication
CLERK_PUBLISHABLE_KEY=pk_live_xxxxxxxxxxxxx
CLERK_SECRET_KEY=sk_live_xxxxxxxxxxxxx
CLERK_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxx

# Inngest
INNGEST_SIGNING_KEY=signkey-prod-xxxxxxxxxxxxx

# Cloudinary
CLOUDINARY_CLOUD_NAME=your-cloud-name
CLOUDINARY_API_KEY=123456789012345
CLOUDINARY_API_SECRET=abcdefghijklmnopqrst

# Email (Gmail)
ADMIN_EMAIL=yourbusiness@gmail.com
EMAIL_PASSWORD=your-app-password

# Stripe
STRIPE_SECRET_KEY=sk_live_xxxxxxxxxxxxx
STRIPE_PUBLISHABLE_KEY=pk_live_xxxxxxxxxxxxx
STRIPE_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxx

# Branding
APP_NAME=Don Palito Jr
LOGO_URL=https://res.cloudinary.com/yourcloud/logo.png
COMPANY_NAME=Don Palito Jr S.A.S.
COMPANY_NIT=900123456-7
COMPANY_ADDRESS=Calle 123 #45-67
COMPANY_CITY=Bogotá, Colombia
COMPANY_PHONE=+57 300 123 4567

# Client
CLIENT_URL=https://www.donpalitojr.com

Environment Variable Loading

Environment variables are loaded using dotenv in backend/src/config/env.js: 
import dotenv from "dotenv";

dotenv.config({quiet: true});

export const ENV = {
    NODE_ENV: process.env.NODE_ENV,
    PORT: process.env.PORT,
    DB_URL: process.env.DB_URL,
    // ... all other variables
};
All configuration is centralized in this single file for easy maintenance.

Build docs developers (and LLMs) love

Get started for freeTalk to us