Kantuta POS Backend reads all runtime settings from environment variables loaded byDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Eleazarguitar18/kantuta_pos_back/llms.txt
Use this file to discover all available pages before exploring further.
@nestjs/config at startup. This keeps secrets out of source code and makes the application trivially portable across local, staging, and production environments — you only change a .env file (or your platform’s secret store) without touching any application code.
Copy
.env.example to .env in the project root if it exists, or create .env from scratch using the reference below. @nestjs/config loads this file automatically when NODE_ENV is not production, and ConfigModule.forRoot({ isGlobal: true }) makes every value available throughout all modules.Database (PostgreSQL)
The TypeORM connection is configured insrc/config/database.config.ts. All DATABASE_* variables are read via ConfigService at bootstrap time.
Hostname or IP address of your PostgreSQL server.Default:
localhostTCP port PostgreSQL is listening on.Default:
5432PostgreSQL username with read/write access to the target database.
Password for the PostgreSQL user. Treated as a secret — never log or expose this value.
Name of the PostgreSQL database to connect to. The database must already exist; TypeORM will create tables automatically via
synchronize: true.Set to
Accepted values:
'true' to enable SSL/TLS for the PostgreSQL connection. Required when connecting to managed cloud databases (e.g. Supabase, AWS RDS, Railway).Default: falseAccepted values:
'true' | 'false'Redis
The Redis cache is configured insrc/config/redis.config.ts using @keyv/redis and @nestjs/cache-manager. If REDIS_URL is set it is used as-is; otherwise the URL is constructed from the individual host/port/password variables.
Hostname or IP of your Redis instance.Default:
localhostTCP port Redis is listening on.Default:
6379Password for Redis authentication. Leave empty if your local Redis instance has no password configured.
Username for Redis ACL authentication (Redis 6+). Leave empty for default-user access.
Full Redis connection URL (e.g.
redis://:password@host:6379). When provided, this takes precedence over the individual REDIS_HOST, REDIS_PORT, REDIS_USER, and REDIS_PASSWORD variables.JWT
JWT configuration lives insrc/config/jwt.config.ts. The JWT_SECRET is mandatory — the application throws an explicit error at startup if it is missing.
Secret key used to sign and verify access tokens. Use a cryptographically random string of at least 32 characters.
Lifespan of the access token expressed as a Vercel ms string.Default:
Example values:
'8h'Example values:
'1h', '15m', '24h'Separate secret used to sign refresh tokens. If omitted, the application may fall back to
JWT_SECRET depending on service implementation — it is strongly recommended to set this to a distinct value.Lifespan of the refresh token.Default:
Example values:
'7d'Example values:
'7d', '30d'Server
The TCP port the HTTP server binds to. The
main.ts bootstrap calls app.listen(process.env.PORT ?? 3000, '0.0.0.0').Default: 3000Runtime environment identifier. Affects logging verbosity and may influence future
Accepted values:
synchronize guards.Default: developmentAccepted values:
development | production | testsrc/mail/mail.module.ts. Use either the Nodemailer SMTP variables or the Resend API key, depending on your preferred provider.
Nodemailer (SMTP)
SMTP server hostname (e.g.
smtp.gmail.com, smtp.mailgun.org).TCP port of the SMTP server.Common values:
587 (STARTTLS), 465 (SSL), 25Set to
'true' to enable SSL on the SMTP connection (typically used with port 465). For STARTTLS on port 587, leave this 'false'.Accepted values: 'true' | 'false'SMTP authentication username (usually the sending email address).
SMTP authentication password or app-specific password.
Set to
'true' to enforce strict TLS certificate validation. Set to 'false' to allow self-signed certificates (useful in local or Debian-hosted environments where certificate chains may be incomplete).Accepted values: 'true' | 'false'Resend
API key from your Resend account. When configured, the
MailService uses the Resend SDK to send transactional emails.AI Services
API key for Google Gemini (
@google/genai). Required if the GeminiModule or AiAssistantModule is active.API key for Groq (
groq-sdk). Used as an alternative or complementary LLM provider in the AI assistant features.Complete .env Example
synchronize: true is enabled in database.config.ts. This means TypeORM automatically applies schema changes (creates tables, adds columns) every time the server starts, based on your entity definitions. This is convenient for development but can be destructive in production — consider setting DATABASE_SSL=true and disabling synchronize (or using migrations) before going live.