Skip to main content
StellarStack uses environment variables for configuration. This guide covers all available variables.

Required Variables

These variables are required for StellarStack to function:
VariableDescriptionExample
DATABASE_URLPostgreSQL connection stringpostgresql://user:pass@localhost:5432/db
BETTER_AUTH_SECRETSession signing secret (32+ characters)Generated automatically by installer

Generating Secrets

Generate a secure random secret: 
openssl rand -base64 32

Production Required Variables

These variables are required for production deployments (not needed for local development):
VariableDescriptionExample
FRONTEND_URLPanel URL (must not be localhost)https://panel.example.com
API_URLAPI URL (must not be localhost)https://api.example.com
DOWNLOAD_TOKEN_SECRETSecret for file download tokens32+ character random string
ENCRYPTION_KEY32-byte hex key for AES-256-CBC encryption64 hex characters
JWT_SECRETJWT signing secret32+ character random string

Generating Encryption Key

Generate a 32-byte (64 hex character) encryption key: 
openssl rand -hex 32

OAuth Configuration (Optional)

Enable OAuth authentication with external providers:

Google OAuth

VariableDescription
GOOGLE_CLIENT_IDGoogle OAuth 2.0 client ID
GOOGLE_CLIENT_SECRETGoogle OAuth 2.0 client secret
Setup:
  1. Go to Google Cloud Console
  2. Create OAuth 2.0 credentials
  3. Set authorized redirect URI: https://api.example.com/auth/google/callback

GitHub OAuth

VariableDescription
GITHUB_CLIENT_IDGitHub OAuth app client ID
GITHUB_CLIENT_SECRETGitHub OAuth app client secret
Setup:
  1. Go to GitHub Developer Settings
  2. Create new OAuth app
  3. Set callback URL: https://api.example.com/auth/github/callback

Discord OAuth

VariableDescription
DISCORD_CLIENT_IDDiscord OAuth application ID
DISCORD_CLIENT_SECRETDiscord OAuth application secret
Setup:
  1. Go to Discord Developer Portal
  2. Create new application
  3. Add redirect: https://api.example.com/auth/discord/callback

Database Configuration

PostgreSQL

The DATABASE_URL connection string format: 
postgresql://[user]:[password]@[host]:[port]/[database]?[parameters]
Examples: 
# Local PostgreSQL
DATABASE_URL="postgresql://stellar:password@localhost:5432/stellarstack"

# Docker Compose service
DATABASE_URL="postgresql://stellar:stellarpass@postgres:5432/stellar"

# External database with SSL
DATABASE_URL="postgresql://user:pass@db.example.com:5432/stellarstack?sslmode=require"

Connection Pool Settings

Optional Prisma connection pool parameters: 
DATABASE_URL="postgresql://user:pass@host:5432/db?connection_limit=10&pool_timeout=10"

Docker Configuration

Installer Variables

These variables configure the Ubuntu installer script:
VariableDescriptionDefault
INSTALL_DIRInstallation directory/opt/stellarstack
DOCKER_ORGDocker image organizationstellarstackoss

Docker Images

VariableDescriptionDefault
API_IMAGEAPI Docker imagestellarstackoss/stellarstack-api
PANEL_IMAGEPanel Docker imagestellarstackoss/stellarstack-web

Daemon Configuration

For daemon (node) installations:
VariableDescriptionExample
DAEMON_PANEL_URLAPI URL for daemon to connecthttps://api.example.com
DAEMON_TOKEN_IDToken ID from panelFrom panel > Nodes > Configure
DAEMON_TOKENFull token stringFrom panel
DAEMON_PORTDaemon API port8080
DAEMON_SFTP_PORTSFTP port for file transfers2022
DAEMON_SSL_DOMAINDomain for SSL (if enabled)node.example.com

Daemon Redis (Optional)

VariableDescription
DAEMON_REDIS_URLRedis connection string for daemon
Example: redis://localhost:6379

Server Configuration

Upload Limits

VariableDescriptionDefault
UPLOAD_LIMITMax file upload size100M
Configure in nginx as well: 
client_max_body_size 100M;

Monitoring Domain

VariableDescription
MONITORING_DOMAINDomain for Grafana/monitoring stack
Example: monitoring.example.com

Network Configuration

Docker Networks

StellarStack uses two networks:
  1. stellar_network - For services (Panel, API, Database) 
    docker network create stellar_network
  2. stellar - For game server containers 
    docker network create stellar --subnet=172.18.0.0/16 --gateway=172.18.0.1

Development Variables

For local development only:
VariableDescriptionDefault
NODE_ENVEnvironment modedevelopment
DEBUGEnable debug loggingfalse
PORTAPI port (dev)3001
NEXT_PUBLIC_API_URLAPI URL for Next.jshttp://localhost:3001

Example .env File

Minimum Configuration (Development)

# Database
DATABASE_URL="postgresql://stellar:stellarpass@localhost:5432/stellarstack"

# Authentication
BETTER_AUTH_SECRET="your-32-character-secret-here-replace-this"

Production Configuration

# Database
DATABASE_URL="postgresql://stellar:securepassword@postgres:5432/stellar"

# Authentication & Security
BETTER_AUTH_SECRET="your-32-character-secret-here-replace-this"
JWT_SECRET="another-32-character-secret-replace-this"
DOWNLOAD_TOKEN_SECRET="download-token-secret-32-chars-replace"
ENCRYPTION_KEY="64-hex-character-encryption-key-from-openssl-rand-hex-32"

# URLs
FRONTEND_URL="https://panel.example.com"
API_URL="https://api.example.com"

# OAuth (Optional)
GOOGLE_CLIENT_ID="your-google-client-id.apps.googleusercontent.com"
GOOGLE_CLIENT_SECRET="your-google-client-secret"
GITHUB_CLIENT_ID="your-github-client-id"
GITHUB_CLIENT_SECRET="your-github-client-secret"
DISCORD_CLIENT_ID="your-discord-client-id"
DISCORD_CLIENT_SECRET="your-discord-client-secret"

# Monitoring (Optional)
MONITORING_DOMAIN="monitoring.example.com"

# Upload Limit
UPLOAD_LIMIT="100M"

All-in-One Configuration

# Database
DATABASE_URL="postgresql://stellar:securepassword@postgres:5432/stellar"

# Authentication & Security
BETTER_AUTH_SECRET="your-32-character-secret-here-replace-this"
JWT_SECRET="another-32-character-secret-replace-this"
DOWNLOAD_TOKEN_SECRET="download-token-secret-32-chars-replace"
ENCRYPTION_KEY="64-hex-character-encryption-key-from-openssl-rand-hex-32"

# URLs
FRONTEND_URL="https://panel.example.com"
API_URL="https://api.example.com"

# Daemon Configuration
DAEMON_PANEL_URL="https://api.example.com"
DAEMON_TOKEN_ID="token-id-from-panel"
DAEMON_TOKEN="full-token-string-from-panel"
DAEMON_PORT="8080"
DAEMON_SFTP_PORT="2022"
DAEMON_SSL_DOMAIN="node.example.com"

# Monitoring
MONITORING_DOMAIN="monitoring.example.com"

Security Best Practices

Never commit .env files to version control. Add .env to .gitignore.
  1. Generate unique secrets - Don’t reuse secrets across environments
  2. Use strong passwords - Minimum 32 characters for secrets
  3. Rotate secrets regularly - Update secrets periodically
  4. Restrict file permissions - chmod 600 .env
  5. Use environment-specific files - .env.production, .env.staging

Verifying Configuration

Check if all required variables are set: 
# Check API configuration
docker exec stellarstack-api env | grep -E '(DATABASE_URL|BETTER_AUTH_SECRET|API_URL)'

# Check web configuration  
docker exec stellarstack-web env | grep -E '(NEXT_PUBLIC_API_URL|FRONTEND_URL)'

Next Steps

Docker Compose Setup

Deploy with Docker Compose

Production Checklist

Production deployment guide

Build docs developers (and LLMs) love

Get started for freeTalk to us