Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/juescoryisus/QualityDocD/llms.txt

Use this file to discover all available pages before exploring further.

Every QualityDocD service is configured through a single .env file at the repository root. When you run any docker compose command, Docker reads .env and injects each variable into the relevant container’s environment. The .NET application additionally reads from appsettings.json (and the environment-specific override appsettings.Development.json), with container environment variables taking precedence over file-based values at runtime. The Node.js API and Search Service read configuration exclusively from process.env.

How Configuration Flows

.env file at repo root


docker compose injects vars

       ├─▶ qualitydoc_app (.NET)
       │       appsettings.json ← environment vars override at runtime

       ├─▶ qualitydoc_node_api (Node.js)
       │       process.env

       ├─▶ qualitydoc_search (Search Service)
       │       process.env

       └─▶ qualitydoc_php (PHP Portal)
               $_ENV / getenv()
Start by copying the example file to create your own .env:
cp .env.example .env
Never commit your .env file to version control. It is listed in .gitignore by default.

Environment Variables

The default values below are development placeholders only. Every password and secret must be changed before any internet-facing or production deployment.

SQL Server

VariableDefault valueDescription
SQLSERVER_SA_PASSWORDQualityDoc2026!Password for the sa (System Administrator) account. Injected as SA_PASSWORD into the SQL Server container. Also used in the .NET ConnectionStrings__SqlServer environment variable.

PostgreSQL

VariableDefault valueDescription
PG_DBqualitydoc_auditName of the PostgreSQL database created on first container start. Used by both the .NET AuditDbContext and the Node.js API.
PG_USERqualitydocPostgreSQL username created on first container start.
PG_PASSWORDQualityDoc_PG_2026!Password for the PostgreSQL user.

MongoDB

VariableDefault valueDescription
MONGO_DBqualitydoc_metaMongoDB database name. Passed as MONGO_INITDB_DATABASE to the container and used by both the Node.js API and the Search Service.
MONGO_USERmongoadminMongoDB admin username, set via MONGO_INITDB_ROOT_USERNAME.
MONGO_PASSWORDQualityDoc_Mongo_2026!MongoDB admin password, set via MONGO_INITDB_ROOT_PASSWORD.

Node.js API

VariableDefault valueDescription
NODE_API_DATABASE_URLpostgresql://postgres:tu_password@localhost:5432/qualitydocdFull PostgreSQL connection string used by the Node.js API (Drizzle ORM). In Docker, this should point to the postgres service hostname, e.g. postgresql://qualitydoc:QualityDoc_PG_2026!@postgres:5432/qualitydoc_audit.
NODE_API_PORT5000Port the Node.js API listens on inside its container.
NODE_API_URLhttp://node-api:5000The internal URL the .NET app uses to reach the Node.js API through the qualitydoc_net Docker network. Change only if you alter the service name in the compose file.

Authentication & Security

SESSION_SECRET and API_JWT_SECRET are used to sign JWTs. If these are weak or left at their defaults, tokens can be forged. Use a cryptographically random string of at least 32 characters.
VariableDefault valueDescription
SESSION_SECRETcambia_este_secreto_32_caracteres_minimoJWT signing secret shared between the Node.js API (for session tokens) and the .NET app’s ApiTokenService. Both services must use the same value.
API_JWT_SECRETcambia_este_secreto_minimo_32_caracteres!!JWT secret used specifically by the .NET ApiAuth configuration for the /api/auth/login endpoint. Should match SESSION_SECRET in most deployments.
API_TOKEN_EXPIRATION_HOURS8How many hours a JWT issued by the .NET app remains valid.

appsettings.json Configuration

The .NET application uses appsettings.json for local development defaults. In Docker, environment variables injected by docker-compose.apps.yml override these values using ASP.NET Core’s double-underscore (__) separator syntax (e.g., ConnectionStrings__SqlServer).
Default values from .env.example (copy this file to .env before starting). Update NODE_API_DATABASE_URL to point to the Docker postgres service hostname before running containers:
# SQL Server
SQLSERVER_SA_PASSWORD=QualityDoc2026!

# PostgreSQL
PG_DB=qualitydoc_audit
PG_USER=qualitydoc
PG_PASSWORD=QualityDoc_PG_2026!

# MongoDB
MONGO_DB=qualitydoc_meta
MONGO_USER=mongoadmin
MONGO_PASSWORD=QualityDoc_Mongo_2026!

# Node API
NODE_API_DATABASE_URL=postgresql://postgres:tu_password@localhost:5432/qualitydocd
SESSION_SECRET=cambia_este_secreto_32_caracteres_minimo
NODE_API_PORT=5000
NODE_API_URL=http://node-api:5000

# API Auth (JWT for /api/auth/login)
API_JWT_SECRET=cambia_este_secreto_minimo_32_caracteres!!
API_TOKEN_EXPIRATION_HOURS=8

appsettings.json Section Reference

SectionKeyDocker env var overrideDescription
ConnectionStringsSqlServerConnectionStrings__SqlServerADO.NET connection string for the main SQL Server database (QualityDocDB).
ConnectionStringsAuditDb (local) / PostgreSQL (Docker)ConnectionStrings__PostgreSQLNpgsql connection string for the PostgreSQL audit database. In Docker, docker-compose.apps.yml injects this as ConnectionStrings__PostgreSQL, which the AuditDbContext reads at runtime.
MongoDBHost, Port, Database, Username, PasswordMongoDB__Uri, MongoDB__DatabaseMongoDB connection details used by the .NET app. In Docker, the Uri key is used instead: mongodb://<user>:<pass>@mongodb:27017.
SearchServiceBaseUrlSearchService__BaseUrlBase URL the .NET app uses to call the Search Service. Defaults to http://localhost:3001; in Docker it resolves to http://search-service:3001.
NodeApiUrlNodeApi__UrlInternal URL for Node.js API calls from .NET. Resolves via Docker DNS to http://node-api:5000.
ApiAuthJwtSecretApiAuth__JwtSecretJWT signing secret for the ApiTokenService. Must match SESSION_SECRET in .env.
ApiAuthExpirationHoursApiAuth__ExpirationHoursToken lifetime in hours. Default: 8.
ReverseProxyRoutes & Clusters(file only)YARP reverse-proxy routes. /node-api/{**catch-all} proxies to the Node.js API; /search/{**catch-all} proxies to the Search Service.

Production Hardening Checklist

Do not run QualityDocD in production without completing this checklist. The default passwords and secrets are publicly known.
1

Replace all default passwords

Update SQLSERVER_SA_PASSWORD, PG_PASSWORD, and MONGO_PASSWORD in .env. Passwords must meet SQL Server’s complexity requirements (uppercase, lowercase, digit, and symbol).
2

Set a strong SESSION_SECRET and API_JWT_SECRET

Generate at least 32 cryptographically random characters for both secrets. On Linux/macOS:
openssl rand -base64 48
Assign the same value to both SESSION_SECRET and API_JWT_SECRET in .env.
3

Upgrade the SQL Server edition

The default MSSQL_PID=Express is limited to 10 GB databases and 4 cores. For production workloads, set it to Standard or Developer in docker-compose.infra.yml:
environment:
  MSSQL_PID: "Standard"
4

Enable HTTPS for the .NET application

Add a TLS certificate and update ASPNETCORE_URLS in docker-compose.apps.yml:
environment:
  ASPNETCORE_URLS: "https://+:443;http://+:5000"
  ASPNETCORE_Kestrel__Certificates__Default__Path: "/certs/cert.pfx"
  ASPNETCORE_Kestrel__Certificates__Default__Password: "your_cert_password"
5

Restrict external port exposure

For databases, consider removing the ports: mappings from docker-compose.infra.yml entirely if external (host-level) access is not needed. All inter-service communication uses the qualitydoc_net internal network.

Build docs developers (and LLMs) love

Get started for freeTalk to us