Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/soker90/finper/llms.txt

Use this file to discover all available pages before exploring further.

Finper uses two separate environment files that are consumed by different parts of the monorepo:
  • .env at the repo root — loaded by the API (packages/api) via dotenv. Create this file by copying .env.example before you start the API for the first time.
  • packages/client/.env — loaded by Vite at dev-server startup and baked into the production build. It holds a single variable that tells the React app where to find the API.
Neither file is committed to version control. Changes to .env take effect the next time you restart the API; changes to packages/client/.env take effect the next time Vite restarts or you rebuild the client.

API environment variables

These variables are read from .env in the repo root and consumed exclusively by the API process.
VariableRequiredDefaultDescription
DATABASE_FILENo./finper-dev.dbPath to the SQLite database file. Can be relative (resolved from the process working directory) or absolute. When running via Docker Compose the recommended path is /home/node/app/data/finper.db, which maps to the persistent finperdb volume.
JWT_SECRETYesSecret string used to sign and verify all JWT tokens. Must be long and random in production — see the warning below.
SALT_ROUNDSYesNumber of bcrypt hashing rounds applied to passwords. 10 is the standard default; increase for stronger security at the cost of slower login.
GRAFANA_LOGGER_USERNoUsername for the external Grafana Loki log-shipping integration. Leave blank to disable remote logging.
GRAFANA_LOGGER_PASSWORDNoPassword for the Grafana Loki logger. Used together with GRAFANA_LOGGER_USER.
TICKET_BOT_URLNoBase URL of the finper-bot external ticket service (e.g. https://bot.example.com). Required only if you use the Tickets module.
TICKET_BOT_API_KEYNoAPI key used to authenticate requests from the API to the finper-bot service. Required together with TICKET_BOT_URL.
CORS_EXTRA_ORIGINSNoComma-separated list of additional origins allowed by the CORS middleware (e.g. https://finance.example.com,https://app.example.com). localhost and IPs in the 192.168.1.x subnet are already permitted by default.
ALLOW_REGISTRATIONNofalseSet to true to allow anyone to create an account via POST /api/auth/register. Disabled by default to prevent unwanted signups on public deployments.

Frontend environment variables

This variable lives in packages/client/.env and is consumed by Vite. It is prefixed with VITE_ so that it is exposed to the browser bundle.
VariableRequiredDefaultDescription
VITE_API_HOSTYeshttp://localhost:3008/api/Base URL of the API consumed by the React client. All axios requests are built relative to this value. Must end with a trailing slash. Update this when deploying the client against a remote API.
If VITE_API_HOST is missing or incorrect, every API call in the client will fail — there is no built-in fallback URL. Always verify this value when deploying the frontend to a new environment.

Docker Compose variables

When running Finper with the included docker-compose.yml or docker-compose.prod.yml, two additional variables are interpolated by Compose for the Loki log-shipping sidecar:
VariableRequired in ComposeDescription
LOKI_USERNoLoki username used by the Compose logging configuration. Mirrors the value of GRAFANA_LOGGER_USER.
LOKI_PASSWORDNoLoki password used by the Compose logging configuration. Mirrors the value of GRAFANA_LOGGER_PASSWORD.
These variables are only referenced by the Compose file itself (for log driver configuration) and do not need to be set if you are not using the Loki integration.
Never use a weak or default JWT_SECRET in production. The .env.example ships with the placeholder value change_this_secret — if this is left unchanged, any attacker who knows it can forge valid authentication tokens and gain full access to all user data. Use a cryptographically random string of at least 64 characters. You can generate one with:
node -e "console.log(require('crypto').randomBytes(64).toString('hex'))"

Sample minimal .env

The following is the smallest configuration needed to run the API locally in development:
# ── Database ─────────────────────────────────────────────────────────────────
DATABASE_FILE=./finper-dev.db

# ── Auth (required) ───────────────────────────────────────────────────────────
JWT_SECRET=a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2
SALT_ROUNDS=10

# ── Optional: open registration ───────────────────────────────────────────────
# ALLOW_REGISTRATION=true

# ── Optional: extra CORS origins ─────────────────────────────────────────────
# CORS_EXTRA_ORIGINS=https://finance.example.com

# ── Optional: Loki remote logging ─────────────────────────────────────────────
# GRAFANA_LOGGER_USER=myuser
# GRAFANA_LOGGER_PASSWORD=mypassword
# LOKI_USER=myuser
# LOKI_PASSWORD=mypassword

# ── Optional: finper-bot ticket integration ───────────────────────────────────
# TICKET_BOT_URL=https://bot.example.com
# TICKET_BOT_API_KEY=my_api_key

Build docs developers (and LLMs) love