Environment Variables

⚙️ Environment Variables Configuration Guide

This guide provides comprehensive documentation for all environment variables used in the GiftMakeBot platform. Proper configuration is crucial for both development and production environments.

📋 Table of Contents

1. Environment Files Overview
2. Core Application Settings
3. Network & Port Configuration
4. Database & Cache Settings
5. Message Queue Configuration
6. Security & Authentication
7. Telegram Bot Configuration
8. Logging & Debugging
9. Docker & Container Settings
10. Environment-Specific Examples

---

📁 Environment Files Overview

The platform uses different environment files for different deployment scenarios:

File	Purpose	Usage
.env.development	Development configuration	Local development with debugging
.env.production	Production configuration	Live deployment with security
.env.example	Template file	Reference for all available variables
.env	Active configuration	Currently used environment (copied from above)

🔄 Environment File Setup

# For development
cp .env.development .env

# For production  
cp .env.production .env
# Then edit .env with your specific values

---

🔧 Core Application Settings

APP_ENV

• Description: Defines the application environment
• Values: development | production | testing
• Default: development
• Example: APP_ENV=production

DEBUG

• Description: Enables/disables debug mode
• Values: true | false
• Default: true (development), false (production)
• Example: DEBUG=false
• Impact:
  • true: Detailed error messages, verbose logging
  • false: Minimal error output, production-safe

LOG_LEVEL

• Description: Sets logging verbosity level
• Values: debug | info | warning | error
• Default: debug (development), error (production)
• Example: LOG_LEVEL=info

RESTART_POLICY

• Description: Docker container restart behavior
• Values: no | always | unless-stopped | on-failure
• Default: unless-stopped
• Example: RESTART_POLICY=always

---

🌐 Network & Port Configuration

HTTP_PORT

• Description: Main web server port
• Values: Any available port number
• Default: 80 (production), 8080 (development)
• Example: HTTP_PORT=8080

HTTPS_PORT

• Description: SSL/TLS secure port
• Values: Any available port number
• Default: 443 (production), 8443 (development)
• Example: HTTPS_PORT=443

NGINX_CONTAINER_NAME

• Description: Name for Nginx container
• Default: giftmakebot_nginx
• Example: NGINX_CONTAINER_NAME=giftmakebot_prod_nginx

---

🗄️ Database & Cache Settings

REDIS_HOST

• Description: Redis server hostname
• Default: redis (Docker service name)
• Example: REDIS_HOST=redis

REDIS_PORT

• Description: Redis server port
• Values: Port number
• Default: 6379 (production), 6380 (development)
• Example: REDIS_PORT=6379

REDIS_PASSWORD

• Description: Redis authentication password
• Security: ⚠️ REQUIRED for production
• Default: Empty (development only)
• Example: REDIS_PASSWORD=YourSecureRedisPassword2025
• Requirements:
  • Minimum 16 characters
  • Mix of letters, numbers, special characters
  • No spaces or quotes

REDIS_CONTAINER_NAME

• Description: Name for Redis container
• Default: giftmakebot_redis
• Example: REDIS_CONTAINER_NAME=giftmakebot_prod_redis

---

🐰 Message Queue Configuration

RABBITMQ_HOST

• Description: RabbitMQ server hostname
• Default: rabbitmq (Docker service name)
• Example: RABBITMQ_HOST=rabbitmq

RABBITMQ_PORT

• Description: AMQP protocol port
• Default: 5672 (production), 5673 (development)
• Example: RABBITMQ_PORT=5672

RABBITMQ_MANAGEMENT_PORT

• Description: Management UI port
• Default: 15672 (production), 15673 (development)
• Example: RABBITMQ_MANAGEMENT_PORT=15672

RABBITMQ_USER

• Description: RabbitMQ admin username
• Security: ⚠️ Change for production
• Default: admin
• Example: RABBITMQ_USER=production_admin

RABBITMQ_PASSWORD

• Description: RabbitMQ admin password
• Security: ⚠️ REQUIRED for production
• Default: admin123 (development only)
• Example: RABBITMQ_PASSWORD=YourSecureRabbitMQPassword2025

RABBITMQ_ERLANG_COOKIE

• Description: Erlang cluster authentication cookie
• Security: ⚠️ REQUIRED for production
• Default: SWQOKODSQALRPCLNMEQG (development only)
• Example: RABBITMQ_ERLANG_COOKIE=UniqueProductionCookieHere2025
• Requirements:
  • Minimum 20 characters
  • Alphanumeric only
  • Same across all RabbitMQ nodes

RABBITMQ_CONTAINER_NAME

• Description: Name for RabbitMQ container
• Default: giftmakebot_rabbitmq
• Example: RABBITMQ_CONTAINER_NAME=giftmakebot_prod_rabbitmq

---

🔒 Security & Authentication

SSL_CERT_PATH

• Description: Path to SSL certificate file
• Default: ./ssl/cert.pem
• Example: SSL_CERT_PATH=./ssl/production-cert.pem
• Production: Must point to valid SSL certificate

SSL_KEY_PATH

• Description: Path to SSL private key file
• Default: ./ssl/private.key
• Example: SSL_KEY_PATH=./ssl/production-private.key
• Production: Must point to valid private key

SECURITY_HEADERS

• Description: Enable security headers (HSTS, CSP, etc.)
• Values: true | false
• Default: true (production), false (development)
• Example: SECURITY_HEADERS=true

---

🤖 Telegram Bot Configuration

TELEGRAM_BOT_TOKEN

• Description: Bot token from @BotFather
• Security: ⚠️ REQUIRED - Keep secret
• Format: 123456789:ABCdefGHIjklMNOpqrSTUvwxyz
• Example: TELEGRAM_BOT_TOKEN=1234567890:ABCdefGHIjklMNOpqrSTUvwxYZ123456789
• Getting Token:
  1. Message @BotFather
  2. Send /newbot
  3. Follow instructions
  4. Copy provided token

TELEGRAM_SUPER_ADMIN_ID

• Description: Telegram user ID with admin privileges
• Security: ⚠️ REQUIRED for production
• Format: Numeric user ID
• Example: TELEGRAM_SUPER_ADMIN_ID=123456789
• Getting Your ID:
  1. Message @userinfobot
  2. Copy your user ID number

TELEGRAM_WEBHOOK_URL

• Description: Public URL for webhook (production only)
• Format: https://yourdomain.com/webhook
• Example: TELEGRAM_WEBHOOK_URL=https://bot.yourdomain.com/webhook
• Requirements:
  • Must be HTTPS
  • Publicly accessible
  • No self-signed certificates

TELEGRAM_BOT_CONTAINER_NAME

• Description: Name for Telegram bot container
• Default: giftmakebot_telegram_bot
• Example: TELEGRAM_BOT_CONTAINER_NAME=giftmakebot_prod_bot

---

📝 Logging & Debugging

LOG_DRIVER

• Description: Docker logging driver
• Values: json-file | syslog | journald | none
• Default: json-file
• Example: LOG_DRIVER=json-file

LOG_MAX_SIZE

• Description: Maximum log file size
• Values: Size with unit (10m, 100m, 1g)
• Default: 10m
• Example: LOG_MAX_SIZE=50m

LOG_MAX_FILE

• Description: Maximum number of log files to keep
• Values: Number
• Default: 3
• Example: LOG_MAX_FILE=5

PHP_MEMORY_LIMIT

• Description: PHP memory limit per process
• Values: Memory size (128M, 256M, 512M)
• Default: 128M (development), 256M (production)
• Example: PHP_MEMORY_LIMIT=512M

PHP_MAX_EXECUTION_TIME

• Description: Maximum PHP script execution time
• Values: Seconds
• Default: 60 (development), 30 (production)
• Example: PHP_MAX_EXECUTION_TIME=120

---

🐳 Docker & Container Settings

COMPOSE_PROJECT_NAME

• Description: Docker Compose project name prefix
• Default: giftmakebot
• Example: COMPOSE_PROJECT_NAME=giftmakebot_prod

DOCKER_BUILDKIT

• Description: Enable Docker BuildKit for faster builds
• Values: 1 | 0
• Default: 1
• Example: DOCKER_BUILDKIT=1

WEB_APP_CONTAINER_NAME

• Description: Name for React web app container
• Default: giftmakebot_web_app
• Example: WEB_APP_CONTAINER_NAME=giftmakebot_prod_webapp

API_GATEWAY_CONTAINER_NAME

• Description: Name for API gateway container
• Default: giftmakebot_api_gateway
• Example: API_GATEWAY_CONTAINER_NAME=giftmakebot_prod_api

HEALTH_MONITOR_CONTAINER_NAME

• Description: Name for health monitor container
• Default: giftmakebot_health
• Example: HEALTH_MONITOR_CONTAINER_NAME=giftmakebot_prod_health

---

🌍 Environment-Specific Examples

🔧 Development Configuration

# .env.development
APP_ENV=development
DEBUG=true
LOG_LEVEL=debug

# Network
HTTP_PORT=8080
HTTPS_PORT=8443

# Database
REDIS_PORT=6380
REDIS_PASSWORD=
REDIS_CONTAINER_NAME=giftmakebot_dev_redis

# Message Queue
RABBITMQ_PORT=5673
RABBITMQ_MANAGEMENT_PORT=15673
RABBITMQ_USER=admin
RABBITMQ_PASSWORD=admin123
RABBITMQ_ERLANG_COOKIE=SWQOKODSQALRPCLNMEQG
RABBITMQ_CONTAINER_NAME=giftmakebot_dev_rabbitmq

# Security (relaxed for development)
SECURITY_HEADERS=false
SSL_CERT_PATH=./ssl/dev-cert.pem
SSL_KEY_PATH=./ssl/dev-private.key

# Telegram Bot
TELEGRAM_BOT_TOKEN=YOUR_DEV_BOT_TOKEN_HERE
TELEGRAM_SUPER_ADMIN_ID=YOUR_TELEGRAM_USER_ID
TELEGRAM_BOT_CONTAINER_NAME=giftmakebot_dev_bot

# Performance (relaxed limits)
PHP_MEMORY_LIMIT=128M
PHP_MAX_EXECUTION_TIME=60

# Container names
COMPOSE_PROJECT_NAME=giftmakebot_dev
NGINX_CONTAINER_NAME=giftmakebot_dev_nginx
WEB_APP_CONTAINER_NAME=giftmakebot_dev_webapp
API_GATEWAY_CONTAINER_NAME=giftmakebot_dev_api
HEALTH_MONITOR_CONTAINER_NAME=giftmakebot_dev_health

🚀 Production Configuration

# .env.production
APP_ENV=production
DEBUG=false
LOG_LEVEL=error
RESTART_POLICY=always

# Network
HTTP_PORT=80
HTTPS_PORT=443

# Database (SECURE)
REDIS_PORT=6379
REDIS_PASSWORD=YourSecureRedisPassword2025!@#
REDIS_CONTAINER_NAME=giftmakebot_prod_redis

# Message Queue (SECURE)
RABBITMQ_PORT=5672
RABBITMQ_MANAGEMENT_PORT=15672
RABBITMQ_USER=production_admin
RABBITMQ_PASSWORD=YourSecureRabbitMQPassword2025!@#
RABBITMQ_ERLANG_COOKIE=UniqueProductionCookieHere2025ABC
RABBITMQ_CONTAINER_NAME=giftmakebot_prod_rabbitmq

# Security (ENABLED)
SECURITY_HEADERS=true
SSL_CERT_PATH=./ssl/production-cert.pem
SSL_KEY_PATH=./ssl/production-private.key

# Telegram Bot
TELEGRAM_BOT_TOKEN=1234567890:ABCdefGHIjklMNOpqrSTUvwxYZ123456789
TELEGRAM_SUPER_ADMIN_ID=123456789
TELEGRAM_WEBHOOK_URL=https://yourdomain.com/webhook
TELEGRAM_BOT_CONTAINER_NAME=giftmakebot_prod_bot

# Performance (OPTIMIZED)
PHP_MEMORY_LIMIT=256M
PHP_MAX_EXECUTION_TIME=30
LOG_MAX_SIZE=50m
LOG_MAX_FILE=5

# Container names
COMPOSE_PROJECT_NAME=giftmakebot_prod
NGINX_CONTAINER_NAME=giftmakebot_prod_nginx
WEB_APP_CONTAINER_NAME=giftmakebot_prod_webapp
API_GATEWAY_CONTAINER_NAME=giftmakebot_prod_api
HEALTH_MONITOR_CONTAINER_NAME=giftmakebot_prod_health

---

⚠️ Security Best Practices

🔒 Production Security Checklist

Before deploying to production, ensure:

• Change ALL default passwords

  • Redis password (minimum 16 characters)
  • RabbitMQ user and password
  • RabbitMQ Erlang cookie

• Configure SSL certificates

  • Valid SSL certificate from trusted CA
  • Secure private key with proper permissions
  • Test HTTPS functionality

• Set secure Telegram configuration

  • Production bot token (different from development)
  • Correct super admin user ID
  • Valid webhook URL (HTTPS only)

• Enable security features

  • Set SECURITY_HEADERS=true
  • Disable debug mode (DEBUG=false)
  • Set appropriate log levels (LOG_LEVEL=error)

• Review network configuration

  • Use standard ports (80, 443) for production
  • Ensure firewall rules are properly configured
  • Verify container networking

🔐 Password Requirements

Strong passwords should have:

• Minimum 16 characters
• Mix of uppercase and lowercase letters
• Numbers and special characters
• No dictionary words
• Unique per service

Example strong password: K9#mL2$qP8@wX5&nR7!vT4

---

🛠️ Configuration Validation

Pre-deployment Checks

# Test environment loading
docker compose config

# Verify connectivity  
docker compose -f docker-compose.yml -f docker-compose.prod.yml up --dry-run

# Check SSL certificates
openssl x509 -in ./ssl/cert.pem -text -noout

Health Checks

After deployment, verify all services:

# Overall system health
curl https://yourdomain.com/health

# Individual service checks
curl https://yourdomain.com/health/redis
curl https://yourdomain.com/health/rabbitmq
curl https://yourdomain.com/health/telegram-bot

---

🆘 Troubleshooting

Common Issues

Environment File Not Loading

Symptom: Default values being used despite .env file Solution:

# Verify file exists and has correct name
ls -la .env

# Check file permissions
chmod 644 .env

# Verify Docker Compose can read it
docker compose config

Connection Refused Errors

Symptom: Services can't connect to Redis/RabbitMQ Solution:

# Check if containers are running
docker compose ps

# Verify network connectivity
docker compose exec nginx ping redis
docker compose exec nginx ping rabbitmq

# Check port configuration
netstat -tulpn | grep :6379
netstat -tulpn | grep :5672

SSL Certificate Issues

Symptom: HTTPS not working, certificate errors Solution:

# Verify certificate files exist
ls -la ssl/

# Test certificate validity
openssl x509 -in ssl/cert.pem -noout -dates

# Check certificate and key match
openssl x509 -noout -modulus -in ssl/cert.pem | openssl md5
openssl rsa -noout -modulus -in ssl/private.key | openssl md5

Telegram Bot Not Responding

Symptom: Bot doesn't respond to commands Solution:

# Verify bot token
curl "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/getMe"

# Check webhook status (production)
curl "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/getWebhookInfo"

# Test webhook URL
curl -X POST https://yourdomain.com/webhook

---

📞 Support

If you need help with environment configuration:

• 🐛 Report Issues
• 💬 Ask Questions
• 📧 Direct Support

---

🎯 Ready to Configure?

🚀 Start Deployment • 🔧 Add Services • 🏠 Back to Home