Configuration
Complete reference for all LuaBeans - Community Manager environment variables and configuration options.
Environment File Location
The configuration is stored in a .env file in the project root directory. Copy env.example to .env to get started.
Configuration Categories
Server Configuration
NODE_ENV
No
development
Environment mode: development, production, test
PORT
No
27000
Port the web server listens on
BASE_URL
No
http://localhost:PORT
Base URL of your installation (used in emails, links, etc.)
TRUST_PROXY
No
false
Set to true if behind reverse proxy (Nginx, Cloudflare, etc.)
FORCE_HTTPS
No
false
Redirect HTTP to HTTPS in production
AUDIT_RETENTION_DAYS
No
0
Days to keep audit logs (0 = forever)
CORS_ALLOWED_ORIGINS
No
""
Comma-separated list of allowed CORS origins
Server Configuration Examples
Development:
NODE_ENV=development
PORT=27000
BASE_URL=http://localhost:27000
TRUST_PROXY=false
FORCE_HTTPS=falseProduction Behind Nginx:
Database Configuration
DB_HOST
Yes
-
Database host (localhost or IP)
DB_PORT
No
3306
Database port
DB_NAME
Yes
-
Database name
DB_USER
Yes
-
Database username
DB_PASSWORD
Yes
-
Database password
Database Configuration Example
Discord OAuth2 Configuration
DISCORD_CLIENT_ID
Yes
-
Discord OAuth2 Application Client ID
DISCORD_CLIENT_SECRET
Yes
-
Discord OAuth2 Application Client Secret
DISCORD_CALLBACK_URL
Yes
-
OAuth2 callback URL (must match Discord portal)
DISCORD_GUILD_ID
Yes
-
Primary Discord server ID
Note: The callback URL must match exactly what's configured in Discord Developer Portal.
Discord Bot Configuration
DISCORD_BOT_TOKEN
No
""
Discord bot token (required for bot features)
DISCORD_BOT_PUBLIC_COMMANDS
No
true
Register commands globally (false = guild-only)
DISCORD_NOTIFICATIONS_CHANNEL_ID
No
""
Channel for system notifications
DISCORD_NOTIFY_APPLICATION_SUBMITS
No
false
Notify in Discord when applications are submitted
DISCORD_NOTIFY_FORUM_THREADS
No
false
Notify in Discord when forum threads are created
Session Configuration
SESSION_SECRET
Yes
-
Random secret for session encryption (min 32 characters)
Generate a secure session secret:
Admin Configuration
ADMIN_DISCORD_IDS
No
""
Comma-separated list of Discord user IDs with admin access
Example:
Upload Configuration
UPLOAD_DIR
No
./uploads
Directory for uploaded files (relative or absolute path)
MAX_FILE_SIZE
No
104857600
Maximum file upload size in bytes (default 100MB)
Example:
LEO Duty System / FiveM API
LEO_API_TOKEN
No
""
API token for FiveM resources (set to enable API access)
Generate a secure token for FiveM integration:
ESX Integration (Optional)
ESX_SYNC_ENABLED
No
false
Sync department/rank changes to ESX tables
ESX_SCHEMA
No
""
ESX database schema (blank = same as DB_NAME)
ESX_JOBS_TABLE
No
jobs
ESX jobs table name
ESX_JOB_GRADES_TABLE
No
job_grades
ESX job_grades table name
ESX_USERS_TABLE
No
users
ESX users table name
ESX_LEO_JOB_TYPE
No
leo
ESX job type for LEO departments
Example:
Tebex Integration (Optional)
TEBEX_API_KEY
No
""
Tebex API key for direct verification
TEBEX_BOT_ID
No
""
Tebex bot Discord ID
TEBEX_ALLOWED_CHANNEL_IDS
No
""
Channels where Tebex bot can post
TEBEX_WEBHOOK_TOKEN
No
""
Webhook token for Tebex webhooks
TEBEX_CIV_KEYWORDS
No
civ,civilian
Keywords for civilian packages
TEBEX_LEO_KEYWORDS
No
leo,law
Keywords for LEO packages
TEBEX_CIV_PACKAGE_ID
No
""
Civ package ID
TEBEX_LEO_PACKAGE_ID
No
""
LEO package ID
TEBEX_DEBUG
No
false
Enable Tebex debug logging
Metrics & Monitoring (Optional)
METRICS_PUBLIC
No
false
Make metrics endpoint public (not recommended)
METRICS_TOKEN
No
""
Bearer token for metrics endpoint authentication
Metrics Endpoint:
GET /metrics- Prometheus-style metricsRequires
METRICS_TOKENorMETRICS_PUBLIC=true
Business Management (Optional)
BUSINESS_ADMIN_DISCORD_ROLE_ID
No
""
Discord role ID for business administrators
GARAGE_REVIEW_DEPARTMENT_SLUG
No
development
Department slug for garage review workflow
GARAGE_SINGLE_SLOT_PER_TYPE
No
true
Allow only one slot per type (civ/leo) per user
Complete Example Configuration
Configuration Validation
After setting up your .env file, the application will:
Validate on startup - Missing required variables will cause startup errors
Show warnings - Optional but recommended variables may show warnings in logs
Apply defaults - Unset optional variables will use their default values
Security Best Practices
Never commit
.envto version control - It's already in.gitignoreUse strong secrets - Generate random strings for
SESSION_SECRETandLEO_API_TOKENRestrict database user permissions - Don't use root user in production
Use HTTPS in production - Set
FORCE_HTTPS=trueand configure SSL/TLSKeep secrets secret - Don't share
.envfiles or expose them in logs
Next Steps
First Steps Guide - Set up your first departments and users
Discord Setup - Configure Discord OAuth2 and bot
Production Deployment - Deploy to production
Last updated