Skip to content

Environment Configuration Guide

Jump to bottom
David White edited this page May 2, 2024 · 5 revisions

This document outlines all the necessary environment variables you need to set up to ensure our application runs smoothly and securely. Setting these variables correctly is crucial for connecting to external services, managing sessions, and handling file storage.

Overview

Our application relies on various external services, including MongoDB for database management, Google for authentication, VirusTotal for security scanning, AWS S3 for file storage, and Imgur for image uploads. Proper configuration of the environment variables allows seamless integration with these services.

Required Environment Variables

The following environment variables are required to run the app.

  • MONGODB_URI: Your MongoDB connection string. This is required for the app to connect to your MongoDB database.
  • GOOGLE_AUTH_CLIENT_ID: Your Google application's client ID, used for Google OAuth authentication.
  • GOOGLE_AUTH_CLIENT_SECRET: Your Google application's client secret, used alongside the client ID for OAuth authentication.
  • SESSION_SECRET: A secret key used for securing user sessions. This should be a random, high-entropy string.
  • REDIRECT_URI: The URI to redirect to after successful login. Typically points to the front-end of your application.

Image Storage Configuration

The application supports flexible image storage solutions, prioritizing Imgur and AWS S3 based on the environment variables configured:

  1. Using Imgur for Image Uploads: If IMGUR_CLIENT_ID and IMGUR_CLIENT_SECRET are set, the app will use Imgur for storing images. Ensure you have a configurations collection in MongoDB with a document for IMGUR_REFRESH_TOKEN to authenticate with the Imgur API.

  2. Fallback to AWS S3: In the absence of Imgur configuration, if AWS_S3_BUCKET_NAME and AWS_REGION are provided, the application will use AWS S3 for image storage.

  3. No Image Storage: If neither Imgur nor AWS configurations are set, the application will not perform image uploads and will return "no_image" for operations requiring image URLs.

MongoDB configurations Collection

For Imgur integration:

  • Create a configurations collection in your MongoDB database.
  • Add a document with a key of IMGUR_REFRESH_TOKEN and the value field containing your valid Imgur API refresh token.

This setup is essential for authorizing image uploads to Imgur through your application.

Other Image Upload Settings

The application is configured to use Virus Total to scan image files for viruses prior to upload. You will need to provide one of the following in your environment:

  • VIRUS_TOTAL_API_KEY: Your API key for VirusTotal.
  • BYPASS_IMAGE_VIRUS_SCAN: Bypass virus scanning on image files. Images are scaled to enforce size limits prior to upload. This can be bypassed by setting BYPASS_IMAGE_SCALING=true in your environment.

GitHub

The application provides an endpoint for creating issues in the front end repo based on user generated bug reports. You'll need to provide a fine-grained access token. For security, make sure the token only permits access specifically to the front end repo and only includes read/write permissions for issues. Configure this environment variable to enable this feature, configure the following in your environment:

  • GITHUB_AUTH_TOKEN: [your fine-grained access token]

Summary

Proper configuration of your environment is essential for the smooth operation of the backend application. Ensure you have correctly set all the required environment variables as described above. This guide should serve as a reference during the setup or update of your application's environment to maintain seamless service operation.

Clone this wiki locally