Environment Variables
Complete reference for all configuration options
Complete reference for all environment variables used to configure ATStatus.
Security Notice: Never commit your
.env file to version control. Use environment variables or secrets management in production.Required Variables
These variables must be set for the application to function:
| Variable | Description | Example |
|---|---|---|
| DATABASE_URL | Database connection string (SQLite default) | file:./data.db |
| ADMIN_PASSWORD | Password for admin panel access | your-secure-password |
| SESSION_SECRET | Secret key for session signing (min 32 chars) | your-super-secret-session-key |
| CRON_SECRET | Secret for protecting monitor endpoints | your-cron-secret-key |
Database Configuration
SQLite (Default - Recommended)
DATABASE_URL="file:./data.db"
SQLite is embedded and requires no external database server. Perfect for most deployments.
Network & Access Configuration
| Variable | Description | Default |
|---|---|---|
| PORT | Server port (auto-assigned if not set) | 3000 |
| TRUST_PROXY | Enable reverse proxy support | false |
| FORCE_SECURE_COOKIES | Force secure cookies (set to "false" for HTTP) | Auto-detect |
| NEXTAUTH_URL | Public URL of your status page | - |
LAN/Network Access: If you access the status page via HTTP from other devices (e.g.,
http://192.168.x.x:3000), set FORCE_SECURE_COOKIES="false" or login will not work.Authentication
| Variable | Description | Default |
|---|---|---|
| ADMIN_PASSWORD | Primary admin password | Required |
| SESSION_SECRET | Secret for session token signing | Required |
| CRON_SECRET | Secret for monitor API authentication | Required |
Generate Secure Secrets: Use this command to generate secure secrets:
openssl rand -base64 32Email Configuration (SMTP)
Configure email for notifications and subscriber updates:
| Variable | Description | Example |
|---|---|---|
| SMTP_HOST | SMTP server hostname | smtp.gmail.com |
| SMTP_PORT | SMTP server port | 587 |
| SMTP_USER | SMTP username/email | noreply@example.com |
| SMTP_PASS | SMTP password or app password | your-app-password |
| SMTP_FROM | Default from address | Status Page <noreply@example.com> |
| SMTP_SECURE | Use TLS (true/false) | false |
Gmail Configuration
SMTP_HOST="smtp.gmail.com"
SMTP_PORT="587"
SMTP_USER="your-email@gmail.com"
SMTP_PASS="your-app-password"
SendGrid Configuration
SMTP_HOST="smtp.sendgrid.net"
SMTP_PORT="587"
SMTP_USER="apikey"
SMTP_PASS="your-sendgrid-api-key"
Feature Flags
Enable or disable specific features:
| Variable | Description | Default |
|---|---|---|
| ENABLE_PUSH_NOTIFICATIONS | Enable browser push notifications | false |
| ENABLE_2FA | Enable two-factor authentication | true |
| ENABLE_AUDIT_LOG | Enable audit logging | true |
| ENABLE_COOKIE_CONSENT | Enable cookie consent banner | false |
| ENABLE_RATE_LIMITING | Enable API rate limiting | true |