Environment Variables
Complete reference for all environment variables used across IRA FORCE services. Variables are organized by category and service.
Sensitive Values
Production environment variables containing secrets are stored in HashiCorp Vault. Access credentials through the internal password manager.
Core Application Variables
Essential variables required for all IRA FORCE services to function properly.
Application Settings
| Variable | Description | Required |
|---|---|---|
NODE_ENV |
Runtime environment (development, staging, production) | Yes |
APP_PORT |
Port for the application server | Yes |
APP_SECRET |
Secret key for session encryption | Yes |
LOG_LEVEL |
Logging verbosity (debug, info, warn, error) | No |
CORS_ORIGINS |
Allowed CORS origins (comma-separated) | Yes |
Database Variables
PostgreSQL connection and pool configuration.
| Variable | Description | Required |
|---|---|---|
DATABASE_URL |
Full PostgreSQL connection string | Yes |
DB_POOL_MIN |
Minimum connection pool size | No |
DB_POOL_MAX |
Maximum connection pool size | No |
DB_SSL_MODE |
SSL mode for database connections | Yes (prod) |
Redis Variables
Redis connection settings for caching and real-time features.
| Variable | Description | Required |
|---|---|---|
REDIS_URL |
Redis connection string | Yes |
REDIS_CLUSTER_MODE |
Enable Redis cluster mode | No |
REDIS_TLS_ENABLED |
Enable TLS for Redis connections | Yes (prod) |
Authentication Variables
JWT, OAuth, and SSO configuration settings.
| Variable | Description | Required |
|---|---|---|
JWT_SECRET |
Secret for signing JWT tokens | Yes |
JWT_EXPIRY |
Token expiration time (e.g., 24h, 7d) | No |
OAUTH_CLIENT_ID |
OAuth provider client ID | SSO only |
OAUTH_CLIENT_SECRET |
OAuth provider client secret | SSO only |
SSO_ENABLED |
Enable enterprise SSO | No |
External Service Variables
Third-party integrations and external service credentials.
AWS Services
| Variable | Description | Required |
|---|---|---|
AWS_ACCESS_KEY_ID |
AWS access key | Yes |
AWS_SECRET_ACCESS_KEY |
AWS secret key | Yes |
AWS_REGION |
Default AWS region | Yes |
S3_BUCKET_NAME |
S3 bucket for file uploads | Yes |
Notification Services
| Variable | Description | Required |
|---|---|---|
TWILIO_ACCOUNT_SID |
Twilio account SID for SMS | Yes |
TWILIO_AUTH_TOKEN |
Twilio authentication token | Yes |
SENDGRID_API_KEY |
SendGrid API key for emails | Yes |
FCM_SERVER_KEY |
Firebase Cloud Messaging key | Yes |
Feature Flags
Toggle features on or off per environment.
| Variable | Description | Default |
|---|---|---|
FEATURE_AI_SCHEDULING |
Enable AI-assisted scheduling | false |
FEATURE_REPORTPRO_AI |
Enable ReportPro AI writing | false |
FEATURE_BIOMETRIC_AUTH |
Enable biometric authentication | true |
FEATURE_SOC_MODULE |
Enable Security Operations Center | false |
Feature Flag Management
Production feature flags are managed through LaunchDarkly. Contact DevOps for access.