Environment Variables¶
Configuration precedence (highest first)¶
- OS environment variables — override everything
appsettings.{ASPNETCORE_ENVIRONMENT}.json— e.g.appsettings.Development.jsonappsettings.json— base config, committed to repo
Key variables¶
| Variable | Default (appsettings.json) | Purpose |
|---|---|---|
ASPNETCORE_ENVIRONMENT | Production | Set to Development to enable Swagger + verbose errors |
ASPNETCORE_URLS | from launchSettings.json | Bind address — e.g. http://localhost:5269 |
ConnectionStrings__DefaultConnection | Server=localhost;... | PostgreSQL DSN (double underscore = JSON nesting) |
Meesho__HttpClient__TimeoutSeconds | 30 | HTTP client timeout for partner API calls |
Encryption__MeeshoTokenKey | dev key | AES key used to encrypt cached bearer tokens |
Meesho__TokenAPIAuthorisation | dev Basic auth | Basic auth header for /oauth/token endpoint |
ASPNETCORE_ENVIRONMENT = Development is required for Swagger
Swagger middleware is gated on app.Environment.IsDevelopment() in Program.cs. If you start the backend without this env var, the Swagger UI returns 404.
The Makefile and .vscode/launch.json both set this automatically. If you run dotnet run directly, add it:
Connection string format¶
Server=<host>;Port=5432;Database=dms-layered;UserId=postgres;Password=<pass>;Timeout=30;CommandTimeout=30;
| Env | Server value |
|---|---|
| Local dev | localhost |
| Docker Compose | postgres (service name) |
| DevContainer | postgres (service name) |
| Production | your DB hostname |
The Docker / DevContainer ConnectionStrings__DefaultConnection is injected via environment variable in docker-compose.yml / .devcontainer/docker-compose.devcontainer.yml — the appsettings.json value is overridden automatically.
Personal overrides (gitignored)¶
Create src/distribution-management-server-layered/appsettings.Local.json for per-machine settings. This file is gitignored:
{
"Serilog": {
"MinimumLevel": {
"Override": {
"Microsoft.EntityFrameworkCore": "Information"
}
}
}
}
Secrets policy¶
| Secret | Where it lives |
|---|---|
DB password (3edc#EDC) | appsettings.json — dev only; must move to env var or secrets manager for staging/prod |
MeeshoTokenKey | appsettings.json — dev only |
TokenAPIAuthorisation | appsettings.json — dev only |
| Cloudflare API token | GitHub Actions secret CLOUDFLARE_API_TOKEN |
| Container registry token | GitHub Actions secret (future CI) |
Never commit production credentials
The values in appsettings.json are development-only placeholders. For staging and production, inject all secrets via environment variables from a secrets manager (GitHub Secrets, HashiCorp Vault, AWS Parameter Store).
RFC FLX-ENG-RFC-001 mandates that all per-tenant config (including endpoint URLs and credentials) will move to the signed tenant manifest — removing client-editable settings from the control surface entirely.