docs/docs/en/ops-management/variables-and-secrets/index.md
Centralized configuration and management of environment variables and secrets for sensitive data storage, configuration data reuse, and environment configuration isolation.
.env| Feature | .env File | Dynamically Configured Variables and Secrets |
|---|---|---|
| Storage Location | Stored in the .env file in the project root directory | Stored in the environmentVariables table in the database |
| Loading Method | Loaded into process.env using tools like dotenv during application startup | Dynamically read and loaded into app.environment during application startup |
| Modification Method | Requires direct file editing, and the application needs to be restarted for changes to take effect | Supports runtime modification, changes take effect immediately after reloading the application configuration |
| Environment Isolation | Each environment (development, testing, production) requires separate maintenance of .env files | Each environment (development, testing, production) requires separate maintenance of data in the environmentVariables table |
| Applicable Scenarios | Suitable for fixed static configurations, such as main database information for the application | Suitable for dynamic configurations that require frequent adjustments or are tied to business logic, such as external databases, file storage information, etc. |
Built-in plugin, no separate installation required.
For example, if multiple places in the workflow require email nodes and SMTP configuration, the common SMTP configuration can be stored in environment variables.
Storage of various external database configuration information, cloud file storage keys, etc.
In different environments such as development, testing, and production, independent configuration management strategies are used to ensure that the configurations and data of each environment do not interfere with each other. Each environment has its own independent settings, variables, and resources, which avoids conflicts between development, testing, and production environments and ensures that the system runs as expected in each environment.
For example, the configuration for file storage services may differ between development and production environments, as shown below:
Development Environment
FILE_STORAGE_OSS_BASE_URL=dev-storage.nocobase.com
FILE_STORAGE_OSS_BUCKET=dev-storage
Production Environment
FILE_STORAGE_OSS_BASE_URL=prod-storage.nocobase.com
FILE_STORAGE_OSS_BUCKET=prod-storage
Single Addition
Batch Addition
After modifying or deleting environment variables, a prompt to restart the application will appear at the top. Changes to environment variables will only take effect after the application is restarted.
Encrypted data for environment variables uses AES symmetric encryption. The PRIVATE KEY for encryption and decryption is stored in the storage directory. Please keep it safe; if lost or overwritten, the encrypted data cannot be decrypted.
./storage/environment-variables/<app-name>/aes_key.dat
Not adapted
Not adapted