Environment reference
Authoritative list of every environment variable the CRM service reads,
grouped by concern. Source of truth for .env.example and Helm values
(tenant-backend-crm/charts/values.yaml). When you add a new var, add
it here in the same commit — the audit gate diffs this list against
config:cache output.
Identity
| Variable | Purpose | Default | Required |
|---|---|---|---|
TENANT_ID | Postgres-level tenant UUID, used for the per-deployment policy cache and audit logs. | — | yes |
TENANT_NAME | Slug used in policy FQNs (tenant.{TENANT_NAME}.crm.*). | — | yes |
SERVICE_NAME | Always crm; appears in policy FQNs and structured logs. | crm | yes |
App
| Variable | Purpose | Default | Required |
|---|---|---|---|
APP_NAME | Display name only; used in mail "from" and queue worker tags. | Tenant CRM Service | yes |
APP_ENV | local / staging / production — toggles debug behavior and CSP. | production | yes |
APP_KEY | Laravel encryption key. | — | yes |
APP_URL | Used by signed routes and absolute attachment URLs. | — | yes |
APP_DEBUG | Stack traces in responses. Must be false in production. | false | yes |
APP_LOCALE | Default UI/email locale (en/hu/de). | en | yes |
APP_FALLBACK_LOCALE | Locale fallback when a translation is missing. | en | yes |
Database
| Variable | Purpose | Default | Required |
|---|---|---|---|
DB_CONNECTION | Driver — must be pgsql in production (UUID + unaccent extension). | pgsql | yes |
DB_HOST / DB_PORT / DB_DATABASE / DB_USERNAME / DB_PASSWORD | Connection. | — | yes |
DB_SCHEMA | Postgres schema for this tenant deployment, e.g. tenant_crm. | tenant_crm | yes |
Identity / OAuth
| Variable | Purpose | Default | Required |
|---|---|---|---|
IDENTITY_URL | Base URL of the identity service used for /api/user + /.well-known/jwks.json. | — | yes |
OAUTH_CLIENT_ID | Client ID issued by identity for this CRM deployment. | — | yes |
SYSTEM_API_TOKEN | Long-lived token for system-to-system endpoints (/api/system/*). Rotated quarterly. | — | yes |
Eventing
| Variable | Purpose | Default | Required |
|---|---|---|---|
RABBITMQ_HOST / RABBITMQ_PORT / RABBITMQ_USER / RABBITMQ_PASSWORD | AMQP broker for identity event consumption. | 127.0.0.1 / 5672 | yes |
Cache, queue, session
| Variable | Purpose | Default | Required |
|---|---|---|---|
CACHE_STORE | Policy cache, signed-URL cache. Use redis in production. | file | yes |
QUEUE_CONNECTION | Default queue. database is OK for dev, rabbitmq/redis in production. | database | yes |
SESSION_DRIVER | Should be file; no human sessions on this service. | file | yes |
REDIS_HOST / REDIS_PORT / REDIS_PASSWORD | Used when CACHE_STORE=redis. | 127.0.0.1 / 6379 | conditional |
Mail
| Variable | Purpose | Default | Required |
|---|---|---|---|
MAIL_MAILER | log locally, mailgun or smtp in real deployments. | log | yes |
MAIL_HOST / MAIL_PORT / MAIL_USERNAME / MAIL_PASSWORD / MAIL_SCHEME | SMTP transport. | — | conditional |
MAIL_FROM_ADDRESS / MAIL_FROM_NAME | Default From: header. | — | yes |
MAILGUN_API_KEY / MAILGUN_DOMAIN / MAILGUN_ENDPOINT / MAILGUN_WEBHOOK_SIGNING_KEY | Mailgun transport + inbound webhook verification. | https://api.eu.mailgun.net | conditional |
Inbound email (IMAP polling)
| Variable | Purpose | Default | Required |
|---|---|---|---|
EMAIL_IMAP_POLL_INTERVAL | Minutes between polls (0 disables). | 0 | yes |
EMAIL_IMAP_POLL_BATCH | Max messages per poll. | 50 | yes |
Storage
| Variable | Purpose | Default | Required |
|---|---|---|---|
FILESYSTEM_DISK | Default disk for attachments/avatars. Use s3 in production. | local | yes |
AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY / AWS_DEFAULT_REGION / AWS_BUCKET / AWS_USE_PATH_STYLE_ENDPOINT | S3 credentials when FILESYSTEM_DISK=s3. | — | conditional |
CORS
| Variable | Purpose | Default | Required |
|---|---|---|---|
CORS_ALLOWED_ORIGINS | Comma-separated origin list for the frontend SPA. | — | yes |
Logging / OpenTelemetry
| Variable | Purpose | Default | Required |
|---|---|---|---|
LOG_CHANNEL | Laravel log stack. | stack | yes |
LOG_STACK | Channels stacked into LOG_CHANNEL=stack. | single | yes |
LOG_LEVEL | Minimum log severity. | debug (dev) / info (prod) | yes |
OTEL_PHP_DISABLED_INSTRUMENTATIONS | Set to all to fully disable OTel; otherwise leave unset. | all (dev) | no |
Removed / deprecated
These were present in earlier CRM revisions but are no longer read; do not set them.
| Variable | Removed in | Replacement |
|---|---|---|
DEFAULT_TENANT_ID | 2026-05-12 | TENANT_ID (was a duplicate of the same value). |
CRM_LEGACY_AUTH_GUARD | 2026-04 | OAuth via identity is now the only auth path. |
ENABLE_OLD_CHAT_WS | 2026-03 | Reverb WS is always on. |
Verification
php artisan config:show app,database,queue | grep -v '^Array'
php artisan tinker --execute "print_r(array_keys(\$_ENV));" | grep -E 'TENANT|IDENTITY|RABBITMQ|MAIL_'
The CI gate (.github/workflows/env-drift.yml) extracts the variable
list from this page and diffs it against .env.example — if you add a
var to one without the other, the build fails.