Environment Variables
This page documents all environment variables used by Nexgent. Variables are organized by package and purpose.
Never commit secrets to version control. Use .env files (gitignored) or a secrets manager.
Backend Variables
Required
These variables must be set for the backend to function.
| Variable | Description | Example |
|---|---|---|
DATABASE_URL | PostgreSQL connection string | postgresql://user:pass@host:5432/nexgent?schema=public |
JWT_SECRET | Secret for signing JWT tokens (min 32 chars) | your-secure-secret-minimum-32-chars |
ADMIN_EMAIL | Admin login email for the application | admin@example.com |
ADMIN_PASSWORD | Admin login password for the application | your-secure-admin-password |
The backend will fail to start if DATABASE_URL or JWT_SECRET (under 32 chars) are missing.
ADMIN_EMAIL and ADMIN_PASSWORD are your login credentials for the Nexgent dashboard. Set these before first launch.
Jupiter
| Variable | Description |
|---|---|
JUPITER_API_KEY | Jupiter API key for swap execution |
Get your Jupiter API key at dev.jup.ag (opens in a new tab). While not strictly required for startup, swap execution will fail without it.
Wallets
| Variable | Description |
|---|---|
WALLET_1 | Base58-encoded private key (or JSON array format) |
Wallet private keys are only needed for live trading. Simulation mode works without them.
Solana RPC
| Variable | Default | Description |
|---|---|---|
SOLANA_RPC_URL | https://api.mainnet-beta.solana.com | Solana RPC endpoint for on-chain queries (token metadata, balances) |
The default public RPC is rate-limited. For production, use a dedicated RPC provider (e.g. QuickNode, Helius) to avoid 403 errors and rate limits.
Server
| Variable | Default | Description |
|---|---|---|
PORT | 4000 | HTTP server port |
NODE_ENV | development | Environment mode (development, production, test) |
CORS_ORIGIN | http://localhost:3000 | Allowed CORS origins (comma-separated for multiple) |
LOG_LEVEL | info | Pino log level (debug, info, warn, error) |
Redis
| Variable | Default | Description |
|---|---|---|
REDIS_HOST | localhost | Redis server hostname |
REDIS_PORT | 6379 | Redis server port |
REDIS_PASSWORD | - | Redis authentication password (if required) |
REDIS_DB | 0 | Redis database index |
REDIS_KEY_PREFIX | nexgent: | Prefix for all Redis keys |
Railway uses REDISHOST, REDISPORT, REDISPASSWORD (no underscore). Both formats are supported for compatibility.
Price Feeds
| Variable | Default | Description |
|---|---|---|
PRICE_PROVIDER | jupiter | Price data provider (jupiter or dexscreener) |
JUPITER_API_URL | https://lite-api.jup.ag/price/v3 | Override Jupiter price API base URL |
Debugging & Testing
| Variable | Default | Description |
|---|---|---|
DEBUG_PRISMA | - | Set to true to enable Prisma query logging |
DATABASE_TEST_URL | - | PostgreSQL connection for test database |
Frontend Variables
Required
| Variable | Description | Example |
|---|---|---|
NEXTAUTH_SECRET | Secret for NextAuth session encryption (min 32 chars) | your-secure-nextauth-secret |
NEXTAUTH_URL | Canonical URL of your app (used by NextAuth for callbacks) | http://localhost:3000 |
In development, NextAuth will warn if the secret is missing but still work. In production, it will throw an error.
Optional
| Variable | Default | Description |
|---|---|---|
NEXT_PUBLIC_API_URL | http://localhost:4000 | Backend API URL |
NEXT_PUBLIC_HOME_URL | https://nexgent.ai/ | Home/marketing site URL used in navigation |
Variables prefixed with NEXT_PUBLIC_ are exposed to the browser. Never use this prefix for secrets.
Example Configuration
Development
Backend (packages/backend/.env):
# PostgreSQL connection URL (required)
DATABASE_URL="postgresql://postgres:postgres@localhost:5432/nexgent?schema=public"
# JWT secret for authentication (required in production)
# Generate with: pnpm generate-secret
JWT_SECRET="your-secret-here-minimum-32-characters"
# Admin login credentials
ADMIN_EMAIL=admin@example.com
ADMIN_PASSWORD=your-secure-admin-password
# Jupiter API key — get yours from https://dev.jup.ag/
JUPITER_API_KEY=your-jupiter-api-key
# Solana RPC (optional; default: public mainnet)
# SOLANA_RPC_URL=https://your-rpc-provider.com
# Wallet private keys for live trading (optional, simulation works without them)
# Format: Base58 string or JSON array [1,2,3,...] (64 bytes)
WALLET_1=your-wallet-private-key
# --- Optional overrides (defaults work for local development) ---
PORT=4000
NODE_ENV=development
CORS_ORIGIN=http://localhost:3000
REDIS_HOST=localhost
REDIS_PORT=6379
# REDIS_PASSWORD=
# REDIS_DB=0
# REDIS_KEY_PREFIX=nexgent:
# LOG_LEVEL=info
# PRICE_PROVIDER=jupiter
# DEBUG_PRISMA=true
DATABASE_TEST_URL="postgresql://postgres:postgres@localhost:5432/nexgent_test?schema=public"Frontend (packages/frontend/.env.local):
# NextAuth.js
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your-secret-here-minimum-32-characters
# Backend API URL (optional, defaults to http://localhost:4000)
NEXT_PUBLIC_API_URL=http://localhost:4000
# NEXT_PUBLIC_HOME_URL=https://nexgent.ai/Production
Backend:
# Required
DATABASE_URL=postgresql://user:password@host:5432/nexgent?sslmode=require
JWT_SECRET=<secure-random-string-32-chars-minimum>
ADMIN_EMAIL=admin@yourdomain.com
ADMIN_PASSWORD=<your-secure-admin-password>
JUPITER_API_KEY=<your-jupiter-api-key>
# Solana RPC (recommended: dedicated provider)
SOLANA_RPC_URL=https://your-rpc-provider.com
# Server
NODE_ENV=production
PORT=4000
CORS_ORIGIN=https://yourdomain.com
LOG_LEVEL=info
# Redis
REDIS_HOST=redis.internal
REDIS_PORT=6379
REDIS_PASSWORD=<your-redis-password>
# Wallet (for live trading)
WALLET_1=<base58-private-key>Frontend:
NEXTAUTH_URL=https://yourdomain.com
NEXTAUTH_SECRET=<secure-random-string-32-chars-minimum>
NEXT_PUBLIC_API_URL=https://api.yourdomain.comGenerating Secrets
Use the included scripts to generate secure secrets:
# Generate NEXTAUTH_SECRET (frontend)
pnpm generate-secret
# Generate JWT_SECRET (backend)
pnpm generate-secret:backendEach script outputs a ready-to-use environment variable line you can copy directly into your .env file.
Startup Validation
The backend validates required variables at startup:
if (!process.env.JWT_SECRET) {
throw new Error('JWT_SECRET environment variable is required');
}
if (!process.env.DATABASE_URL) {
throw new Error('DATABASE_URL environment variable is required');
}
if (!process.env.ADMIN_EMAIL) {
throw new Error('ADMIN_EMAIL environment variable is required');
}
if (!process.env.ADMIN_PASSWORD) {
throw new Error('ADMIN_PASSWORD environment variable is required');
}Troubleshooting
Missing JWT_SECRET
Error: JWT_SECRET environment variable is requiredSolution: Generate a secure secret (minimum 32 characters) and add to your .env file.
Missing DATABASE_URL
Error: DATABASE_URL environment variable is requiredSolution: Add your PostgreSQL connection string to .env.
Redis Connection Failed
Error: Redis connection failedSolution: Ensure Redis is running and REDIS_HOST/REDIS_PORT are correct.
CORS Errors in Production
Access-Control-Allow-Origin header missingSolution: Set CORS_ORIGIN to your frontend domain(s), comma-separated if multiple.