Appearance
Environment variables
Backend (backend/.env)
Application
| Variable | Example | Description |
|---|---|---|
APP_NAME | ExchangePro | Application name in emails |
APP_VERSION | 1.0.0 | Product version (Admin → Extra → Application info) |
APP_TIMEZONE | UTC | PHP timezone for displayed dates/times (list) |
APP_ENV | production | local for dev |
APP_KEY | (generated) | php artisan key:generate |
APP_DEBUG | false | Must be false in production |
APP_URL | https://api.yourdomain.com | Public URL of Laravel (public/) |
FRONTEND_URL | https://yourdomain.com | Nuxt site URL (password reset links, default CORS origin) |
CORS_ALLOWED_ORIGINS | (optional) | Comma-separated frontend origins with scheme — CORS |
Database
| Variable | Description |
|---|---|
DB_CONNECTION | mysql, mariadb, or sqlite |
DB_HOST | Database host |
DB_PORT | 3306 for MySQL |
DB_DATABASE | Database name |
DB_USERNAME | Database user |
DB_PASSWORD | Database password |
Session & Sanctum
| Variable | Description |
|---|---|
SESSION_DRIVER | Default database — requires sessions table |
SESSION_DOMAIN | Set for cross-subdomain cookies if needed (e.g. .yourdomain.com) |
SANCTUM_STATEFUL_DOMAINS | Comma-separated frontend hosts — details |
Queue & cache
| Variable | Default | Description |
|---|---|---|
QUEUE_CONNECTION | database | Use redis for higher throughput |
CACHE_STORE | database | Application cache |
Mail
| Variable | Description |
|---|---|
MAIL_MAILER | smtp, log, etc. |
MAIL_HOST | SMTP host |
MAIL_PORT | 587 (TLS) common |
MAIL_USERNAME | SMTP user |
MAIL_PASSWORD | SMTP password |
MAIL_FROM_ADDRESS | Sender email |
MAIL_FROM_NAME | Sender name |
See Mail.
OAuth (optional overrides)
Configured primarily in admin UI; optional env fallbacks in config/services.php:
| Variable | Provider |
|---|---|
GOOGLE_CLIENT_ID | |
GOOGLE_CLIENT_SECRET | |
FACEBOOK_CLIENT_ID | |
FACEBOOK_CLIENT_SECRET |
Admin settings override runtime via SocialAuthController.
Frontend (frontend/.env)
| Variable | Example | Description |
|---|---|---|
FRONTEND_URL | https://yourdomain.com | Canonical frontend origin |
API_URL | https://api.yourdomain.com | Laravel API origin (no /api suffix) |
These map to runtimeConfig.public in nuxt.config.ts:
ts
runtimeConfig: {
public: {
baseUrl: FRONTEND_URL,
apiUrl: API_URL,
sanctum: { baseUrl: API_URL },
},
},Cross-app checklist
| Backend | Frontend | Must match |
|---|---|---|
APP_URL | API_URL | Same origin |
FRONTEND_URL | FRONTEND_URL | Same public site URL |
CORS_ALLOWED_ORIGINS (or FRONTEND_URL) | FRONTEND_URL | Frontend origin allowed |
SANCTUM_STATEFUL_DOMAINS | host of FRONTEND_URL | Cookie auth works |
Example production pair
Backend .env:
ini
APP_URL=https://api.exchangepro.com
FRONTEND_URL=https://exchangepro.comFrontend .env:
ini
FRONTEND_URL=https://exchangepro.com
API_URL=https://api.exchangepro.comBackend .env (CORS uses FRONTEND_URL by default; add www if needed):
ini
CORS_ALLOWED_ORIGINS=https://exchangepro.com,https://www.exchangepro.com
SANCTUM_STATEFUL_DOMAINS=exchangepro.com,www.exchangepro.com