Environment Variables
NOTE (2026-04-09):
PERSONA_API_KEYreferences below are outdated — Persona was disqualified as KYC provider. New provider: Didit. Environment variables will be updated when Didit integration is built.NOTE (2026-04-11):
VITE_AUTH_SERVICE_CANISTER_IDreferences below are deprecated. Theauth-servicecanister was decommissioned on 2026-04-11 (AUTH-005.1). Authentication has migrated to PostgreSQL sessions in oracle-bridge. Suites validate sessions via HTTP cookies to oracle-bridge — no canister env var needed. ExistingVITE_AUTH_SERVICE_CANISTER_IDentries are unused and will be removed in a future cleanup.
This document lists all environment variables used across the Hello World DAO LLC platform.
Frontend (React + Vite)
Located in frontend/app/www/:
.env- Base configuration.env.local- Local overrides (gitignored).env.staging- Staging environment.env.production- Production environment
Canister Configuration
| Variable | Description | Example |
|---|---|---|
VITE_USER_SERVICE_CANISTER_ID | User service canister principal | j4rvr-3aaaa-aaaao-qkvfq-cai |
VITE_AUTH_SERVICE_CANISTER_ID | DEPRECATED 2026-04-11 — auth-service decommissioned (AUTH-005.1). Sessions handled by oracle-bridge. | (unused) |
VITE_INTERNET_IDENTITY_CANISTER_ID | Internet Identity canister | rdmx6-jaaaa-aaaaa-aaadq-cai |
VITE_NETWORK | Target network (local | ic) | ic |
OAuth Configuration
| Variable | Description | Where to Get |
|---|---|---|
VITE_GOOGLE_CLIENT_ID | Google OAuth client ID | Google Cloud Console |
VITE_GITHUB_CLIENT_ID | GitHub OAuth client ID | GitHub Developer Settings |
VITE_GITHUB_CLIENT_SECRET | GitHub OAuth client secret | GitHub Developer Settings |
Security Notes:
- Client IDs are safe to expose (public)
- Client Secrets in
VITE_variables are bundled into the app - Rotate credentials every 90 days
- Use different credentials per environment
Oracle Bridge
| Variable | Description | Default |
|---|---|---|
VITE_ORACLE_BRIDGE_URL | Oracle bridge service URL | http://localhost:8787 |
VITE_ORACLE_BRIDGE_API_TOKEN | API authentication token | (empty for local) |
Environment Values:
| Environment | URL |
|---|---|
| Local | http://localhost:8787 |
| Staging | https://staging-oracle.helloworlddao.com |
| Production | https://oracle.helloworlddao.com |
Analytics
| Variable | Description | Default |
|---|---|---|
VITE_POSTHOG_API_KEY | PostHog project key | - |
VITE_POSTHOG_API_HOST | PostHog API host | https://us.i.posthog.com |
Cross-App Navigation (FOS-1.2.7)
| Variable | Description | Default |
|---|---|---|
VITE_THINK_TANK_URL | URL for "Open Think Tank" navigation | http://127.0.0.1:5174 |
Environment Values:
| Environment | Think Tank URL |
|---|---|
| Local | http://127.0.0.1:5174 |
| Staging | https://staging-think-tank.helloworlddao.com (TBD) |
| Production | https://think-tank.helloworlddao.com (TBD) |
UI Configuration
| Variable | Description | Options |
|---|---|---|
VITE_DESIGN_VARIANT | Theme variant | sunrise, sunset, ocean, forest |
Example .env.local
bash
# Local Development
VITE_USER_SERVICE_CANISTER_ID=uxrrr-q7777-77774-qaaaq-cai
VITE_AUTH_SERVICE_CANISTER_ID=lqy7q-dh777-77777-aaaaq-cai
VITE_INTERNET_IDENTITY_CANISTER_ID=rdmx6-jaaaa-aaaaa-aaadq-cai
VITE_NETWORK=local
VITE_ORACLE_BRIDGE_URL=http://localhost:8787
VITE_DESIGN_VARIANT=sunrisethink-tank-suite (React + Vite)
The productivity suite application (think-tank-suite/) shares authentication with the other DAO suites via cookie-based sessions issued by oracle-bridge.
Located in think-tank-suite/:
.env.local.example- Template with documentation.env.local- Local overrides (gitignored)
Canister Configuration
| Variable | Description | Example |
|---|---|---|
VITE_IC_HOST | IC replica URL | http://127.0.0.1:4943 |
VITE_FOUNDERY_OS_CORE_CANISTER_ID | Productivity data canister | uxrrr-q7777-77774-qaaaq-cai |
VITE_ORACLE_BRIDGE_URL | Oracle bridge session API | http://localhost:8787 |
Cross-App Navigation (FOS-1.2.7)
| Variable | Description | Default |
|---|---|---|
VITE_DAO_FRONTEND_URL | URL for "Back to DAO" navigation | http://127.0.0.1:5173 |
Environment Values:
| Environment | DAO Frontend URL |
|---|---|
| Local | http://127.0.0.1:5173 |
| Staging | https://staging.helloworlddao.com |
| Production | https://www.helloworlddao.com |
Example .env.local
bash
# Local Development
VITE_IC_HOST=http://127.0.0.1:4943
VITE_FOUNDERY_OS_CORE_CANISTER_ID=your-canister-id-here
VITE_ORACLE_BRIDGE_URL=http://localhost:8787
VITE_DAO_FRONTEND_URL=http://127.0.0.1:5173Shared Authentication
think-tank-suite uses the same oracle-bridge session API as every other suite (cookie-based, PostgreSQL-backed). When users authenticate:
- Login credentials are POSTed to oracle-bridge
/api/auth/login - oracle-bridge validates against PostgreSQL and sets an
HttpOnlysession cookie scoped to.helloworlddao.com(production) or per-origin (local dev) ProtectedRoutevalidates the cookie via/api/auth/sessionon every navigation- Expired sessions trigger a redirect to the login flow
Important (local dev): Cookie sharing across suites only works in production where every suite is on a *.helloworlddao.com subdomain. For local dev (different 127.0.0.1:port origins), users must log in to each application separately — same credentials, independent sessions.
Oracle Bridge (Node.js)
Located in oracle-bridge/:
.env.example- Template with documentation.env- Actual configuration (gitignored)
Server Configuration
| Variable | Description | Default |
|---|---|---|
NODE_ENV | Environment mode | production |
PORT | HTTP server port | 8787 |
SMTP Configuration (Email)
| Variable | Description | Example |
|---|---|---|
SMTP_HOST | SMTP server host | 127.0.0.1 |
SMTP_PORT | SMTP server port | 1025 |
SMTP_USER | SMTP username | email@domain.com |
SMTP_PASS | SMTP password | (Proton Bridge password) |
SMTP_FROM_NOREPLY | No-reply sender address | noreply@domain.com |
SMTP_FROM_CONTACT | Contact sender address | contact@domain.com |
Security Configuration
| Variable | Description | Notes |
|---|---|---|
SIGNING_PRIVATE_KEY_BASE64 | Ed25519 signing key | Base64 encoded |
API_KEY | API authentication key | Generate securely |
CANISTER_PUBLIC_KEYS | Canister signature verification | JSON map |
Canister Public Keys Format:
json
{
"rrkah-fqaaa-aaaaa-aaaaq-cai": "Ylx8BF+FVY7nZxE8TN3nPvLF8NJCz3qPxNBBmVMj2g0=",
"user-service-id": "pubkey2",
"membership-id": "pubkey3"
}External API Keys
| Variable | Description | Service |
|---|---|---|
PERSONA_API_KEY | KYC verification | Persona |
COMPLYADVANTAGE_API_KEY | AML screening | ComplyAdvantage |
CIRCLE_API_KEY | Payment processing | Circle |
Rate Limiting
| Variable | Description | Default |
|---|---|---|
TEMP_KEY_RATE_LIMIT | Max temp key requests per 24h | 5 |
Recommended Values:
| Environment | Value |
|---|---|
| Local/Dev | 100 |
| Staging | 10 |
| Production | 5 |
Example .env
bash
# Server
NODE_ENV=production
PORT=8787
# SMTP (Proton Mail Bridge)
SMTP_HOST=127.0.0.1
SMTP_PORT=1025
SMTP_USER=email@helloworlddao.com
SMTP_PASS=bridge-password-here
SMTP_FROM_NOREPLY=noreply@helloworlddao.com
SMTP_FROM_CONTACT=contact@helloworlddao.com
# Security
SIGNING_PRIVATE_KEY_BASE64=your-base64-private-key
API_KEY=your-secure-api-key
# Canister Auth
CANISTER_PUBLIC_KEYS={"user-service-id":"pubkey1"}
# External APIs
PERSONA_API_KEY=persona_live_xxx
COMPLYADVANTAGE_API_KEY=xxx
CIRCLE_API_KEY=xxx
# Rate Limiting
TEMP_KEY_RATE_LIMIT=5notification-service (Node.js)
Located in notification-service/:
.env.example- Template with documentation.env- Actual configuration (gitignored)
Port: 3100. Cluster: AX42-U founderyos namespace (k3s). Repo: Hello-World-Co-Op/notification-service.
Server Configuration
| Variable | Description | Default |
|---|---|---|
NODE_ENV | Environment mode | production |
PORT | HTTP server port | 3100 |
SERVICE_TOKEN | Bearer token required by callers (validated by Traefik ForwardAuth in production) | (set per env) |
Resend (Email Provider)
| Variable | Description | Notes |
|---|---|---|
RESEND_API_KEY | Resend API key — see ~/.config/cloudflare/... style memory entry | Without this, the service runs in stub mode — requests succeed but no real email is sent. Useful for local dev + CI. |
RESEND_FROM_HWDAO | DAO sender address | noreply@notifications.helloworlddao.com |
RESEND_FROM_FOS | FOS sender address | noreply@notifications.founderyos.dev |
Example .env
bash
NODE_ENV=development
PORT=3100
SERVICE_TOKEN=local-dev-token
# Leave RESEND_API_KEY unset for stub mode (no real email sent)payment-gateway (Node.js)
Located in payment-gateway/:
.env.example- Template with documentation.env- Actual configuration (gitignored)
Port: 3200. Cluster: AX42-U platform namespace (k3s). DB: Neon PostgreSQL (own project — not shared with oracle-bridge). Repo: Hello-World-Co-Op/payment-gateway.
Server Configuration
| Variable | Description | Default |
|---|---|---|
NODE_ENV | Environment mode | production |
PORT | HTTP server port | 3200 |
SERVICE_TOKEN | Bearer token required by callers (validated by Traefik ForwardAuth in production) | (set per env) |
DATABASE_URL | Neon Postgres connection string | (set per env) |
Provider Keys (filled in per PLATFORM-007 stories)
| Variable | Description | Story |
|---|---|---|
STRIPE_SECRET_KEY | Stripe API key | PLATFORM-007.2 |
STRIPE_CONNECT_CLIENT_ID | Stripe Connect application ID | PLATFORM-007.6 |
STRIPE_WEBHOOK_SECRET | Stripe webhook signing secret | PLATFORM-007.2 |
ICP_LEDGER_CANISTER_ID | ICP/DOM ledger canister | PLATFORM-007.7 |
Tests run with no env vars (
npm test).npm run devrequiresSERVICE_TOKEN+DATABASE_URL.
Example .env
bash
NODE_ENV=development
PORT=3200
SERVICE_TOKEN=local-dev-token
DATABASE_URL=postgresql://user:pass@ep-...neon.tech/payment_gateway
# Provider keys per-story — see PLATFORM-007GitHub Actions Secrets
Configure these in repository Settings → Secrets and variables → Actions:
Deployment Secrets
| Secret | Description | Used By |
|---|---|---|
DFX_IDENTITY_PEM | dfx identity private key | All canister deploys |
DFX_IDENTITY_PRINCIPAL | dfx identity principal | Deployment workflows |
CYCLES_WALLET_ID | Cycles wallet canister ID | Cycles top-up |
OAuth Secrets
| Secret | Description | Frontend Name |
|---|---|---|
OAUTH_GOOGLE_CLIENT_ID | Google OAuth ID | VITE_GOOGLE_CLIENT_ID |
OAUTH_GITHUB_CLIENT_ID | GitHub OAuth ID | VITE_GITHUB_CLIENT_ID |
OAUTH_GITHUB_CLIENT_SECRET | GitHub OAuth secret | VITE_GITHUB_CLIENT_SECRET |
Note: GitHub doesn't allow secrets starting with GITHUB_, so OAuth secrets use OAUTH_ prefix.
Oracle Bridge Secrets
| Secret | Description |
|---|---|
ORACLE_SIGNING_KEY | Ed25519 private key (base64) |
ORACLE_API_KEY | API authentication key |
PERSONA_API_KEY | Persona KYC API key |
Analytics Secrets
| Secret | Description |
|---|---|
POSTHOG_API_KEY | PostHog project key |
dfx Configuration
Network settings are in ops-infra/dfx.networks.json:
json
{
"local": {
"bind": "127.0.0.1:4943",
"type": "ephemeral"
},
"testnet": {
"providers": ["https://ic0.app"]
},
"mainnet": {
"providers": ["https://ic0.app"]
}
}Most canister repos symlink to this shared config.
Local Development Setup
1. Suite Setup (per suite)
bash
cd <repo-root>/<suite-name> # e.g. dao-suite, marketing-suite, ...
# Copy example files
cp .env.example .env
cp .env.local.example .env.local
# Edit with your local canister IDs
nano .env.local2. Oracle Bridge Setup
bash
cd <repo-root>/oracle-bridge
# Copy example file
cp .env.example .env
# Configure for local development
nano .envMinimum local config:
bash
NODE_ENV=development
PORT=8787
TEMP_KEY_RATE_LIMIT=100
# Leave other fields empty for local dev3. notification-service Setup (optional for local dev)
bash
cd <repo-root>/notification-service
cp .env.example .env
# Stub mode is fine — leave RESEND_API_KEY unset
npm install && npm run dev # http://localhost:31004. payment-gateway Setup (optional for local dev)
bash
cd <repo-root>/payment-gateway
cp .env.example .env
# Set SERVICE_TOKEN + DATABASE_URL (Neon Postgres) to run dev mode
npm install && npm run dev # http://localhost:32005. Get Local Canister IDs
After deploying canisters locally:
bash
# Get user-service canister ID
cd <repo-root>/user-service
dfx canister id user_service --network local
# Get membership canister ID
cd <repo-root>/membership
dfx canister id membership --network local
# Get foundery-os-core canister ID (when available)
cd <repo-root>/foundery-os-core
dfx canister id foundery_os_core --network localUpdate each suite's .env.local files with these IDs.
Environment-Specific Values
Local Development
bash
VITE_NETWORK=local
VITE_ORACLE_BRIDGE_URL=http://localhost:8787
TEMP_KEY_RATE_LIMIT=100Staging
bash
VITE_NETWORK=ic
VITE_ORACLE_BRIDGE_URL=https://staging-oracle.helloworlddao.com
TEMP_KEY_RATE_LIMIT=10Production
bash
VITE_NETWORK=ic
VITE_ORACLE_BRIDGE_URL=https://oracle.helloworlddao.com
TEMP_KEY_RATE_LIMIT=5Security Best Practices
- Never commit secrets - All
.envfiles (except.example) are gitignored - Use GitHub Secrets - Store production secrets in repository settings
- Rotate regularly - OAuth credentials every 90 days
- Environment separation - Different credentials per environment
- Minimal exposure - Only include secrets needed for each service
Troubleshooting
"Canister ID not found"
Ensure you've deployed canisters and updated .env.local:
bash
dfx canister id user_service --network local"Network error" connecting to Oracle Bridge
- Verify oracle-bridge is running:
npm run dev - Check
VITE_ORACLE_BRIDGE_URLmatches the running port - Ensure no firewall blocking localhost:8787
"OAuth login failed"
- Verify OAuth credentials in
.env - Check OAuth app redirect URIs match your development URL
- For GitHub, ensure correct scopes are configured