DEV Community

Environment variables in Node.js. The Right way!

Vikas Raj on July 13, 2019

This is my first blog post. Hope y'all like it 🤞. Environment variables are very fundamental part of developing with Node.js or any server side la...

Read full post

The Suhu • Jan 8 '20

why your script start prodouction did not load dotenv?

Vikas Raj • Jan 8 '20

dotenv is a dev dependency. In production, keys are stored on the server which can be accessed by node without using dotenv

The Suhu • Jan 8 '20

can you give me little example how storing keys on production? thank you

Vikas Raj • Jan 8 '20

For example, heroku has a option in app settings to enter environment variable.

The Suhu • Jan 10 '20

yes, in heroku there is an option to store that. but how if we use own server?

Vikas Raj • Jan 10 '20 • Edited

Like this

// keys.js ======
module.exports = {
    PORT: process.env.PORT,
    WHO_AM_I: process.env.WHO_AM_I,
};

The Suhu • Jan 13 '20

ok, thank you.

Yogendra • Sep 25 '20

But, still we're using 'process.env', which uses to 'dotenv' package in production?

The Suhu • Sep 28 '20

In production I didn't use .env, I store all credentials on host environment or if I use docker, I store it in docker secrets.

Yogendra • Sep 28 '20

Cool, thanks!

Safin Ghoghabori • Sep 11 '21

Yes thats right that we store keys on server.
But what about the dotenv package we imported into file and written as process.end.VAR_NAME ? Wont it require to use dotenv package?

chrissyast • Feb 1 '20

My script is currently

"serve": "vue-cli-service serve"

I tried adding "node -r dotenv/config vue-cli-service serve"

I ran that but then it failed to compile

internal/modules/cjs/loader.js:796
    throw err;
    ^

Error: Cannot find module './front/vue-cli-service'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:793:17)
    at Function.Module._load (internal/modules/cjs/loader.js:686:27)
    at Function.Module.runMain (internal/modules/cjs/loader.js:1043:10)
    at internal/main/run_main_module.js:17:11 {
  code: 'MODULE_NOT_FOUND',
  requireStack: []
}
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! front@0.1.0 serve: `node -r dotenv/config vue-cli-service serve`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the front@0.1.0 serve script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

johnchristopher • Dec 24 '19

Another option is to use command line arguments like node app.js --option argument which prevents any keys to ever be committed or written to a file since they are only made available at run-time.

It also plays nice with docker since one can just write any secrets into a docker .env file that feeds ENV variables either to a container or an image.

espinella8 • Mar 27 '22

If I used the same server for development and production, I'd have to not install dotenv as a dev dependency and not use server variables, just 2 different .env files, one for each prod/dev application folder.

Ovidiu Miu • Dec 11 '19 • Edited

Ok, but how to manage the .env files? Where to keep them? How to share them? For example how do I share a .env.development file with another developer since the file is not in the source control?

Vikas Raj • Dec 12 '19

You can include .env.development in the source control. But make sure It doesn't contain any actual keys. Because thats the whole point of secret.

The way I do is I make a .env.sample file with all the env but without any secret or api keys.

mi1682516 • Jan 18 '22

What do you mean when you say it doesn't contain actual keys? How did the other developer run test like i did on my local when it doesn't contain actual keys?

Pavel Litkin • Oct 23

Thanks, very useful

chan 🤖 • Nov 22 '20

great approach. How do i add a npm script for another environment (i.e, staging environment)?