Configure Environment Variables for Sites
Who this is for
Users who need to set environment-specific configuration values for their site — such as API keys, database connection strings, feature flags, or third-party service credentials.
What Are Environment Variables?
Environment variables are key-value pairs stored on the server that are accessible to your web application at runtime, without being hardcoded in your source code. This keeps sensitive values (like API keys and passwords) out of your git repository.
How to Set Environment Variables
- Open the site detail.
- Go to the Environment tab (or Config tab depending on UI version).
- Click + Add Variable.
- Enter the key name (e.g.,
DATABASE_URL) and value. - Click Save.
CloudAIPilot stores the variable and writes it to the server's application environment (typically an .env file in the document root, or into the application's process environment).
Variable Naming Conventions
- Keys are UPPERCASE_WITH_UNDERSCORES by convention (e.g.,
API_KEY,DATABASE_HOST). - Values can contain any characters, including URLs, passwords, and JSON strings.
- Do not include
exportor=quotes unless your application explicitly requires them — CloudAIPilot handles quoting.
Common Variables by App Type
WordPress:
| Variable | Example |
|---|---|
WP_DEBUG | false |
WP_HOME | https://myblog.com |
WP_SITEURL | https://myblog.com |
Node.js / Custom app:
| Variable | Example |
|---|---|
NODE_ENV | production |
DATABASE_URL | postgres://user:pass@localhost:5432/mydb |
PORT | 3000 |
API_KEY | sk-… |
Reloading After Changes
After saving environment variable changes, the application may need to be reloaded to pick up the new values:
- For PHP sites (WordPress), changes take effect on the next page request.
- For Node.js or other process-based apps, restart the service from the Services tab.
Security Notes
- Environment variables are transmitted over the encrypted SSH connection and stored on the server.
- Values are not displayed in plain text after saving — they show as
••••••in the UI for sensitive keys. - Do not put database root passwords or SSH private keys in environment variables visible to all team members. Use the server-level secrets approach for highly sensitive values.
What Success Looks Like
The variable appears in the list. After reloading the application, it uses the new value. For example, WP_DEBUG set to false prevents WordPress from displaying errors on the public-facing page.
Common Issues and Fixes
| Issue | Likely cause | Fix |
|---|---|---|
| Variable change not reflected in app | Application not reloaded | Restart the application service from the Services tab. |
| Variable shows wrong value in app | App is reading from a hardcoded .env file that overrides CloudAIPilot's values | Check your app's config loading order and ensure CloudAIPilot's env file is being read. |
| "Permission denied" when saving | SSH connectivity issue | Check SSH status from the server overview. |