packages/common/env.ts

import { randomBytes } from "crypto";
import { z } from "zod/v4";

import { createBooleanSchema, createEnv } from "@homarr/core/infrastructure/env";

const errorSuffix = `, please generate a 64 character secret in hex format or use the following: "${randomBytes(32).toString("hex")}"`;

export const env = createEnv({
  shared: {
    NODE_ENV: z.enum(["development", "production", "test"]).default("development"),
  },
  server: {
    SECRET_ENCRYPTION_KEY: z
      .string({
        error: `SECRET_ENCRYPTION_KEY is required${errorSuffix}`,
      })
      .min(64, {
        message: `SECRET_ENCRYPTION_KEY has to be 64 characters${errorSuffix}`,
      })
      .max(64, {
        message: `SECRET_ENCRYPTION_KEY has to be 64 characters${errorSuffix}`,
      })
      .regex(/^[0-9a-fA-F]{64}$/, {
        message: `SECRET_ENCRYPTION_KEY must only contain hex characters${errorSuffix}`,
      }),
    NO_EXTERNAL_CONNECTION: createBooleanSchema(false),
    ENABLE_DNS_CACHING: createBooleanSchema(false),
  },
  runtimeEnv: {
    SECRET_ENCRYPTION_KEY: process.env.SECRET_ENCRYPTION_KEY,
    NODE_ENV: process.env.NODE_ENV,
    NO_EXTERNAL_CONNECTION: process.env.NO_EXTERNAL_CONNECTION,
    ENABLE_DNS_CACHING: process.env.ENABLE_DNS_CACHING,
  },
});
fix(docker): replace anonymous docker volume with env variable for encrypting secrets (#1809) 2024-12-31 11:30:29 +01:00			`import { randomBytes } from "crypto";`
fix(deps): upgrade zod to v4 and fix breaking changes (#3461) * fix(deps): update dependency drizzle-zod to ^0.8.2 * chore: update zod to v4 import * fix: path is no longer available in transform context * fix: AnyZodObject does no longer exist * fix: auth env.ts using wrong createEnv and remove unused file env-validation.ts * fix: required_error no longer exists on z.string * fix: zod error map is deprecated and replaced with config * fix: default requires callback now * fix: migrate zod resolver for mantine * fix: remove unused form translation file * fix: wrong enum type * fix: record now requires two arguments * fix: add-confirm-password-refinement type issues * fix: add missing first record argument for entityStateSchema * fix: migrate superrefine to check * fix(deps): upgrade zod-form-data to v3 * fix: migrate superRefine to check for mediaUploadSchema * fix: authProvidersSchema default is array * fix: use stringbool instead of custom implementation * fix: record requires first argument * fix: migrate superRefine to check for certificate router * fix: confirm pasword refinement is overwriting types * fix: email optional not working * fix: migrate intersection to object converter * fix: safe parse return value rename * fix: easier access for min and max number value * fix: migrate superRefine to check for oldmarr import file * fix: inference of enum shape for old-import board-size wrong * fix: errors renamed to issues * chore: address pull request feedback * fix: zod form requires object * fix: inference for use-zod-form not working * fix: remove unnecessary convertion * fix(deps): upgrade trpc-to-openapi to v3 * fix: build error * fix: migrate missing zod imports to v4 * fix: migrate zod records to v4 * fix: missing core package dependency in api module * fix: unable to convert custom zod schema to openapi schema * fix(deps): upgrade zod to v4 * chore(renovate): enable zod dependency updates * test: add simple unit test for convertIntersectionToZodObject --------- Co-authored-by: homarr-renovate[bot] <158783068+homarr-renovate[bot]@users.noreply.github.com> 2025-08-15 20:15:58 +02:00			`import { z } from "zod/v4";`
fix(docker): replace anonymous docker volume with env variable for encrypting secrets (#1809) 2024-12-31 11:30:29 +01:00
feat(env): improve support for instances without internet connection (#3915) 2025-08-29 19:58:01 +02:00			`import { createBooleanSchema, createEnv } from "@homarr/core/infrastructure/env";`
refactor: env validation typescript and common package (#1912) 2025-01-14 19:03:38 +01:00
fix(docker): replace anonymous docker volume with env variable for encrypting secrets (#1809) 2024-12-31 11:30:29 +01:00			const errorSuffix = `, please generate a 64 character secret in hex format or use the following: "${randomBytes(32).toString("hex")}"`;

			`export const env = createEnv({`
feat(logging): add log level env variable (#2299) 2025-02-18 22:54:15 +01:00			`shared: {`
			`NODE_ENV: z.enum(["development", "production", "test"]).default("development"),`
			`},`
fix(docker): replace anonymous docker volume with env variable for encrypting secrets (#1809) 2024-12-31 11:30:29 +01:00			`server: {`
			`SECRET_ENCRYPTION_KEY: z`
			`.string({`
fix(deps): upgrade zod to v4 and fix breaking changes (#3461) * fix(deps): update dependency drizzle-zod to ^0.8.2 * chore: update zod to v4 import * fix: path is no longer available in transform context * fix: AnyZodObject does no longer exist * fix: auth env.ts using wrong createEnv and remove unused file env-validation.ts * fix: required_error no longer exists on z.string * fix: zod error map is deprecated and replaced with config * fix: default requires callback now * fix: migrate zod resolver for mantine * fix: remove unused form translation file * fix: wrong enum type * fix: record now requires two arguments * fix: add-confirm-password-refinement type issues * fix: add missing first record argument for entityStateSchema * fix: migrate superrefine to check * fix(deps): upgrade zod-form-data to v3 * fix: migrate superRefine to check for mediaUploadSchema * fix: authProvidersSchema default is array * fix: use stringbool instead of custom implementation * fix: record requires first argument * fix: migrate superRefine to check for certificate router * fix: confirm pasword refinement is overwriting types * fix: email optional not working * fix: migrate intersection to object converter * fix: safe parse return value rename * fix: easier access for min and max number value * fix: migrate superRefine to check for oldmarr import file * fix: inference of enum shape for old-import board-size wrong * fix: errors renamed to issues * chore: address pull request feedback * fix: zod form requires object * fix: inference for use-zod-form not working * fix: remove unnecessary convertion * fix(deps): upgrade trpc-to-openapi to v3 * fix: build error * fix: migrate missing zod imports to v4 * fix: migrate zod records to v4 * fix: missing core package dependency in api module * fix: unable to convert custom zod schema to openapi schema * fix(deps): upgrade zod to v4 * chore(renovate): enable zod dependency updates * test: add simple unit test for convertIntersectionToZodObject --------- Co-authored-by: homarr-renovate[bot] <158783068+homarr-renovate[bot]@users.noreply.github.com> 2025-08-15 20:15:58 +02:00			error: `SECRET_ENCRYPTION_KEY is required${errorSuffix}`,
fix(docker): replace anonymous docker volume with env variable for encrypting secrets (#1809) 2024-12-31 11:30:29 +01:00			`})`
			`.min(64, {`
			message: `SECRET_ENCRYPTION_KEY has to be 64 characters${errorSuffix}`,
			`})`
			`.max(64, {`
			message: `SECRET_ENCRYPTION_KEY has to be 64 characters${errorSuffix}`,
			`})`
			`.regex(/^[0-9a-fA-F]{64}$/, {`
			message: `SECRET_ENCRYPTION_KEY must only contain hex characters${errorSuffix}`,
			`}),`
feat(env): improve support for instances without internet connection (#3915) 2025-08-29 19:58:01 +02:00			`NO_EXTERNAL_CONNECTION: createBooleanSchema(false),`
fix(dns): disable caching by default (#4007) 2025-09-05 23:05:30 +02:00			`ENABLE_DNS_CACHING: createBooleanSchema(false),`
fix(docker): replace anonymous docker volume with env variable for encrypting secrets (#1809) 2024-12-31 11:30:29 +01:00			`},`
			`runtimeEnv: {`
			`SECRET_ENCRYPTION_KEY: process.env.SECRET_ENCRYPTION_KEY,`
feat(logging): add log level env variable (#2299) 2025-02-18 22:54:15 +01:00			`NODE_ENV: process.env.NODE_ENV,`
feat(env): improve support for instances without internet connection (#3915) 2025-08-29 19:58:01 +02:00			`NO_EXTERNAL_CONNECTION: process.env.NO_EXTERNAL_CONNECTION,`
fix(dns): disable caching by default (#4007) 2025-09-05 23:05:30 +02:00			`ENABLE_DNS_CACHING: process.env.ENABLE_DNS_CACHING,`
fix(docker): replace anonymous docker volume with env variable for encrypting secrets (#1809) 2024-12-31 11:30:29 +01:00			`},`
			`});`