Skip to content
HostStack Docs

Environment Variables

Configure your application with environment variables. All values are encrypted at rest.

Setting Variables

Set variables through the dashboard, CLI, or SDK:

Dashboard
Service → Settings → Environment Variables → Add Variable
CLI
hoststack env set <service-id> DATABASE_URL=postgres://...
hoststack env set <service-id> NODE_ENV=production
SDK
await client.envVars.create(teamId, 'svc_abc123', {
  key: 'DATABASE_URL',
  value: 'postgres://...',
  target: 'runtime',
  isSecret: true,
});

Variable Targets

Control when variables are available to your application:

Build
Available only during the build step. Use for build-time configuration like API keys for static generation.
Runtime
Available only when the container is running. Use for secrets that shouldn't be baked into the image.
Both
Available during build and runtime. This is the default.

Secret Variables

Mark a variable as Secret to hide its value in the dashboard and API responses. The value is still available to your application at runtime. Secrets are stored using AES-256-GCM encryption.

Environment Groups

Environment Groups let you share a set of variables across multiple services. Create a group, add variables, then link it to any service. When variables conflict, higher-priority groups take precedence.

Example: Shared database credentials
Group: "production-database"
  DATABASE_URL = postgres://...
  DATABASE_POOL_SIZE = 10

Linked to:
  → api-service (priority 0)
  → worker-service (priority 0)

Linked Databases

When you create a managed database and link it to a service, HostStack automatically injects the connection URL as an environment variable. No manual configuration needed.

Next: Managed Databases

Essential cookies only — for login sessions. No tracking. Details