Skip to content

App configuration

Using the kottster-app.json

The kottster-app.json file in your project root configures settings that both server and client share.

id

string, required

A unique identifier for your Kottster app. Use a UUID or any unique string. Kottster uses this ID internally to distinguish between different applications.

basePath

string, optional

Defines the base URL path for your Kottster app. Use this when deploying your app in a subdirectory on your server.

meta.name

string, required

The display name of your Kottster app. This appears next to the app icon in the Kottster interface.

meta.icon

string, required

The URL of your app's icon image. This icon appears alongside the app name in the Kottster interface. Learn more about icons in the Branding documentation.

Using the app/_server/app.js

The app/_server/app.js file defines server-side configurations, secrets, and custom logic for your Kottster app. All code in this file runs only on the server, keeping sensitive information secure.

secretKey

string, required

Used for signing and verifying tokens like JWTs (JSON Web Tokens). Keep this key secret and never expose it to the client side.

INFO

Move sensitive configuration like secretKey to environment variables for better security. Learn more about managing secrets in the Deployment documentation.

rootUsername

string, optional

The username for your app's root (admin) user. This user has full access to all features and settings within the app.

rootPassword

string, optional

The password for your app's root (admin) user. Keep this password secure and never expose it to the client side.

INFO

Move sensitive values like rootPassword to environment variables for better security. Learn more about managing secrets in the Deployment documentation.

rootCustomPermissions

string[], optional

Specifies additional custom permissions for the root (admin) user. Use this to grant specific access rights beyond the default admin permissions.

jwtSecretSalt

string, required

A salt value for hashing JWTs (JSON Web Tokens). This adds extra security to token generation and verification.

INFO

Move sensitive configuration like jwtSecretSalt to environment variables for better security. Learn more about managing secrets in the Deployment documentation.

kottsterApiToken

string, optional

An API token for external requests to the Kottster app. This enables additional features like checking for updates and generating SQL queries using AI.

postAuthMiddleware

function, optional

A custom middleware function that runs after user authentication. Use this for additional security checks or logging.

Learn more: Creating custom validation middleware

Environment variables

Configure your Kottster app using environment variables.

Provide them in a .env file in your project root, or set them directly in your deployment environment.

Environment VariableDescription
PORTPort number for the Kottster app in production (default: 3000)
DEV_API_SERVER_URLURL for the development API server (default: http://localhost:5481)
DEBUG_MODEEnables debug mode for verbose logging (default: false)