Environment Variables
Complete reference of environment variables used by the LMS backend.
Required Variables
These must be set in all environments:
| Variable |
Description |
Example |
DATABASE_URL |
PostgreSQL connection string |
postgres://user:pass@localhost:5432/lms |
SECRET_KEY |
Django secret key (50+ random characters) |
django-insecure-... |
PROVIDER_ENCRYPTION_KEY |
Fernet key for encrypting provider credentials |
Generated via Fernet.generate_key() |
Django Settings
| Variable |
Description |
Default |
DJANGO_SETTINGS_MODULE |
Active settings module |
config.settings.development |
DEBUG |
Enable debug mode |
False |
ALLOWED_HOSTS |
Comma-separated allowed hosts |
localhost,127.0.0.1 |
LANGUAGE_CODE |
Default language |
en |
TIME_ZONE |
Default timezone |
UTC |
Database
| Variable |
Description |
Default |
DATABASE_URL |
PostgreSQL connection string |
(required) |
The database URL is parsed by django-environ into Django's DATABASES setting. PostgreSQL 16+ is required for schema-per-tenant support.
Redis / Celery
| Variable |
Description |
Default |
REDIS_URL |
Redis connection string |
redis://localhost:6379/0 |
CELERY_BROKER_URL |
Celery broker URL (defaults to REDIS_URL) |
redis://localhost:6379/0 |
CELERY_RESULT_BACKEND |
Celery result backend (defaults to REDIS_URL) |
redis://localhost:6379/0 |
CORS
| Variable |
Description |
Default |
CORS_ALLOWED_ORIGINS |
Comma-separated allowed origins |
http://localhost:5173,http://localhost:5174 |
Authentication
| Variable |
Description |
Default |
ACCOUNT_DEFAULT_HTTP_PROTOCOL |
Protocol for email links |
https |
AWS S3 (Document Storage)
| Variable |
Description |
Required |
AWS_ACCESS_KEY_ID |
AWS access key |
Production only |
AWS_SECRET_ACCESS_KEY |
AWS secret key |
Production only |
AWS_STORAGE_BUCKET_NAME |
S3 bucket name |
Production only |
AWS_S3_REGION_NAME |
S3 region |
Production only |
Email (SendGrid)
| Variable |
Description |
Required |
SENDGRID_API_KEY |
SendGrid API key |
Production only |
DEFAULT_FROM_EMAIL |
Default sender email |
Production only |
SMS (Twilio)
| Variable |
Description |
Required |
TWILIO_ACCOUNT_SID |
Twilio account SID |
Production only |
TWILIO_AUTH_TOKEN |
Twilio auth token |
Production only |
TWILIO_FROM_NUMBER |
Twilio sender number (E.164) |
Production only |
Security
| Variable |
Description |
Default |
PROVIDER_ENCRYPTION_KEY |
Fernet key for provider credential encryption |
(required) |
CSRF_TRUSTED_ORIGINS |
Comma-separated trusted CSRF origins |
Derived from ALLOWED_HOSTS |
SECURE_SSL_REDIRECT |
Redirect HTTP to HTTPS |
False (dev), True (prod) |
SESSION_COOKIE_SECURE |
Secure flag on session cookie |
False (dev), True (prod) |
CSRF_COOKIE_SECURE |
Secure flag on CSRF cookie |
False (dev), True (prod) |
Development-Only
| Variable |
Description |
Default |
DJANGO_ALLOW_ASYNC_UNSAFE |
Allow sync ORM in async context (tests) |
False |
EMAIL_BACKEND |
Email backend class |
Console backend in dev |
Warning
Never set DJANGO_ALLOW_ASYNC_UNSAFE=True in production. It is only for test environments where baker.make() (sync ORM) is used inside async test functions.
Generating Keys
Django Secret Key
python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"
Provider Encryption Key
python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
See Also