Secrets & Environment Variables
FluxNow supports two types of configuration values: environment variables and secrets. Both are injected into your containers at deploy time.
Environment variables vs secrets
Section titled “Environment variables vs secrets”| Environment variables | Secrets | |
|---|---|---|
| Visibility | Visible in the dashboard | Encrypted at rest; not visible after saving |
| Use cases | Non-sensitive config, feature flags, URLs | API keys, tokens, database passwords |
| Storage | Plaintext | Encrypted via OpenBao |
Managing env vars and secrets
Section titled “Managing env vars and secrets”Both are managed in the project dashboard under Settings → Environment. You can add, edit, and delete individual values from there.
Scoping
Section titled “Scoping”Values can be scoped to:
- All environments — applies to staging and all preview environments
- Staging only — applies only to the staging environment
- Previews only — applies only to PR preview environments
Auto-injected service credentials
Section titled “Auto-injected service credentials”Service connection strings are injected automatically by FluxNow:
DATABASE_URL— PostgresREDIS_URL— RedisS3_ENDPOINT,S3_ACCESS_KEY_ID,S3_SECRET_ACCESS_KEY,S3_BUCKET— S3 storage
Do not add these manually — they will be overwritten by FluxNow’s injected values.
Bulk import from .env files
Section titled “Bulk import from .env files”You can paste the contents of a .env file directly into the dashboard to bulk-import multiple values at once. Each line is parsed as KEY=VALUE. Values that match secret patterns are stored as secrets automatically.
Injection at deploy time
Section titled “Injection at deploy time”All configured values are injected into your container as environment variables when the container starts. Changes take effect on the next deploy.