Day-to-Day Operations

Environment Variables and Secrets

Platform-injected variables

These are set automatically based on your cloudgrid.yaml. You cannot override them:

VariableInjected when
PORTAlways (default 8080)
MONGODB_URLrequires: [db]
REDIS_URLrequires: [redis]
RUNTIME_GATEWAY_URLrequires: [ai]
N8N_WEBHOOK_URLrequires: [n8n]
APP_NAMEAlways
SERVICE_NAMEAlways
NODE_ENVAlways (set to production)
CLOUDGRID_PERSIST_PATHpersist: true

Any key prefixed with CLOUDGRID_* is reserved.

Set custom environment variables

grid env set my-app KEY1=value1 KEY2=value2

This triggers a rolling restart of the entity’s pods.

grid env list my-app          # List all env vars
grid env get my-app KEY1      # Get a single value
grid env unset my-app KEY1    # Remove a var

You can also set service-level env vars in cloudgrid.yaml:

services:
  api:
    type: node
    env:
      LOG_LEVEL: debug
      FEATURE_FLAG: "true"

Secrets

Secrets are stored in Kubernetes Secrets and their values are never returned by the API.

grid secrets set my-app API_KEY=sk-abc123 STRIPE_KEY=sk_live_xyz
grid secrets list my-app      # Shows keys only, not values
grid secrets unset my-app API_KEY

For external database connections, use the vault system in cloudgrid.yaml:

vault:
  MY_MONGODB_URL: external-mongo-conn
  STRIPE_SECRET: stripe-api-key

requires:
  - { db: external, secret: MY_MONGODB_URL }