Environment Variables
Manage secrets and configuration for your services. Encrypted at rest, injected at runtime.
Setting variables
Environment variables are set per-service from the dashboard or CLI. Changes trigger a new deployment automatically.
Dashboard
Open your service, click the Env Vars tab, add key-value pairs, and save. The editor supports bulk paste from .env files.
CLI
Terminal
$ lm env set DATABASE_URL=postgresql://... ✓ Variable set $ lm env set STRIPE_KEY=sk_live_... API_KEY=abc123 ✓ 2 variables set $ lm env list DATABASE_URL ●●●●●●●●●●●● STRIPE_KEY ●●●●●●●●●●●● API_KEY ●●●●●●●●●●●●
API
cURL
curl -X POST https://api.launchmatic.io/v1/services/:id/env \
-H "Authorization: Bearer $TOKEN" \
-d '{"vars": {"DATABASE_URL": "postgresql://..."}}'Auto-detection
When using Quick Launch, Launchmatic scans your repository for .env.example, .env.sample, or .env.template files and extracts variable names. It also scans source files for process.env.XXX and os.environ patterns. Detected variables are shown in the config step so you can fill in values before deploying.
Encryption & security
- All env var values are encrypted at rest using AES-256-GCM with a per-installation encryption key.
- Values are never logged or exposed in build logs.
- In the dashboard, values are masked by default — click to reveal.
- Variables are injected into the container at runtime via Kubernetes Secrets, not baked into images.
Reserved variables
Launchmatic injects these variables automatically. You cannot override them:
| Variable | Description |
|---|---|
| PORT | The port your service should listen on |
| NODE_ENV | Set to 'production' in deployed environments |
| LAUNCHMATIC_SERVICE_ID | Unique service identifier |
| LAUNCHMATIC_DEPLOYMENT_ID | Current deployment identifier |