Environment Variables

Environment variables are key-value pairs set outside of your application code that configure its behavior at runtime. They provide a standard mechanism to inject configuration -- such as API keys, database URLs, port numbers, and feature flags -- without hardcoding sensitive or environment-specific values into source code.

How It Works

Environment variables are set in the operating system's process environment and accessed by the application at startup or during execution. In most programming languages, reading an environment variable is a single function call (e.g., process.env.API_KEY in Node.js or os.environ["API_KEY"] in Python).

They can be set in multiple ways: directly in the shell, through a .env file loaded by a tool like dotenv, in a Docker container's configuration, or through a cloud platform's dashboard. The application code remains the same regardless of the environment -- only the variable values change between development, staging, and production.

Why It Matters

Environment variables are a security and operational best practice. They keep secrets like API keys and passwords out of your codebase and version control. They also enable the same application image to run in different environments by simply changing configuration values, which is a core principle of twelve-factor app methodology and container-based deployment.

In Practice

When deploying an AI assistant, environment variables configure critical settings: the setup password for admin access, the model provider's API key, internal port numbers, state directory paths, and authentication tokens. Deployment platforms like Railway provide a dashboard for managing environment variables securely -- values are encrypted at rest and injected into the container at runtime. Getting environment variable management right is essential for both security (never commit secrets to git) and operational flexibility (changing configuration without rebuilding your container).