refactor(env): unify required-env validation through useRuntimeConfig

validate-env.js now reads all four required vars (MONGODB_URI, JWT_SECRET, RESEND_API_KEY, HELCIM_API_TOKEN) from useRuntimeConfig() instead of mixing direct process.env reads with a JWT-only special case. Mongoose and the six Resend instantiations follow suit. Either bare or NUXT_-prefixed env names are accepted, so Dokploy no longer needs duplicate entries.
2026-04-26 14:47:02 +01:00 · 2026-04-26 14:47:02 +01:00 · 04eb33df6e
commit 04eb33df6e
parent 1083a1d260
9 changed files with 17 additions and 24 deletions
--- a/nuxt.config.ts
+++ b/nuxt.config.ts
@ -91,8 +91,7 @@ export default defineNuxtConfig({
  },
  runtimeConfig: {
    // Private keys (server-side only)
-    mongodbUri:
-      process.env.MONGODB_URI || "mongodb://localhost:27017/ghostguild",
+    mongodbUri: process.env.MONGODB_URI || "",
    jwtSecret: process.env.JWT_SECRET || "",
    resendApiKey: process.env.RESEND_API_KEY || "",
    helcimApiToken: process.env.HELCIM_API_TOKEN || "",
--- a/server/api/admin/members/invite.post.js
+++ b/server/api/admin/members/invite.post.js
@ -4,7 +4,7 @@ import { Resend } from 'resend'
 import Member from '../../../models/member.js'
 import { connectDB } from '../../../utils/mongoose.js'

-const resend = new Resend(process.env.RESEND_API_KEY)
+const resend = new Resend(useRuntimeConfig().resendApiKey)

 export default defineEventHandler(async (event) => {
  await requireAdmin(event)
--- a/server/api/admin/pre-registrants/invite.post.js
+++ b/server/api/admin/pre-registrants/invite.post.js
@ -4,7 +4,7 @@ import { Resend } from 'resend'
 import PreRegistration from '../../../models/preRegistration.js'
 import { connectDB } from '../../../utils/mongoose.js'

-const resend = new Resend(process.env.RESEND_API_KEY)
+const resend = new Resend(useRuntimeConfig().resendApiKey)

 export default defineEventHandler(async (event) => {
  await requireAdmin(event)
--- a/server/plugins/validate-env.js
+++ b/server/plugins/validate-env.js
@ -1,23 +1,17 @@
 export default defineNitroPlugin(() => {
-  const required = [
-    'MONGODB_URI',
-    'JWT_SECRET',
-    'RESEND_API_KEY',
-    'HELCIM_API_TOKEN',
-  ]
+  const config = useRuntimeConfig()
+  const checks = {
+    MONGODB_URI: config.mongodbUri,
+    JWT_SECRET: config.jwtSecret,
+    RESEND_API_KEY: config.resendApiKey,
+    HELCIM_API_TOKEN: config.helcimApiToken,
+  }

-  const missing = required.filter((key) => {
-    // Check both process.env and runtime config where applicable
-    if (key === 'JWT_SECRET') {
-      const config = useRuntimeConfig()
-      return !config.jwtSecret
-    }
-    return !process.env[key]
-  })
+  const missing = Object.entries(checks).filter(([, value]) => !value).map(([key]) => key)

  if (missing.length > 0) {
    console.error(`FATAL: Missing required environment variables: ${missing.join(', ')}`)
-    console.error('Set these in your .env file or environment variables.')
+    console.error('Set these (or their NUXT_-prefixed equivalents) in your .env file or environment variables.')
    process.exit(1)
  }
 })
--- a/server/routes/oidc/interaction/login.post.ts
+++ b/server/routes/oidc/interaction/login.post.ts
@ -12,7 +12,7 @@ import { Resend } from "resend";
 import Member from "../../../models/member.js";
 import { connectDB } from "../../../utils/mongoose.js";

-const resend = new Resend(process.env.RESEND_API_KEY);
+const resend = new Resend(useRuntimeConfig().resendApiKey);

 export default defineEventHandler(async (event) => {
  await connectDB();
--- a/server/utils/magicLink.js
+++ b/server/utils/magicLink.js
@ -6,7 +6,7 @@ import { randomUUID } from 'crypto'
 import { Resend } from 'resend'
 import Member from '../models/member.js'

-const resend = new Resend(process.env.RESEND_API_KEY)
+const resend = new Resend(useRuntimeConfig().resendApiKey)

 /**
 * Issue a 15-minute magic-link JWT for `email` and email it.
--- a/server/utils/mongoose.js
+++ b/server/utils/mongoose.js
@ -7,7 +7,7 @@ export const connectDB = async () => {
    return;
  }

-  const MONGODB_URI = process.env.NUXT_MONGODB_URI || process.env.MONGODB_URI || 'mongodb://localhost:27017/ghostguild';
+  const MONGODB_URI = useRuntimeConfig().mongodbUri;

  try {
    await mongoose.connect(MONGODB_URI, {
--- a/server/utils/payments.js
+++ b/server/utils/payments.js
@ -2,7 +2,7 @@ import { Resend } from 'resend'
 import Payment from '../models/payment.js'
 import { paymentConfirmationEmail } from '../emails/paymentConfirmation.js'

-const resend = new Resend(process.env.RESEND_API_KEY)
+const resend = new Resend(useRuntimeConfig().resendApiKey)

 function mapStatus(helcimStatus) {
  if (helcimStatus === 'paid') return 'success'
--- a/server/utils/resend.js
+++ b/server/utils/resend.js
@ -1,6 +1,6 @@
 import { Resend } from "resend";

-const resend = new Resend(process.env.RESEND_API_KEY);
+const resend = new Resend(useRuntimeConfig().resendApiKey);

 /**
 * Send event registration confirmation email