Environments

The Env tab is where you manage your project's environment variables — the values your application reads from the .env file at runtime. Open it from the project's tab strip in the Console.

How environment variables reach your application

Depfloy writes your environment variables to shared/.env on the server. The active release symlinks this file in as current/.env, so when your application reads .env, it picks up whatever you set here. Changes apply on the next request without a full deploy — but for variables that are read at startup (queue workers, schedulers, Node.js processes), you'll need to restart the relevant process for the new value to take effect.

Add a variable

Click Add Variable, enter a name (uppercase by convention — DATABASE_URL, API_KEY), enter the value, and save.

For multi-line values (private keys, certificates), the editor supports newlines — paste the whole block in one go.

Plain vs. encrypted

Each variable can be marked encrypted when you create or edit it. Encrypted values are stored encrypted in Depfloy's database and are only shown to members with permission to view them — the rest of your team sees them as ••••••••. The value on the server itself is still written as plaintext in shared/.env; the encryption is about who can read the value in the UI, not who can read it after SSH'ing to the box.

Mark API keys, database passwords, third-party tokens, and any other secret as encrypted. Leave configuration that isn't sensitive (APP_ENV, APP_URL, LOG_CHANNEL) as plain so the team can see what's set without revealing what isn't.

Edit, copy, and delete

Click any variable to edit it. Click the copy button next to a value to copy it to your clipboard.

To delete, click the three-dot menu on the variable row and pick Delete. The deletion is immediate and there's no undo — re-add the variable if you regret it.

Bulk paste

The fastest way to set up a new project is to paste the whole .env content at once. Click Bulk Paste, paste your file content, and Depfloy parses it line by line. You can review what it picked up before saving.

APP_NAME=Laravel
APP_ENV=production
APP_KEY=base64:9aG+...
DATABASE_URL=postgres://...

If you have a lot of variables, the search box at the top of the list filters by name as you type. Useful for tracking down "where exactly is STRIPE_WEBHOOK_SECRET defined".

Editing the file manually via SSH

If you SSH into the server and edit shared/.env directly, your changes do persist — but the next time someone edits a variable through the Console, the entire shared/.env is rewritten from Depfloy's view of the world. Use the Console as the source of truth; direct SSH edits are for emergency fixes only.

Was this page helpful?