Global Environment Variables
Global environment variables are instance-wide settings that are automatically injected into all your deployed applications. This is useful for shared credentials like S3-compatible storage, email services, or API keys.
Why Global Variables?
Instead of setting the same R2/S3 credentials on every project:
bash
# Without global variables - repetitive
slipway env:set app1 R2_ACCESS_KEY=abc123...
slipway env:set app1 R2_SECRET_KEY=xyz789...
slipway env:set app2 R2_ACCESS_KEY=abc123...
slipway env:set app2 R2_SECRET_KEY=xyz789...
# ... for every appSet them once globally:
bash
# With global variables - set once, use everywhere
slipway config:set R2_ACCESS_KEY=abc123...
slipway config:set R2_SECRET_KEY=xyz789...Setting Global Variables
Via Dashboard
- Go to Settings
- Click Global Environment
- Add variables
- Click Save
Via CLI
bash
# Set a global variable
slipway config:set VAR_NAME=value
# Set multiple at once
slipway config:set \
R2_ACCESS_KEY=abc123 \
R2_SECRET_KEY=xyz789 \
R2_BUCKET=my-uploads \
R2_ENDPOINT=https://xxx.r2.cloudflarestorage.comCommon Global Variables
S3-Compatible Storage (R2, Spaces, S3)
For file uploads and backups:
bash
# Cloudflare R2
slipway config:set \
R2_ACCESS_KEY=your-access-key \
R2_SECRET_KEY=your-secret-key \
R2_BUCKET=your-bucket \
R2_ENDPOINT=https://account-id.r2.cloudflarestorage.com
# DigitalOcean Spaces
slipway config:set \
SPACES_ACCESS_KEY=your-access-key \
SPACES_SECRET_KEY=your-secret-key \
SPACES_BUCKET=your-bucket \
SPACES_ENDPOINT=https://nyc3.digitaloceanspaces.com
# Amazon S3
slipway config:set \
S3_ACCESS_KEY=your-access-key \
S3_SECRET_KEY=your-secret-key \
S3_BUCKET=your-bucket \
S3_REGION=us-east-1Email Services
bash
# Mailgun
slipway config:set \
MAILGUN_API_KEY=key-xxx \
MAILGUN_DOMAIN=mail.example.com
# SendGrid
slipway config:set \
SENDGRID_API_KEY=SG.xxx
# Resend
slipway config:set \
RESEND_API_KEY=re_xxxMonitoring & Error Tracking
bash
# Sentry
slipway config:set \
SENTRY_DSN=https://[email protected]/123Viewing Global Variables
Via CLI
bash
slipway config:listOutput:
Global Environment Variables
NAME VALUE SET
R2_ACCESS_KEY abc1... 2 days ago
R2_SECRET_KEY ******** 2 days ago
R2_BUCKET my-uploads 2 days ago
R2_ENDPOINT https://xxx.r2... 2 days ago
SENTRY_DSN https://xxx@se... 1 week agoVia Dashboard
Go to Settings → Global Environment to see all variables.
Variable Inheritance
Global variables are inherited by all environments and apps, but can be overridden at each level:
┌─────────────────────────────────────────────────────────┐
│ Global Variables (instance-wide) │
│ R2_ACCESS_KEY=abc123 │
│ R2_BUCKET=default-bucket │
│ LOG_LEVEL=info │
└─────────────────────────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────┐
│ Environment: production │
│ Inherited: R2_ACCESS_KEY=abc123 │
│ Override: R2_BUCKET=my-app-bucket ← env-specific │
│ Override: LOG_LEVEL=debug ← env-specific │
└─────────────────────────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────┐
│ App: worker (multi-app only) │
│ Inherited: R2_ACCESS_KEY=abc123 (from global) │
│ Inherited: R2_BUCKET=my-app-bucket (from environment) │
│ Override: LOG_LEVEL=warn ← app-specific │
└─────────────────────────────────────────────────────────┘Override Priority
- App-specific variables (highest priority, multi-app only)
- Environment variables
- Global environment variables
- Slipway defaults (PORT, NODE_ENV, etc.)
For single-app environments, the app level doesn't apply — environment variables are the highest priority override.
Removing Global Variables
bash
# Remove a global variable
slipway config:unset R2_ACCESS_KEY
# Remove multiple
slipway config:unset R2_ACCESS_KEY R2_SECRET_KEY R2_BUCKETUsing in Your Sails App
Global variables are available like any environment variable:
javascript
// config/uploads.js
module.exports.uploads = {
adapter: require('skipper-s3'),
key: process.env.R2_ACCESS_KEY,
secret: process.env.R2_SECRET_KEY,
bucket: process.env.R2_BUCKET,
endpoint: process.env.R2_ENDPOINT
}javascript
// config/email.js
module.exports.email = {
adapter: 'sails-hook-mail',
apiKey: process.env.SENDGRID_API_KEY
}Security
Sensitive Values
Global variables are encrypted at rest. However, they are decrypted and injected into containers at runtime. Ensure your Slipway server is properly secured.
Who Can See Global Variables?
| Role | Can View | Can Edit |
|---|---|---|
| Owner | Yes | Yes |
| Admin | Yes | Yes |
| Developer | Masked | No |
| Viewer | No | No |
Database Backups to S3
When global S3 variables are configured, database backups can be sent to S3-compatible storage:
bash
# Enable S3 backups (uses global R2/S3 variables)
slipway db:backup mydb --to-s3
# Or configure automatic backups
slipway db:update mydb --backup-to-s3=true --backup-schedule="0 3 * * *"See Database Services for more details.
Best Practices
1. Use Descriptive Names
bash
# Good - clear purpose
slipway config:set UPLOADS_S3_BUCKET=my-uploads
slipway config:set BACKUPS_S3_BUCKET=my-backups
# Avoid - ambiguous
slipway config:set BUCKET=something2. Separate by Concern
Consider using different buckets/credentials for different purposes:
UPLOADS_*- User-uploaded filesBACKUPS_*- Database backupsASSETS_*- Static assets
3. Rotate Credentials
Periodically rotate your API keys:
bash
# Update global variable (takes effect on next deploy)
slipway config:set R2_ACCESS_KEY=new-key
# Redeploy apps to pick up new credentials
slipway deploy app1
slipway deploy app2What's Next?
- Learn about File Uploads with S3-compatible storage
- Configure Database Services with S3 backups
- Set up Environment Variables for project-specific config