Some advice on setting up 12-factor apps in different environments. The environment variables suggested to set are based on the ones used by envigor (which are themselves based on common precedent).
- Consider your app's environment secret. Most configuration variables (except, maybe, PORT) are imbued with the authentication credentials your app uses to connect to any and all services. Never include a live config in any form with your code. Never place a config somewhere public. Never expose your config.
- Every place you store your config variables is one more place they can be leaked from. Devops valuing paranoia over convenience should keep config in two places: the live server, and the configuration of the related services themselves
You can specify environment variables for any command you run at the command line by including equals-separated pairs (no space between the key, the '=', and the value) before your command, eg NODE_ENV=development node server.js.
You can also use a script that does export KEY=VAL calls before running it, you can source a file by running source .env... however you do your setup is fine, as long as you never include your config values in your setup.
As Heroku's own help message puts it, Usage: heroku config:set KEY1=VALUE1 [KEY2=VALUE2 ...]
A tool that comes with the heroku "toolbelt" that basically just runs the processes defined in your Procfile (no buildpacks involved). Reads equal-sign-separated lines from a .env file. If you use this, make sure that the file never ends up in your source control and add .env to your .gitignore.
https://www.nodejitsu.com/documentation/jitsu/env/ describes how jitsu handles environments. In short: jitsu env set <name> <value>.
- Bare process: You pretty much want port 80 in production and a high-thousands port like 3000 or 5000 for development. You can either write some wrapping start scripts to define PORT, or don't define PORT and switch your default based on NODE_ENV (or your stack's equivalent).
- Heroku: PORT is always defined. I'm not sure how they handle apps that bind to something else.
- Nodejitsu: PORT isn't defined by default, but Nodejitsu magically works with any apps connecting to 80 (I think) or any port above 1024.
- Bare process: If you've set up mongod on 27017 just for your app, "mongodb://localhost/default" will be fine; otherwise, you should make a more complex configuration and set MONGODB_URL.
- Heroku: Adding a database with the MongoLab addon will set MONGOLAB_URI to the connection URL; likewise for MongoHQ and MONGOHQ_URL. You could also configure either of those manually and outside Heroku's system, then set the appropriate environment variable (I would recommend setting MONGODB_URL, so if you do ever set up one of the addons, your can remove your manual setting separately).
- Nodejitsu: You can get the connection URL of any mongo database you create through
jitsu databases: usejitsu env set MONGODB_URL <the appropriate URL>after you've got the one you're going to use.
Facebook uses a FACEBOOK_APP_ID to identify your app publicly, and a FACEBOOK_SECRET to authenticate your app privately. The Facebook developer of the app can find it by going to the app's page from https://developers.facebook.com/apps.
Heroku has this little thing you can do where you can create an app on Facebook that sets up a Heroku environment with these variables pre-defined, but I'd say it's only worth starting there if you're actually making a Facebook-centric app. Just set the two up separately then heroku config:set the values normally.