Skip to main content
Start here for the broad configuration picture.

Core application settings

From .env.example: 
APP_NAME=ADMIN9
APP_ENV=local
APP_DEBUG=true
APP_URL=http://localhost
APP_TIMEZONE=UTC
APP_URL is high-impact because it also affects generated URLs and the default OIDC issuer.

Database, session, queue, cache

DB_CONNECTION=mysql
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
REDIS_HOST=redis
For production, validate whether file and sync defaults are still appropriate for your environment. In most real deployments you will want Redis-backed queues and cache.

Mail

MAIL_MAILER=smtp
MAIL_HOST=mailpit
MAIL_PORT=1025
MAIL_FROM_ADDRESS="hello@example.com"
Mail provider support in the codebase includes Mailgun, Postmark, Amazon SES, and Resend-related dependencies. Ensure the selected mailer and credentials are aligned with config/mail.php and config/services.php.

Social login

Available environment slots include:
  • GOOGLE_CLIENT_ID
  • GOOGLE_CLIENT_SECRET
  • GITHUB_CLIENT_ID
  • GITHUB_CLIENT_SECRET
  • FACEBOOK_CLIENT_ID
  • FACEBOOK_CLIENT_SECRET
The database seeder also initializes OAuth login provider records.

Payments

Provider variable groups include:
  • Stripe
  • Paddle
  • Lemon Squeezy
  • offline payments through the application domain model
Examples from .env.example: 
STRIPE_SECRET_KEY=""
STRIPE_PUBLISHABLE_KEY=""
STRIPE_WEBHOOK_SIGNING_SECRET=""

PADDLE_VENDOR_ID=""
PADDLE_CLIENT_SIDE_TOKEN=""
PADDLE_WEBHOOK_SECRET=""
PADDLE_IS_SANDBOX=true

LEMON_SQUEEZY_API_KEY=""
LEMON_SQUEEZY_STORE_ID=""
LEMON_SQUEEZY_SIGNING_SECRET=""
LEMON_SQUEEZY_IS_TEST_MODE=false

Verification and anti-abuse

The application also supports:
  • reCAPTCHA
  • Twilio-based SMS verification
  • optional trial gating based on SMS verification
Relevant variables: 
RECAPTCHA_SITE_KEY=""
RECAPTCHA_SECRET_KEY=""
TWILIO_SID=""
TWILIO_TOKEN=""
TWILIO_FROM=""
TRIAL_WITHOUT_PAYMENT_SMS_VERIFICATION_ENABLED=false
The environment file includes:
  • GOOGLE_TRACKING_ID
  • TRACKING_SCRIPTS
  • social profile URLs for Facebook, X, Instagram, LinkedIn, YouTube, GitHub, and Discord

Important Config Files

  • config/app.php
  • config/auth.php
  • config/services.php
  • config/queue.php
  • config/horizon.php
  • config/mail.php
  • config/laravellocalization.php
  • config/filament.php
  • config/two-factor.php
  • config/permission.php

Admin-managed settings

Some application behavior is managed in Filament instead of hard-coded config. Notable admin settings pages include:
  • General settings
  • Invoice settings
  • Legal pages settings
  • Open Graph image settings
  • Referral settings
Document your deployment process so operators know which settings should be configured through the UI versus .env. If you are extending or debugging the settings mechanism itself, read Configuration System.
Last modified on March 30, 2026