Edit your config template

Your config template is the .env your application reads, written once and filled in for you at every deploy. Instead of pasting a database password or a service host into the file, you drop in a token like ${strackt:mariadb.host} and strackt replaces it with the live value when it deploys. Stored secrets work the same way.

You'll find the editor under Settings → Environment for any environment.

The editor

The template editor highlights your .env as you type and marks every ${strackt:...} token in blue so you can see at a glance which values are filled in for you. Start typing ${strackt: and an autocomplete menu suggests every value available in this environment — connection details from any database or cache you've connected, plus any secrets you've stored.

The Binding Variables sidebar lists the same values. Click one and it's inserted at your cursor — handy when you can't remember the exact token name.

If you're setting up a fresh database-backed app and haven't saved a template yet, the editor pre-fills a sensible starting point so you're not staring at a blank file.

Two kinds of tokens

Connection details from a service

When you connect a database or cache, its connection details become tokens you can use anywhere in the template. The token is the service type, a dot, and the property you want:

DB_HOST=${strackt:mariadb.host}
DB_DATABASE=${strackt:mariadb.database}
DB_USERNAME=${strackt:mariadb.username}
DB_PASSWORD=${strackt:mariadb.password}

Available properties depend on the service:

| Service | Properties you can use | |---------|------------------------| | MariaDB | connection, host, port, database, username, password, socket | | PostgreSQL | connection, host, port, database, username, password | | Valkey (Redis) | host, port, username, password, db, prefix |

You never copy a password or host yourself — strackt reads the current value at deploy time, so a rotated credential flows through automatically on the next deploy.

Your own stored values

Anything you store as an environment secret — an API key, a feature flag, a third-party URL — is available as a single-word token:

STRIPE_SECRET_KEY=${strackt:STRIPE_SECRET_KEY}

The difference is the dot: ${strackt:mariadb.host} (with a dot) is a service connection detail, and ${strackt:STRIPE_SECRET_KEY} (no dot) is one of your stored values. You can mix both freely in the same file.

What happens at deploy

When you deploy, strackt takes your template and replaces every token with its live value, producing the final .env your application reads. Secret values never appear in deploy logs.

If a service token can't be resolved — for example you reference ${strackt:mariadb.host} but no database is connected — the deploy is blocked before it starts, with a message telling you what's missing. A stored-value token that isn't set won't block the deploy; it's left as-is, since some values are only meant to exist in certain environments.

A note on saving

Saving the template stores it exactly as you typed it — tokens and all. The values are only filled in at deploy time, never when you save. That's what lets you rotate a secret or change a connection without touching the template: write the new value, deploy, done.