Set Environment Variables
Environment variables allow you to store sensitive information (tokens, API keys, passwords) outside your source code. This is an essential security practice.
Why Use Environment Variables?
Bad Practice
// NEVER DO THIS
const TOKEN = "MTExMTExMTExMTExMTExMTEx.XXXX.XXXXXXXXXXXXXXXXXXXX";
bot.login(TOKEN);Good Practice
// Token stored in an environment variable
const TOKEN = process.env.DISCORD_TOKEN;
bot.login(TOKEN);Benefits
- Security - Tokens are not in your code
- Flexibility - Change configuration without modifying code
- Sharing - Share your code without exposing secrets
- Deployment - Same code, different environments
Configure Startup
Before setting your environment variables, you should first configure your server's startup settings. These are not environment variables — they are container-level settings that tell the system how to run your bot.
Go to the "Startup" tab of your server on control.katabump.com. There you will find:
| Setting | Description |
|---|---|
| JS FILE / PY FILE | The entry point file to run (e.g. index.js or main.py) |
| ADDITIONAL NODE/PY PACKAGES | Extra packages to install beyond what's in your package.json or requirements.txt |
| Node.js / Python version | The runtime version to use for your server |
Automatic Dependency Installation
If you have a package.json (Node.js) or requirements.txt (Python) at the root of your server, the system will install dependencies automatically on startup.
Set Your Environment Variables
Environment variables are configured via a .env file placed at the root of your server. This file allows you to inject secrets and configuration values into your bot's runtime.
Create a .env File
Create a file named .env at the root of your project (next to your package.json or requirements.txt):
DISCORD_TOKEN=MTExMTExMTExMTExMTExMTEx.XXXX.XXXXXXXX
CLIENT_ID=123456789012345678
PREFIX=!Upload it to your server via Web or SFTP along with your other files.
Format
Each line follows the KEY=VALUE format:
| Field | Example |
|---|---|
| Key | DISCORD_TOKEN |
| Value | MTExMTExMTExMTExMTExMTEx.XXXX.XXXXXXXX |
Security
Never commit your .env file to a public Git repository. Add .env to your .gitignore file.
Naming Convention
Use explicit names in UPPERCASE with underscores:
DISCORD_TOKEN✅discord-token❌myToken❌
Essential Discord Variables
Bot Token (required)
Key: DISCORD_TOKEN
Value: Your Discord bot tokenApplication ID
Key: CLIENT_ID
Value: Your Discord application IDServer ID (for slash commands)
Key: GUILD_ID
Value: Your test server IDUsage in Code
Node.js
Install the dotenv package to load your .env file:
npm install dotenvThen at the very top of your entry point file:
require('dotenv').config();
const { Client, GatewayIntentBits } = require('discord.js');
const client = new Client({ intents: [GatewayIntentBits.Guilds] });
// Access variables
const TOKEN = process.env.DISCORD_TOKEN;
const PREFIX = process.env.PREFIX || '!'; // Default value
client.login(TOKEN);dotenv
Make sure dotenv is listed in your package.json dependencies so it gets installed automatically on the server.
Python
Install python-dotenv to load your .env file:
pip install python-dotenvAdd it to your requirements.txt:
discord.py==2.3.2
python-dotenv==1.0.0Then at the top of your main file:
from dotenv import load_dotenv
load_dotenv()
import os
import discord
TOKEN = os.getenv('DISCORD_TOKEN')
PREFIX = os.getenv('PREFIX', '!') # Default value
client = discord.Client()
client.run(TOKEN)Python Tip
Always use os.getenv() rather than os.environ[] to avoid errors if the variable doesn't exist.
Optional Useful Variables
| Variable | Description | Example |
|---|---|---|
PREFIX | Command prefix | ! |
MONGODB_URI | MongoDB connection | mongodb+srv://... |
OPENAI_KEY | OpenAI API key | sk-... |
WEBHOOK_URL | Discord webhook URL | https://discord.com/api/webhooks/... |
LOG_LEVEL | Log level | info, debug |
NODE_ENV | Node.js environment | production, development |
Modifying Variables
Changes to environment variables require a restart of the server to take effect:
- Edit your
.envfile (via the web file manager or SFTP) - Save the file
- Click "Restart" in the console
Important
Do not delete your DISCORD_TOKEN variable while your bot is running, or it will disconnect.
Debugging Variables
Node.js
// Display all variables (for debugging only!)
console.log('Variables:', process.env);
// Check a specific variable
console.log('Token present:', !!process.env.DISCORD_TOKEN);Python
import os
# Display all variables (for debugging only!)
print('Variables:', dict(os.environ))
# Check a variable
print('Token present:', bool(os.getenv('DISCORD_TOKEN')))Security
NEVER commit code that displays your tokens in production!
Complete Example
Node.js with discord.js
require('dotenv').config();
const { Client, GatewayIntentBits } = require('discord.js');
const client = new Client({
intents: [
GatewayIntentBits.Guilds,
GatewayIntentBits.GuildMessages,
GatewayIntentBits.MessageContent
]
});
const TOKEN = process.env.DISCORD_TOKEN;
const PREFIX = process.env.PREFIX || '!';
client.on('ready', () => {
console.log(`Logged in as ${client.user.tag}`);
});
client.on('messageCreate', (message) => {
if (message.author.bot) return;
if (message.content === `${PREFIX}ping`) {
message.reply('Pong!');
}
});
client.login(TOKEN);Next Step
Variables configured? Time to manage your server!