Environment Variables
All configuration is done through the .env file. After changing any value, restart the application:
docker compose restart app
Core Settings
Application
| Variable | Description | Default |
|---|
APP_NAME | Application name (shown in emails, UI) | Verilock Identity |
APP_URL | Public URL | http://localhost |
APP_ENV | Environment (production, local) | production |
APP_DEBUG | Enable debug mode | false |
APP_PORT | Exposed HTTP port | 8080 |
Never set APP_DEBUG=true in production. It exposes sensitive information.
Database
DB_CONNECTION=pgsql
DB_HOST=postgres # Docker service name
DB_PORT=5432
DB_DATABASE=verilock
DB_USERNAME=verilock
DB_PASSWORD=your-strong-password
docker compose exec postgres psql -U verilock -d verilock
Redis
REDIS_HOST=redis
REDIS_PASSWORD=your-redis-password
REDIS_PORT=6379
CACHE_STORE=redis
QUEUE_CONNECTION=redis
SESSION_DRIVER=redis
API Keys
After installation, create API keys from the dashboard at /dashboard/api-keys, or via CLI:
docker compose exec app php artisan tinker
# Then in tinker:
$org = App\Models\Organization::first();
$key = App\Models\ApiKey::generateKey('live');
App\Models\ApiKey::create([
'organization_id' => $org->id,
'name' => 'Production',
'key_prefix' => $key['prefix'],
'key_hash' => $key['hash'],
'encrypted_key' => $key['key'],
'environment' => 'live',
'rate_limit' => 1000,
]);
echo "API Key: " . $key['key'];
Mail
Configure email for OTP codes and notifications:
MAIL_MAILER=smtp
MAIL_HOST=smtp.your-provider.com
MAIL_PORT=587
MAIL_USERNAME=your-username
MAIL_PASSWORD=your-password
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS=noreply@your-domain.com
MAIL_FROM_NAME="Verilock Identity"
MAIL_MAILER=ses
AWS_ACCESS_KEY_ID=your-key
AWS_SECRET_ACCESS_KEY=your-secret
AWS_DEFAULT_REGION=us-east-1
MAIL_FROM_ADDRESS=noreply@your-domain.com
Emails are written to logs at storage/logs/laravel.log. Storage
Documents (ID photos, selfies, address proofs) are stored in MinIO by default.
MinIO (Default)
FILESYSTEM_DISK=s3
AWS_ACCESS_KEY_ID=verilock
AWS_SECRET_ACCESS_KEY=your-minio-password
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=verilock-documents
AWS_ENDPOINT=http://minio:9000
AWS_USE_PATH_STYLE_ENDPOINT=true
http://localhost:9001.
AWS S3
To use real AWS S3 instead of MinIO:
FILESYSTEM_DISK=s3
AWS_ACCESS_KEY_ID=your-aws-key
AWS_SECRET_ACCESS_KEY=your-aws-secret
AWS_DEFAULT_REGION=eu-west-1
AWS_BUCKET=your-bucket-name
# Remove or comment out these lines:
# AWS_ENDPOINT=
# AWS_USE_PATH_STYLE_ENDPOINT=
Local Filesystem
For simple deployments without object storage:
Documents are stored in storage/app/private/kyc-documents/.
SMS / OTP
SMS-based OTP verification can be configured in the dashboard settings. Contact support for setup instructions.
AML Screening
The embedded AML engine provides AML/PEP screening against international sanctions and watchlists.
It automatically downloads and indexes the latest data on startup. To force a refresh:
docker compose restart aml-engine
License
SELFHOST_ENABLED=true
VERILOCK_LICENSE_KEY=vrl_your_key_here
VERILOCK_LICENSE_SERVER=https://license.verilock.com
VERILOCK_GRACE_PERIOD=7 # Days offline before blocking
VERILOCK_UPDATE_CHANNEL=stable # stable or beta
VERILOCK_TELEMETRY=true # Anonymous usage metrics
Verify License Status
docker compose exec app php artisan license:heartbeat
Check for Updates
docker compose exec app php artisan selfhost:check-update
