Nuxt 3 runtimeConfig not populated from process.env in production Docker build, but process.env is available later
I'm encountering an issue where my server-side runtimeConfig in Nuxt 3 is not being populated correctly from environment variables when running the production build inside a Docker container managed by Docker Compose. However, I can see the correct value when accessing process.env directly within server middleware during a request.
Setup:
- Nuxt: v3
- Node: v20
- Build Process: Standard
npm run buildinside a Docker multi-stage build. The final stage runsCMD ["node", ".output/server/index.mjs"].
Problem:
In my nuxt.config.ts, I define a server-side runtime configuration variable intended to be loaded from an environment variable:
// nuxt.config.ts
export default defineNuxtConfig({
// ...
runtimeConfig: {
// This should be populated from the environment variable
jwtSecret: process.env.JWT_SECRET,
// ...
},
// ...
})
My .env file (used by Docker Compose) defines the variable:
# .env file
JWT_SECRET=a9d3fd7cee941559f18f43dd6c87fc39cf611a540ffbc6b4b1f5675b569af176
# ... other vars
My docker-compose.yml passes this variable to the portal service:
# docker-compose.yml
services:
portal:
# ... image, build context, etc.
environment:
JWT_SECRET: ${JWT_SECRET}
# ... other env vars
# ... ports, depends_on, etc.
When I run an API route (e.g., /api/auth/login.post.ts), the code attempts to access the secret:
// server/api/auth/login.post.ts (simplified)
import { defineEventHandler, useRuntimeConfig } from 'h3';
import jwt from 'jsonwebtoken';
export default defineEventHandler(async (event) => {
const config = useRuntimeConfig(event);
const secret = config.jwtSecret;
console.log('JWT Secret value INSIDE login handler:', secret);
console.log('Type of portalJwtSecret:', typeof secret);
try {
// ... authentication logic ...
// This line throws the error because 'secret' is an empty string
const token = jwt.sign({ userId: user.id }, secret, { expiresIn: '7d' });
// ... return token ...
} catch (error) {
console.error('Login error:', error);
// ... handle error ...
}
});
Symptoms:
- Login Fails: The login handler throws
Error: secretOrPrivateKey must have a valuebecauseconfig.portalJwtSecretis an empty string (""), although its type is correctly inferred asstring. - Middleware Sees
process.env: I added a server middleware (server/middleware/log-config.ts) to check the values during a request:
The logs from this middleware show:// server/middleware/log-config.ts import { defineEventHandler, useRuntimeConfig } from 'h3'; export default defineEventHandler((event) => { const config = useRuntimeConfig(event); console.log('[Middleware log-config] JWT Secret:', config.jwtSecret); console.log('[Middleware log-config] Type of portalJwtSecret:', typeof config.jwtSecret); console.log('[Middleware log-config] process.env.JWT_SECRET:', process.env.JWT_SECRET); });
This clearly shows that[Middleware log-config] JWT Secret: [Middleware log-config] Type of jwtSecret: string [Middleware log-config] process.env.JWT_SECRET: a9d3fd7cee941559f18f43dd6c87fc39cf611a540ffbc6b4b1f5675b569af176process.env.JWT_SECRETis correctly set in the running Node.js environment when the request is handled, butuseRuntimeConfig(event).jwtSecretis returning an empty string. - Constants Work: If I define a variable in
runtimeConfigdirectly as a string literal (e.g.,someConstant: 'ThisValueWorks'), it is correctly accessible viauseRuntimeConfig(). nuxt devWorks: This issue does not occur when running locally withnuxt dev;runtimeConfigis populated correctly from the.envfile in development mode.NUXT_Prefix Fails: I also tried prefixing the environment variable withNUXT_(e.g.,NUXT_JWT_SECRET) hoping for automatic population, butuseRuntimeConfig().jwtSecretwasundefinedin that case.
What I've Tried:
- Ensuring there are no quotes around the value in the
.envfile. - Verifying the variable name matches exactly in
.env,docker-compose.yml, andnuxt.config.ts. - Checking for overrides in
docker-compose.override.yml(none found). - Stopping containers (
docker compose down), removing.nuxt,.output,node_modules, runningnpm install, and rebuilding (docker compose up --build -d --force-recreate). - Using different variable names (
JWT_SECRET,PORTAL_JWT_SECRET,NUXT_PORTAL_JWT_SECRET). - Confirming
process.env.VAR_NAMEis accessible via middleware logs.
Question:
Why is useRuntimeConfig() returning an empty string for server-side variables defined via process.env in nuxt.config.ts when running the production build (.output/server/index.mjs)? How can I ensure runtimeConfig is correctly initialized with these environment variables at server startup within the Docker container?
TLDR;
Just add NUXT_ prefix to your docker-compose.yml's environment field.
Explanation
Some of the answers can be found in this nuxt documentation. I just don't know why process.env works in the same level with runtimeConfig.
Since you are using docker compose with environment variable, you can adjust the following to make the config.jwtSecret accessible:
add the NUXT_ prefix.
# docker-compose.yml
services:
portal:
# ... image, build context, etc.
environment:
NUXT_JWT_SECRET: ${NUXT_JWT_SECRET}
# ... other env vars
# ... ports, depends_on, etc.
Docker compose will read the .env file and set NUXT_JWT_SECRET as the container's environmental variable and will work with production setup of Nuxt.
You can try it yourself here in my github repo that I just created.
https://github.com/YutaInouePH/env_check
Here are the following outputs.
Access http://localhost:3000
ā
$ docker compose up -d
$ docker compose logs -f
app-1 | Listening on http://0.0.0.0:3000
app-1 | Frontned: mysecret 2025-04-11T10:41:53.944Z
app-1 | JWT Secret value INSIDE server side: mysecret
app-1 | Type of portalJwtSecret: string
- Redirect on 401 resonse from api using $fetch in Nuxt
- Global styles are being overridden by Vant styles using Nuxt
- Nuxt3 background-image doesn't show up
- `@import "tailwindcss";` does not work when used in a file with an `.scss` extension
- What is the difference between the routes and api functionality in a Nuxt server?
- Is it possible to customize the speed of the Nuxt UI Marquee component?
- vue-devtools always disabled with nuxt.js
- Emitting an input value from a sign up form
- Nuxt 4 build in production mode is trying to access public folder from .output/server/chunks/public instead of .output/public
- Load fallback component if main component does not exists
- Nuxt 4 + shadcn/vue Overriding component You can specify a priority option when calling addComponent to avoid this warning warnings for all components
- Nuxt 4 + tailwindcss + directus gettng error "500 Cannot redefine property: _path"
- Nuxt 3 to 4 migration : will it fix memory issues?
- __vite_ssr_import_1__.Client is not a constructor Error
- nuxtjs button component has several size style with tailwindcss. cannot use different size in one place. all are getting the lagest button size
- Vitest mock modules function in only one test and use the actual function in others
- How to reinitiate/resend a request with $fetch like Axios?
- Nuxt shadcn/vue installation results in missing module error
- Error: `The request url * is outside of Vite serving allow list` after git init of submodule inside pnpm monorepo workspace
- How to add a search feature to a static site using Nuxt.js and Nuxt Content headless CMS
- Can't use Pinia store in Nuxt app.vue root component
- v-for loop is not working in nuxt 3 project
- A composable that requires access to the Nuxt instance was called outside of a plugin, Nuxt hook, Nuxt middleware, or Vue setup function
- Timeline in Nuxt not showing any items
- Getting : npm WARN using --force Recommended protections disabled
- How to use nuxtjs3 useFetch pick parameter for arrays or make a deep pick?
- Setting default value in USelectMenu
- Nuxt4 Pinia is not displaying on devtools when redirecting from pages/index.vue to pages/[market]/index.vue
- potentially fixable with the `--fix` option
- Nuxt - can i run client side code from a middleware in Universal mode?