Nuxt 3 runtimeConfig not populated from process.env in production Docker build, but process.env is available later
I'm encountering an issue where my server-side runtimeConfig in Nuxt 3 is not being populated correctly from environment variables when running the production build inside a Docker container managed by Docker Compose. However, I can see the correct value when accessing process.env directly within server middleware during a request.
Setup:
- Nuxt: v3
- Node: v20
- Build Process: Standard
npm run buildinside a Docker multi-stage build. The final stage runsCMD ["node", ".output/server/index.mjs"].
Problem:
In my nuxt.config.ts, I define a server-side runtime configuration variable intended to be loaded from an environment variable:
// nuxt.config.ts
export default defineNuxtConfig({
// ...
runtimeConfig: {
// This should be populated from the environment variable
jwtSecret: process.env.JWT_SECRET,
// ...
},
// ...
})
My .env file (used by Docker Compose) defines the variable:
# .env file
JWT_SECRET=a9d3fd7cee941559f18f43dd6c87fc39cf611a540ffbc6b4b1f5675b569af176
# ... other vars
My docker-compose.yml passes this variable to the portal service:
# docker-compose.yml
services:
portal:
# ... image, build context, etc.
environment:
JWT_SECRET: ${JWT_SECRET}
# ... other env vars
# ... ports, depends_on, etc.
When I run an API route (e.g., /api/auth/login.post.ts), the code attempts to access the secret:
// server/api/auth/login.post.ts (simplified)
import { defineEventHandler, useRuntimeConfig } from 'h3';
import jwt from 'jsonwebtoken';
export default defineEventHandler(async (event) => {
const config = useRuntimeConfig(event);
const secret = config.jwtSecret;
console.log('JWT Secret value INSIDE login handler:', secret);
console.log('Type of portalJwtSecret:', typeof secret);
try {
// ... authentication logic ...
// This line throws the error because 'secret' is an empty string
const token = jwt.sign({ userId: user.id }, secret, { expiresIn: '7d' });
// ... return token ...
} catch (error) {
console.error('Login error:', error);
// ... handle error ...
}
});
Symptoms:
- Login Fails: The login handler throws
Error: secretOrPrivateKey must have a valuebecauseconfig.portalJwtSecretis an empty string (""), although its type is correctly inferred asstring. - Middleware Sees
process.env: I added a server middleware (server/middleware/log-config.ts) to check the values during a request:
The logs from this middleware show:// server/middleware/log-config.ts import { defineEventHandler, useRuntimeConfig } from 'h3'; export default defineEventHandler((event) => { const config = useRuntimeConfig(event); console.log('[Middleware log-config] JWT Secret:', config.jwtSecret); console.log('[Middleware log-config] Type of portalJwtSecret:', typeof config.jwtSecret); console.log('[Middleware log-config] process.env.JWT_SECRET:', process.env.JWT_SECRET); });
This clearly shows that[Middleware log-config] JWT Secret: [Middleware log-config] Type of jwtSecret: string [Middleware log-config] process.env.JWT_SECRET: a9d3fd7cee941559f18f43dd6c87fc39cf611a540ffbc6b4b1f5675b569af176process.env.JWT_SECRETis correctly set in the running Node.js environment when the request is handled, butuseRuntimeConfig(event).jwtSecretis returning an empty string. - Constants Work: If I define a variable in
runtimeConfigdirectly as a string literal (e.g.,someConstant: 'ThisValueWorks'), it is correctly accessible viauseRuntimeConfig(). nuxt devWorks: This issue does not occur when running locally withnuxt dev;runtimeConfigis populated correctly from the.envfile in development mode.NUXT_Prefix Fails: I also tried prefixing the environment variable withNUXT_(e.g.,NUXT_JWT_SECRET) hoping for automatic population, butuseRuntimeConfig().jwtSecretwasundefinedin that case.
What I've Tried:
- Ensuring there are no quotes around the value in the
.envfile. - Verifying the variable name matches exactly in
.env,docker-compose.yml, andnuxt.config.ts. - Checking for overrides in
docker-compose.override.yml(none found). - Stopping containers (
docker compose down), removing.nuxt,.output,node_modules, runningnpm install, and rebuilding (docker compose up --build -d --force-recreate). - Using different variable names (
JWT_SECRET,PORTAL_JWT_SECRET,NUXT_PORTAL_JWT_SECRET). - Confirming
process.env.VAR_NAMEis accessible via middleware logs.
Question:
Why is useRuntimeConfig() returning an empty string for server-side variables defined via process.env in nuxt.config.ts when running the production build (.output/server/index.mjs)? How can I ensure runtimeConfig is correctly initialized with these environment variables at server startup within the Docker container?
TLDR;
Just add NUXT_ prefix to your docker-compose.yml's environment field.
Explanation
Some of the answers can be found in this nuxt documentation. I just don't know why process.env works in the same level with runtimeConfig.
Since you are using docker compose with environment variable, you can adjust the following to make the config.jwtSecret accessible:
add the NUXT_ prefix.
# docker-compose.yml
services:
portal:
# ... image, build context, etc.
environment:
NUXT_JWT_SECRET: ${NUXT_JWT_SECRET}
# ... other env vars
# ... ports, depends_on, etc.
Docker compose will read the .env file and set NUXT_JWT_SECRET as the container's environmental variable and will work with production setup of Nuxt.
You can try it yourself here in my github repo that I just created.
https://github.com/YutaInouePH/env_check
Here are the following outputs.
Access http://localhost:3000
ā
$ docker compose up -d
$ docker compose logs -f
app-1 | Listening on http://0.0.0.0:3000
app-1 | Frontned: mysecret 2025-04-11T10:41:53.944Z
app-1 | JWT Secret value INSIDE server side: mysecret
app-1 | Type of portalJwtSecret: string
- Vuetify buttons have a tint to their background color for unknown reason
- Switch i18n locale in a Nuxt 3 plguin Nuxt-i18n
- Nuxtjs using typescript has problem with using meta
- Run function AFTER route fully rendered in Nuxt.js
- Having a nuxt link column in AG Grid
- Suppress 'would you like to install any of the official modules' when using npx nuxi@latest init
- Nuxt instance unavailable when trying to run useRuntimeConfig in a file within utils directory during server side rendering (SSR)
- Load yaml files in nuxt-i18n
- Nuxt v3: How does one access the package.json variables?
- Installing Scripts into Nuxtjs 3 + Tailwind project introducing errors
- Nuxt 3: useSeoMeta Not Rendering Meta Tags in Page Source (SSR)
- plugin:nuxt:imports-transform unimport failed to find "queryContent" imported from "#imports"
- Setting the dimensions on the image doesn't help to remove the CLS
- PrimeVue how to listen to emits?
- How to consume a Cloudflare Queue with NuxtHub (version 0.8.25)?
- i18n is not working after update nuxt to 3.8.0
- Nuxt 3 file upload and store in locally in the project
- VUE - load component only if slot exist
- How to add a link to download a pdf file nuxt?
- website using nuxt and @nuxtjs/pwa not caching google fonts
- What is a way of adding a favicon in Nuxt 3?
- Nuxt app front end on Azure app service server issue with trailing slash. When refreshing or redirecting, adds slash and routes to old version of page
- Nuxt 3 runtimeConfig not populated from process.env in production Docker build, but process.env is available later
- What is the difference between the routes and api functionality in a Nuxt server?
- How do I set a ref on the underlying img element in NuxtImg?
- Request credentials error in dev console (Firefox & Chrome) when loading Google Font using '@nuxt/fonts' (local dev mode)
- Using typescript types from the @types folder in Nuxt3
- Problem with hydration nuxt app. @nuxtjs/svg-sprite
- Tailwind padding settings for container
- How to change component css with props with Nuxt Js Vue js