App Configuration
Core app options.
config/app.php contains core application metadata and environment toggles.
Keys #
| Key | Env Variable | Description |
|---|---|---|
app.name |
APP_NAME |
Display name (default: VelvetCMS) |
app.url |
APP_URL |
Base URL without trailing slash |
app.env |
APP_ENV |
Environment label. Only production is treated as production |
app.debug |
APP_DEBUG |
Enables detailed HTML and JSON error output |
app.log_level |
APP_LOG_LEVEL |
Minimum log level for the built-in file logger |
app.timezone |
- | Default timezone (default: UTC) |
app.locale |
- | Default locale (default: en) |
app.cron_enabled |
CRON_ENABLED |
Registers the optional /system/cron endpoint |
app.cron_token |
CRON_TOKEN |
Shared secret required by WebCron |
app.cron_signed_urls |
CRON_SIGNED_URLS |
Accept signed WebCron requests using expires and signature |
app.cron_allowed_ips |
- | Optional allowlist of exact IPs, CIDR ranges, or * |
WebCron rate limit #
app.cron_rate_limit is a nested config block:
| Key | Description |
|---|---|
app.cron_rate_limit.enabled |
Turns endpoint rate limiting on or off |
app.cron_rate_limit.attempts |
Maximum requests allowed during the decay window |
app.cron_rate_limit.decay |
Window length in seconds |
Default shape:
'cron_rate_limit' => [
'enabled' => false,
'attempts' => 60,
'decay' => 60,
],
Overrides go in user/config/app.php.
Environment and debug #
app.debug defaults to true unless APP_ENV=production. In production, keep debug off and use ./velvet optimize to validate environment settings.
app.log_level defaults to info.
Example #
// user/config/app.php
return [
'name' => 'My Site',
'timezone' => 'Europe/Warsaw',
'cron_enabled' => true,
'cron_token' => env('CRON_TOKEN', ''),
];