Configuration

Git Web Manager

Environment variables and optional runtime overrides.

Installation Dashboard

Core Settings

  • APP_URL, APP_KEY, and database credentials.
  • GITHUB_TOKEN for private repos and Dependabot.
  • GITHUB_WEBHOOK_SECRET for GitHub webhook verification.
  • GITHUB_SSL_VERIFY to disable SSL verification for GitHub API calls (not recommended).

You can also toggle GitHub SSL verification in System → Settings.

System Settings Sections

System settings are grouped by section in the left navigation:

  • Scheduler & Queue for cron heartbeat and queue controls.
  • App & Security for update checks, timezone, and SSL/email alerts.
  • Audits & Alerts for dependency audit automation settings.
  • Edition & License for license key management and verification.
  • White Label is a dedicated System page in Enterprise Edition.

Language and Timezone

GWM supports per-user language and timezone preferences. Language is selected from the language button in the app navigation, while timezone defaults are managed through System settings and user profile settings.

  • Application timezone defaults to UTC on new installations.
  • Users can override their own timezone from their profile.
  • Language choices are saved to user accounts and apply across the app, registration, login, and recovery screens.

See Localization for details about multilingual behavior and translation files.

Enterprise Package Source

This project currently includes the Enterprise package dependency in composer.json.

  • Production should use a private Composer repository endpoint with credentials.
  • If you are running Community-only without the Enterprise package, remove the Enterprise package requirement before composer install.

Binary Overrides

Point GWM at specific binaries when multiple installations exist:

  • GWM_GIT_BINARY
  • GWM_COMPOSER_BINARY
  • GWM_NPM_BINARY for managed project deployments that run npm.
  • GWM_PHP_BINARY or GWM_PHP_PATH
  • GWM_DOCKER_BINARY
  • GWM_KUBECTL_BINARY
  • GWM_PROCESS_PATH to prepend PATH.
  • GWM_PROCESS_TIMEOUT to raise per-command timeouts (seconds).

Preview Builds

  • GWM_PREVIEW_PATH (local base path)
  • GWM_PREVIEW_BASE_URL (optional URL prefix)

Self Update

  • GWM_SELF_UPDATE_ENABLED to control whether self-updates are available at all.
  • GWM_SELF_UPDATE_EXCLUDE_PATHS to skip paths during app updates.
  • GWM_ASKPASS_DIR for Git credential helper location.

Nightly auto-updates are enabled in System → Settings (Perform auto-updates).

Task Queue

  • GWM_DEPLOY_QUEUE_ENABLED to enable queued tasks.
  • GWM_SCHEDULER_STALE_SECONDS to control scheduler heartbeat grace period.
  • GWM_DEPLOY_QUEUE_STALE_SECONDS to mark stuck running queue items as failed.
  • GWM_DEPLOYMENT_STALE_SECONDS to mark stale running deployments as failed (controls “build in process” badge cleanup).

Enterprise Licensing Runtime

License transport settings are resolved from runtime configuration stored by the Enterprise package. They can be hydrated from your external licensing API response.

  • Verification endpoint URL and timeout.
  • Cache window and strict IP policy.
  • Request/response signature secrets.
  • Commerce values for checkout and Stripe webhook handling.

Privileged Path Creation

If your GWM instance needs to create projects under other system users, you can enable sudo-assisted directory creation.

  • GWM_SUDO_ENABLED to allow non-interactive sudo for mkdir/chown.
  • GWM_SUDO_BINARY to override the sudo path.

Your web user must have passwordless sudo permission for mkdir and chown when this is enabled.

Staged Deploy Checks

  • GWM_DEPLOY_STAGING_ENABLED to enable staged build/test validation.
  • GWM_DEPLOY_STAGING_PATH to set the staging worktree directory.

SSH Deployments

Remote deployments run git + build steps over SSH using the credentials saved in FTP/SSH Access.

  • GWM_SSH_BINARY to override the SSH binary.
  • GWM_SSH_PASS_BINARY to point to sshpass for password-based auth.
  • GWM_SSH_KEY_PATH to use a specific private key.
  • GWM_SSH_KNOWN_HOSTS to control the known_hosts file path.
  • GWM_SSH_STRICT_HOST_KEY to set strict host key checking (default: accept-new).

You can also override sshpass and key paths per FTP/SSH Access record; the env values act as fallbacks.

FTP/SSH Access Checks

Each FTP/SSH Access record stores the latest FTP and SSH test results so projects can surface health badges.

  • Tests run automatically when a new access record is created.
  • SSH tests default to the FTP username/password unless you provide SSH overrides.
  • If access settings change, badges show Needs Test until you retest.

Password-based SSH uses the built-in askpass helper by default; optional sshpass or key paths can be set per access record.

FTP-Only Deployments

When FTP is enabled and SSH is disabled, GWM runs a local project build and syncs the result over FTPS. It compares dependency files on the remote host to avoid unnecessary installs and uploads.

  • Composer: compares composer.lock when present, otherwise falls back to composer.json.
  • Npm: compares lock files (package-lock.json or npm-shrinkwrap.json) when present, otherwise falls back to package.json.
  • If dependency files match and local vendor/node_modules exist, installs are skipped and those directories are excluded from sync.
  • If dependency files differ, local installs run and dependency folders are synced.
  • GWM_FTP_WORKSPACE_PATH sets the local workspace used when the project path is not writable (default: storage/app/ftp-workspaces).

FTP-only deployments are a fallback for hosts without SSH. They work, but are less efficient than SSH because dependency folders may need to be uploaded.

Email Settings

SMTP can be configured in the System → Email Settings tab (admin only). Saved values override the mail settings in .env.