-
Notifications
You must be signed in to change notification settings - Fork 30
Expand file tree
/
Copy path.env.example
More file actions
54 lines (48 loc) Β· 2.15 KB
/
.env.example
File metadata and controls
54 lines (48 loc) Β· 2.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# =====================================================
# VIBE PROMPTING V2 - ENVIRONMENT VARIABLES
# =====================================================
# Copy this file to .env.local for local development
# NEVER commit .env.local or .env.production to git
# =====================================================
# PUBLIC VARIABLES (Exposed to client via VITE_ prefix)
# =====================================================
VITE_SUPABASE_URL=https://your-project.supabase.co
VITE_SUPABASE_ANON_KEY=your-anon-key-here
# =====================================================
# SERVER-ONLY VARIABLES (NEVER prefix with VITE_)
# =====================================================
# These are ONLY used in Supabase Edge Functions
# Set these in Supabase Dashboard β Edge Functions β Secrets
# Supabase Service Role (NEVER expose to client)
SUPABASE_SERVICE_ROLE_KEY=your-service-role-key
# LLM API Keys (Server-side only)
GEMINI_API_KEY=your-gemini-key-here
OPENROUTER_API_KEY=your-openrouter-key-here
ANTHROPIC_API_KEY=your-anthropic-key-here
# Database Direct Connection (for migrations only)
DATABASE_URL=postgresql://postgres:[password]@db.your-project.supabase.co:5432/postgres
# =====================================================
# DEPLOYMENT INSTRUCTIONS:
# =====================================================
# Local Development:
# 1. Copy this file to .env.local
# 2. Fill in VITE_* variables from Supabase dashboard
# 3. Server-side keys not needed locally (Edge Functions use Supabase secrets)
#
# Production (Vercel):
# 1. Set VITE_* variables in Vercel dashboard
# 2. Never set server-side keys in Vercel (use Supabase Edge Function secrets)
#
# Edge Functions:
# supabase secrets set GEMINI_API_KEY=your-key
# supabase secrets set OPENROUTER_API_KEY=your-key
# supabase secrets set SUPABASE_SERVICE_ROLE_KEY=your-key
#
# =====================================================
# SECURITY CHECKLIST:
# =====================================================
# β
.env.local is in .gitignore
# β
Only VITE_ vars exposed to browser
# β
Service role key ONLY in Edge Functions
# β
Rotate keys immediately if exposed
# β
Never store tokens in localStorage