-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
70 lines (57 loc) · 3.83 KB
/
.env.example
File metadata and controls
70 lines (57 loc) · 3.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# ──────────────────────────────────────────────────────────
# TryVit — Environment Variables
# Copy this file to .env and fill in real values.
# .env is git-ignored and must never be committed.
# ──────────────────────────────────────────────────────────
# ── Production ───────────────────────────────────────────
# Public app URL — used for sitemap, robots.txt, OG metadataBase, JSON-LD
# Set in Vercel dashboard: Settings → Environment Variables
NEXT_PUBLIC_APP_URL=https://tryvit.vercel.app
# Remote Supabase database password (used by RUN_REMOTE.ps1, RUN_SEED.ps1)
SUPABASE_DB_PASSWORD=
# Remote Supabase project reference (for quick lookup / supabase link)
SUPABASE_PROJECT_REF=
# ── Staging ──────────────────────────────────────────────
# Staging Supabase project reference (used by RUN_SEED.ps1, RUN_SANITY.ps1)
SUPABASE_STAGING_PROJECT_REF=
# Staging database password
SUPABASE_STAGING_DB_PASSWORD=
# ── Web Push (VAPID) ────────────────────────────────────────────────────
# Generate with: npx web-push generate-vapid-keys
# Set these as Supabase Edge Function secrets:
# supabase secrets set VAPID_PUBLIC_KEY=... VAPID_PRIVATE_KEY=... VAPID_SUBJECT=mailto:you@example.com
VAPID_PUBLIC_KEY=
VAPID_PRIVATE_KEY=
VAPID_SUBJECT=mailto:
# ── Sentry — Error Telemetry (#183) ─────────────────────────────────────
# Auth token for source map upload (CI/build only, NEVER expose to client)
# Create at: https://sentry.io/settings/auth-tokens/
SENTRY_AUTH_TOKEN=
SENTRY_ORG=tryvit
SENTRY_PROJECT=frontend
# ── Upstash Redis — Rate Limiting (#182) ─────────────────────────────────
# REST credentials from https://console.upstash.com
# Leave empty for local dev (in-memory fallback).
UPSTASH_REDIS_REST_URL=
UPSTASH_REDIS_REST_TOKEN=
# Optional: secret token to bypass rate limits in CI / load tests
# RATE_LIMIT_BYPASS_TOKEN=
# Admin route protection (#186): comma-separated admin email addresses
# Users not in this list get 403 on /app/admin/* routes.
# ADMIN_EMAILS=admin@example.com
# ── Cloudflare Turnstile — CAPTCHA (#470) ────────────────────────────────
# Signup form bot protection. Get keys at: https://dash.cloudflare.com/turnstile
# Test keys (always pass): Site=1x00000000000000000000AA Secret=1x0000000000000000000000000000000AA
# NEXT_PUBLIC_ prefix exposes the site key to the browser (required).
NEXT_PUBLIC_TURNSTILE_SITE_KEY=1x00000000000000000000AA
# Secret key — set as Supabase Edge Function secret:
# supabase secrets set TURNSTILE_SECRET_KEY=1x0000000000000000000000000000000AA
TURNSTILE_SECRET_KEY=
# ── Sentry — Server-Side Traces ──────────────────────────────────────────
# Server-side transaction sample rate (0.0 – 1.0, default 0.1 = 10%).
# Client-side uses NEXT_PUBLIC_SENTRY_TRACES_SAMPLE_RATE in frontend/.env.local.
# SENTRY_TRACES_SAMPLE_RATE=0.1
# ── OpenAI — Supabase Studio AI (optional) ───────────────────────────────
# Used by supabase/config.toml for Studio AI assistant feature.
# Leave empty if not using Studio AI.
# OPENAI_API_KEY=