forked from StellerCraft/craft
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
63 lines (53 loc) · 2.33 KB
/
Copy path.env.example
File metadata and controls
63 lines (53 loc) · 2.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# Supabase
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key
SUPABASE_SERVICE_ROLE_KEY=your-service-role-key
# GitHub
GITHUB_APP_ID=123456
GITHUB_APP_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----"
GITHUB_APP_INSTALLATION_ID=12345678
GITHUB_API_BASE_URL=https://api.github.com
GITHUB_ORG=craft-templates
GITHUB_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxx
# Context label used in GitHub commit status checks.
# Appears as the "check name" in GitHub PR and commit views.
# Default: craft/deployment
GITHUB_COMMIT_STATUS_CONTEXT=craft/deployment
# Vercel
VERCEL_TOKEN=xxxxxxxxxxxxx
VERCEL_TEAM_ID=team_xxxxxxxxxxxxx
VERCEL_PROJECT_ID=prj_xxxxxxxxxxxxx
# Stripe
STRIPE_PUBLIC_KEY=pk_test_xxxxxxxxxxxxx
STRIPE_SECRET_KEY=sk_test_xxxxxxxxxxxxx
STRIPE_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxx
# Pricing (Price IDs from Stripe)
# These map directly to the pro and enterprise subscription tiers.
# Required at runtime — the app will throw on startup if either is missing.
# Set SKIP_PRICING_VALIDATION=true in .env.local to bypass during local dev.
NEXT_PUBLIC_STRIPE_PRICE_FREE=price_xxxxxxxxxxxxx
NEXT_PUBLIC_STRIPE_PRICE_PRO=price_xxxxxxxxxxxxx
NEXT_PUBLIC_STRIPE_PRICE_ENTERPRISE=price_xxxxxxxxxxxxx
# Set to "true" to skip Stripe pricing env validation at startup (local dev / CI only).
SKIP_PRICING_VALIDATION=false
# App
NEXT_PUBLIC_APP_URL=http://localhost:3000
# Rate Limiting
# Set to "true" in local development or CI to bypass auth rate limiting.
# Never set this in production.
RATE_LIMIT_DISABLED=false
# CORS
# Comma-separated list of allowed origins for cross-origin API requests.
# Example: ALLOWED_ORIGINS=https://craft.app,https://www.craft.app
# In development, http://localhost:3000 is always allowed regardless of this value.
# Webhook routes (/api/webhooks/*) are not affected by this setting.
ALLOWED_ORIGINS=https://craft.app
# Field-level encryption
# 64-character hex string (32 bytes) used to encrypt sensitive database columns.
# Generate: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
# See docs/field-encryption.md for key rotation procedure.
FIELD_ENCRYPTION_KEY=your_64_char_hex_key_here
# Analytics Retention
# Number of days to retain deployment_analytics rows (default: 90).
# Set to 0 to disable automatic deletion entirely.
ANALYTICS_RETENTION_DAYS=90