-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.docker.example
More file actions
36 lines (32 loc) · 1.67 KB
/
Copy path.env.docker.example
File metadata and controls
36 lines (32 loc) · 1.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# Copy to .env.docker and fill in, then:
# docker compose --env-file .env.docker up -d --build
#
# .env.docker is gitignored (holds secrets + machine-specific paths).
# Only this .example template is committed.
# ── Public app config — BAKED INTO THE CLIENT BUNDLE AT BUILD TIME ──
# Changing any of these requires a rebuild: docker compose ... up -d --build
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY=sb_publishable_xxx
# Clerk auth (public, build-time)
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_live_xxx
NEXT_PUBLIC_CLERK_SIGN_IN_URL=/login
NEXT_PUBLIC_CLERK_SIGN_UP_URL=/signup
NEXT_PUBLIC_CLERK_SIGN_IN_FALLBACK_REDIRECT_URL=/dashboard
NEXT_PUBLIC_CLERK_SIGN_UP_FALLBACK_REDIRECT_URL=/dashboard
# Public wss:// URL of the Yjs tunnel hostname (must match the codely-ws Public Hostname)
NEXT_PUBLIC_YJS_WEBSOCKET_URL=wss://codely-ws.simplemart.dev
# ── Server-only secrets (runtime, never exposed to the browser) ──
ANTHROPIC_API_KEY=
CLERK_SECRET_KEY=
# Clerk webhook signing secret + Supabase service-role key (SERVER-ONLY).
# The service-role key bypasses RLS; it's used only by /api/webhooks/clerk.
CLERK_WEBHOOK_SIGNING_SECRET=
SUPABASE_SERVICE_ROLE_KEY=
# ── Server actions hardening (baked at build time) ──
# Comma-separated public host(s) allowed to POST server actions. Set to the app's
# public hostname when behind the tunnel. Leave blank for local/default behavior.
SERVER_ACTIONS_ALLOWED_ORIGINS=codely.simplemart.dev
# ── Cloudflare tunnel ──
# Token from the Zero Trust dashboard (Networks -> Tunnels -> your tunnel ->
# Install connector). Long string beginning with "eyJ...". Keep it secret.
TUNNEL_TOKEN=