-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy path.env.example
More file actions
207 lines (198 loc) · 10.3 KB
/
Copy path.env.example
File metadata and controls
207 lines (198 loc) · 10.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
# ScriptHammer Environment Variables
# Docker Configuration
UID=1000
GID=1000
# ─── Multi-instance / A-B testing ────────────────────────────────────────
# Second instance needs ONE flag, not seven env vars:
#
# docker compose -p scripthammer-b up
#
# The -p flag scopes containers/volumes/networks. Host ports auto-assign
# because docker-compose.yml defaults them to 0 (ephemeral). Find them:
#
# docker compose -p scripthammer-b port scripthammer 3000
#
# Pin a port by uncommenting below. Pinned ports belong to whichever
# instance reads this .env — all others must stay ephemeral or they
# collide on the pin.
COMPOSE_PROJECT_NAME=scripthammer
# SH_PORT=3000
# SH_STORYBOOK_PORT=6006
# SH_HMR_PORT=24678
# ─── Supabase profile (docker compose --profile supabase up) ─────────────
# These host ports only matter when the `supabase` profile is active.
# Internal container-to-container traffic uses service DNS, not these ports.
SH_SUPABASE_API_PORT=54321
SH_DB_PORT=54322
SH_SUPABASE_STUDIO_PORT=54323
SH_SUPABASE_MAIL_PORT=54324
# ─── Local Supabase (runs entirely inside Docker) ──────────────────────
# Start with: docker compose --profile supabase up
#
# These are standard Supabase demo keys from the self-hosting docs.
# They are NOT secrets. They match the docker-compose.yml defaults
# exactly, so no key generation is needed for local dev. Just
# uncomment the three lines below and comment out any cloud
# Supabase URL higher in your .env.
#
# The app container connects to Supabase via Docker DNS (supabase-kong
# on port 8000). Host ports are only for browser access to Studio.
#
# NEXT_PUBLIC_SUPABASE_URL=http://supabase-kong:8000
# NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyAgCiAgICAicm9sZSI6ICJhbm9uIiwKICAgICJpc3MiOiAic3VwYWJhc2UtZGVtbyIsCiAgICAiaWF0IjogMTY0MTc2OTIwMCwKICAgICJleHAiOiAxNzk5NTM1NjAwCn0.dc_X5iR_VP_qT0zsiyj_I_OZ2T9FtRU2BBNWN8Bu4GE
# SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyAgCiAgICAicm9sZSI6ICJzZXJ2aWNlX3JvbGUiLAogICAgImlzcyI6ICJzdXBhYmFzZS1kZW1vIiwKICAgICJpYXQiOiAxNjQxNzY5MjAwLAogICAgImV4cCI6IDE3OTk1MzU2MDAKfQ.DaYlNEoUrrEn2Ig7tqibS-PHK5vgusbcbo7X36XVt4Q
# Git Author Configuration (for commits from Docker container)
# GIT_AUTHOR_NAME=Your Name
# GIT_AUTHOR_EMAIL=your.email@example.com
# All variables in alphabetical order
# ADMIN_EMAIL=admin@example.com
# NEXT_PUBLIC_ANALYTICS_ENDPOINT=https://your-analytics-endpoint.com/api/vitals
# NEXT_PUBLIC_AUTHOR_AVATAR=https://example.com/avatar.png
# NEXT_PUBLIC_AUTHOR_BIO=Building modern web applications with Next.js
# NEXT_PUBLIC_AUTHOR_BLUESKY=username.bsky.social
# NEXT_PUBLIC_AUTHOR_EMAIL=you@example.com
# NEXT_PUBLIC_AUTHOR_GITHUB=GitHubUsername
# NEXT_PUBLIC_AUTHOR_LINKEDIN=https://www.linkedin.com/in/username/
# NEXT_PUBLIC_AUTHOR_MASTODON=@username@mastodon.social
# NEXT_PUBLIC_AUTHOR_NAME=Your Name
# NEXT_PUBLIC_AUTHOR_ROLE=Full Stack Developer
# NEXT_PUBLIC_AUTHOR_TWITCH=TwitchUsername
# NEXT_PUBLIC_AUTHOR_TWITTER=TwitterHandle
# NEXT_PUBLIC_AUTHOR_WEBSITE=https://yourwebsite.com
# NEXT_PUBLIC_BASE_PATH=/my-repo
# NEXT_PUBLIC_BASE_URL=https://yourdomain.com
# CI=true
# NEXT_PUBLIC_CALENDAR_PROVIDER=calendly
# NEXT_PUBLIC_CALENDAR_URL=https://calendly.com/username/30min
# NEXT_PUBLIC_CASHAPP_CASHTAG=$yourcashtag
# NEXT_PUBLIC_CHIME_SIGN=$yourchimesign
# NEXT_PUBLIC_DEPLOY_URL=https://custom-domain.com
# NEXT_PUBLIC_DISQUS_SHORTNAME=yoursitename
# NEXT_PUBLIC_EMAILJS_PUBLIC_KEY=xxxxxxxxxxxxxxxxx
# NEXT_PUBLIC_EMAILJS_SERVICE_ID=service_xxxxxxx
# NEXT_PUBLIC_EMAILJS_TEMPLATE_ID=template_xxxxxxx
# NEXT_PUBLIC_GA_MEASUREMENT_ID=G-XXXXXXXXXX
# NEXT_PUBLIC_GOOGLE_SITE_VERIFICATION=your-verification-token
# NODE_ENV=development
# NEXT_PUBLIC_PAGESPEED_API_KEY=your-google-api-key-here
# NEXT_PUBLIC_PAYPAL_CLIENT_ID=your-paypal-client-id
# PayPal recurring billing Plan for the Subscribe flow (create a Product +
# Plan in the PayPal dashboard/API). Browser-public — amount/interval live on
# the Plan. Empty → the recurring PayPal path shows a "not configured" error.
# NEXT_PUBLIC_PAYPAL_PLAN_ID=P-XXXXXXXXXXXXXXXXXXXXXXXX
# NEXT_PUBLIC_PROJECT_NAME=MyProject
# NEXT_PUBLIC_PROJECT_OWNER=MyUsername
# Sentry error monitoring (optional). Public client DSN from sentry.io → your
# project → Client Keys (DSN). Empty = monitoring disabled (no-op). Only sends
# after the user grants analytics consent.
# NEXT_PUBLIC_SENTRY_DSN=https://examplePublicKey@o0.ingest.us.sentry.io/0
# NEXT_PUBLIC_SITE_TWITTER_HANDLE=TwitterHandle
# NEXT_PUBLIC_SITE_URL=https://yourdomain.com
# NEXT_PUBLIC_SOCIAL_PLATFORMS=github,linkedin,twitch,twitter
# Recurring Price ID for the Subscribe flow (create a $X/mo recurring Price in
# the Stripe dashboard test mode, or via the API with a lookup_key). Browser-
# public — the plan amount + interval live on the Price object in Stripe.
# Without it, recurring PaymentButtons show a clear "not configured" error.
# NEXT_PUBLIC_STRIPE_PRICE_ID=price_xxxxxxxxxxxxxxxxxxxxxxxx
# NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_xxxxxxxxxxxxxxxxxxxxxxxx
# NEXT_PUBLIC_SUPABASE_ANON_KEY=your-supabase-anon-key
# NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
# NEXT_PUBLIC_WEB3FORMS_ACCESS_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
# Test User Configuration (for E2E and contract tests)
# Run: docker compose exec scripthammer pnpm exec tsx scripts/seed-test-users.ts
#
# IMPORTANT: Email Domain Requirements
# Supabase Auth validates that email domains have valid MX (mail exchange) records.
# DO NOT use:
# - @example.com (reserved domain, always blocked)
# - @yourdomain.com (blocked unless MX records configured)
#
# RECOMMENDED: Use Gmail plus aliases for test emails:
# - yourname+test-a@gmail.com (primary)
# - yourname+test-b@gmail.com (secondary)
# - yourname+test-c@gmail.com (tertiary)
#
# The plus alias format (user+tag@gmail.com) allows unlimited unique emails.
# All emails arrive at yourname@gmail.com but Supabase treats each as unique.
#
# E2E Test Email Domain (REQUIRED for E2E tests)
# ⚠️ WITHOUT THIS, E2E TESTS WILL FAIL - Supabase rejects @example.com emails
# TEST_EMAIL_DOMAIN=yourname+e2e@gmail.com
#
# Primary test user - runs the E2E tests
# TEST_USER_PRIMARY_EMAIL=yourname+test-a@gmail.com
# TEST_USER_PRIMARY_PASSWORD=TestPassword123!
# Secondary test user - for multi-user E2E tests (connections, messaging)
# TEST_USER_SECONDARY_EMAIL=yourname+test-b@gmail.com
# TEST_USER_SECONDARY_PASSWORD=TestPassword456!
# Tertiary test user - for group chat tests (3+ members)
# TEST_USER_TERTIARY_EMAIL=yourname+test-c@gmail.com
# TEST_USER_TERTIARY_PASSWORD=TestPassword789!
# Admin user for system welcome messages (Feature 002/004)
# Admin public key is pre-stored in database - NO password needed at runtime
# See: scripts/seed-test-users.ts for admin setup
# NEXT_PUBLIC_ADMIN_USER_ID=00000000-0000-0000-0000-000000000001
# GitHub Personal Access Token (fine-grained)
# Generate at: https://github.com/settings/tokens?type=beta
# Needs: Actions (read) permission on this repository
# GH_TOKEN=github_pat_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# ─── Secret keys — READ BEFORE FILLING ────────────────────────────────
# NEVER put real values in .env.example (it's committed to git).
#
# For payment secrets (PAYPAL_*, STRIPE_*), .env is ALSO the wrong place.
# This project is a static export to GitHub Pages — there is no Next.js
# server runtime that can read non-NEXT_PUBLIC_ env vars at request time.
# Anything below without a NEXT_PUBLIC_ prefix belongs in **Supabase Vault**,
# accessed by Edge Functions via Deno.env.get(...).
#
# RECOMMENDED (CLI-free — this repo forbids installing the Supabase CLI locally):
# 1. cp scripts/supabase/edge-function-secrets.example.json \
# scripts/supabase/edge-function-secrets.json # gitignored
# 2. fill in STRIPE_SECRET_KEY / STRIPE_WEBHOOK_SECRET / PAYPAL_CLIENT_SECRET /
# PAYPAL_WEBHOOK_ID in that file
# 3. docker compose exec scripthammer pnpm supabase:secrets # dry-run
# docker compose exec scripthammer pnpm supabase:secrets --apply # write
# Uses SUPABASE_ACCESS_TOKEN + project ref already in .env (Management API).
#
# Alternatives: `supabase secrets set NAME=value` (CLI) or the Supabase
# dashboard → Project Settings → Edge Functions → Secrets.
#
# Full guide: docs/PAYMENT-DEPLOYMENT.md
# Forker overview: README.md "Payment Integration Setup" section
#
# ─── Evaluation sessions / A-B testing ────────────────────────────────
#
# If you're running this repo as a code-agent evaluation snapshot and
# need to work on payment features WITHOUT real Stripe/PayPal keys:
#
# 1. Run `cp .env.example .env` to create your local .env
# 2. Set UID=$(id -u) and GID=$(id -g) in the new .env
# 3. Uncomment the NEXT_PUBLIC_SUPABASE_URL and anon key lines and fill
# them with values from your Supabase project (or the local
# docker-compose supabase profile — see the "Local Supabase" section
# above for demo keys that are NOT secrets and are safe to use)
# 4. Leave ALL payment keys (NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY,
# NEXT_PUBLIC_PAYPAL_CLIENT_ID, and the secrets below) empty
#
# The template already handles missing payment config gracefully (added
# in commit 77e409d, 2026-04-08): PaymentButton renders a "not configured"
# warning, /payment-demo shows a prominent banner, and provider tabs only
# render for configured providers. A model working on payment UI tasks
# can compose the components and observe the feature-flag gate WITHOUT
# needing real API keys. That's the expected eval mode — do not attempt
# to obtain real keys during an eval session.
#
# The entries below are placeholder names only — DO NOT add values here.
# (Exception: STRIPE_SECRET_KEY may ALSO live in the gitignored .env with a
# TEST-MODE key — the local-only subscription-lifecycle E2E fixture uses it to
# provision real test-mode subscriptions. Edge Functions still read it from
# Vault; CI has neither, so those tests auto-skip.)
# PAYPAL_CLIENT_SECRET=
# PAYPAL_WEBHOOK_ID=
# RESEND_API_KEY=
# STRIPE_SECRET_KEY=
# STRIPE_WEBHOOK_SECRET=
# SUPABASE_ACCESS_TOKEN=
# SUPABASE_DB_PASSWORD=
# SUPABASE_PROJECT_REF=
# SUPABASE_SERVICE_ROLE_KEY=