-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy path.env.example
More file actions
185 lines (176 loc) · 8.74 KB
/
.env.example
File metadata and controls
185 lines (176 loc) · 8.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# ScriptHammer Environment Variables
# Docker Configuration
UID=1000
GID=1000
# ─── Multi-instance / A-B testing ────────────────────────────────────────
# Second instance needs ONE flag, not seven env vars:
#
# docker compose -p scripthammer-b up
#
# The -p flag scopes containers/volumes/networks. Host ports auto-assign
# because docker-compose.yml defaults them to 0 (ephemeral). Find them:
#
# docker compose -p scripthammer-b port scripthammer 3000
#
# Pin a port by uncommenting below. Pinned ports belong to whichever
# instance reads this .env — all others must stay ephemeral or they
# collide on the pin.
COMPOSE_PROJECT_NAME=scripthammer
# SH_PORT=3000
# SH_STORYBOOK_PORT=6006
# SH_HMR_PORT=24678
# ─── Supabase profile (docker compose --profile supabase up) ─────────────
# These host ports only matter when the `supabase` profile is active.
# Internal container-to-container traffic uses service DNS, not these ports.
SH_SUPABASE_API_PORT=54321
SH_DB_PORT=54322
SH_SUPABASE_STUDIO_PORT=54323
SH_SUPABASE_MAIL_PORT=54324
# ─── Local Supabase (runs entirely inside Docker) ──────────────────────
# Start with: docker compose --profile supabase up
#
# These are standard Supabase demo keys from the self-hosting docs.
# They are NOT secrets. They match the docker-compose.yml defaults
# exactly, so no key generation is needed for local dev. Just
# uncomment the three lines below and comment out any cloud
# Supabase URL higher in your .env.
#
# The app container connects to Supabase via Docker DNS (supabase-kong
# on port 8000). Host ports are only for browser access to Studio.
#
# NEXT_PUBLIC_SUPABASE_URL=http://supabase-kong:8000
# NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyAgCiAgICAicm9sZSI6ICJhbm9uIiwKICAgICJpc3MiOiAic3VwYWJhc2UtZGVtbyIsCiAgICAiaWF0IjogMTY0MTc2OTIwMCwKICAgICJleHAiOiAxNzk5NTM1NjAwCn0.dc_X5iR_VP_qT0zsiyj_I_OZ2T9FtRU2BBNWN8Bu4GE
# SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyAgCiAgICAicm9sZSI6ICJzZXJ2aWNlX3JvbGUiLAogICAgImlzcyI6ICJzdXBhYmFzZS1kZW1vIiwKICAgICJpYXQiOiAxNjQxNzY5MjAwLAogICAgImV4cCI6IDE3OTk1MzU2MDAKfQ.DaYlNEoUrrEn2Ig7tqibS-PHK5vgusbcbo7X36XVt4Q
# Git Author Configuration (for commits from Docker container)
# GIT_AUTHOR_NAME=Your Name
# GIT_AUTHOR_EMAIL=your.email@example.com
# All variables in alphabetical order
# ADMIN_EMAIL=admin@example.com
# NEXT_PUBLIC_ANALYTICS_ENDPOINT=https://your-analytics-endpoint.com/api/vitals
# NEXT_PUBLIC_AUTHOR_AVATAR=https://example.com/avatar.png
# NEXT_PUBLIC_AUTHOR_BIO=Building modern web applications with Next.js
# NEXT_PUBLIC_AUTHOR_BLUESKY=username.bsky.social
# NEXT_PUBLIC_AUTHOR_EMAIL=you@example.com
# NEXT_PUBLIC_AUTHOR_GITHUB=GitHubUsername
# NEXT_PUBLIC_AUTHOR_LINKEDIN=https://www.linkedin.com/in/username/
# NEXT_PUBLIC_AUTHOR_MASTODON=@username@mastodon.social
# NEXT_PUBLIC_AUTHOR_NAME=Your Name
# NEXT_PUBLIC_AUTHOR_ROLE=Full Stack Developer
# NEXT_PUBLIC_AUTHOR_TWITCH=TwitchUsername
# NEXT_PUBLIC_AUTHOR_TWITTER=TwitterHandle
# NEXT_PUBLIC_AUTHOR_WEBSITE=https://yourwebsite.com
# NEXT_PUBLIC_BASE_PATH=/my-repo
# NEXT_PUBLIC_BASE_URL=https://yourdomain.com
# CI=true
# NEXT_PUBLIC_CALENDAR_PROVIDER=calendly
# NEXT_PUBLIC_CALENDAR_URL=https://calendly.com/username/30min
# NEXT_PUBLIC_CASHAPP_CASHTAG=$yourcashtag
# NEXT_PUBLIC_CHIME_SIGN=$yourchimesign
# NEXT_PUBLIC_DEPLOY_URL=https://custom-domain.com
# NEXT_PUBLIC_DISQUS_SHORTNAME=yoursitename
# NEXT_PUBLIC_EMAILJS_PUBLIC_KEY=xxxxxxxxxxxxxxxxx
# NEXT_PUBLIC_EMAILJS_SERVICE_ID=service_xxxxxxx
# NEXT_PUBLIC_EMAILJS_TEMPLATE_ID=template_xxxxxxx
# NEXT_PUBLIC_GA_MEASUREMENT_ID=G-XXXXXXXXXX
# NEXT_PUBLIC_GOOGLE_SITE_VERIFICATION=your-verification-token
# NODE_ENV=development
# NEXT_PUBLIC_PAGESPEED_API_KEY=your-google-api-key-here
# NEXT_PUBLIC_PAYPAL_CLIENT_ID=your-paypal-client-id
# NEXT_PUBLIC_PROJECT_NAME=MyProject
# NEXT_PUBLIC_PROJECT_OWNER=MyUsername
# NEXT_PUBLIC_SITE_TWITTER_HANDLE=TwitterHandle
# NEXT_PUBLIC_SITE_URL=https://yourdomain.com
# NEXT_PUBLIC_SOCIAL_PLATFORMS=github,linkedin,twitch,twitter
# NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_xxxxxxxxxxxxxxxxxxxxxxxx
# NEXT_PUBLIC_SUPABASE_ANON_KEY=your-supabase-anon-key
# NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
# NEXT_PUBLIC_WEB3FORMS_ACCESS_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
# Test User Configuration (for E2E and contract tests)
# Run: docker compose exec scripthammer pnpm exec tsx scripts/seed-test-users.ts
#
# IMPORTANT: Email Domain Requirements
# Supabase Auth validates that email domains have valid MX (mail exchange) records.
# DO NOT use:
# - @example.com (reserved domain, always blocked)
# - @yourdomain.com (blocked unless MX records configured)
#
# RECOMMENDED: Use Gmail plus aliases for test emails:
# - yourname+test-a@gmail.com (primary)
# - yourname+test-b@gmail.com (secondary)
# - yourname+test-c@gmail.com (tertiary)
#
# The plus alias format (user+tag@gmail.com) allows unlimited unique emails.
# All emails arrive at yourname@gmail.com but Supabase treats each as unique.
#
# E2E Test Email Domain (REQUIRED for E2E tests)
# ⚠️ WITHOUT THIS, E2E TESTS WILL FAIL - Supabase rejects @example.com emails
# TEST_EMAIL_DOMAIN=yourname+e2e@gmail.com
#
# Primary test user - runs the E2E tests
# TEST_USER_PRIMARY_EMAIL=yourname+test-a@gmail.com
# TEST_USER_PRIMARY_PASSWORD=TestPassword123!
# Secondary test user - for multi-user E2E tests (connections, messaging)
# TEST_USER_SECONDARY_EMAIL=yourname+test-b@gmail.com
# TEST_USER_SECONDARY_PASSWORD=TestPassword456!
# Tertiary test user - for group chat tests (3+ members)
# TEST_USER_TERTIARY_EMAIL=yourname+test-c@gmail.com
# TEST_USER_TERTIARY_PASSWORD=TestPassword789!
# Admin user for system welcome messages (Feature 002/004)
# Admin public key is pre-stored in database - NO password needed at runtime
# See: scripts/seed-test-users.ts for admin setup
# NEXT_PUBLIC_ADMIN_USER_ID=00000000-0000-0000-0000-000000000001
# GitHub Personal Access Token (fine-grained)
# Generate at: https://github.com/settings/tokens?type=beta
# Needs: Actions (read) permission on this repository
# GH_TOKEN=github_pat_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# ─── Secret keys — READ BEFORE FILLING ────────────────────────────────
# NEVER put real values in .env.example (it's committed to git).
#
# For payment secrets (PAYPAL_*, STRIPE_*), .env is ALSO the wrong place.
# This project is a static export to GitHub Pages — there is no Next.js
# server runtime that can read non-NEXT_PUBLIC_ env vars at request time.
# Anything below without a NEXT_PUBLIC_ prefix belongs in **Supabase Vault**,
# accessed by Edge Functions via Deno.env.get(...). Set via:
#
# supabase secrets set STRIPE_SECRET_KEY=sk_test_your_actual_key
# supabase secrets set STRIPE_WEBHOOK_SECRET=whsec_your_actual_secret
# supabase secrets set PAYPAL_CLIENT_SECRET=your_paypal_secret
# supabase secrets set PAYPAL_WEBHOOK_ID=your_webhook_id
#
# Or via Supabase dashboard → Project Settings → Edge Functions → Secrets.
#
# Full guide: docs/PAYMENT-DEPLOYMENT.md
# Forker overview: README.md "Payment Integration Setup" section
#
# ─── Evaluation sessions / A-B testing ────────────────────────────────
#
# If you're running this repo as a code-agent evaluation snapshot and
# need to work on payment features WITHOUT real Stripe/PayPal keys:
#
# 1. Run `cp .env.example .env` to create your local .env
# 2. Set UID=$(id -u) and GID=$(id -g) in the new .env
# 3. Uncomment the NEXT_PUBLIC_SUPABASE_URL and anon key lines and fill
# them with values from your Supabase project (or the local
# docker-compose supabase profile — see the "Local Supabase" section
# above for demo keys that are NOT secrets and are safe to use)
# 4. Leave ALL payment keys (NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY,
# NEXT_PUBLIC_PAYPAL_CLIENT_ID, and the secrets below) empty
#
# The template already handles missing payment config gracefully (added
# in commit 77e409d, 2026-04-08): PaymentButton renders a "not configured"
# warning, /payment-demo shows a prominent banner, and provider tabs only
# render for configured providers. A model working on payment UI tasks
# can compose the components and observe the feature-flag gate WITHOUT
# needing real API keys. That's the expected eval mode — do not attempt
# to obtain real keys during an eval session.
#
# The entries below are placeholder names only — DO NOT add values here.
# PAYPAL_CLIENT_SECRET=
# PAYPAL_WEBHOOK_ID=
# RESEND_API_KEY=
# STRIPE_SECRET_KEY=
# STRIPE_WEBHOOK_SECRET=
# SUPABASE_ACCESS_TOKEN=
# SUPABASE_DB_PASSWORD=
# SUPABASE_PROJECT_REF=
# SUPABASE_SERVICE_ROLE_KEY=