API (apps/api)
The API has the most env vars since it connects to all external services. The Zod schema lives in apps/api/src/env.ts.
Database
Redis
Supabase Auth
File Storage
Background Jobs
AI
Encryption
Generate one with:
App Configuration
FRONTEND_URL supports multiple origins and wildcards:
http://, https://, or *..
Web App (apps/web)
The frontend has three public env vars. The Zod schema lives in apps/web/src/env.ts.
All web app env vars are prefixed with
NEXT_PUBLIC_ because they’re exposed to the browser. Never put secrets here.Database (packages/db)
This is the same
DATABASE_URL used by the API — the packages/db package validates it independently when the module is imported.
E2E Tests (Playwright)
These are only needed when running Playwright tests. They’re read viaprocess.env directly (not Zod-validated).
Rules for Adding New Env Vars
- Add the variable to the Zod schema in the relevant
env.tsfile - Add it to the corresponding
.env.examplewith a comment - Never commit
.envfiles — they’re in.gitignore - Always import from the typed module (
import { env } from '@/env'), never useprocess.envdirectly