Skip to main content
Every environment variable is validated at startup using Zod schemas. If a required variable is missing or malformed, the app will crash immediately with a descriptive error — no silent failures.

API (apps/api)

The API has the most env vars since it connects to all external services. The Zod schema lives in apps/api/src/env.ts.

Database

Redis

Supabase Auth

File Storage

Background Jobs

AI

Email

Encryption

Generate one with:

App Configuration

FRONTEND_URL supports multiple origins and wildcards:
Each origin is validated at startup to start with http://, https://, or *..

Web App (apps/web)

The frontend has three public env vars. The Zod schema lives in apps/web/src/env.ts.
All web app env vars are prefixed with NEXT_PUBLIC_ because they’re exposed to the browser. Never put secrets here.

Database (packages/db)

This is the same DATABASE_URL used by the API — the packages/db package validates it independently when the module is imported.

E2E Tests (Playwright)

These are only needed when running Playwright tests. They’re read via process.env directly (not Zod-validated).

Rules for Adding New Env Vars

  1. Add the variable to the Zod schema in the relevant env.ts file
  2. Add it to the corresponding .env.example with a comment
  3. Never commit .env files — they’re in .gitignore
  4. Always import from the typed module (import { env } from '@/env'), never use process.env directly