Configuration & Environment Variables

Copy .env.local.example to .env.local, then fill keys from Supabase, Stripe, OpenAI/Anthropic, and any optional providers. Nothing in this section belongs in client-side bundles except the explicitly NEXT_PUBLIC_* vars.

1. Supabase Setup

  1. Go to the Supabase Dashboard and select your project.

  2. Navigate to Settings (gear icon) > API.

  3. URL: Copy the Project URL.

  4. Anon Key: Copy the key labeled anon / public.

  5. Service Role Key: Copy the key labeled service_role / secret.

⚠️ Warning: The SUPABASE_SERVICE_ROLE_KEY is for server-side use only. Never expose it in the browser.

OAuth Providers Setup

To enable Google and GitHub OAuth login:

  1. Navigate to Authentication > Providers in your Supabase dashboard.

  2. For Google OAuth:

    • Click on Google provider
    • Toggle Enable Google provider to ON
    • Go to Google Cloud Console
    • Create a new project or select an existing one
    • Go to Credentials > Create Credentials > OAuth client ID
    • Choose Web application
    • Add authorized redirect URIs:
      • https://YOUR_PROJECT_REF.supabase.co/auth/v1/callback
    • Copy the Client ID and Client Secret
    • Paste them into Supabase Google provider settings
    • Click Save

  3. For GitHub OAuth:

    • Click on GitHub provider
    • Toggle Enable GitHub provider to ON
    • Go to GitHub Developer Settings
    • Click New OAuth App
    • Fill in:
      • Application name: Your app name
      • Homepage URL: Your app URL (e.g., http://localhost:3000 for dev)
      • Authorization callback URL:
        • For development: https://YOUR_PROJECT_REF.supabase.co/auth/v1/callback
        • For production: https://YOUR_PROJECT_REF.supabase.co/auth/v1/callback
    • Click Register application
    • Copy the Client ID and generate a Client Secret
    • Paste them into Supabase GitHub provider settings
    • Click Save

⚠️ Important: Make sure to use your actual Supabase project reference in the callback URLs. You can find it in your Supabase project URL (e.g., https://xxxxx.supabase.co).

Supabase Auth Redirect URLs (required)

This template redirects auth flows back to your app at /callback (see src/app/(auth)/callback/route.ts).

In Supabase Dashboard → AuthenticationURL Configuration:

  • Site URL: set to your app URL (matches NEXT_PUBLIC_APP_URL)
  • Redirect URLs: add (at least)
    • http://localhost:3000/callback
    • https://your-domain.com/callback (production)

2. Stripe Setup

  1. Log in to the Stripe Dashboard.

  2. API Keys: Go to Developers > API Keys.

    • NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY: Found under "Standard keys." (optional for this template unless you add client-side Stripe Elements)
    • STRIPE_SECRET_KEY: Found under "Standard keys" (click to reveal).

  3. Optional portal URL

    • NEXT_PUBLIC_STRIPE_PORTAL_URL is optional. The template uses a server-side Billing Portal session (POST /api/billing/portal) by default, so you can omit this unless you add your own portal link in the UI.

  4. Webhook Secret:

    • Install the Stripe CLI.
    • Run stripe listen --forward-to localhost:3000/api/webhooks/stripe.
    • Copy the whsec_... key printed in the terminal.

  5. Price IDs:

    • Go to Product Catalog.
    • Create products for Pro, Top-up, and Enterprise tiers.
    • Click into each product to find the API ID for the price (starts with price_...).

3. AI Providers

OpenAI

  1. Go to the OpenAI Platform.

  2. Navigate to API Keys in the left sidebar.

  3. Click Create new secret key.

  4. Copy the key (starts with sk-proj-...).

Anthropic

  1. Go to the Anthropic Console.

  2. Navigate to API Keys.

  3. Click Create Key.

  4. Copy the key (starts with sk-ant-...).

4. App Configuration

NEXT_PUBLIC_APP_URL

  • For local development: Use http://localhost:3000
  • For production: Use your actual domain (e.g., https://your-app.com)

.env.local Template

Create a .env.local file in the root of your project with the following structure:

# Supabase
NEXT_PUBLIC_SUPABASE_URL=your_project_url
NEXT_PUBLIC_SUPABASE_ANON_KEY=your_anon_key
SUPABASE_SERVICE_ROLE_KEY=your_service_role_key

# Stripe
STRIPE_SECRET_KEY=sk_test_...
STRIPE_WEBHOOK_SECRET=whsec_...
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_...
NEXT_PUBLIC_STRIPE_PORTAL_URL=your_optional_portal_url
STRIPE_PRO_PRICE_ID=price_...
STRIPE_TOPUP_PRICE_ID=price_...
STRIPE_ENTERPRISE_PRICE_ID=price_...

# AI Providers
OPENAI_API_KEY=sk-proj-...
ANTHROPIC_API_KEY=sk-ant-...

# App
NEXT_PUBLIC_APP_URL=http://localhost:3000

# Cron (recommended if using /api/cron/reset-credits)
CRON_SECRET=your_random_secret_here

Next Steps

After setting up your environment variables:

  1. Run the database schema from src/db/schema.sql in your Supabase SQL editor.
  2. Create a storage bucket named uploads in Supabase Storage.
  3. Start the development server with pnpm dev.