-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
53 lines (43 loc) · 2.93 KB
/
.env.example
File metadata and controls
53 lines (43 loc) · 2.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# GITHUB_CLIENT_ID: Found in your GitHub OAuth app settings under "Client ID"
GITHUB_CLIENT_ID=your-client-id
# GITHUB_CLIENT_SECRET: Found in your GitHub OAuth app settings under "Client Secret"
GITHUB_CLIENT_SECRET=your-client-secret
#
# GitHub OAuth "Authorization callback URL" must match redirect_uri exactly (scheme + host + port + path).
# In GitHub: Settings → Developer settings → OAuth Apps → your app → add a second callback for local dev, e.g.
# http://localhost:3000/api/auth/callback
# Use the same host you open in the browser (localhost vs 127.0.0.1 are different to GitHub). Port must match
# what `yarn dev:vercel` prints. Production URL (https://your-app.vercel.app/api/auth/callback) can stay as well.
#
# If the app still sends the wrong origin, force it (no trailing slash):
# GITHUB_OAUTH_REDIRECT_ORIGIN=http://localhost:3000
#
# Local sign-in: run `yarn dev:vercel` (not plain `yarn dev`) so /api/auth/* is served.
# GITHUB_TOKEN: Server PAT when no user is signed in (anonymous /api/tree) and for cron. Visitors who
# sign in with GitHub use their own token via cookie. Fine-grained read-only token is enough for public metadata.
# Also used by the weekly cron that pulls "popular" public repos into the gallery cache (KV or Blob).
# https://github.com/settings/tokens
GITHUB_TOKEN=your-token
# CRON_SECRET: Long random string. Set in Vercel env; Vercel Cron sends Authorization: Bearer <CRON_SECRET>
# to GET /api/cron/refresh-popular-gallery (Mondays 06:00 UTC). Without this, the cron returns 401.
# Manual run: curl -H "Authorization: Bearer YOUR_SECRET" "https://<project>.vercel.app/api/cron/refresh-popular-gallery"
CRON_SECRET=your-long-random-secret
# STRIPE_SECRET_KEY: Found in the Stripe Dashboard under Developers > API keys > Secret key
STRIPE_SECRET_KEY=your-secret-key
# STRIPE_WEBHOOK_SECRET: Generated in Stripe Dashboard under Developers > Webhooks, after adding an endpoint
STRIPE_WEBHOOK_SECRET=your-webhook-secret
# PRODIGI_API_KEY: Obtain from your Prodigy account dashboard or email from Prodigy API registration
PRODIGI_API_KEY=your-api-key
# PRODIGI_SANDBOX: Use "true" for sandbox mode (testing), "false" for live mode
PRODIGI_SANDBOX=true
# BLOB_READ_WRITE_TOKEN: Vercel Blob — gallery JSON (and similar) uses private blobs, readable only by your
# API with this token. Create/link a store in the Vercel dashboard. Print uploads may still need publicly
# readable URLs for Stripe; if upload fails on a private-only store, we can add a signed proxy route.
BLOB_READ_WRITE_TOKEN=your-token
# Optional — Vercel KV (Redis): if both KV_REST_API_URL and KV_REST_API_TOKEN are set, the app uses KV
# for gallery + tree edge cache instead of Blob. You do not need KV if BLOB_READ_WRITE_TOKEN is set.
# KV_REST_API_URL=
# KV_REST_API_TOKEN=
# Optional: Umami analytics (injected only in production builds when both are set)
# VITE_UMAMI_SCRIPT_URL=https://your-umami.example/script.js
# VITE_UMAMI_WEBSITE_ID=your-website-uuid