Skip to content
pycolors /docs
Starter ProUpdated May 29, 2026

Environment Variables

Configure Starter Pro securely with production-ready environment variables for authentication, billing, database access, email delivery, and deployment infrastructure.

Starter ProEnvironment Variables

OverviewLink to section

Starter Pro uses environment variables to separate infrastructure, authentication, billing, email delivery, and deployment concerns safely.

This keeps:

  • secrets outside the repository
  • environments predictable
  • deployments portable
  • billing infrastructure secure
  • authentication production-safe

Core principle

Environment variables define infrastructure boundaries between your codebase and production systems.

Production mindsetLink to section

Starter Pro is designed around real SaaS deployment requirements.

That means environment variables should support:

  • local development
  • staging deployments
  • production infrastructure
  • Stripe billing
  • OAuth providers
  • secure authentication
  • database isolation

Secure by default

Sensitive infrastructure secrets remain server-side and never reach the browser.

Deployment ready

Variables are structured for Vercel, CI pipelines, staging, and production environments.

Infrastructure separation

Database, auth, billing, and email systems remain isolated and configurable.

Mental modelLink to section

Public variables

Public variables are exposed to the browser and should only contain safe frontend values.

NEXT_PUBLIC_APP_URLPublic URLsFrontend-safe

Application variablesLink to section

These variables define the application URL structure.

.env.local
NEXT_PUBLIC_APP_URL=http://localhost:3000
APP_BASE_URL=http://localhost:3000
Frontend

NEXT_PUBLIC_APP_URL

Public URL exposed to the browser for redirects, navigation, and frontend references.
  • safe for frontend
  • used client-side
  • production domain
Server

APP_BASE_URL

Server-side application URL used internally for backend flows and protected infrastructure.
  • server-only usage
  • auth redirects
  • internal references

Database configurationLink to section

Starter Pro uses PostgreSQL with Prisma.

.env.local
DATABASE_URL=postgresql://postgres:postgres@localhost:5432/starter_pro

Recommended production practices:

  • managed PostgreSQL hosting
  • automated backups
  • staging and production separation
  • connection pooling
  • restricted database access

Production rule

Never share production database credentials across local environments or public repositories.

Authentication variablesLink to section

Starter Pro uses Auth.js for authentication.

.env.local
AUTH_SECRET=
AUTH_GOOGLE_ID=
AUTH_GOOGLE_SECRET=
AUTH_GITHUB_ID=
AUTH_GITHUB_SECRET=
AUTH_TRUST_HOST=true

RequiredLink to section

VariablePurpose
AUTH_SECRETSigns sessions and authentication tokens

Optional providersLink to section

VariablePurpose
AUTH_GOOGLE_IDGoogle OAuth client ID
AUTH_GOOGLE_SECRETGoogle OAuth client secret
AUTH_GITHUB_IDGitHub OAuth client ID
AUTH_GITHUB_SECRETGitHub OAuth client secret

NotesLink to section

  • AUTH_SECRET must be strong in production
  • OAuth providers are optional
  • Email/password auth works without OAuth
  • Production domains must match OAuth configuration

Email deliveryLink to section

Starter Pro supports transactional email flows through Resend.

.env.local
AUTH_RESEND_API_KEY=
AUTH_EMAIL_FROM="PyColors <noreply@your-domain.com>"

Email flows include:

  • verification emails
  • password reset emails
  • transactional auth delivery

Verification flows

Email verification helps secure account ownership and onboarding.

Recovery flows

Password reset and account recovery flows rely on secure email delivery.

Stripe billing variablesLink to section

Starter Pro includes production-ready Stripe billing foundations.

.env.local
STRIPE_SECRET_KEY=
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=
STRIPE_WEBHOOK_SECRET=

STRIPE_PRODUCT_PRO=
STRIPE_PRICE_PRO_MONTHLY=

Core billing variablesLink to section

VariablePurpose
STRIPE_SECRET_KEYServer-side Stripe access
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEYFrontend Stripe integration
STRIPE_WEBHOOK_SECRETWebhook validation
STRIPE_PRODUCT_PROStripe Product ID
STRIPE_PRICE_PRO_MONTHLYStripe Price ID

Important rulesLink to section

  • test and live modes are separate
  • products and prices must match the same Stripe mode
  • webhook validation is required
  • production webhooks must use HTTPS
stripe-cli.sh
stripe listen --forward-to localhost:3000/api/webhooks/stripe

Billing principle

Billing reliability depends more on correct Stripe configuration than on frontend implementation.

Seed variablesLink to section

Starter Pro includes local development fixtures.

.env.local
SEED_AUTH_FIXTURES=true
SEED_DEV_USER=false

These variables allow:

  • local auth testing
  • subscription testing
  • protected route validation
  • billing-aware product flows

Recommended production setupLink to section

Development

Local environment

Use test Stripe keys, local PostgreSQL, and development-safe auth configuration.
  • test Stripe mode
  • local database
  • seed fixtures
Production

Production environment

Use live Stripe infrastructure, secure secrets, HTTPS domains, and production-safe deployment settings.
  • live Stripe keys
  • managed database
  • HTTPS domains

Example environment fileLink to section

.env.example
# -----------------------------------------------------------------------------
# Database
# -----------------------------------------------------------------------------
DATABASE_URL=

# -----------------------------------------------------------------------------
# App
# -----------------------------------------------------------------------------
NEXT_PUBLIC_APP_URL=
APP_BASE_URL=

# -----------------------------------------------------------------------------
# Auth
# -----------------------------------------------------------------------------
AUTH_SECRET=

AUTH_GOOGLE_ID=
AUTH_GOOGLE_SECRET=

AUTH_GITHUB_ID=
AUTH_GITHUB_SECRET=

AUTH_TRUST_HOST=true

# -----------------------------------------------------------------------------
# Email
# -----------------------------------------------------------------------------
AUTH_RESEND_API_KEY=
AUTH_EMAIL_FROM=

# -----------------------------------------------------------------------------
# Stripe
# -----------------------------------------------------------------------------
STRIPE_SECRET_KEY=
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=
STRIPE_WEBHOOK_SECRET=

STRIPE_PRODUCT_PRO=
STRIPE_PRICE_PRO_MONTHLY=

###Common mistakes

Avoid these deployment mistakes:

  • exposing secret variables publicly
  • mixing Stripe test and live IDs
  • forgetting webhook configuration
  • committing .env.local
  • using weak auth secrets
  • sharing production credentials

Security rule

Environment variables are part of your infrastructure security model, not only application configuration.

Recommended workflowLink to section

  1. configure local variables
  2. validate auth flows
  3. validate Stripe test mode
  4. validate webhook synchronization
  5. configure production secrets
  6. deploy staging
  7. validate production billing
  8. launch publicly

Mental modelLink to section

Public variables power the frontend.

Server variables power the business layer.

RelatedLink to section

DeploymentDeploy Starter Pro with production-ready infrastructure and billing setup.AuthenticationUnderstand sessions, OAuth, verification, and protected access.BillingExplore Stripe Checkout, subscriptions, and billing synchronization.ArchitectureReview the production-shaped structure behind Starter Pro.

On this page

OverviewProduction mindsetDatabase configurationAuthentication variablesEmail deliveryStripe billing variablesSeed variablesExample environment fileRelated