Environment variables¶
Source of truth for what to set. The defaults assume the local-dev shape from Guides → Local setup.
Required¶
DATABASE_URL¶
Postgres connection string used by Prisma.
- Default (dev):
postgresql://postgres:postgres@localhost:5433/tech961?schema=public - Where used:
prisma.config.ts, every Prisma query - Notes: port is 5433 not 5432 — see ADR-0001
REDIS_URL¶
Redis connection string used by BullMQ (and any other Redis client).
- Default (dev):
redis://localhost:6379 - Where used: scraper queue infrastructure (active in M2 once #18 lands)
Optional¶
IP_HASH_SECRET¶
Salt for hashing IPs in the Click table. Used for affiliate fraud detection without storing raw IPs.
- Default (dev):
dev-secret-rotate-in-prod(literal string insrc/app/api/go/r/[retailerId]/p/[listingId]/route.ts) - Production: must be a long random string (≥32 bytes). Rotation rotates the hash space — that's intentional, the salt is just for batch correlation
- Where used:
src/app/api/go/r/[retailerId]/p/[listingId]/route.ts
NODE_ENV¶
Standard Node.js convention.
- Values:
development,production,test - Where used:
src/lib/db.ts(Prisma log level — verbose in dev, error-only in prod), and Next.js framework code throughout - Set automatically by
npm run dev(development),npm run buildandnpm start(production),vitest(test)
Future¶
These don't exist yet but will be added in M2:
| Variable | When | Purpose |
|---|---|---|
AUTH_SECRET |
#11 | Auth.js session signing |
GOOGLE_CLIENT_ID / GOOGLE_CLIENT_SECRET |
#11 | Google OAuth |
RESEND_API_KEY |
#14 | Email delivery for price drop alerts |
ANTHROPIC_API_KEY |
#21 | LLM-assisted spec extraction |
BUILD_SESSION_SECRET |
#12 | Cookie signing for anonymous builds (per ADR-0003) |
How to set¶
In dev, edit .env (gitignored). In production, set via the hosting provider's UI (#19).
.env.example at the repo root is the committed template — keep it in sync when adding a new var.