Skip to main content
Wrkks requires several environment variables to be configured for proper operation. This guide covers all required and optional variables.

Quick setup

Create a .env.local file in your project root with the following variables:
.env.local
# Clerk Authentication
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_test_...
CLERK_SECRET_KEY=sk_test_...

# Supabase Database
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY=eyJhbGc...

# OpenRouter AI
OPENROUTER_API_KEY=sk-or-v1-...
OPENROUTER_MODEL_NAME=openai/gpt-4o-mini

# Application
NEXT_PUBLIC_BASE_URL=http://localhost:3000
Never commit .env.local or any file containing secret keys to version control. Add them to your .gitignore.

Required variables

Clerk authentication

Clerk provides authentication and user management for Wrkks.
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY
string
required
Your Clerk publishable key. This is safe to expose in client-side code.How to get it:
  1. Go to Clerk Dashboard
  2. Select your application
  3. Navigate to API Keys
  4. Copy the Publishable key
CLERK_SECRET_KEY
string
required
Your Clerk secret key. Keep this secret and never expose it in client-side code.How to get it:
  1. Go to Clerk Dashboard
  2. Select your application
  3. Navigate to API Keys
  4. Copy the Secret key
Clerk environment variables are automatically detected by the @clerk/nextjs package. Make sure to use the exact naming convention shown above.

Supabase database

Supabase provides the PostgreSQL database for storing user data and resumes.
NEXT_PUBLIC_SUPABASE_URL
string
required
Your Supabase project URL. This is safe to expose in client-side code.Format: https://your-project-id.supabase.coHow to get it:
  1. Go to Supabase Dashboard
  2. Select your project
  3. Navigate to SettingsAPI
  4. Copy the Project URL
NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY
string
required
Your Supabase anonymous/public key. This is safe to expose in client-side code and is used for Row Level Security.How to get it:
  1. Go to Supabase Dashboard
  2. Select your project
  3. Navigate to SettingsAPI
  4. Copy the anon public key
Do NOT use the service_role key for NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY. The service role key bypasses Row Level Security and should never be exposed to clients.

OpenRouter AI

OpenRouter provides AI models for parsing resume content from PDFs.
OPENROUTER_API_KEY
string
required
Your OpenRouter API key for accessing AI models.How to get it:
  1. Go to OpenRouter
  2. Sign up or log in
  3. Navigate to API Keys
  4. Create a new API key
  5. Add credits to your account
OPENROUTER_MODEL_NAME
string
required
The AI model to use for resume parsing.Recommended values:
  • openai/gpt-4o-mini - Fast and cost-effective (recommended)
  • openai/gpt-4o - More accurate but slower and more expensive
  • anthropic/claude-3.5-sonnet - Alternative high-quality option
Default: openai/gpt-4o-mini
The resume parsing uses JSON mode with temperature: 0 for consistent, structured output. Choose a model that supports JSON response format.

Application URL

NEXT_PUBLIC_BASE_URL
string
required
The base URL of your application. Used for generating share links and API calls.Examples:
  • Development: http://localhost:3000
  • Production: https://wrkks.site or your custom domain
Default: https://wrkks.site (if not set)
Make sure to update NEXT_PUBLIC_BASE_URL to your production domain before deploying. This affects share URLs and internal API calls.

Setting environment variables

Local development

For local development, create a .env.local file in your project root: 
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_test_...
CLERK_SECRET_KEY=sk_test_...
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY=eyJhbGc...
OPENROUTER_API_KEY=sk-or-v1-...
OPENROUTER_MODEL_NAME=openai/gpt-4o-mini
NEXT_PUBLIC_BASE_URL=http://localhost:3000

Vercel

1

Open project settings

Navigate to your project in the Vercel Dashboard and go to SettingsEnvironment Variables.
2

Add variables one by one

Add each environment variable with its corresponding value. Make sure to select the appropriate environments (Production, Preview, Development).
3

Or upload .env file

Alternatively, you can paste all variables at once using the “Paste .env” option in the environment variables section.
4

Redeploy

After adding environment variables, trigger a new deployment for the changes to take effect.

Other platforms

For other hosting platforms, refer to their documentation:
  • Netlify: Environment variables in Site settingsBuild & deployEnvironment
  • Railway: Environment variables in the Variables tab of your service
  • Render: Environment variables in Environment section of your web service

Variable usage in code

Here’s where each environment variable is used in the codebase:

Clerk variables

Used by @clerk/nextjs package automatically:
  • app/layout.tsx:4 - ClerkProvider wrapper
  • components/SyncUser.tsx:4 - User synchronization

Supabase variables

Used in Supabase client initialization:
  • lib/supabase/client.ts:3-4 - Browser client
  • lib/supabase/server.ts:8-9 - Server client
  • lib/supabase/middleware.ts:4-5 - Middleware client

OpenRouter variables

Used in AI parsing:
  • app/api/extract-info/route.ts:6 - API key
  • app/api/extract-info/route.ts:85 - Model name

Base URL variable

Used in:
  • app/layout.tsx:25 - Site metadata
  • lib/supabase/user/getShareUrl.ts:7 - Share link generation
  • lib/server/actions.ts:10,28 - Internal API calls

Security best practices

1

Use different keys for development and production

Always use separate API keys and database instances for development and production environments.
2

Rotate keys regularly

Periodically rotate your API keys, especially if you suspect they may have been compromised.
3

Limit key permissions

Use the least privileged keys possible. For Supabase, always use the anon key, not the service_role key in client-side code.
4

Monitor usage

Set up usage alerts in OpenRouter and Supabase to detect unusual activity.
5

Never commit secrets

Use .gitignore to prevent committing environment files. Audit your repository for accidentally committed secrets.

Troubleshooting

”Invalid API key” errors

  • Verify the environment variable name is spelled correctly (check for typos)
  • Ensure there are no extra spaces or quotes around the key value
  • Confirm the key is valid by testing it in the provider’s dashboard

”Cannot read properties of undefined”

  • Make sure all required environment variables are set
  • Restart your development server after adding new variables
  • Check that variables prefixed with NEXT_PUBLIC_ are available in the browser

Changes not taking effect

  • Restart your Next.js development server (npm run dev)
  • For production, trigger a new deployment after changing environment variables
  • Clear your browser cache and cookies

Next steps

Database setup

Configure your Supabase database with the required schema

Build docs developers (and LLMs) love

Get started for freeTalk to us